code: Make project members can only access to code or related menus
@022c77120d1e4d3cf9ae7ccad59ad6263f5eba9a
--- app/controllers/CodeApp.java
+++ app/controllers/CodeApp.java
... | ... | @@ -67,6 +67,11 @@ |
| 67 | 67 |
return status(Http.Status.NOT_IMPLEMENTED, project.vcs + " is not supported!"); |
| 68 | 68 |
} |
| 69 | 69 |
|
| 70 |
+ // Only members can access code? |
|
| 71 |
+ if(project.isCodeAccessibleMemberOnly && !project.hasMember(UserApp.currentUser())) {
|
|
| 72 |
+ return forbidden(ErrorViews.Forbidden.render("error.forbidden", project));
|
|
| 73 |
+ } |
|
| 74 |
+ |
|
| 70 | 75 |
PlayRepository repository = RepositoryService.getRepository(project); |
| 71 | 76 |
|
| 72 | 77 |
if(repository.isEmpty()) {
|
--- app/controllers/GitApp.java
+++ app/controllers/GitApp.java
... | ... | @@ -20,14 +20,9 @@ |
| 20 | 20 |
*/ |
| 21 | 21 |
package controllers; |
| 22 | 22 |
|
| 23 |
-import java.io.IOException; |
|
| 24 |
- |
|
| 25 |
-import javax.servlet.ServletException; |
|
| 26 |
- |
|
| 23 |
+import com.github.zafarkhaja.semver.Version; |
|
| 27 | 24 |
import models.Project; |
| 28 | 25 |
import models.enumeration.Operation; |
| 29 |
- |
|
| 30 |
-import com.github.zafarkhaja.semver.Version; |
|
| 31 | 26 |
import play.api.i18n.Lang; |
| 32 | 27 |
import play.i18n.Messages; |
| 33 | 28 |
import play.mvc.Controller; |
... | ... | @@ -38,6 +33,9 @@ |
| 38 | 33 |
import utils.AccessControl; |
| 39 | 34 |
import utils.BasicAuthAction; |
| 40 | 35 |
import utils.Config; |
| 36 |
+ |
|
| 37 |
+import javax.servlet.ServletException; |
|
| 38 |
+import java.io.IOException; |
|
| 41 | 39 |
|
| 42 | 40 |
public class GitApp extends Controller {
|
| 43 | 41 |
|
... | ... | @@ -103,6 +101,13 @@ |
| 103 | 101 |
|
| 104 | 102 |
models.User user = UserApp.currentUser(); |
| 105 | 103 |
|
| 104 |
+ // Only members can access code? |
|
| 105 |
+ // Only members can access code? |
|
| 106 |
+ if(project.isCodeAccessibleMemberOnly && !project.hasMember(UserApp.currentUser())) {
|
|
| 107 |
+ return forbidden(Messages.get(Lang.defaultLang(), |
|
| 108 |
+ "git.error.permission", user.loginId, ownerName, projectName)); |
|
| 109 |
+ } |
|
| 110 |
+ |
|
| 106 | 111 |
if (!isAllowed(project, service)) {
|
| 107 | 112 |
if (user.isAnonymous()) {
|
| 108 | 113 |
return BasicAuthAction.unauthorized(response()); |
--- app/controllers/PullRequestApp.java
+++ app/controllers/PullRequestApp.java
... | ... | @@ -339,6 +339,12 @@ |
| 339 | 339 |
|
| 340 | 340 |
private static Result pullRequests(String userName, String projectName, Category category) {
|
| 341 | 341 |
Project project = Project.findByOwnerAndProjectName(userName, projectName); |
| 342 |
+ |
|
| 343 |
+ // Only members can access code? |
|
| 344 |
+ if(project.isCodeAccessibleMemberOnly && !project.hasMember(UserApp.currentUser())) {
|
|
| 345 |
+ return forbidden(ErrorViews.Forbidden.render("error.forbidden", project));
|
|
| 346 |
+ } |
|
| 347 |
+ |
|
| 342 | 348 |
SearchCondition condition = Form.form(SearchCondition.class).bindFromRequest().get(); |
| 343 | 349 |
condition.setProject(project).setCategory(category); |
| 344 | 350 |
Page<PullRequest> page = PullRequest.findPagingList(condition); |
--- app/models/Project.java
+++ app/models/Project.java
... | ... | @@ -40,8 +40,8 @@ |
| 40 | 40 |
import play.db.ebean.Model; |
| 41 | 41 |
import play.db.ebean.Transactional; |
| 42 | 42 |
import playRepository.*; |
| 43 |
-import utils.FileUtil; |
|
| 44 | 43 |
import utils.CacheStore; |
| 44 |
+import utils.FileUtil; |
|
| 45 | 45 |
import utils.JodaDateUtil; |
| 46 | 46 |
import validation.ExConstraints; |
| 47 | 47 |
|
... | ... | @@ -49,7 +49,10 @@ |
| 49 | 49 |
import javax.persistence.*; |
| 50 | 50 |
import javax.servlet.ServletException; |
| 51 | 51 |
import java.io.IOException; |
| 52 |
-import java.util.*; |
|
| 52 |
+import java.util.ArrayList; |
|
| 53 |
+import java.util.Date; |
|
| 54 |
+import java.util.List; |
|
| 55 |
+import java.util.Set; |
|
| 53 | 56 |
|
| 54 | 57 |
@Entity |
| 55 | 58 |
public class Project extends Model implements LabelOwner {
|
... | ... | @@ -92,6 +95,8 @@ |
| 92 | 95 |
private long lastIssueNumber; |
| 93 | 96 |
|
| 94 | 97 |
private long lastPostingNumber; |
| 98 |
+ |
|
| 99 |
+ public boolean isCodeAccessibleMemberOnly; |
|
| 95 | 100 |
|
| 96 | 101 |
@ManyToMany |
| 97 | 102 |
public Set<Label> labels; |
... | ... | @@ -176,6 +181,16 @@ |
| 176 | 181 |
} |
| 177 | 182 |
} |
| 178 | 183 |
|
| 184 |
+ public boolean hasMember(User user) {
|
|
| 185 |
+ if (user.isMemberOf(this) || |
|
| 186 |
+ user.isManagerOf(this) || |
|
| 187 |
+ user.isSiteManager()) {
|
|
| 188 |
+ return true; |
|
| 189 |
+ } else {
|
|
| 190 |
+ return false; |
|
| 191 |
+ } |
|
| 192 |
+ } |
|
| 193 |
+ |
|
| 179 | 194 |
public static boolean exists(String loginId, String projectName) {
|
| 180 | 195 |
int findRowCount = find.where().ieq("owner", loginId)
|
| 181 | 196 |
.ieq("name", projectName).findRowCount();
|
--- app/views/project/setting.scala.html
+++ app/views/project/setting.scala.html
... | ... | @@ -87,6 +87,14 @@ |
| 87 | 87 |
<span class="note">@Messages("project.private.notice")</span>
|
| 88 | 88 |
</div> |
| 89 | 89 |
</div> |
| 90 |
+ <div class="box-wrap middle"> |
|
| 91 |
+ <div class="cu-label">@Messages("project.codeAccessible")</div>
|
|
| 92 |
+ <div class="cu-desc"> |
|
| 93 |
+ <input name="isCodeAccessibleMemberOnly" type="radio" id="codeAccessibleMemberOnly" class="radio-btn" value="true" @if(project.isCodeAccessibleMemberOnly){checked="checked"}><label for="codeAccessibleMemberOnly" class="bg-radiobtn label-public">@Messages("button.yes")</label>
|
|
| 94 |
+ <input name="isCodeAccessibleMemberOnly" type="radio" id="codeAccessibleAnyone" class="radio-btn" value="false" @if(!project.isCodeAccessibleMemberOnly){checked="checked"}><label for="codeAccessibleAnyone" class="bg-radiobtn label-private">@Messages("button.no")</label>
|
|
| 95 |
+ <span class="note"></span> |
|
| 96 |
+ </div> |
|
| 97 |
+ </div> |
|
| 90 | 98 |
|
| 91 | 99 |
@if(project.vcs.equals("GIT")){
|
| 92 | 100 |
<div class="box-wrap middle reviewer-count-wrap" id="reviewerCountSettingPanel" style="@if(!project.menuSetting.code){display:none;}">
|
--- app/views/projectMenu.scala.html
+++ app/views/projectMenu.scala.html
... | ... | @@ -56,11 +56,13 @@ |
| 56 | 56 |
</a> |
| 57 | 57 |
</li> |
| 58 | 58 |
@if(project.menuSetting.code) {
|
| 59 |
- <li class="@isActiveMenu(MenuType.CODE)"> |
|
| 60 |
- <a href="@routes.CodeApp.codeBrowser(project.owner, project.name)"> |
|
| 61 |
- <span class="menu-name">@Messages("menu.code")</span><span class="short-menu">C</span>
|
|
| 62 |
- </a> |
|
| 63 |
- </li> |
|
| 59 |
+ @if(!project.isCodeAccessibleMemberOnly || project.hasMember(UserApp.currentUser())) {
|
|
| 60 |
+ <li class="@isActiveMenu(MenuType.CODE)"> |
|
| 61 |
+ <a href="@routes.CodeApp.codeBrowser(project.owner, project.name)"> |
|
| 62 |
+ <span class="menu-name">@Messages("menu.code")</span><span class="short-menu">C</span>
|
|
| 63 |
+ </a> |
|
| 64 |
+ </li> |
|
| 65 |
+ } |
|
| 64 | 66 |
} |
| 65 | 67 |
@if(project.menuSetting.issue) {
|
| 66 | 68 |
<li class="@isActiveMenu(MenuType.ISSUE)"> |
... | ... | @@ -69,8 +71,8 @@ |
| 69 | 71 |
</a> |
| 70 | 72 |
</li> |
| 71 | 73 |
} |
| 72 |
- @if(project.menuSetting.pullRequest) {
|
|
| 73 |
- @if(project.vcs.equals("GIT")){
|
|
| 74 |
+ @if(project.menuSetting.pullRequest && project.vcs.equals("GIT")) {
|
|
| 75 |
+ @if(!project.isCodeAccessibleMemberOnly || project.hasMember(UserApp.currentUser())) {
|
|
| 74 | 76 |
<li class="@isActiveMenu(MenuType.PULL_REQUEST)"> |
| 75 | 77 |
<a href="@getPullRequestURL(project)"> |
| 76 | 78 |
<span class="menu-name">@Messages("menu.pullRequest")</span><span class="short-menu">P</span> @countingBadge(PullRequest.countOpenedPullRequests(project))
|
... | ... | @@ -79,11 +81,14 @@ |
| 79 | 81 |
} |
| 80 | 82 |
} |
| 81 | 83 |
@if(project.menuSetting.review) {
|
| 82 |
- <li class="@isActiveMenu(MenuType.PROJECT_REVIEW)"> |
|
| 83 |
- <a href="@routes.ReviewThreadApp.reviewThreads(project.owner, project.name)"> |
|
| 84 |
- <span class="menu-name">@Messages("menu.review")</span><span class="short-menu">R</span> @countingBadge(reviewCount)
|
|
| 85 |
- </a> |
|
| 86 |
- </li> |
|
| 84 |
+ @if(!project.isCodeAccessibleMemberOnly || project.hasMember(UserApp.currentUser())) {
|
|
| 85 |
+ <li class="@isActiveMenu(MenuType.PROJECT_REVIEW)"> |
|
| 86 |
+ <a href="@routes.ReviewThreadApp.reviewThreads(project.owner, project.name)"> |
|
| 87 |
+ <span class="menu-name">@Messages("menu.review")</span><span class="short-menu">
|
|
| 88 |
+ R</span> @countingBadge(reviewCount) |
|
| 89 |
+ </a> |
|
| 90 |
+ </li> |
|
| 91 |
+ } |
|
| 87 | 92 |
} |
| 88 | 93 |
@if(project.menuSetting.milestone) {
|
| 89 | 94 |
<li class="@isActiveMenu(MenuType.MILESTONE)"> |
+++ conf/evolutions/default/8.sql
... | ... | @@ -0,0 +1,5 @@ |
| 1 | +# --- !Ups | |
| 2 | +ALTER TABLE project ADD COLUMN is_code_accessible_member_only tinyint(1) default 0; | |
| 3 | + | |
| 4 | +# --- !Downs | |
| 5 | +ALTER TABLE project DROP COLUMN is_code_accessible_member_only; |
--- conf/messages
+++ conf/messages
... | ... | @@ -501,6 +501,7 @@ |
| 501 | 501 |
project.changeVCS.requestion = Do you want to change the repository to {0}?
|
| 502 | 502 |
project.changeVCS.reaccept = Are you sure? |
| 503 | 503 |
project.changeVCS.this = Change Repository Type. |
| 504 |
+project.codeAccessible = Only project members can access to code or related menus |
|
| 504 | 505 |
project.codeUpdate = Latest code update |
| 505 | 506 |
project.create = Create a project |
| 506 | 507 |
project.created = Created date |
--- conf/messages.ko-KR
+++ conf/messages.ko-KR
... | ... | @@ -501,6 +501,7 @@ |
| 501 | 501 |
project.changeVCS.requestion = 코드 저장소 타입을 {0}으로 변경하시겠습니까?
|
| 502 | 502 |
project.changeVCS.reaccept = 정말로 변경하시겠습니까? |
| 503 | 503 |
project.changeVCS.this = 코드 저장소 타입을 변경합니다. |
| 504 |
+project.codeAccessible = 프로젝트 멤버만 코드 및 관련 메뉴에 접근 가능 |
|
| 504 | 505 |
project.codeUpdate = 마지막 코드 업데이트 |
| 505 | 506 |
project.create = 프로젝트 생성 |
| 506 | 507 |
project.created = 생성일 |
Add a comment
Delete comment
Once you delete this comment, you won't be able to recover it. Are you sure you want to delete this comment?