githubFork/gitblit.git - Solinfo Gitblit

			@@ -30,6 +30,7 @@

			import com.gitblit.Constants;
			import com.gitblit.Constants.AccountType;
			import com.gitblit.Constants.Role;
			import com.gitblit.Keys;
			import com.gitblit.auth.AuthenticationProvider.UsernamePasswordAuthenticationProvider;
			import com.gitblit.models.TeamModel;
			@@ -272,7 +273,6 @@
			return StringUtils.isEmpty(settings.getString(Keys.realm.ldap.email, ""));
			}


			/**
			* If the LDAP server will maintain team memberships then LdapUserService
			* will not allow team membership changes. In this scenario all team
			@@ -284,6 +284,32 @@
			@Override
			public boolean supportsTeamMembershipChanges() {
			return !settings.getBoolean(Keys.realm.ldap.maintainTeams, false);
			}

			@Override
			public boolean supportsRoleChanges(UserModel user, Role role) {
			if (Role.ADMIN == role) {
			if (!supportsTeamMembershipChanges()) {
			List<String> admins = settings.getStrings(Keys.realm.ldap.admins);
			if (admins.contains(user.username)) {
			return false;
			}
			}
			}
			return true;
			}

			@Override
			public boolean supportsRoleChanges(TeamModel team, Role role) {
			if (Role.ADMIN == role) {
			if (!supportsTeamMembershipChanges()) {
			List<String> admins = settings.getStrings(Keys.realm.ldap.admins);
			if (admins.contains("@" + team.name)) {
			return false;
			}
			}
			}
			return true;
			}

			@Override
			@@ -591,7 +617,8 @@
			if (ldapSyncService.isReady()) {
			long ldapSyncPeriod = getSynchronizationPeriodInMilliseconds();
			int delay = 1;
			logger.info("Ldap sync service will update users and groups every {} minutes.", ldapSyncPeriod);
			logger.info("Ldap sync service will update users and groups every {} minutes.",
			TimeUnit.MILLISECONDS.toMinutes(ldapSyncPeriod));
			scheduledExecutorService.scheduleAtFixedRate(ldapSyncService, delay, ldapSyncPeriod, TimeUnit.MILLISECONDS);
			} else {
			logger.info("Ldap sync service is disabled.");