From c30c2b332cf498efef9a01609ff4aa5bd7f8cc14 Mon Sep 17 00:00:00 2001
From: Jani Averbach <jaa@jaa.iki.fi>
Date: Sun, 30 Mar 2014 17:55:43 -0400
Subject: [PATCH] LDAP: Escape username in case we are using userbased bind.

---
 src/main/java/com/gitblit/models/UserModel.java |   12 +++++++++---
 1 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/main/java/com/gitblit/models/UserModel.java b/src/main/java/com/gitblit/models/UserModel.java
index fee9c17..675835d 100644
--- a/src/main/java/com/gitblit/models/UserModel.java
+++ b/src/main/java/com/gitblit/models/UserModel.java
@@ -449,9 +449,15 @@
 
 	public boolean canEdit(TicketModel ticket, RepositoryModel repository) {
 		 return isAuthenticated() &&
-				 (username.equals(ticket.createdBy)
-				 || username.equals(ticket.responsible)
-				 || canPush(repository));
+				 (canPush(repository)
+				 || (ticket != null && username.equals(ticket.responsible))
+				 || (ticket != null && username.equals(ticket.createdBy)));
+	}
+
+	public boolean canAdmin(TicketModel ticket, RepositoryModel repository) {
+		 return isAuthenticated() &&
+				 (canPush(repository)
+				 || ticket != null && username.equals(ticket.responsible));
 	}
 
 	public boolean canReviewPatchset(RepositoryModel model) {

--
Gitblit v1.9.1