From c78b25d102fe700617011a4c8acc0d35f9a9e6ca Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 10 Apr 2014 19:00:52 -0400
Subject: [PATCH] Support specifying permission levels for SSH public keys
---
src/main/java/com/gitblit/transport/ssh/SshKey.java | 47 +++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 47 insertions(+), 0 deletions(-)
diff --git a/src/main/java/com/gitblit/transport/ssh/SshKey.java b/src/main/java/com/gitblit/transport/ssh/SshKey.java
index cb5ee09..6ac0cdc 100644
--- a/src/main/java/com/gitblit/transport/ssh/SshKey.java
+++ b/src/main/java/com/gitblit/transport/ssh/SshKey.java
@@ -2,12 +2,15 @@
import java.io.Serializable;
import java.security.PublicKey;
+import java.util.Arrays;
+import java.util.List;
import org.apache.commons.codec.binary.Base64;
import org.apache.sshd.common.SshException;
import org.apache.sshd.common.util.Buffer;
import org.eclipse.jgit.lib.Constants;
+import com.gitblit.Constants.AccessPermission;
import com.gitblit.utils.StringUtils;
/**
@@ -30,13 +33,17 @@
private String toString;
+ private AccessPermission permission;
+
public SshKey(String data) {
this.rawData = data;
+ this.permission = AccessPermission.PUSH;
}
public SshKey(PublicKey key) {
this.publicKey = key;
this.comment = "";
+ this.permission = AccessPermission.PUSH;
}
public PublicKey getPublicKey() {
@@ -78,6 +85,46 @@
}
}
+ /**
+ * Returns true if this key may be used to clone or fetch.
+ *
+ * @return true if this key can be used to clone or fetch
+ */
+ public boolean canClone() {
+ return permission.atLeast(AccessPermission.CLONE);
+ }
+
+ /**
+ * Returns true if this key may be used to push changes.
+ *
+ * @return true if this key can be used to push changes
+ */
+ public boolean canPush() {
+ return permission.atLeast(AccessPermission.PUSH);
+ }
+
+ /**
+ * Returns the access permission for the key.
+ *
+ * @return the access permission for the key
+ */
+ public AccessPermission getPermission() {
+ return permission;
+ }
+
+ /**
+ * Control the access permission assigned to this key.
+ *
+ * @param value
+ */
+ public void setPermission(AccessPermission value) throws IllegalArgumentException {
+ List<AccessPermission> permitted = Arrays.asList(AccessPermission.SSHPERMISSIONS);
+ if (!permitted.contains(value)) {
+ throw new IllegalArgumentException("Illegal SSH public key permission specified: " + value);
+ }
+ this.permission = value;
+ }
+
public String getRawData() {
if (rawData == null && publicKey != null) {
// build the raw data manually from the public key
--
Gitblit v1.9.1