diff --git a/src/main/scala/app/AccountController.scala b/src/main/scala/app/AccountController.scala index df24aad..7fc3589 100644 --- a/src/main/scala/app/AccountController.scala +++ b/src/main/scala/app/AccountController.scala @@ -51,14 +51,20 @@ getActivitiesByUser(userName, true)) // Members - case "members" if(account.isGroupAccount) => - _root_.account.html.members(account, getGroupMembers(account.userName)) + case "members" if(account.isGroupAccount) => { + val members = getGroupMembers(account.userName) + _root_.account.html.members(account, members, + context.loginAccount.exists(x => members.contains(x.userName))) + } // Repositories - case _ => + case _ => { + val members = getGroupMembers(account.userName) _root_.account.html.repositories(account, if(account.isGroupAccount) Nil else getGroupsByUserName(userName), - getVisibleRepositories(context.loginAccount, baseUrl, Some(userName))) + getVisibleRepositories(context.loginAccount, baseUrl, Some(userName)), + context.loginAccount.exists(x => members.contains(x.userName))) + } } } getOrElse NotFound } diff --git a/src/main/scala/app/CreateController.scala b/src/main/scala/app/CreateController.scala index 022277e..ccfd37b 100644 --- a/src/main/scala/app/CreateController.scala +++ b/src/main/scala/app/CreateController.scala @@ -13,14 +13,14 @@ class CreateController extends CreateControllerBase with RepositoryService with AccountService with WikiService with LabelsService with ActivityService - with UsersAuthenticator with ReadableUsersAuthenticator + with UsersAuthenticator with ReadableUsersAuthenticator with GroupMemberAuthenticator /** * Creates new repository or group. */ trait CreateControllerBase extends AccountManagementControllerBase { self: RepositoryService with AccountService with WikiService with LabelsService with ActivityService - with UsersAuthenticator with ReadableUsersAuthenticator => + with UsersAuthenticator with ReadableUsersAuthenticator with GroupMemberAuthenticator => case class RepositoryCreationForm(owner: String, name: String, description: Option[String], isPrivate: Boolean, createReadme: Boolean) @@ -207,13 +207,13 @@ redirect(s"/${form.groupName}") }) - get("/:groupName/_edit")(usersOnly { // TODO group manager only + get("/:groupName/_edit")(membersOnly { defining(params("groupName")){ groupName => html.group(getAccountByUserName(groupName, true), getGroupMembers(groupName)) } }) - post("/:groupName/_edit", editGroupForm)(usersOnly { form => // TODO group manager only + post("/:groupName/_edit", editGroupForm)(membersOnly { form => defining(params("groupName"), form.memberNames.map(_.split(",").toList).getOrElse(Nil)){ case (groupName, memberNames) => getAccountByUserName(groupName, true).map { account => updateGroup(groupName, form.url, form.isRemoved) diff --git a/src/main/scala/util/Authenticator.scala b/src/main/scala/util/Authenticator.scala index c524713..c43b0ec 100644 --- a/src/main/scala/util/Authenticator.scala +++ b/src/main/scala/util/Authenticator.scala @@ -155,3 +155,22 @@ } } } + +/** + * Allows only the group members. + */ +trait GroupMemberAuthenticator { self: ControllerBase with AccountService => + protected def membersOnly(action: => Any) = { authenticate(action) } + protected def membersOnly[T](action: T => Any) = (form: T) => { authenticate(action(form)) } + + private def authenticate(action: => Any) = { + { + defining(request.paths){ paths => + context.loginAccount match { + case Some(x) if(getGroupMembers(paths(0)).contains(x.userName)) => action + case _ => Unauthorized() + } + } + } + } +} diff --git a/src/main/twirl/account/main.scala.html b/src/main/twirl/account/main.scala.html index efc8441..2cbe257 100644 --- a/src/main/twirl/account/main.scala.html +++ b/src/main/twirl/account/main.scala.html @@ -1,4 +1,5 @@ -@(account: model.Account, groupNames: List[String], active: String)(body: Html)(implicit context: app.Context) +@(account: model.Account, groupNames: List[String], active: String, + isGroupMember: Boolean = false)(body: Html)(implicit context: app.Context) @import context._ @import view.helpers._ @html.main(account.userName){ @@ -41,7 +42,7 @@ } - @if(loginAccount.isDefined && account.isGroupAccount){ + @if(loginAccount.isDefined && account.isGroupAccount && isGroupMember){
  • Edit Group diff --git a/src/main/twirl/account/members.scala.html b/src/main/twirl/account/members.scala.html index 14d7c77..b69fc0a 100644 --- a/src/main/twirl/account/members.scala.html +++ b/src/main/twirl/account/members.scala.html @@ -1,7 +1,7 @@ -@(account: model.Account, members: List[String])(implicit context: app.Context) +@(account: model.Account, members: List[String], isGroupMember: Boolean)(implicit context: app.Context) @import context._ @import view.helpers._ -@main(account, Nil, "members"){ +@main(account, Nil, "members", isGroupMember){ @if(members.isEmpty){ No members } else { diff --git a/src/main/twirl/account/repositories.scala.html b/src/main/twirl/account/repositories.scala.html index f9037f5..7772088 100644 --- a/src/main/twirl/account/repositories.scala.html +++ b/src/main/twirl/account/repositories.scala.html @@ -1,7 +1,9 @@ -@(account: model.Account, groupNames: List[String], repositories: List[service.RepositoryService.RepositoryInfo])(implicit context: app.Context) +@(account: model.Account, groupNames: List[String], + repositories: List[service.RepositoryService.RepositoryInfo], + isGroupMember: Boolean)(implicit context: app.Context) @import context._ @import view.helpers._ -@main(account, groupNames, "repositories"){ +@main(account, groupNames, "repositories", isGroupMember){ @if(repositories.isEmpty){ No repositories } else { diff --git a/src/main/twirl/group.scala.html b/src/main/twirl/group.scala.html index 4cc5474..ed70394 100644 --- a/src/main/twirl/group.scala.html +++ b/src/main/twirl/group.scala.html @@ -3,7 +3,7 @@ @import view.helpers._ @main("Create a group"){
    -
    +