From 0e44acbb2fec928a1606dc60f427a148fff405c9 Mon Sep 17 00:00:00 2001
From: Mohamed Ragab <moragab@gmail.com>
Date: Wed, 02 May 2012 11:15:01 -0400
Subject: [PATCH] Added a script to facilitate setting the proxy host and port and no proxy hosts, and then it concatenates all the java system properties for setting the java proxy configurations and puts the resulting string in an environment variable JAVA_PROXY_CONFIG, modified the scirpts gitblit, gitblit-ubuntu, and gitblit-centos to source the java-proxy-config.sh script and then include the resulting java proxy configuration in the java command
---
src/com/gitblit/wicket/pages/BasePage.java | 124 ++++++++++++++++++++++++++++++++++-------
1 files changed, 103 insertions(+), 21 deletions(-)
diff --git a/src/com/gitblit/wicket/pages/BasePage.java b/src/com/gitblit/wicket/pages/BasePage.java
index 06d5483..94ed633 100644
--- a/src/com/gitblit/wicket/pages/BasePage.java
+++ b/src/com/gitblit/wicket/pages/BasePage.java
@@ -22,12 +22,17 @@
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
+import org.apache.wicket.Application;
+import org.apache.wicket.MarkupContainer;
import org.apache.wicket.PageParameters;
import org.apache.wicket.RestartResponseAtInterceptPageException;
import org.apache.wicket.RestartResponseException;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.markup.html.basic.Label;
+import org.apache.wicket.markup.html.link.BookmarkablePageLink;
+import org.apache.wicket.markup.html.link.ExternalLink;
import org.apache.wicket.markup.html.panel.FeedbackPanel;
+import org.apache.wicket.markup.html.panel.Fragment;
import org.apache.wicket.protocol.http.WebRequest;
import org.apache.wicket.protocol.http.WebResponse;
import org.apache.wicket.protocol.http.servlet.ServletWebRequest;
@@ -36,8 +41,10 @@
import com.gitblit.Constants;
import com.gitblit.Constants.AccessRestrictionType;
+import com.gitblit.Constants.FederationStrategy;
import com.gitblit.GitBlit;
import com.gitblit.Keys;
+import com.gitblit.models.RepositoryModel;
import com.gitblit.models.UserModel;
import com.gitblit.wicket.GitBlitWebSession;
import com.gitblit.wicket.WicketUtils;
@@ -58,6 +65,24 @@
logger = LoggerFactory.getLogger(getClass());
loginByCookie();
}
+
+ @Override
+ protected void onBeforeRender() {
+ if (GitBlit.isDebugMode()) {
+ // strip Wicket tags in debug mode for jQuery DOM traversal
+ Application.get().getMarkupSettings().setStripWicketTags(true);
+ }
+ super.onBeforeRender();
+ }
+
+ @Override
+ protected void onAfterRender() {
+ if (GitBlit.isDebugMode()) {
+ // restore Wicket debug tags
+ Application.get().getMarkupSettings().setStripWicketTags(false);
+ }
+ super.onAfterRender();
+ }
private void loginByCookie() {
if (!GitBlit.getBoolean(Keys.web.allowCookieAuthentication, false)) {
@@ -74,30 +99,28 @@
// Login the user
if (user != null) {
// Set the user into the session
- GitBlitWebSession.get().setUser(user);
+ GitBlitWebSession session = GitBlitWebSession.get();
+ // issue 62: fix session fixation vulnerability
+ session.replaceSession();
+ session.setUser(user);
// Set Cookie
WebResponse response = (WebResponse) getRequestCycle().getResponse();
GitBlit.self().setCookie(response, user);
+ continueToOriginalDestination();
}
}
protected void setupPage(String repositoryName, String pageName) {
-
if (repositoryName != null && repositoryName.trim().length() > 0) {
add(new Label("title", getServerName() + " - " + repositoryName));
} else {
add(new Label("title", getServerName()));
}
- // header
- String siteName = GitBlit.getString(Keys.web.siteName, Constants.NAME);
- if (siteName == null || siteName.trim().length() == 0) {
- siteName = Constants.NAME;
- }
- add(new LinkPanel("siteName", null, siteName, RepositoriesPage.class, null));
- add(new LinkPanel("repositoryName", null, repositoryName, SummaryPage.class,
- WicketUtils.newRepositoryParameter(repositoryName)));
- add(new Label("pageName", pageName));
+
+ ExternalLink rootLink = new ExternalLink("rootLink", urlFor(RepositoriesPage.class, null).toString());
+ WicketUtils.setHtmlTooltip(rootLink, GitBlit.getString(Keys.web.siteName, Constants.NAME));
+ add(rootLink);
// Feedback panel for info, warning, and non-fatal error messages
add(new FeedbackPanel("feedback"));
@@ -105,17 +128,12 @@
// footer
if (GitBlit.getBoolean(Keys.web.authenticateViewPages, true)
|| GitBlit.getBoolean(Keys.web.authenticateAdminPages, true)) {
- if (GitBlitWebSession.get().isLoggedIn()) {
- // logout
- add(new LinkPanel("userPanel", null, getString("gb.logout") + " "
- + GitBlitWebSession.get().getUser().toString(), LogoutPage.class));
- } else {
- // login
- add(new LinkPanel("userPanel", null, getString("gb.login"), LoginPage.class));
- }
+ UserFragment userFragment = new UserFragment("userPanel", "userFragment", BasePage.this);
+ add(userFragment);
} else {
add(new Label("userPanel", ""));
}
+
add(new Label("gbVersion", "v" + Constants.VERSION));
if (GitBlit.getBoolean(Keys.web.aggressiveHeapManagement, false)) {
System.gc();
@@ -142,16 +160,49 @@
}
return map;
}
+
+ protected Map<FederationStrategy, String> getFederationTypes() {
+ Map<FederationStrategy, String> map = new LinkedHashMap<FederationStrategy, String>();
+ for (FederationStrategy type : FederationStrategy.values()) {
+ switch (type) {
+ case EXCLUDE:
+ map.put(type, getString("gb.excludeFromFederation"));
+ break;
+ case FEDERATE_THIS:
+ map.put(type, getString("gb.federateThis"));
+ break;
+ case FEDERATE_ORIGIN:
+ map.put(type, getString("gb.federateOrigin"));
+ break;
+ }
+ }
+ return map;
+ }
protected TimeZone getTimeZone() {
return GitBlit.getBoolean(Keys.web.useClientTimezone, false) ? GitBlitWebSession.get()
- .getTimezone() : TimeZone.getDefault();
+ .getTimezone() : GitBlit.getTimezone();
}
protected String getServerName() {
ServletWebRequest servletWebRequest = (ServletWebRequest) getRequest();
HttpServletRequest req = servletWebRequest.getHttpServletRequest();
return req.getServerName();
+ }
+
+ protected String getRepositoryUrl(RepositoryModel repository) {
+ StringBuilder sb = new StringBuilder();
+ sb.append(WicketUtils.getGitblitURL(getRequestCycle().getRequest()));
+ sb.append(Constants.GIT_PATH);
+ sb.append(repository.name);
+
+ // inject username into repository url if authentication is required
+ if (repository.accessRestriction.exceeds(AccessRestrictionType.NONE)
+ && GitBlitWebSession.get().isLoggedIn()) {
+ String username = GitBlitWebSession.get().getUser().username;
+ sb.insert(sb.indexOf("://") + 3, username + "@");
+ }
+ return sb.toString();
}
public void warn(String message, Throwable t) {
@@ -183,7 +234,38 @@
if (GitBlitWebSession.get().isLoggedIn()) {
error(message, true);
} else {
- throw new RestartResponseAtInterceptPageException(LoginPage.class);
+ throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);
+ }
+ }
+
+ /**
+ * Panel fragment for displaying login or logout/change_password links.
+ *
+ */
+ static class UserFragment extends Fragment {
+
+ private static final long serialVersionUID = 1L;
+
+ public UserFragment(String id, String markupId, MarkupContainer markupProvider) {
+ super(id, markupId, markupProvider);
+
+ if (GitBlitWebSession.get().isLoggedIn()) {
+ // username, logout, and change password
+ add(new Label("username", GitBlitWebSession.get().getUser().toString() + ":"));
+ add(new LinkPanel("loginLink", null, markupProvider.getString("gb.logout"),
+ LogoutPage.class));
+ boolean editCredentials = GitBlit.self().supportsCredentialChanges();
+ // quick and dirty hack for showing a separator
+ add(new Label("separator", "|").setVisible(editCredentials));
+ add(new BookmarkablePageLink<Void>("changePasswordLink",
+ ChangePasswordPage.class).setVisible(editCredentials));
+ } else {
+ // login
+ add(new Label("username").setVisible(false));
+ add(new Label("loginLink").setVisible(false));
+ add(new Label("separator").setVisible(false));
+ add(new Label("changePasswordLink").setVisible(false));
+ }
}
}
}
--
Gitblit v1.9.1