From 27ae9095639bb228a1b7ff86a3ebe4264abf05be Mon Sep 17 00:00:00 2001
From: mschaefers <mschaefers@scoop-gmbh.de>
Date: Thu, 29 Nov 2012 12:33:09 -0500
Subject: [PATCH] feature: when using LdapUserService one can configure Gitblit to fetch all users from ldap that can possibly login. This allows to see newly generated LDAP users instantly in Gitblit. By now an LDAP user had to log in once to appear in GitBlit.
---
src/com/gitblit/wicket/pages/EditUserPage.java | 151 +++++++++++++++++++++++++++++--------------------
1 files changed, 89 insertions(+), 62 deletions(-)
diff --git a/src/com/gitblit/wicket/pages/EditUserPage.java b/src/com/gitblit/wicket/pages/EditUserPage.java
index 142a542..80f09db 100644
--- a/src/com/gitblit/wicket/pages/EditUserPage.java
+++ b/src/com/gitblit/wicket/pages/EditUserPage.java
@@ -22,10 +22,10 @@
import java.util.List;
import org.apache.wicket.PageParameters;
+import org.apache.wicket.behavior.SimpleAttributeModifier;
import org.apache.wicket.extensions.markup.html.form.palette.Palette;
import org.apache.wicket.markup.html.form.Button;
import org.apache.wicket.markup.html.form.CheckBox;
-import org.apache.wicket.markup.html.form.ChoiceRenderer;
import org.apache.wicket.markup.html.form.Form;
import org.apache.wicket.markup.html.form.PasswordTextField;
import org.apache.wicket.markup.html.form.TextField;
@@ -34,27 +34,35 @@
import org.apache.wicket.model.util.CollectionModel;
import org.apache.wicket.model.util.ListModel;
-import com.gitblit.Constants.AccessRestrictionType;
+import com.gitblit.Constants.RegistrantType;
import com.gitblit.GitBlit;
import com.gitblit.GitBlitException;
import com.gitblit.Keys;
-import com.gitblit.models.RepositoryModel;
+import com.gitblit.models.RegistrantAccessPermission;
import com.gitblit.models.TeamModel;
import com.gitblit.models.UserModel;
import com.gitblit.utils.StringUtils;
import com.gitblit.wicket.RequiresAdminRole;
+import com.gitblit.wicket.StringChoiceRenderer;
import com.gitblit.wicket.WicketUtils;
+import com.gitblit.wicket.panels.RegistrantPermissionsPanel;
@RequiresAdminRole
public class EditUserPage extends RootSubPage {
private final boolean isCreate;
-
+
public EditUserPage() {
// create constructor
super();
+ if (!GitBlit.self().supportsCredentialChanges()) {
+ error(MessageFormat.format(getString("gb.userServiceDoesNotPermitAddUser"),
+ GitBlit.getString(Keys.realm.userService, "users.conf")), true);
+ }
isCreate = true;
setupPage(new UserModel(""));
+ setStatelessHint(false);
+ setOutputMarkupId(true);
}
public EditUserPage(PageParameters params) {
@@ -64,6 +72,13 @@
String name = WicketUtils.getUsername(params);
UserModel model = GitBlit.self().getUserModel(name);
setupPage(model);
+ setStatelessHint(false);
+ setOutputMarkupId(true);
+ }
+
+ @Override
+ protected boolean requiresPageMap() {
+ return true;
}
protected void setupPage(final UserModel userModel) {
@@ -77,13 +92,9 @@
StringUtils.isEmpty(userModel.password) ? "" : userModel.password);
CompoundPropertyModel<UserModel> model = new CompoundPropertyModel<UserModel>(userModel);
- List<String> repos = new ArrayList<String>();
- for (String repo : GitBlit.self().getRepositoryList()) {
- RepositoryModel repositoryModel = GitBlit.self().getRepositoryModel(repo);
- if (repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE)) {
- repos.add(repo);
- }
- }
+ // build list of projects including all repositories wildcards
+ List<String> repos = getAccessRestrictedRepositoryList(true, userModel);
+
List<String> userTeams = new ArrayList<String>();
for (TeamModel team : userModel.teams) {
userTeams.add(team.name);
@@ -91,16 +102,15 @@
Collections.sort(userTeams);
final String oldName = userModel.username;
- final Palette<String> repositories = new Palette<String>("repositories",
- new ListModel<String>(new ArrayList<String>(userModel.repositories)),
- new CollectionModel<String>(repos), new ChoiceRenderer<String>("", ""), 10, false);
+ final List<RegistrantAccessPermission> permissions = GitBlit.self().getUserAccessPermissions(userModel);
+
final Palette<String> teams = new Palette<String>("teams", new ListModel<String>(
new ArrayList<String>(userTeams)), new CollectionModel<String>(GitBlit.self()
- .getAllTeamnames()), new ChoiceRenderer<String>("", ""), 10, false);
+ .getAllTeamnames()), new StringChoiceRenderer(), 10, false);
Form<UserModel> form = new Form<UserModel>("editForm", model) {
private static final long serialVersionUID = 1L;
-
+
/*
* (non-Javadoc)
*
@@ -109,7 +119,7 @@
@Override
protected void onSubmit() {
if (StringUtils.isEmpty(userModel.username)) {
- error("Please enter a username!");
+ error(getString("gb.pleaseSetUsername"));
return;
}
// force username to lower-case
@@ -118,56 +128,54 @@
if (isCreate) {
UserModel model = GitBlit.self().getUserModel(username);
if (model != null) {
- error(MessageFormat.format("Username ''{0}'' is unavailable.", username));
+ error(MessageFormat.format(getString("gb.usernameUnavailable"), username));
return;
}
}
boolean rename = !StringUtils.isEmpty(oldName)
&& !oldName.equalsIgnoreCase(username);
- if (!userModel.password.equals(confirmPassword.getObject())) {
- error("Passwords do not match!");
- return;
- }
- String password = userModel.password;
- if (!password.toUpperCase().startsWith(StringUtils.MD5_TYPE)
- && !password.toUpperCase().startsWith(StringUtils.COMBINED_MD5_TYPE)) {
- // This is a plain text password.
- // Check length.
- int minLength = GitBlit.getInteger(Keys.realm.minPasswordLength, 5);
- if (minLength < 4) {
- minLength = 4;
- }
- if (password.trim().length() < minLength) {
- error(MessageFormat.format(
- "Password is too short. Minimum length is {0} characters.",
- minLength));
+ if (GitBlit.self().supportsCredentialChanges()) {
+ if (!userModel.password.equals(confirmPassword.getObject())) {
+ error(getString("gb.passwordsDoNotMatch"));
return;
}
-
- // Optionally store the password MD5 digest.
- String type = GitBlit.getString(Keys.realm.passwordStorage, "md5");
- if (type.equalsIgnoreCase("md5")) {
- // store MD5 digest of password
- userModel.password = StringUtils.MD5_TYPE
- + StringUtils.getMD5(userModel.password);
- } else if (type.equalsIgnoreCase("combined-md5")) {
- // store MD5 digest of username+password
- userModel.password = StringUtils.COMBINED_MD5_TYPE
- + StringUtils.getMD5(username + userModel.password);
+ String password = userModel.password;
+ if (!password.toUpperCase().startsWith(StringUtils.MD5_TYPE)
+ && !password.toUpperCase().startsWith(StringUtils.COMBINED_MD5_TYPE)) {
+ // This is a plain text password.
+ // Check length.
+ int minLength = GitBlit.getInteger(Keys.realm.minPasswordLength, 5);
+ if (minLength < 4) {
+ minLength = 4;
+ }
+ if (password.trim().length() < minLength) {
+ error(MessageFormat.format(getString("gb.passwordTooShort"),
+ minLength));
+ return;
+ }
+
+ // Optionally store the password MD5 digest.
+ String type = GitBlit.getString(Keys.realm.passwordStorage, "md5");
+ if (type.equalsIgnoreCase("md5")) {
+ // store MD5 digest of password
+ userModel.password = StringUtils.MD5_TYPE
+ + StringUtils.getMD5(userModel.password);
+ } else if (type.equalsIgnoreCase("combined-md5")) {
+ // store MD5 digest of username+password
+ userModel.password = StringUtils.COMBINED_MD5_TYPE
+ + StringUtils.getMD5(username + userModel.password);
+ }
+ } else if (rename
+ && password.toUpperCase().startsWith(StringUtils.COMBINED_MD5_TYPE)) {
+ error(getString("gb.combinedMd5Rename"));
+ return;
}
- } else if (rename
- && password.toUpperCase().startsWith(StringUtils.COMBINED_MD5_TYPE)) {
- error("Gitblit is configured for combined-md5 password hashing. You must enter a new password on account rename.");
- return;
}
- Iterator<String> selectedRepositories = repositories.getSelectedChoices();
- List<String> repos = new ArrayList<String>();
- while (selectedRepositories.hasNext()) {
- repos.add(selectedRepositories.next().toLowerCase());
+ // update user permissions
+ for (RegistrantAccessPermission repositoryPermission : permissions) {
+ userModel.setRepositoryPermission(repositoryPermission.registrant, repositoryPermission.permission);
}
- userModel.repositories.clear();
- userModel.repositories.addAll(repos);
Iterator<String> selectedTeams = teams.getSelectedChoices();
userModel.teams.clear();
@@ -188,7 +196,7 @@
setRedirect(false);
if (isCreate) {
// create another user
- info(MessageFormat.format("New user ''{0}'' successfully created.",
+ info(MessageFormat.format(getString("gb.userCreated"),
userModel.username));
setResponsePage(EditUserPage.class);
} else {
@@ -197,20 +205,39 @@
}
}
};
+
+ // do not let the browser pre-populate these fields
+ form.add(new SimpleAttributeModifier("autocomplete", "off"));
+
+ // not all user services support manipulating username and password
+ boolean editCredentials = GitBlit.self().supportsCredentialChanges();
+
+ // not all user services support manipulating display name
+ boolean editDisplayName = GitBlit.self().supportsDisplayNameChanges();
+
+ // not all user services support manipulating email address
+ boolean editEmailAddress = GitBlit.self().supportsEmailAddressChanges();
+
+ // not all user services support manipulating team memberships
+ boolean editTeams = GitBlit.self().supportsTeamMembershipChanges();
// field names reflective match UserModel fields
- form.add(new TextField<String>("username"));
+ form.add(new TextField<String>("username").setEnabled(editCredentials));
PasswordTextField passwordField = new PasswordTextField("password");
passwordField.setResetPassword(false);
- form.add(passwordField);
+ form.add(passwordField.setEnabled(editCredentials));
PasswordTextField confirmPasswordField = new PasswordTextField("confirmPassword",
confirmPassword);
confirmPasswordField.setResetPassword(false);
- form.add(confirmPasswordField);
+ form.add(confirmPasswordField.setEnabled(editCredentials));
+ form.add(new TextField<String>("displayName").setEnabled(editDisplayName));
+ form.add(new TextField<String>("emailAddress").setEnabled(editEmailAddress));
form.add(new CheckBox("canAdmin"));
+ form.add(new CheckBox("canFork"));
+ form.add(new CheckBox("canCreate"));
form.add(new CheckBox("excludeFromFederation"));
- form.add(repositories);
- form.add(teams);
+ form.add(new RegistrantPermissionsPanel("repositories", RegistrantType.REPOSITORY, repos, permissions, getAccessPermissions()));
+ form.add(teams.setEnabled(editTeams));
form.add(new Button("save"));
Button cancel = new Button("cancel") {
--
Gitblit v1.9.1