From 2ea85bfe371215ef21fcd528bc40fa57c48ee698 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 31 Oct 2012 16:38:03 -0400
Subject: [PATCH] Personal repositories must always be owned by the account the repo is stored in

---
 src/com/gitblit/wicket/AuthorizationStrategy.java |   13 ++++++++++---
 1 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/com/gitblit/wicket/AuthorizationStrategy.java b/src/com/gitblit/wicket/AuthorizationStrategy.java
index 19bee6d..21bd1b7 100644
--- a/src/com/gitblit/wicket/AuthorizationStrategy.java
+++ b/src/com/gitblit/wicket/AuthorizationStrategy.java
@@ -16,7 +16,7 @@
 package com.gitblit.wicket;
 
 import org.apache.wicket.Component;
-import org.apache.wicket.RestartResponseAtInterceptPageException;
+import org.apache.wicket.RestartResponseException;
 import org.apache.wicket.authorization.IUnauthorizedComponentInstantiationListener;
 import org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy;
 
@@ -35,6 +35,12 @@
 	@SuppressWarnings({ "unchecked", "rawtypes" })
 	@Override
 	protected boolean isPageAuthorized(Class pageClass) {
+		if (RepositoriesPage.class.equals(pageClass)) {
+			// allow all requests to get to the RepositoriesPage with its inline
+			// authentication form
+			return true;
+		}
+
 		if (BasePage.class.isAssignableFrom(pageClass)) {
 			boolean authenticateView = GitBlit.getBoolean(Keys.web.authenticateViewPages, true);
 			boolean authenticateAdmin = GitBlit.getBoolean(Keys.web.authenticateAdminPages, true);
@@ -43,6 +49,7 @@
 			GitBlitWebSession session = GitBlitWebSession.get();
 			if (authenticateView && !session.isLoggedIn()) {
 				// authentication required
+				session.cacheRequest(pageClass);
 				return false;
 			}
 
@@ -53,7 +60,7 @@
 					if (authenticateAdmin) {
 						// authenticate admin
 						if (user != null) {
-							return user.canAdmin;
+							return user.canAdmin();
 						}
 						return false;
 					} else {
@@ -72,7 +79,7 @@
 	@Override
 	public void onUnauthorizedInstantiation(Component component) {
 		if (component instanceof BasePage) {
-			throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);
+			throw new RestartResponseException(RepositoriesPage.class);
 		}
 	}
 }

--
Gitblit v1.9.1