From 357109c5a5518db5925f49a6700a87e7ed30ca14 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 28 Dec 2011 16:19:29 -0500
Subject: [PATCH] Unit testing. Documentation.
---
src/com/gitblit/wicket/AuthorizationStrategy.java | 79 +++++++++++++++++++++++++++++----------
1 files changed, 59 insertions(+), 20 deletions(-)
diff --git a/src/com/gitblit/wicket/AuthorizationStrategy.java b/src/com/gitblit/wicket/AuthorizationStrategy.java
index b73e849..452215a 100644
--- a/src/com/gitblit/wicket/AuthorizationStrategy.java
+++ b/src/com/gitblit/wicket/AuthorizationStrategy.java
@@ -1,3 +1,18 @@
+/*
+ * Copyright 2011 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package com.gitblit.wicket;
import org.apache.wicket.Component;
@@ -5,9 +20,14 @@
import org.apache.wicket.authorization.IUnauthorizedComponentInstantiationListener;
import org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy;
+import com.gitblit.GitBlit;
+import com.gitblit.Keys;
+import com.gitblit.models.UserModel;
+import com.gitblit.wicket.pages.BasePage;
import com.gitblit.wicket.pages.RepositoriesPage;
-public class AuthorizationStrategy extends AbstractPageAuthorizationStrategy implements IUnauthorizedComponentInstantiationListener {
+public class AuthorizationStrategy extends AbstractPageAuthorizationStrategy implements
+ IUnauthorizedComponentInstantiationListener {
public AuthorizationStrategy() {
}
@@ -15,31 +35,50 @@
@SuppressWarnings({ "unchecked", "rawtypes" })
@Override
protected boolean isPageAuthorized(Class pageClass) {
- if (BasePage.class.isAssignableFrom(pageClass))
- return isAuthorized(pageClass);
- // Return contruction by default
+ if (RepositoriesPage.class.equals(pageClass)) {
+ // allow all requests to get to the RepositoriesPage with its inline
+ // authentication form
+ return true;
+ }
+
+ if (BasePage.class.isAssignableFrom(pageClass)) {
+ boolean authenticateView = GitBlit.getBoolean(Keys.web.authenticateViewPages, true);
+ boolean authenticateAdmin = GitBlit.getBoolean(Keys.web.authenticateAdminPages, true);
+ boolean allowAdmin = GitBlit.getBoolean(Keys.web.allowAdministration, true);
+
+ GitBlitWebSession session = GitBlitWebSession.get();
+ if (authenticateView && !session.isLoggedIn()) {
+ // authentication required
+ return false;
+ }
+
+ UserModel user = session.getUser();
+ if (pageClass.isAnnotationPresent(RequiresAdminRole.class)) {
+ // admin page
+ if (allowAdmin) {
+ if (authenticateAdmin) {
+ // authenticate admin
+ if (user != null) {
+ return user.canAdmin;
+ }
+ return false;
+ } else {
+ // no admin authentication required
+ return true;
+ }
+ } else {
+ // admin prohibited
+ return false;
+ }
+ }
+ }
return true;
}
@Override
public void onUnauthorizedInstantiation(Component component) {
if (component instanceof BasePage) {
- GitBlitWebSession session = GitBlitWebSession.get();
- if (!session.isLoggedIn())
- throw new RestartResponseAtInterceptPageException(LoginPage.class);
- else
- throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);
+ throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);
}
- }
-
- protected boolean isAuthorized(Class<? extends BasePage> pageClass) {
- GitBlitWebSession session = GitBlitWebSession.get();
- if (!session.isLoggedIn())
- return false;
- User user = session.getUser();
- if (pageClass.isAnnotationPresent(AdminPage.class)) {
-
- }
- return true;
}
}
--
Gitblit v1.9.1