From 52b26fd0c7a0e3bc561cdcd11ffa776535f80ff5 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 20 Jun 2013 17:31:55 -0400
Subject: [PATCH] Documentation

---
 src/main/java/com/gitblit/GitBlit.java |   69 +++++++++++++++++++++++++++++-----
 1 files changed, 59 insertions(+), 10 deletions(-)

diff --git a/src/main/java/com/gitblit/GitBlit.java b/src/main/java/com/gitblit/GitBlit.java
index df17edd..c6e24d7 100644
--- a/src/main/java/com/gitblit/GitBlit.java
+++ b/src/main/java/com/gitblit/GitBlit.java
@@ -509,7 +509,7 @@
 		if (user == null) {
 			user = UserModel.ANONYMOUS;
 		}
-		String username = UserModel.ANONYMOUS.equals(user) ? "" : user.username;
+		String username = encodeUsername(UserModel.ANONYMOUS.equals(user) ? "" : user.username);
 
 		List<RepositoryUrl> list = new ArrayList<RepositoryUrl>();
 		// http/https url
@@ -681,7 +681,15 @@
 	 * @return true if the user service supports credential changes
 	 */
 	public boolean supportsCredentialChanges(UserModel user) {
-		return (user != null && user.isLocalAccount()) || userService.supportsCredentialChanges();
+		if (user == null) {
+			return false;
+		} else if (!Constants.EXTERNAL_ACCOUNT.equals(user.password)) {
+			// credentials likely maintained by Gitblit
+			return userService.supportsCredentialChanges();
+		} else {
+			// credentials are externally maintained
+			return false;
+		}
 	}
 
 	/**
@@ -727,6 +735,7 @@
 			// can not authenticate empty username
 			return null;
 		}
+		String usernameDecoded = decodeUsername(username);
 		String pw = new String(password);
 		if (StringUtils.isEmpty(pw)) {
 			// can not authenticate empty password
@@ -735,7 +744,7 @@
 
 		// check to see if this is the federation user
 		if (canFederate()) {
-			if (username.equalsIgnoreCase(Constants.FEDERATION_USER)) {
+			if (usernameDecoded.equalsIgnoreCase(Constants.FEDERATION_USER)) {
 				List<String> tokens = getFederationTokens();
 				if (tokens.contains(pw)) {
 					// the federation user is an administrator
@@ -750,7 +759,7 @@
 		if (userService == null) {
 			return null;
 		}
-		return userService.authenticate(username, password);
+		return userService.authenticate(usernameDecoded, password);
 	}
 
 	/**
@@ -827,11 +836,22 @@
 		Principal principal = httpRequest.getUserPrincipal();
 		if (principal != null) {
 			String username = principal.getName();
-			if (StringUtils.isEmpty(username)) {
+			if (!StringUtils.isEmpty(username)) {
 				UserModel user = getUserModel(username);
 				if (user != null) {
+					// existing user
 					flagWicketSession(AuthenticationType.CONTAINER);
 					logger.debug(MessageFormat.format("{0} authenticated by servlet container principal from {1}",
+							user.username, httpRequest.getRemoteAddr()));
+					return user;
+				} else if (settings.getBoolean(Keys.realm.container.autoCreateAccounts, true)) {
+					// auto-create user from an authenticated container principal
+					user = new UserModel(username.toLowerCase());
+					user.displayName = username;
+					user.password = Constants.EXTERNAL_ACCOUNT;
+					userService.updateUserModel(user);
+					flagWicketSession(AuthenticationType.CONTAINER);
+					logger.debug(MessageFormat.format("{0} authenticated and created by servlet container principal from {1}",
 							user.username, httpRequest.getRemoteAddr()));
 					return user;
 				} else {
@@ -910,7 +930,10 @@
 		if (userService == null) {
 			return;
 		}
-		if (userService.supportsCookies()) {
+		GitBlitWebSession session = GitBlitWebSession.get();
+		boolean standardLogin = session.authenticationType.isStandard();
+
+		if (userService.supportsCookies() && standardLogin) {
 			Cookie userCookie;
 			if (user == null) {
 				// clear cookie for logout
@@ -945,6 +968,26 @@
 	}
 
 	/**
+	 * Encode the username for user in an url.
+	 * 
+	 * @param name
+	 * @return the encoded name
+	 */
+	protected String encodeUsername(String name) {
+		return name.replace("@", "%40").replace(" ", "%20").replace("\\", "%5C");	
+	}
+
+	/**
+	 * Decode a username from an encoded url.
+	 * 
+	 * @param name
+	 * @return the decoded name
+	 */
+	protected String decodeUsername(String name) {
+		return name.replace("%40", "@").replace("%20", " ").replace("%5C", "\\");
+	}
+	
+	/**
 	 * Returns the list of all users available to the login service.
 	 * 
 	 * @see IUserService.getAllUsernames()
@@ -977,7 +1020,8 @@
 		if (StringUtils.isEmpty(username)) {
 			return false;
 		}
-		return userService.deleteUser(username);
+		String usernameDecoded = decodeUsername(username);
+		return userService.deleteUser(usernameDecoded);
 	}
 
 	/**
@@ -991,7 +1035,8 @@
 		if (StringUtils.isEmpty(username)) {
 			return null;
 		}
-		UserModel user = userService.getUserModel(username);		
+		String usernameDecoded = decodeUsername(username);
+		UserModel user = userService.getUserModel(usernameDecoded);		
 		return user;
 	}
 	
@@ -3009,7 +3054,9 @@
 		if (repository != null) {
 			for (String teamname : userService.getTeamnamesForRepositoryRole(repository.name)) {
 				TeamModel team = userService.getTeamModel(teamname);
-				scripts.addAll(team.preReceiveScripts);
+				if (!ArrayUtils.isEmpty(team.preReceiveScripts)) {
+					scripts.addAll(team.preReceiveScripts);
+				}
 			}
 		}
 		return new ArrayList<String>(scripts);
@@ -3059,7 +3106,9 @@
 		if (repository != null) {
 			for (String teamname : userService.getTeamnamesForRepositoryRole(repository.name)) {
 				TeamModel team = userService.getTeamModel(teamname);
-				scripts.addAll(team.postReceiveScripts);
+				if (!ArrayUtils.isEmpty(team.postReceiveScripts)) {
+					scripts.addAll(team.postReceiveScripts);
+				}
 			}
 		}
 		return new ArrayList<String>(scripts);

--
Gitblit v1.9.1