From abd3cc2d610981493b5e9333108d271ae37f7726 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Sat, 12 Jan 2013 19:51:42 -0500
Subject: [PATCH] Refresh authenticated user model for each page request (issue-186)

---
 src/com/gitblit/wicket/pages/BasePage.java |    5 ++++-
 1 files changed, 4 insertions(+), 1 deletions(-)

diff --git a/src/com/gitblit/wicket/pages/BasePage.java b/src/com/gitblit/wicket/pages/BasePage.java
index 9f98135..c733c99 100644
--- a/src/com/gitblit/wicket/pages/BasePage.java
+++ b/src/com/gitblit/wicket/pages/BasePage.java
@@ -136,7 +136,10 @@
 	private void login() {
 		GitBlitWebSession session = GitBlitWebSession.get();
 		if (session.isLoggedIn() && !session.isSessionInvalidated()) {
-			// already have a session
+			// already have a session, refresh usermodel to pick up
+			// any changes to permissions or roles (issue-186)
+			UserModel user = GitBlit.self().getUserModel(session.getUser().username);
+			session.setUser(user);
 			return;
 		}
 		

--
Gitblit v1.9.1