From e9de3f7fd55dd4d4535cd7b2fc2bee8094152e39 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Sat, 17 Mar 2012 12:09:01 -0400
Subject: [PATCH] Implemented RPC administration of indexed branches
---
src/com/gitblit/wicket/AuthorizationStrategy.java | 64 +++++++++++++++++++++++++++-----
1 files changed, 54 insertions(+), 10 deletions(-)
diff --git a/src/com/gitblit/wicket/AuthorizationStrategy.java b/src/com/gitblit/wicket/AuthorizationStrategy.java
index 0a9d652..452215a 100644
--- a/src/com/gitblit/wicket/AuthorizationStrategy.java
+++ b/src/com/gitblit/wicket/AuthorizationStrategy.java
@@ -1,3 +1,18 @@
+/*
+ * Copyright 2011 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package com.gitblit.wicket;
import org.apache.wicket.Component;
@@ -5,9 +20,14 @@
import org.apache.wicket.authorization.IUnauthorizedComponentInstantiationListener;
import org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy;
+import com.gitblit.GitBlit;
+import com.gitblit.Keys;
+import com.gitblit.models.UserModel;
+import com.gitblit.wicket.pages.BasePage;
import com.gitblit.wicket.pages.RepositoriesPage;
-public class AuthorizationStrategy extends AbstractPageAuthorizationStrategy implements IUnauthorizedComponentInstantiationListener {
+public class AuthorizationStrategy extends AbstractPageAuthorizationStrategy implements
+ IUnauthorizedComponentInstantiationListener {
public AuthorizationStrategy() {
}
@@ -15,13 +35,41 @@
@SuppressWarnings({ "unchecked", "rawtypes" })
@Override
protected boolean isPageAuthorized(Class pageClass) {
+ if (RepositoriesPage.class.equals(pageClass)) {
+ // allow all requests to get to the RepositoriesPage with its inline
+ // authentication form
+ return true;
+ }
+
if (BasePage.class.isAssignableFrom(pageClass)) {
+ boolean authenticateView = GitBlit.getBoolean(Keys.web.authenticateViewPages, true);
+ boolean authenticateAdmin = GitBlit.getBoolean(Keys.web.authenticateAdminPages, true);
+ boolean allowAdmin = GitBlit.getBoolean(Keys.web.allowAdministration, true);
+
GitBlitWebSession session = GitBlitWebSession.get();
- if (!session.isLoggedIn())
+ if (authenticateView && !session.isLoggedIn()) {
+ // authentication required
return false;
- User user = session.getUser();
- if (pageClass.isAnnotationPresent(AdminPage.class)) {
- return user.canAdmin();
+ }
+
+ UserModel user = session.getUser();
+ if (pageClass.isAnnotationPresent(RequiresAdminRole.class)) {
+ // admin page
+ if (allowAdmin) {
+ if (authenticateAdmin) {
+ // authenticate admin
+ if (user != null) {
+ return user.canAdmin;
+ }
+ return false;
+ } else {
+ // no admin authentication required
+ return true;
+ }
+ } else {
+ // admin prohibited
+ return false;
+ }
}
}
return true;
@@ -30,11 +78,7 @@
@Override
public void onUnauthorizedInstantiation(Component component) {
if (component instanceof BasePage) {
- GitBlitWebSession session = GitBlitWebSession.get();
- if (!session.isLoggedIn())
- throw new RestartResponseAtInterceptPageException(LoginPage.class);
- else
- throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);
+ throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);
}
}
}
--
Gitblit v1.9.1