From f3b625d298bab922c64192c25914e352bd87e59e Mon Sep 17 00:00:00 2001
From: John Crygier <john.crygier@aon.com>
Date: Tue, 10 Apr 2012 13:48:06 -0400
Subject: [PATCH] Rework LDAP implementation with unboundid.  Also allows for an LDAP server to be started with Gitblit GO (backed by an LDIF file).

---
 src/com/gitblit/ConfigUserService.java |   52 +++++++++++++++++++++++++++++++++++++++++-----------
 1 files changed, 41 insertions(+), 11 deletions(-)

diff --git a/src/com/gitblit/ConfigUserService.java b/src/com/gitblit/ConfigUserService.java
index c3d42df..828ba76 100644
--- a/src/com/gitblit/ConfigUserService.java
+++ b/src/com/gitblit/ConfigUserService.java
@@ -35,6 +35,7 @@
 
 import com.gitblit.models.TeamModel;
 import com.gitblit.models.UserModel;
+import com.gitblit.utils.ArrayUtils;
 import com.gitblit.utils.DeepCopier;
 import com.gitblit.utils.StringUtils;
 
@@ -81,6 +82,8 @@
 	private final Map<String, TeamModel> teams = new ConcurrentHashMap<String, TeamModel>();
 
 	private volatile long lastModified;
+	
+	private volatile boolean forceReload;
 
 	public ConfigUserService(File realmFile) {
 		this.realmFile = realmFile;
@@ -96,6 +99,27 @@
 	public void setup(IStoredSettings settings) {
 	}
 
+	/**
+	 * Does the user service support changes to credentials?
+	 * 
+	 * @return true or false
+	 * @since 1.0.0
+	 */
+	@Override
+	public boolean supportsCredentialChanges() {
+		return true;
+	}
+	
+	/**
+	 * Does the user service support changes to team memberships?
+	 * 
+	 * @return true or false
+	 * @since 1.0.0
+	 */	
+	public boolean supportsTeamMembershipChanges() {
+		return true;
+	}
+	
 	/**
 	 * Does the user service support cookie authentication?
 	 * 
@@ -653,7 +677,9 @@
 
 		// write users
 		for (UserModel model : users.values()) {
-			config.setString(USER, model.username, PASSWORD, model.password);
+			if (!StringUtils.isEmpty(model.password)) {
+				config.setString(USER, model.username, PASSWORD, model.password);
+			}
 
 			// user roles
 			List<String> roles = new ArrayList<String>();
@@ -668,7 +694,7 @@
 			// repository memberships
 			// null check on "final" repositories because JSON-sourced UserModel
 			// can have a null repositories object
-			if (model.repositories != null) {
+			if (!ArrayUtils.isEmpty(model.repositories)) {
 				config.setStringList(USER, model.username, REPOSITORY, new ArrayList<String>(
 						model.repositories));
 			}
@@ -678,38 +704,41 @@
 		for (TeamModel model : teams.values()) {
 			// null check on "final" repositories because JSON-sourced TeamModel
 			// can have a null repositories object
-			if (model.repositories != null) {
+			if (!ArrayUtils.isEmpty(model.repositories)) {
 				config.setStringList(TEAM, model.name, REPOSITORY, new ArrayList<String>(
 						model.repositories));
 			}
 
 			// null check on "final" users because JSON-sourced TeamModel
 			// can have a null users object
-			if (model.users != null) {
+			if (!ArrayUtils.isEmpty(model.users)) {
 				config.setStringList(TEAM, model.name, USER, new ArrayList<String>(model.users));
 			}
 
 			// null check on "final" mailing lists because JSON-sourced
 			// TeamModel can have a null users object
-			if (model.mailingLists != null) {
+			if (!ArrayUtils.isEmpty(model.mailingLists)) {
 				config.setStringList(TEAM, model.name, MAILINGLIST, new ArrayList<String>(
 						model.mailingLists));
 			}
 
 			// null check on "final" preReceiveScripts because JSON-sourced
 			// TeamModel can have a null preReceiveScripts object
-			if (model.preReceiveScripts != null) {
+			if (!ArrayUtils.isEmpty(model.preReceiveScripts)) {
 				config.setStringList(TEAM, model.name, PRERECEIVE, model.preReceiveScripts);
 			}
 
 			// null check on "final" postReceiveScripts because JSON-sourced
 			// TeamModel can have a null postReceiveScripts object
-			if (model.postReceiveScripts != null) {
+			if (!ArrayUtils.isEmpty(model.postReceiveScripts)) {
 				config.setStringList(TEAM, model.name, POSTRECEIVE, model.postReceiveScripts);
 			}
 		}
 
 		config.save();
+		// manually set the forceReload flag because not all JVMs support real
+		// millisecond resolution of lastModified. (issue-55)
+		forceReload = true;
 
 		// If the write is successful, delete the current file and rename
 		// the temporary copy to the original filename.
@@ -734,7 +763,8 @@
 	 * Reads the realm file and rebuilds the in-memory lookup tables.
 	 */
 	protected synchronized void read() {
-		if (realmFile.exists() && (realmFile.lastModified() > lastModified)) {
+		if (realmFile.exists() && (forceReload || (realmFile.lastModified() != lastModified))) {
+			forceReload = false;
 			lastModified = realmFile.lastModified();
 			users.clear();
 			cookies.clear();
@@ -745,7 +775,7 @@
 				config.load();
 				Set<String> usernames = config.getSubsections(USER);
 				for (String username : usernames) {
-					UserModel user = new UserModel(username);
+					UserModel user = new UserModel(username.toLowerCase());
 					user.password = config.getString(USER, username, PASSWORD);
 
 					// user roles
@@ -762,8 +792,8 @@
 					}
 
 					// update cache
-					users.put(username, user);
-					cookies.put(StringUtils.getSHA1(username + user.password), user);
+					users.put(user.username, user);
+					cookies.put(StringUtils.getSHA1(user.username + user.password), user);
 				}
 
 				// load the teams

--
Gitblit v1.9.1