From a502d96a860456ec5e8c96761db70f7cabb74751 Mon Sep 17 00:00:00 2001
From: Paul Martin <paul@paulsputer.com>
Date: Sat, 30 Apr 2016 04:19:14 -0400
Subject: [PATCH] Merge pull request #1073 from gitblit/1062-DocEditorUpdates

---
 src/main/java/com/gitblit/auth/AuthenticationProvider.java |  147 ++++++++++++++++++++++++++++++++++++++++++------
 1 files changed, 127 insertions(+), 20 deletions(-)

diff --git a/src/main/java/com/gitblit/auth/AuthenticationProvider.java b/src/main/java/com/gitblit/auth/AuthenticationProvider.java
index b8aaf07..0bfe235 100644
--- a/src/main/java/com/gitblit/auth/AuthenticationProvider.java
+++ b/src/main/java/com/gitblit/auth/AuthenticationProvider.java
@@ -16,16 +16,24 @@
 package com.gitblit.auth;
 
 import java.io.File;
+import java.math.BigInteger;
+
+import javax.servlet.http.HttpServletRequest;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import com.gitblit.Constants.AccountType;
+import com.gitblit.Constants.Role;
+import com.gitblit.Constants.AuthenticationType;
 import com.gitblit.IStoredSettings;
 import com.gitblit.manager.IRuntimeManager;
 import com.gitblit.manager.IUserManager;
 import com.gitblit.models.TeamModel;
 import com.gitblit.models.UserModel;
+import com.gitblit.utils.ArrayUtils;
+import com.gitblit.utils.DeepCopier;
+import com.gitblit.utils.StringUtils;
 
 public abstract class AuthenticationProvider {
 
@@ -68,37 +76,77 @@
 		return serviceName;
 	}
 
+	public abstract AuthenticationType getAuthenticationType();
+
+	protected void setCookie(UserModel user, char [] password) {
+		// create a user cookie
+		if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {
+			user.cookie = StringUtils.getSHA1(user.username + new String(password));
+		}
+	}
+
 	protected void updateUser(UserModel userModel) {
-		// TODO implement user model change detection
-		// account for new user and revised user
+		final UserModel userLocalDB = userManager.getUserModel(userModel.getName());
 
-		// username
-		// displayname
-		// email address
-		// cookie
+		// Establish the checksum of the current version of the user
+		final BigInteger userCurrentCheck = DeepCopier.checksum(userModel);
 
-		userManager.updateUserModel(userModel);
+		// Establish the checksum of the stored version of the user
+		final BigInteger userLocalDBcheck = DeepCopier.checksum(userLocalDB);
+
+		// Compare the checksums
+		if (!userCurrentCheck.equals(userLocalDBcheck)) {
+			// If mismatch, save the new instance.
+			userManager.updateUserModel(userModel);
+		}
 	}
 
 	protected void updateTeam(TeamModel teamModel) {
-		// TODO implement team model change detection
-		// account for new team and revised team
+		final TeamModel teamLocalDB = userManager.getTeamModel(teamModel.name);
 
-		// memberships
+		// Establish the checksum of the current version of the team
+		final BigInteger teamCurrentCheck = DeepCopier.checksum(teamModel);
 
-		userManager.updateTeamModel(teamModel);
+		// Establish the checksum of the stored version of the team
+		final BigInteger teamLocalDBcheck = DeepCopier.checksum(teamLocalDB);
+
+		// Compare the checksums
+		if (!teamCurrentCheck.equals(teamLocalDBcheck)) {
+			// If mismatch, save the new instance.
+			userManager.updateTeamModel(teamModel);
+		}
 	}
 
 	public abstract void setup();
 
+	public abstract void stop();
+
+	/**
+	 * Used to handle requests for requests for pages requiring authentication.
+	 * This allows authentication to occur based on the contents of the request
+	 * itself.
+	 *
+	 * @param httpRequest
+	 * @return
+	 */
+	public abstract UserModel authenticate(HttpServletRequest httpRequest);
+
+	/**
+	 * Used to authentication user/password credentials, both for login form
+	 * and HTTP Basic authentication processing.
+	 *
+	 * @param username
+	 * @param password
+	 * @return
+	 */
 	public abstract UserModel authenticate(String username, char[] password);
 
 	public abstract AccountType getAccountType();
 
 	/**
-	 * Does the user service support changes to credentials?
+	 * Returns true if the users's credentials can be changed.
 	 *
-	 * @return true or false
+	 * @return true if the authentication provider supports credential changes
 	 * @since 1.0.0
 	 */
 	public abstract boolean supportsCredentialChanges();
@@ -107,7 +155,7 @@
 	 * Returns true if the user's display name can be changed.
 	 *
 	 * @param user
-	 * @return true if the user service supports display name changes
+	 * @return true if the authentication provider supports display name changes
 	 */
 	public abstract boolean supportsDisplayNameChanges();
 
@@ -115,7 +163,7 @@
 	 * Returns true if the user's email address can be changed.
 	 *
 	 * @param user
-	 * @return true if the user service supports email address changes
+	 * @return true if the authentication provider supports email address changes
 	 */
 	public abstract boolean supportsEmailAddressChanges();
 
@@ -123,9 +171,27 @@
 	 * Returns true if the user's team memberships can be changed.
 	 *
 	 * @param user
-	 * @return true if the user service supports team membership changes
+	 * @return true if the authentication provider supports team membership changes
 	 */
 	public abstract boolean supportsTeamMembershipChanges();
+
+	/**
+	 * Returns true if the user's role can be changed.
+	 *
+	 * @param user
+	 * @param role
+	 * @return true if the user's role can be changed
+	 */
+	public abstract boolean supportsRoleChanges(UserModel user, Role role);
+
+	/**
+	 * Returns true if the team's role can be changed.
+	 *
+	 * @param user
+	 * @param role
+	 * @return true if the team's role can be changed
+	 */
+	public abstract boolean supportsRoleChanges(TeamModel team, Role role);
 
     @Override
     public String toString() {
@@ -136,6 +202,21 @@
     	protected UsernamePasswordAuthenticationProvider(String serviceName) {
     		super(serviceName);
     	}
+
+		@Override
+		public UserModel authenticate(HttpServletRequest httpRequest) {
+			return null;
+		}
+
+		@Override
+		public AuthenticationType getAuthenticationType() {
+			return AuthenticationType.CREDENTIALS;
+		}
+
+    	@Override
+		public void stop() {
+
+		}
     }
 
     public static class NullProvider extends AuthenticationProvider {
@@ -150,6 +231,16 @@
 		}
 
 		@Override
+		public void stop() {
+
+		}
+
+		@Override
+		public UserModel authenticate(HttpServletRequest httpRequest) {
+			return null;
+		}
+
+		@Override
 		public UserModel authenticate(String username, char[] password) {
 			return null;
 		}
@@ -160,23 +251,39 @@
 		}
 
 		@Override
+		public AuthenticationType getAuthenticationType() {
+			return null;
+		}
+
+		@Override
 		public boolean supportsCredentialChanges() {
-			return false;
+			return true;
 		}
 
 		@Override
 		public boolean supportsDisplayNameChanges() {
-			return false;
+			return true;
 		}
 
 		@Override
 		public boolean supportsEmailAddressChanges() {
-			return false;
+			return true;
 		}
 
 		@Override
 		public boolean supportsTeamMembershipChanges() {
-			return false;
+			return true;
 		}
+
+		@Override
+		public boolean supportsRoleChanges(UserModel user, Role role) {
+			return true;
+		}
+
+		@Override
+		public boolean supportsRoleChanges(TeamModel team, Role role) {
+			return true;
+		}
+
     }
 }

--
Gitblit v1.9.1