githubFork/gitblit.git - Solinfo Gitblit

			@@ -37,6 +37,7 @@
			import com.gitblit.Constants.AccessPermission;
			import com.gitblit.models.TeamModel;
			import com.gitblit.models.UserModel;
			import com.gitblit.models.UserRepositoryPreferences;
			import com.gitblit.utils.ArrayUtils;
			import com.gitblit.utils.DeepCopier;
			import com.gitblit.utils.StringUtils;
			@@ -44,16 +45,16 @@
			/**
			* ConfigUserService is Gitblit's default user service implementation since
			* version 0.8.0.
			*
			*
			* Users and their repository memberships are stored in a git-style config file
			* which is cached and dynamically reloaded when modified. This file is
			* plain-text, human-readable, and may be edited with a text editor.
			*
			*
			* Additionally, this format allows for expansion of the user model without
			* bringing in the complexity of a database.
			*
			*
			* @author James Moger
			*
			*
			*/
			public class ConfigUserService implements IUserService {

			@@ -62,21 +63,21 @@
			private static final String USER = "user";

			private static final String PASSWORD = "password";


			private static final String DISPLAYNAME = "displayName";


			private static final String EMAILADDRESS = "emailAddress";


			private static final String ORGANIZATIONALUNIT = "organizationalUnit";


			private static final String ORGANIZATION = "organization";


			private static final String LOCALITY = "locality";


			private static final String STATEPROVINCE = "stateProvince";


			private static final String COUNTRYCODE = "countryCode";


			private static final String COOKIE = "cookie";

			private static final String REPOSITORY = "repository";
			@@ -89,6 +90,10 @@

			private static final String POSTRECEIVE = "postReceiveScript";

			private static final String STARRED = "starred";

			private static final String LOCALE = "locale";

			private final File realmFile;

			private final Logger logger = LoggerFactory.getLogger(ConfigUserService.class);
			@@ -100,7 +105,7 @@
			private final Map<String, TeamModel> teams = new ConcurrentHashMap<String, TeamModel>();

			private volatile long lastModified;


			private volatile boolean forceReload;

			public ConfigUserService(File realmFile) {
			@@ -109,7 +114,7 @@

			/**
			* Setup the user service.
			*
			*
			* @param settings
			* @since 0.7.0
			*/
			@@ -119,7 +124,7 @@

			/**
			* Does the user service support changes to credentials?
			*
			*
			* @return true or false
			* @since 1.0.0
			*/
			@@ -130,7 +135,7 @@

			/**
			* Does the user service support changes to user display name?
			*
			*
			* @return true or false
			* @since 1.0.0
			*/
			@@ -141,7 +146,7 @@

			/**
			* Does the user service support changes to user email address?
			*
			*
			* @return true or false
			* @since 1.0.0
			*/
			@@ -152,17 +157,18 @@

			/**
			* Does the user service support changes to team memberships?
			*
			*
			* @return true or false
			* @since 1.0.0
			*/
			*/
			@Override
			public boolean supportsTeamMembershipChanges() {
			return true;
			}


			/**
			* Does the user service support cookie authentication?
			*
			*
			* @return true or false
			*/
			@Override
			@@ -172,7 +178,7 @@

			/**
			* Returns the cookie value for the specified user.
			*
			*
			* @param model
			* @return cookie value
			*/
			@@ -181,19 +187,21 @@
			if (!StringUtils.isEmpty(model.cookie)) {
			return model.cookie;
			}
			read();
			UserModel storedModel = users.get(model.username.toLowerCase());
			UserModel storedModel = getUserModel(model.username);
			if (storedModel == null) {
			return null;
			}
			return storedModel.cookie;
			}

			/**
			* Authenticate a user based on their cookie.
			*
			*
			* @param cookie
			* @return a user object or null
			*/
			@Override
			public UserModel authenticate(char[] cookie) {
			public synchronized UserModel authenticate(char[] cookie) {
			String hash = new String(cookie);
			if (StringUtils.isEmpty(hash)) {
			return null;
			@@ -203,19 +211,24 @@
			if (cookies.containsKey(hash)) {
			model = cookies.get(hash);
			}

			if (model != null) {
			// clone the model, otherwise all changes to this object are
			// live and unpersisted
			model = DeepCopier.copy(model);
			}
			return model;
			}

			/**
			* Authenticate a user based on a username and password.
			*
			*
			* @param username
			* @param password
			* @return a user object or null
			*/
			@Override
			public UserModel authenticate(String username, char[] password) {
			read();
			UserModel returnedUser = null;
			UserModel user = getUserModel(username);
			if (user == null) {
			@@ -243,21 +256,21 @@

			/**
			* Logout a user.
			*
			*
			* @param user
			*/
			@Override
			public void logout(UserModel user) {
			public void logout(UserModel user) {
			}


			/**
			* Retrieve the user object for the specified username.
			*
			*
			* @param username
			* @return a user object or null
			*/
			@Override
			public UserModel getUserModel(String username) {
			public synchronized UserModel getUserModel(String username) {
			read();
			UserModel model = users.get(username.toLowerCase());
			if (model != null) {
			@@ -270,7 +283,7 @@

			/**
			* Updates/writes a complete user object.
			*
			*
			* @param model
			* @return true if update is successful
			*/
			@@ -281,13 +294,13 @@

			/**
			* Updates/writes all specified user objects.
			*
			*
			* @param models a list of user models
			* @return true if update is successful
			* @since 1.2.0
			*/
			@Override
			public boolean updateUserModels(Collection<UserModel> models) {
			public synchronized boolean updateUserModels(Collection<UserModel> models) {
			try {
			read();
			for (UserModel model : models) {
			@@ -305,7 +318,7 @@
			} else {
			// do not clobber existing team definition
			// maybe because this is a federated user
			t.addUser(model.username);
			t.addUser(model.username);
			}
			}

			@@ -331,7 +344,7 @@
			/**
			* Updates/writes and replaces a complete user object keyed by username.
			* This method allows for renaming a user.
			*
			*
			* @param username
			* the old username
			* @param model
			@@ -339,7 +352,7 @@
			* @return true if update is successful
			*/
			@Override
			public boolean updateUserModel(String username, UserModel model) {
			public synchronized boolean updateUserModel(String username, UserModel model) {
			UserModel originalUser = null;
			try {
			read();
			@@ -389,7 +402,7 @@

			/**
			* Deletes the user object from the user service.
			*
			*
			* @param model
			* @return true if successful
			*/
			@@ -400,12 +413,12 @@

			/**
			* Delete the user object with the specified username
			*
			*
			* @param username
			* @return true if successful
			*/
			@Override
			public boolean deleteUser(String username) {
			public synchronized boolean deleteUser(String username) {
			try {
			// Read realm file
			read();
			@@ -436,7 +449,7 @@

			/**
			* Returns the list of all teams available to the login service.
			*
			*
			* @return list of all teams
			* @since 0.8.0
			*/
			@@ -450,12 +463,12 @@

			/**
			* Returns the list of all teams available to the login service.
			*
			*
			* @return list of all teams
			* @since 0.8.0
			*/
			@Override
			public List<TeamModel> getAllTeams() {
			public synchronized List<TeamModel> getAllTeams() {
			read();
			List<TeamModel> list = new ArrayList<TeamModel>(teams.values());
			list = DeepCopier.copy(list);
			@@ -466,13 +479,13 @@
			/**
			* Returns the list of all users who are allowed to bypass the access
			* restriction placed on the specified repository.
			*
			*
			* @param role
			* the repository name
			* @return list of all usernames that can bypass the access restriction
			*/
			@Override
			public List<String> getTeamnamesForRepositoryRole(String role) {
			public synchronized List<String> getTeamnamesForRepositoryRole(String role) {
			List<String> list = new ArrayList<String>();
			try {
			read();
			@@ -492,14 +505,14 @@
			/**
			* Sets the list of all teams who are allowed to bypass the access
			* restriction placed on the specified repository.
			*
			*
			* @param role
			* the repository name
			* @param teamnames
			* @return true if successful
			*/
			@Override
			public boolean setTeamnamesForRepositoryRole(String role, List<String> teamnames) {
			public synchronized boolean setTeamnamesForRepositoryRole(String role, List<String> teamnames) {
			try {
			Set<String> specifiedTeams = new HashSet<String>();
			for (String teamname : teamnames) {
			@@ -530,13 +543,13 @@

			/**
			* Retrieve the team object for the specified team name.
			*
			*
			* @param teamname
			* @return a team object or null
			* @since 0.8.0
			*/
			@Override
			public TeamModel getTeamModel(String teamname) {
			public synchronized TeamModel getTeamModel(String teamname) {
			read();
			TeamModel model = teams.get(teamname.toLowerCase());
			if (model != null) {
			@@ -549,7 +562,7 @@

			/**
			* Updates/writes a complete team object.
			*
			*
			* @param model
			* @return true if update is successful
			* @since 0.8.0
			@@ -561,7 +574,7 @@

			/**
			* Updates/writes all specified team objects.
			*
			*
			* @param models a list of team models
			* @return true if update is successful
			* @since 1.2.0
			@@ -584,7 +597,7 @@
			/**
			* Updates/writes and replaces a complete team object keyed by teamname.
			* This method allows for renaming a team.
			*
			*
			* @param teamname
			* the old teamname
			* @param model
			@@ -616,7 +629,7 @@

			/**
			* Deletes the team object from the user service.
			*
			*
			* @param model
			* @return true if successful
			* @since 0.8.0
			@@ -628,7 +641,7 @@

			/**
			* Delete the team object with the specified teamname
			*
			*
			* @param teamname
			* @return true if successful
			* @since 0.8.0
			@@ -649,7 +662,7 @@

			/**
			* Returns the list of all users available to the login service.
			*
			*
			* @return list of all usernames
			*/
			@Override
			@@ -659,31 +672,31 @@
			Collections.sort(list);
			return list;
			}


			/**
			* Returns the list of all users available to the login service.
			*
			*
			* @return list of all usernames
			*/
			@Override
			public List<UserModel> getAllUsers() {
			public synchronized List<UserModel> getAllUsers() {
			read();
			List<UserModel> list = new ArrayList<UserModel>(users.values());
			list = DeepCopier.copy(list);
			Collections.sort(list);
			return list;
			}
			}

			/**
			* Returns the list of all users who are allowed to bypass the access
			* restriction placed on the specified repository.
			*
			*
			* @param role
			* the repository name
			* @return list of all usernames that can bypass the access restriction
			*/
			@Override
			public List<String> getUsernamesForRepositoryRole(String role) {
			public synchronized List<String> getUsernamesForRepositoryRole(String role) {
			List<String> list = new ArrayList<String>();
			try {
			read();
			@@ -703,7 +716,7 @@
			/**
			* Sets the list of all uses who are allowed to bypass the access
			* restriction placed on the specified repository.
			*
			*
			* @param role
			* the repository name
			* @param usernames
			@@ -711,7 +724,7 @@
			*/
			@Override
			@Deprecated
			public boolean setUsernamesForRepositoryRole(String role, List<String> usernames) {
			public synchronized boolean setUsernamesForRepositoryRole(String role, List<String> usernames) {
			try {
			Set<String> specifiedUsers = new HashSet<String>();
			for (String username : usernames) {
			@@ -742,13 +755,13 @@

			/**
			* Renames a repository role.
			*
			*
			* @param oldRole
			* @param newRole
			* @return true if successful
			*/
			@Override
			public boolean renameRepositoryRole(String oldRole, String newRole) {
			public synchronized boolean renameRepositoryRole(String oldRole, String newRole) {
			try {
			read();
			// identify users which require role rename
			@@ -778,12 +791,12 @@

			/**
			* Removes a repository role from all users.
			*
			*
			* @param role
			* @return true if successful
			*/
			@Override
			public boolean deleteRepositoryRole(String role) {
			public synchronized boolean deleteRepositoryRole(String role) {
			try {
			read();

			@@ -808,7 +821,7 @@

			/**
			* Writes the properties file.
			*
			*
			* @throws IOException
			*/
			private synchronized void write() throws IOException {
			@@ -846,6 +859,11 @@
			if (!StringUtils.isEmpty(model.countryCode)) {
			config.setString(USER, model.username, COUNTRYCODE, model.countryCode);
			}
			if (model.getPreferences() != null) {
			if (!StringUtils.isEmpty(model.getPreferences().locale)) {
			config.setString(USER, model.username, LOCALE, model.getPreferences().locale);
			}
			}

			// user roles
			List<String> roles = new ArrayList<String>();
			@@ -879,6 +897,14 @@
			}
			config.setStringList(USER, model.username, REPOSITORY, permissions);
			}

			// user preferences
			if (model.getPreferences() != null) {
			List<String> starred = model.getPreferences().getStarredRepositories();
			if (starred.size() > 0) {
			config.setStringList(USER, model.username, STARRED, starred);
			}
			}
			}

			// write teams
			@@ -900,7 +926,7 @@
			roles.add(Constants.NO_ROLE);
			}
			config.setStringList(TEAM, model.name, ROLE, roles);


			if (!model.canAdmin) {
			// write team permission for non-admin teams
			if (model.permissions == null) {
			@@ -990,7 +1016,7 @@
			Set<String> usernames = config.getSubsections(USER);
			for (String username : usernames) {
			UserModel user = new UserModel(username.toLowerCase());
			user.password = config.getString(USER, username, PASSWORD);
			user.password = config.getString(USER, username, PASSWORD);
			user.displayName = config.getString(USER, username, DISPLAYNAME);
			user.emailAddress = config.getString(USER, username, EMAILADDRESS);
			user.organizationalUnit = config.getString(USER, username, ORGANIZATIONALUNIT);
			@@ -999,6 +1025,7 @@
			user.stateProvince = config.getString(USER, username, STATEPROVINCE);
			user.countryCode = config.getString(USER, username, COUNTRYCODE);
			user.cookie = config.getString(USER, username, COOKIE);
			user.getPreferences().locale = config.getString(USER, username, LOCALE);
			if (StringUtils.isEmpty(user.cookie) && !StringUtils.isEmpty(user.password)) {
			user.cookie = StringUtils.getSHA1(user.username + user.password);
			}
			@@ -1021,6 +1048,14 @@
			}
			}

			// starred repositories
			Set<String> starred = new HashSet<String>(Arrays.asList(config
			.getStringList(USER, username, STARRED)));
			for (String repository : starred) {
			UserRepositoryPreferences prefs = user.getPreferences().getRepositoryPreferences(repository);
			prefs.starred = true;
			}

			// update cache
			users.put(user.username, user);
			if (!StringUtils.isEmpty(user.cookie)) {
			@@ -1037,7 +1072,7 @@
			team.canAdmin = roles.contains(Constants.ADMIN_ROLE);
			team.canFork = roles.contains(Constants.FORK_ROLE);
			team.canCreate = roles.contains(Constants.CREATE_ROLE);


			if (!team.canAdmin) {
			// non-admin team, read permissions
			team.addRepositoryPermissions(Arrays.asList(config.getStringList(TEAM, teamname,