| | |
|---|
| | |
|
|---|
| | | import com.gitblit.GitBlit;
|
|---|
| | | import com.gitblit.Keys;
|
|---|
| | | import com.gitblit.wicket.models.UserModel;
|
|---|
| | | import com.gitblit.models.UserModel;
|
|---|
| | | import com.gitblit.wicket.pages.BasePage;
|
|---|
| | | import com.gitblit.wicket.pages.RepositoriesPage;
|
|---|
| | |
|
|---|
| | | public class AuthorizationStrategy extends AbstractPageAuthorizationStrategy implements IUnauthorizedComponentInstantiationListener {
|
|---|
| | | public class AuthorizationStrategy extends AbstractPageAuthorizationStrategy implements
|
|---|
| | | IUnauthorizedComponentInstantiationListener {
|
|---|
| | |
|
|---|
| | | public AuthorizationStrategy() {
|
|---|
| | | }
|
|---|
| | |
|---|
| | | @SuppressWarnings({ "unchecked", "rawtypes" })
|
|---|
| | | @Override
|
|---|
| | | protected boolean isPageAuthorized(Class pageClass) {
|
|---|
| | | if (RepositoriesPage.class.equals(pageClass)) {
|
|---|
| | | // allow all requests to get to the RepositoriesPage with its inline
|
|---|
| | | // authentication form
|
|---|
| | | return true;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | if (BasePage.class.isAssignableFrom(pageClass)) {
|
|---|
| | | boolean authenticateView = GitBlit.self().settings().getBoolean(Keys.web.authenticateViewPages, true);
|
|---|
| | | boolean authenticateAdmin = GitBlit.self().settings().getBoolean(Keys.web.authenticateAdminPages, true);
|
|---|
| | | boolean allowAdmin = GitBlit.self().settings().getBoolean(Keys.web.allowAdministration, true);
|
|---|
| | | |
|---|
| | | GitBlitWebSession session = GitBlitWebSession.get(); |
|---|
| | | boolean authenticateView = GitBlit.getBoolean(Keys.web.authenticateViewPages, true);
|
|---|
| | | boolean authenticateAdmin = GitBlit.getBoolean(Keys.web.authenticateAdminPages, true);
|
|---|
| | | boolean allowAdmin = GitBlit.getBoolean(Keys.web.allowAdministration, true);
|
|---|
| | |
|
|---|
| | | GitBlitWebSession session = GitBlitWebSession.get();
|
|---|
| | | if (authenticateView && !session.isLoggedIn()) {
|
|---|
| | | // authentication required
|
|---|
| | | return false;
|
|---|
| | | }
|
|---|
| | | |
|---|
| | |
|
|---|
| | | UserModel user = session.getUser();
|
|---|
| | | if (pageClass.isAnnotationPresent(AdminPage.class)) {
|
|---|
| | | if (pageClass.isAnnotationPresent(RequiresAdminRole.class)) {
|
|---|
| | | // admin page
|
|---|
| | | if (allowAdmin) {
|
|---|
| | | if (authenticateAdmin) {
|
|---|
| | | // authenticate admin
|
|---|
| | | if (user != null) {
|
|---|
| | | return user.canAdmin();
|
|---|
| | | return user.canAdmin;
|
|---|
| | | }
|
|---|
| | | return false;
|
|---|
| | | } else {
|
|---|
| | |
|---|
| | | return true;
|
|---|
| | | }
|
|---|
| | | } else {
|
|---|
| | | //admin prohibited
|
|---|
| | | // admin prohibited
|
|---|
| | | return false;
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|---|
| | | @Override
|
|---|
| | | public void onUnauthorizedInstantiation(Component component) {
|
|---|
| | | if (component instanceof BasePage) {
|
|---|
| | | GitBlitWebSession session = GitBlitWebSession.get();
|
|---|
| | | if (!session.isLoggedIn())
|
|---|
| | | throw new RestartResponseAtInterceptPageException(LoginPage.class);
|
|---|
| | | else
|
|---|
| | | throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);
|
|---|
| | | throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | | }
|
|---|
