githubFork/gitblit.git - Solinfo Gitblit

			@@ -26,7 +26,6 @@
			import java.awt.event.KeyEvent;
			import java.text.MessageFormat;
			import java.util.ArrayList;
			import java.util.Arrays;
			import java.util.HashSet;
			import java.util.List;
			import java.util.Set;
			@@ -54,6 +53,8 @@
			public class EditUserDialog extends JDialog {

			private static final long serialVersionUID = 1L;

			private final String username;

			private final UserModel user;

			@@ -85,6 +86,7 @@

			public EditUserDialog(UserModel anUser, ServerSettings settings) {
			super();
			this.username = anUser.username;
			this.user = new UserModel("");
			this.settings = settings;
			this.usernames = new HashSet<String>();
			@@ -188,41 +190,70 @@
			return false;
			}

			boolean rename = false;
			// verify username uniqueness on create
			if (isCreate) {
			if (usernames.contains(uname.toLowerCase())) {
			error(MessageFormat.format("Username ''{0}'' is unavailable.", uname));
			return false;
			}
			} else {
			// check rename collision
			rename = !StringUtils.isEmpty(username) && !username.equalsIgnoreCase(uname);
			if (rename) {
			if (usernames.contains(uname.toLowerCase())) {
			error(MessageFormat.format(
			"Failed to rename ''{0}'' because ''{1}'' already exists.", username,
			uname));
			return false;
			}
			}
			}
			user.username = uname;

			int minLength = settings.get(Keys.realm.minPasswordLength).getInteger(5);
			if (minLength < 4) {
			minLength = 4;
			}
			char[] pw = passwordField.getPassword();
			if (pw == null \|\| pw.length < minLength) {

			String password = new String(passwordField.getPassword());
			if (StringUtils.isEmpty(password) \|\| password.length() < minLength) {
			error(MessageFormat.format("Password is too short. Minimum length is {0} characters.",
			minLength));
			return false;
			}
			char[] cpw = confirmPasswordField.getPassword();
			if (cpw == null \|\| cpw.length != pw.length) {
			error("Please confirm the password!");
			if (!password.toUpperCase().startsWith(StringUtils.MD5_TYPE)
			&& !password.toUpperCase().startsWith(StringUtils.COMBINED_MD5_TYPE)) {
			String cpw = new String(confirmPasswordField.getPassword());
			if (cpw == null \|\| cpw.length() != password.length()) {
			error("Please confirm the password!");
			return false;
			}
			if (!password.equals(cpw)) {
			error("Passwords do not match!");
			return false;
			}

			String type = settings.get(Keys.realm.passwordStorage).getString("md5");
			if (type.equalsIgnoreCase("md5")) {
			// store MD5 digest of password
			user.password = StringUtils.MD5_TYPE + StringUtils.getMD5(password);
			} else if (type.equalsIgnoreCase("combined-md5")) {
			// store MD5 digest of username+password
			user.password = StringUtils.COMBINED_MD5_TYPE
			+ StringUtils.getMD5(username.toLowerCase() + password);
			} else {
			// plain-text password
			user.password = password;
			}
			} else if (rename && password.toUpperCase().startsWith(StringUtils.COMBINED_MD5_TYPE)) {
			error("Gitblit is configured for combined-md5 password hashing. You must enter a new password on account rename.");
			return false;
			}
			if (!Arrays.equals(pw, cpw)) {
			error("Passwords do not match!");
			return false;
			}
			user.username = uname;
			String type = settings.get(Keys.realm.passwordStorage).getString("md5");
			if (type.equalsIgnoreCase("md5")) {
			// store MD5 digest of password
			user.password = StringUtils.MD5_TYPE + StringUtils.getMD5(new String(pw));
			} else {
			user.password = new String(pw);
			// no change in password
			user.password = password;
			}

			user.canAdmin = canAdminCheckbox.isSelected();
			user.excludeFromFederation = notFederatedCheckbox.isSelected();