From 13417cf9c6eec555b51da49742e47939d2f5715b Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 19 Oct 2012 22:47:33 -0400
Subject: [PATCH] Exclude submodules from zip downloads (issue 151)

---
 src/com/gitblit/AuthenticationFilter.java |   12 ++++++++----
 1 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/com/gitblit/AuthenticationFilter.java b/src/com/gitblit/AuthenticationFilter.java
index 6b7a0af..4762c42 100644
--- a/src/com/gitblit/AuthenticationFilter.java
+++ b/src/com/gitblit/AuthenticationFilter.java
@@ -33,11 +33,11 @@
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
-import org.eclipse.jgit.util.Base64;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import com.gitblit.models.UserModel;
+import com.gitblit.utils.Base64;
 import com.gitblit.utils.StringUtils;
 
 /**
@@ -103,7 +103,7 @@
 			String credentials = new String(Base64.decode(base64Credentials),
 					Charset.forName("UTF-8"));
 			// credentials = username:password
-			final String[] values = credentials.split(":");
+			final String[] values = credentials.split(":",2);
 
 			if (values.length == 2) {
 				String username = values[0];
@@ -170,8 +170,9 @@
 		public AuthenticatedRequest(HttpServletRequest req) {
 			super(req);
 			user = new UserModel("anonymous");
+			user.isAuthenticated = false;
 		}
-		
+
 		UserModel getUser() {
 			return user;
 		}
@@ -188,8 +189,11 @@
 		@Override
 		public boolean isUserInRole(String role) {
 			if (role.equals(Constants.ADMIN_ROLE)) {
-				return user.canAdmin;
+				return user.canAdmin();
 			}
+			// Gitblit does not currently use actual roles in the traditional
+			// servlet container sense.  That is the reason this is marked
+			// deprecated, but I may want to revisit this.
 			return user.canAccessRepository(role);
 		}
 

--
Gitblit v1.9.1