From 7ab32b65fcb20ca68d7afc357befb3a34de662bf Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 28 Jan 2014 13:16:37 -0500
Subject: [PATCH] issue-361: Reset user cookie after administrative password change

---
 src/main/java/com/gitblit/ConfigUserService.java |   21 ++++++++++++++-------
 1 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/src/main/java/com/gitblit/ConfigUserService.java b/src/main/java/com/gitblit/ConfigUserService.java
index aae7c14..e865225 100644
--- a/src/main/java/com/gitblit/ConfigUserService.java
+++ b/src/main/java/com/gitblit/ConfigUserService.java
@@ -216,18 +216,22 @@
 				// null check on "final" teams because JSON-sourced UserModel
 				// can have a null teams object
 				if (model.teams != null) {
+					Set<TeamModel> userTeams = new HashSet<TeamModel>();
 					for (TeamModel team : model.teams) {
 						TeamModel t = teams.get(team.name.toLowerCase());
 						if (t == null) {
 							// new team
-							team.addUser(model.username);
-							teams.put(team.name.toLowerCase(), team);
-						} else {
-							// do not clobber existing team definition
-							// maybe because this is a federated user
-							t.addUser(model.username);
+							t = team;
+							teams.put(team.name.toLowerCase(), t);
 						}
+						// do not clobber existing team definition
+						// maybe because this is a federated user
+						t.addUser(model.username);
+						userTeams.add(t);
 					}
+					// replace Team-Models in users by new ones.
+					model.teams.clear();
+					model.teams.addAll(userTeams);
 
 					// check for implicit team removal
 					if (originalUser != null) {
@@ -268,6 +272,9 @@
 			}
 			read();
 			originalUser = users.remove(username.toLowerCase());
+			if (originalUser != null) {
+				cookies.remove(originalUser.cookie);
+			}
 			users.put(model.username.toLowerCase(), model);
 			// null check on "final" teams because JSON-sourced UserModel
 			// can have a null teams object
@@ -859,7 +866,7 @@
 					user.emailAddress = config.getString(USER, username, EMAILADDRESS);
 					user.accountType = AccountType.fromString(config.getString(USER, username, ACCOUNTTYPE));
 					if (Constants.EXTERNAL_ACCOUNT.equals(user.password) && user.accountType.isLocal()) {
-						user.accountType = null;
+						user.accountType = AccountType.EXTERNAL;
 					}
 					user.organizationalUnit = config.getString(USER, username, ORGANIZATIONALUNIT);
 					user.organization = config.getString(USER, username, ORGANIZATION);

--
Gitblit v1.9.1