From 86bea9e0016b2890db8ba83049dd4e89653a0a5e Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 16 Mar 2012 17:29:39 -0400
Subject: [PATCH] Ensure that the welcome message is interpreted as UTF-8 (issue 74)

---
 src/com/gitblit/wicket/pages/EditUserPage.java |   93 +++++++++++++++++++++++++++++++++++++---------
 1 files changed, 74 insertions(+), 19 deletions(-)

diff --git a/src/com/gitblit/wicket/pages/EditUserPage.java b/src/com/gitblit/wicket/pages/EditUserPage.java
index fb647f7..3e14d08 100644
--- a/src/com/gitblit/wicket/pages/EditUserPage.java
+++ b/src/com/gitblit/wicket/pages/EditUserPage.java
@@ -17,13 +17,15 @@
 
 import java.text.MessageFormat;
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.Iterator;
 import java.util.List;
 
 import org.apache.wicket.PageParameters;
+import org.apache.wicket.behavior.SimpleAttributeModifier;
 import org.apache.wicket.extensions.markup.html.form.palette.Palette;
+import org.apache.wicket.markup.html.form.Button;
 import org.apache.wicket.markup.html.form.CheckBox;
-import org.apache.wicket.markup.html.form.ChoiceRenderer;
 import org.apache.wicket.markup.html.form.Form;
 import org.apache.wicket.markup.html.form.PasswordTextField;
 import org.apache.wicket.markup.html.form.TextField;
@@ -31,21 +33,21 @@
 import org.apache.wicket.model.Model;
 import org.apache.wicket.model.util.CollectionModel;
 import org.apache.wicket.model.util.ListModel;
-import org.eclipse.jetty.http.security.Credential.Crypt;
-import org.eclipse.jetty.http.security.Credential.MD5;
 
 import com.gitblit.Constants.AccessRestrictionType;
 import com.gitblit.GitBlit;
 import com.gitblit.GitBlitException;
 import com.gitblit.Keys;
 import com.gitblit.models.RepositoryModel;
+import com.gitblit.models.TeamModel;
 import com.gitblit.models.UserModel;
 import com.gitblit.utils.StringUtils;
 import com.gitblit.wicket.RequiresAdminRole;
+import com.gitblit.wicket.StringChoiceRenderer;
 import com.gitblit.wicket.WicketUtils;
 
 @RequiresAdminRole
-public class EditUserPage extends BasePage {
+public class EditUserPage extends RootSubPage {
 
 	private final boolean isCreate;
 
@@ -67,10 +69,11 @@
 
 	protected void setupPage(final UserModel userModel) {
 		if (isCreate) {
-			super.setupPage("", getString("gb.newUser"));
+			super.setupPage(getString("gb.newUser"), "");
 		} else {
-			super.setupPage("", getString("gb.edit"));
+			super.setupPage(getString("gb.edit"), userModel.username);
 		}
+
 		final Model<String> confirmPassword = new Model<String>(
 				StringUtils.isEmpty(userModel.password) ? "" : userModel.password);
 		CompoundPropertyModel<UserModel> model = new CompoundPropertyModel<UserModel>(userModel);
@@ -82,10 +85,19 @@
 				repos.add(repo);
 			}
 		}
+		List<String> userTeams = new ArrayList<String>();
+		for (TeamModel team : userModel.teams) {
+			userTeams.add(team.name);
+		}
+		Collections.sort(userTeams);
+		
 		final String oldName = userModel.username;
 		final Palette<String> repositories = new Palette<String>("repositories",
-				new ListModel<String>(userModel.repositories), new CollectionModel<String>(repos),
-				new ChoiceRenderer<String>("", ""), 10, false);
+				new ListModel<String>(new ArrayList<String>(userModel.repositories)),
+				new CollectionModel<String>(repos), new StringChoiceRenderer(), 10, false);
+		final Palette<String> teams = new Palette<String>("teams", new ListModel<String>(
+				new ArrayList<String>(userTeams)), new CollectionModel<String>(GitBlit.self()
+				.getAllTeamnames()), new StringChoiceRenderer(), 10, false);
 		Form<UserModel> form = new Form<UserModel>("editForm", model) {
 
 			private static final long serialVersionUID = 1L;
@@ -97,11 +109,13 @@
 			 */
 			@Override
 			protected void onSubmit() {
-				String username = userModel.username;
-				if (StringUtils.isEmpty(username)) {
+				if (StringUtils.isEmpty(userModel.username)) {
 					error("Please enter a username!");
 					return;
 				}
+				// force username to lower-case
+				userModel.username = userModel.username.toLowerCase();
+				String username = userModel.username;
 				if (isCreate) {
 					UserModel model = GitBlit.self().getUserModel(username);
 					if (model != null) {
@@ -109,13 +123,15 @@
 						return;
 					}
 				}
+				boolean rename = !StringUtils.isEmpty(oldName)
+						&& !oldName.equalsIgnoreCase(username);
 				if (!userModel.password.equals(confirmPassword.getObject())) {
 					error("Passwords do not match!");
 					return;
 				}
 				String password = userModel.password;
-				if (!password.toUpperCase().startsWith(Crypt.__TYPE)
-						&& !password.toUpperCase().startsWith(MD5.__TYPE)) {
+				if (!password.toUpperCase().startsWith(StringUtils.MD5_TYPE)
+						&& !password.toUpperCase().startsWith(StringUtils.COMBINED_MD5_TYPE)) {
 					// This is a plain text password.
 					// Check length.
 					int minLength = GitBlit.getInteger(Keys.realm.minPasswordLength, 5);
@@ -133,18 +149,39 @@
 					String type = GitBlit.getString(Keys.realm.passwordStorage, "md5");
 					if (type.equalsIgnoreCase("md5")) {
 						// store MD5 digest of password
-						userModel.password = MD5.digest(userModel.password);
+						userModel.password = StringUtils.MD5_TYPE
+								+ StringUtils.getMD5(userModel.password);
+					} else if (type.equalsIgnoreCase("combined-md5")) {
+						// store MD5 digest of username+password
+						userModel.password = StringUtils.COMBINED_MD5_TYPE
+								+ StringUtils.getMD5(username + userModel.password);
 					}
+				} else if (rename
+						&& password.toUpperCase().startsWith(StringUtils.COMBINED_MD5_TYPE)) {
+					error("Gitblit is configured for combined-md5 password hashing. You must enter a new password on account rename.");
+					return;
 				}
 
 				Iterator<String> selectedRepositories = repositories.getSelectedChoices();
 				List<String> repos = new ArrayList<String>();
 				while (selectedRepositories.hasNext()) {
-					repos.add(selectedRepositories.next());
+					repos.add(selectedRepositories.next().toLowerCase());
 				}
-				userModel.setRepositories(repos);
-				try {
-					GitBlit.self().editUserModel(oldName, userModel, isCreate);
+				userModel.repositories.clear();
+				userModel.repositories.addAll(repos);
+
+				Iterator<String> selectedTeams = teams.getSelectedChoices();
+				userModel.teams.clear();
+				while (selectedTeams.hasNext()) {
+					TeamModel team = GitBlit.self().getTeamModel(selectedTeams.next());
+					if (team == null) {
+						continue;
+					}
+					userModel.teams.add(team);
+				}
+
+				try {					
+					GitBlit.self().updateUserModel(oldName, userModel, isCreate);
 				} catch (GitBlitException e) {
 					error(e.getMessage());
 					return;
@@ -156,11 +193,14 @@
 							userModel.username));
 					setResponsePage(EditUserPage.class);
 				} else {
-					// back to home
-					setResponsePage(RepositoriesPage.class);
+					// back to users page
+					setResponsePage(UsersPage.class);
 				}
 			}
 		};
+		
+		// do not let the browser pre-populate these fields
+		form.add(new SimpleAttributeModifier("autocomplete", "off"));
 
 		// field names reflective match UserModel fields
 		form.add(new TextField<String>("username"));
@@ -172,7 +212,22 @@
 		confirmPasswordField.setResetPassword(false);
 		form.add(confirmPasswordField);
 		form.add(new CheckBox("canAdmin"));
+		form.add(new CheckBox("excludeFromFederation"));
 		form.add(repositories);
+		form.add(teams);
+
+		form.add(new Button("save"));
+		Button cancel = new Button("cancel") {
+			private static final long serialVersionUID = 1L;
+
+			@Override
+			public void onSubmit() {
+				setResponsePage(UsersPage.class);
+			}
+		};
+		cancel.setDefaultFormProcessing(false);
+		form.add(cancel);
+
 		add(form);
 	}
 }

--
Gitblit v1.9.1