From 8c8f1f537b62a608e9ef01b70bec5a8df4dc8e8a Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 16 Jan 2013 07:57:18 -0500
Subject: [PATCH] Escape metacharacters for settings updates

---
 src/com/gitblit/wicket/pages/ChangePasswordPage.java |    9 ++++++++-
 1 files changed, 8 insertions(+), 1 deletions(-)

diff --git a/src/com/gitblit/wicket/pages/ChangePasswordPage.java b/src/com/gitblit/wicket/pages/ChangePasswordPage.java
index 4fb5d23..c401420 100644
--- a/src/com/gitblit/wicket/pages/ChangePasswordPage.java
+++ b/src/com/gitblit/wicket/pages/ChangePasswordPage.java
@@ -50,7 +50,14 @@
 			// no authentication enabled
 			throw new RestartResponseException(getApplication().getHomePage());
 		}
-		setupPage(getString("gb.changePassword"), GitBlitWebSession.get().getUser().username);
+		
+		UserModel user = GitBlitWebSession.get().getUser();		
+		if (!GitBlit.self().supportsCredentialChanges(user)) {
+			error(MessageFormat.format(getString("gb.userServiceDoesNotPermitPasswordChanges"),
+					GitBlit.getString(Keys.realm.userService, "${baseFolder}/users.conf")), true);
+		}
+		
+		setupPage(getString("gb.changePassword"), user.username);
 
 		StatelessForm<Void> form = new StatelessForm<Void>("passwordForm") {
 

--
Gitblit v1.9.1