From 9effe1630d97039b3e01cd9b58ed07e75be1d63c Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Mon, 25 Feb 2013 08:40:30 -0500
Subject: [PATCH] Merge pull request #75 from thefake/master

---
 src/com/gitblit/wicket/pages/BasePage.java |   17 ++++++++++++++---
 1 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/src/com/gitblit/wicket/pages/BasePage.java b/src/com/gitblit/wicket/pages/BasePage.java
index 5721adf..c733c99 100644
--- a/src/com/gitblit/wicket/pages/BasePage.java
+++ b/src/com/gitblit/wicket/pages/BasePage.java
@@ -98,6 +98,10 @@
 		return GitBlitWebSession.get().getLocale().getLanguage();
 	}
 	
+	protected String getCountryCode() {
+		return GitBlitWebSession.get().getLocale().getCountry().toLowerCase();
+	}
+	
 	protected TimeUtils getTimeUtils() {
 		if (timeUtils == null) {
 			ResourceBundle bundle;		
@@ -130,14 +134,21 @@
 	}	
 
 	private void login() {
+		GitBlitWebSession session = GitBlitWebSession.get();
+		if (session.isLoggedIn() && !session.isSessionInvalidated()) {
+			// already have a session, refresh usermodel to pick up
+			// any changes to permissions or roles (issue-186)
+			UserModel user = GitBlit.self().getUserModel(session.getUser().username);
+			session.setUser(user);
+			return;
+		}
+		
 		// try to authenticate by servlet request
 		HttpServletRequest httpRequest = ((WebRequest) getRequestCycle().getRequest()).getHttpServletRequest();
 		UserModel user = GitBlit.self().authenticate(httpRequest);
 
 		// Login the user
 		if (user != null) {
-			// Set the user into the session
-			GitBlitWebSession session = GitBlitWebSession.get();
 			// issue 62: fix session fixation vulnerability
 			session.replaceSession();
 			session.setUser(user);
@@ -425,7 +436,7 @@
 			GitBlitWebSession session = GitBlitWebSession.get();
 			if (session.isLoggedIn()) {				
 				UserModel user = session.getUser();
-				boolean editCredentials = GitBlit.self().supportsCredentialChanges();
+				boolean editCredentials = GitBlit.self().supportsCredentialChanges(user);
 				boolean standardLogin = session.authenticationType.isStandard();
 
 				// username, logout, and change password

--
Gitblit v1.9.1