From d03aff630cbcd49f02d51f08ec59ac3cf7f41d0e Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Sun, 23 Oct 2011 10:25:39 -0400
Subject: [PATCH] Separate management from administration in rpc servlet.

---
 src/com/gitblit/RpcServlet.java |   16 +++++++++++++++-
 1 files changed, 15 insertions(+), 1 deletions(-)

diff --git a/src/com/gitblit/RpcServlet.java b/src/com/gitblit/RpcServlet.java
index ceed35e..7cf3a59 100644
--- a/src/com/gitblit/RpcServlet.java
+++ b/src/com/gitblit/RpcServlet.java
@@ -29,6 +29,7 @@
 
 import com.gitblit.Constants.RpcRequest;
 import com.gitblit.models.RepositoryModel;
+import com.gitblit.models.SettingModel;
 import com.gitblit.models.UserModel;
 import com.gitblit.utils.HttpUtils;
 import com.gitblit.utils.RpcUtils;
@@ -182,7 +183,20 @@
 			}
 		} else if (RpcRequest.LIST_SETTINGS.equals(reqType)) {
 			// return the server's settings
-			result = GitBlit.self().getSettingsModel();
+			if (GitBlit.getBoolean(Keys.web.enableRpcAdministration, false)) {
+				result = GitBlit.self().getSettingsModel();
+			} else {
+				response.sendError(notAllowedCode);
+			}
+		} else if (RpcRequest.EDIT_SETTINGS.equals(reqType)) {
+			// update settings on the server
+			if (GitBlit.getBoolean(Keys.web.enableRpcAdministration, false)) {
+				Collection<SettingModel> settings = deserialize(request, response,
+						RpcUtils.SETTINGS_TYPE);
+				GitBlit.self().updateSettings(settings);
+			} else {
+				response.sendError(notAllowedCode);
+			}
 		} else if (RpcRequest.LIST_STATUS.equals(reqType)) {
 			// return the server's status information
 			result = GitBlit.self().getStatus();

--
Gitblit v1.9.1