From f22a0633d08e38ac4bf92b5165a708e11b4d6598 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 03 Oct 2012 17:31:37 -0400
Subject: [PATCH] Implemented support for toggling User.canFork in Manager

---
 src/com/gitblit/ConfigUserService.java |  179 +++++++++++++++++++++++++++++++++++++++++++++++++++++------
 1 files changed, 160 insertions(+), 19 deletions(-)

diff --git a/src/com/gitblit/ConfigUserService.java b/src/com/gitblit/ConfigUserService.java
index 7e4600c..f526835 100644
--- a/src/com/gitblit/ConfigUserService.java
+++ b/src/com/gitblit/ConfigUserService.java
@@ -35,6 +35,7 @@
 
 import com.gitblit.models.TeamModel;
 import com.gitblit.models.UserModel;
+import com.gitblit.utils.ArrayUtils;
 import com.gitblit.utils.DeepCopier;
 import com.gitblit.utils.StringUtils;
 
@@ -59,6 +60,12 @@
 	private static final String USER = "user";
 
 	private static final String PASSWORD = "password";
+	
+	private static final String DISPLAYNAME = "displayName";
+	
+	private static final String EMAILADDRESS = "emailAddress";
+	
+	private static final String COOKIE = "cookie";
 
 	private static final String REPOSITORY = "repository";
 
@@ -81,6 +88,8 @@
 	private final Map<String, TeamModel> teams = new ConcurrentHashMap<String, TeamModel>();
 
 	private volatile long lastModified;
+	
+	private volatile boolean forceReload;
 
 	public ConfigUserService(File realmFile) {
 		this.realmFile = realmFile;
@@ -96,6 +105,49 @@
 	public void setup(IStoredSettings settings) {
 	}
 
+	/**
+	 * Does the user service support changes to credentials?
+	 * 
+	 * @return true or false
+	 * @since 1.0.0
+	 */
+	@Override
+	public boolean supportsCredentialChanges() {
+		return true;
+	}
+
+	/**
+	 * Does the user service support changes to user display name?
+	 * 
+	 * @return true or false
+	 * @since 1.0.0
+	 */
+	@Override
+	public boolean supportsDisplayNameChanges() {
+		return true;
+	}
+
+	/**
+	 * Does the user service support changes to user email address?
+	 * 
+	 * @return true or false
+	 * @since 1.0.0
+	 */
+	@Override
+	public boolean supportsEmailAddressChanges() {
+		return true;
+	}
+
+	/**
+	 * Does the user service support changes to team memberships?
+	 * 
+	 * @return true or false
+	 * @since 1.0.0
+	 */	
+	public boolean supportsTeamMembershipChanges() {
+		return true;
+	}
+	
 	/**
 	 * Does the user service support cookie authentication?
 	 * 
@@ -113,11 +165,13 @@
 	 * @return cookie value
 	 */
 	@Override
-	public char[] getCookie(UserModel model) {
+	public String getCookie(UserModel model) {
+		if (!StringUtils.isEmpty(model.cookie)) {
+			return model.cookie;
+		}
 		read();
 		UserModel storedModel = users.get(model.username.toLowerCase());
-		String cookie = StringUtils.getSHA1(model.username + storedModel.password);
-		return cookie.toCharArray();
+		return storedModel.cookie;
 	}
 
 	/**
@@ -176,6 +230,15 @@
 	}
 
 	/**
+	 * Logout a user.
+	 * 
+	 * @param user
+	 */
+	@Override
+	public void logout(UserModel user) {	
+	}
+	
+	/**
 	 * Retrieve the user object for the specified username.
 	 * 
 	 * @param username
@@ -216,9 +279,10 @@
 	 */
 	@Override
 	public boolean updateUserModel(String username, UserModel model) {
+		UserModel originalUser = null;
 		try {
 			read();
-			UserModel oldUser = users.remove(username.toLowerCase());
+			originalUser = users.remove(username.toLowerCase());
 			users.put(model.username.toLowerCase(), model);
 			// null check on "final" teams because JSON-sourced UserModel
 			// can have a null teams object
@@ -238,8 +302,8 @@
 				}
 
 				// check for implicit team removal
-				if (oldUser != null) {
-					for (TeamModel team : oldUser.teams) {
+				if (originalUser != null) {
+					for (TeamModel team : originalUser.teams) {
 						if (!model.isTeamMember(team.name)) {
 							team.removeUser(username);
 						}
@@ -249,6 +313,13 @@
 			write();
 			return true;
 		} catch (Throwable t) {
+			if (originalUser != null) {
+				// restore original user
+				users.put(originalUser.username.toLowerCase(), originalUser);
+			} else {
+				// drop attempted add
+				users.remove(model.username.toLowerCase());
+			}
 			logger.error(MessageFormat.format("Failed to update user model {0}!", model.username),
 					t);
 		}
@@ -308,6 +379,21 @@
 	public List<String> getAllTeamNames() {
 		read();
 		List<String> list = new ArrayList<String>(teams.keySet());
+		Collections.sort(list);
+		return list;
+	}
+
+	/**
+	 * Returns the list of all teams available to the login service.
+	 * 
+	 * @return list of all teams
+	 * @since 0.8.0
+	 */
+	@Override
+	public List<TeamModel> getAllTeams() {
+		read();
+		List<TeamModel> list = new ArrayList<TeamModel>(teams.values());
+		list = DeepCopier.copy(list);
 		Collections.sort(list);
 		return list;
 	}
@@ -421,13 +507,21 @@
 	 */
 	@Override
 	public boolean updateTeamModel(String teamname, TeamModel model) {
+		TeamModel original = null;
 		try {
 			read();
-			teams.remove(teamname.toLowerCase());
+			original = teams.remove(teamname.toLowerCase());
 			teams.put(model.name.toLowerCase(), model);
 			write();
 			return true;
 		} catch (Throwable t) {
+			if (original != null) {
+				// restore original team
+				teams.put(original.name.toLowerCase(), original);
+			} else {
+				// drop attempted add
+				teams.remove(model.name.toLowerCase());
+			}
 			logger.error(MessageFormat.format("Failed to update team model {0}!", model.name), t);
 		}
 		return false;
@@ -478,6 +572,20 @@
 		Collections.sort(list);
 		return list;
 	}
+	
+	/**
+	 * Returns the list of all users available to the login service.
+	 * 
+	 * @return list of all usernames
+	 */
+	@Override
+	public List<UserModel> getAllUsers() {
+		read();
+		List<UserModel> list = new ArrayList<UserModel>(users.values());
+		list = DeepCopier.copy(list);
+		Collections.sort(list);
+		return list;
+	}	
 
 	/**
 	 * Returns the list of all users who are allowed to bypass the access
@@ -624,22 +732,42 @@
 
 		// write users
 		for (UserModel model : users.values()) {
-			config.setString(USER, model.username, PASSWORD, model.password);
+			if (!StringUtils.isEmpty(model.password)) {
+				config.setString(USER, model.username, PASSWORD, model.password);
+			}
+			if (!StringUtils.isEmpty(model.cookie)) {
+				config.setString(USER, model.username, COOKIE, model.cookie);
+			}
+			if (!StringUtils.isEmpty(model.displayName)) {
+				config.setString(USER, model.username, DISPLAYNAME, model.displayName);
+			}
+			if (!StringUtils.isEmpty(model.emailAddress)) {
+				config.setString(USER, model.username, EMAILADDRESS, model.emailAddress);
+			}
 
 			// user roles
 			List<String> roles = new ArrayList<String>();
 			if (model.canAdmin) {
 				roles.add(Constants.ADMIN_ROLE);
 			}
+			if (model.canFork) {
+				roles.add(Constants.FORK_ROLE);
+			}
 			if (model.excludeFromFederation) {
 				roles.add(Constants.NOT_FEDERATED_ROLE);
+			}
+			if (roles.size() == 0) {
+				// we do this to ensure that user record with no password
+				// is written.  otherwise, StoredConfig optimizes that account
+				// away. :(
+				roles.add(Constants.NO_ROLE);
 			}
 			config.setStringList(USER, model.username, ROLE, roles);
 
 			// repository memberships
 			// null check on "final" repositories because JSON-sourced UserModel
 			// can have a null repositories object
-			if (model.repositories != null) {
+			if (!ArrayUtils.isEmpty(model.repositories)) {
 				config.setStringList(USER, model.username, REPOSITORY, new ArrayList<String>(
 						model.repositories));
 			}
@@ -649,38 +777,41 @@
 		for (TeamModel model : teams.values()) {
 			// null check on "final" repositories because JSON-sourced TeamModel
 			// can have a null repositories object
-			if (model.repositories != null) {
+			if (!ArrayUtils.isEmpty(model.repositories)) {
 				config.setStringList(TEAM, model.name, REPOSITORY, new ArrayList<String>(
 						model.repositories));
 			}
 
 			// null check on "final" users because JSON-sourced TeamModel
 			// can have a null users object
-			if (model.users != null) {
+			if (!ArrayUtils.isEmpty(model.users)) {
 				config.setStringList(TEAM, model.name, USER, new ArrayList<String>(model.users));
 			}
 
 			// null check on "final" mailing lists because JSON-sourced
 			// TeamModel can have a null users object
-			if (model.mailingLists != null) {
+			if (!ArrayUtils.isEmpty(model.mailingLists)) {
 				config.setStringList(TEAM, model.name, MAILINGLIST, new ArrayList<String>(
 						model.mailingLists));
 			}
 
 			// null check on "final" preReceiveScripts because JSON-sourced
 			// TeamModel can have a null preReceiveScripts object
-			if (model.preReceiveScripts != null) {
+			if (!ArrayUtils.isEmpty(model.preReceiveScripts)) {
 				config.setStringList(TEAM, model.name, PRERECEIVE, model.preReceiveScripts);
 			}
 
 			// null check on "final" postReceiveScripts because JSON-sourced
 			// TeamModel can have a null postReceiveScripts object
-			if (model.postReceiveScripts != null) {
+			if (!ArrayUtils.isEmpty(model.postReceiveScripts)) {
 				config.setStringList(TEAM, model.name, POSTRECEIVE, model.postReceiveScripts);
 			}
 		}
 
 		config.save();
+		// manually set the forceReload flag because not all JVMs support real
+		// millisecond resolution of lastModified. (issue-55)
+		forceReload = true;
 
 		// If the write is successful, delete the current file and rename
 		// the temporary copy to the original filename.
@@ -705,7 +836,8 @@
 	 * Reads the realm file and rebuilds the in-memory lookup tables.
 	 */
 	protected synchronized void read() {
-		if (realmFile.exists() && (realmFile.lastModified() > lastModified)) {
+		if (realmFile.exists() && (forceReload || (realmFile.lastModified() != lastModified))) {
+			forceReload = false;
 			lastModified = realmFile.lastModified();
 			users.clear();
 			cookies.clear();
@@ -716,13 +848,20 @@
 				config.load();
 				Set<String> usernames = config.getSubsections(USER);
 				for (String username : usernames) {
-					UserModel user = new UserModel(username);
-					user.password = config.getString(USER, username, PASSWORD);
+					UserModel user = new UserModel(username.toLowerCase());
+					user.password = config.getString(USER, username, PASSWORD);					
+					user.displayName = config.getString(USER, username, DISPLAYNAME);
+					user.emailAddress = config.getString(USER, username, EMAILADDRESS);
+					user.cookie = config.getString(USER, username, COOKIE);
+					if (StringUtils.isEmpty(user.cookie) && !StringUtils.isEmpty(user.password)) {
+						user.cookie = StringUtils.getSHA1(user.username + user.password);
+					}
 
 					// user roles
 					Set<String> roles = new HashSet<String>(Arrays.asList(config.getStringList(
 							USER, username, ROLE)));
 					user.canAdmin = roles.contains(Constants.ADMIN_ROLE);
+					user.canFork = roles.contains(Constants.FORK_ROLE);
 					user.excludeFromFederation = roles.contains(Constants.NOT_FEDERATED_ROLE);
 
 					// repository memberships
@@ -733,8 +872,10 @@
 					}
 
 					// update cache
-					users.put(username, user);
-					cookies.put(StringUtils.getSHA1(username + user.password), user);
+					users.put(user.username, user);
+					if (!StringUtils.isEmpty(user.cookie)) {
+						cookies.put(user.cookie, user);
+					}
 				}
 
 				// load the teams

--
Gitblit v1.9.1