From f76fee63ed9cb3a30d3c0c092d860b1cb93a481b Mon Sep 17 00:00:00 2001
From: Gerard Smyth <gerard.smyth@gmail.com>
Date: Thu, 08 May 2014 13:09:30 -0400
Subject: [PATCH] Updated the SyndicationServlet to provide an additional option to return details of the tags in the repository instead of the commits. This uses a new 'ot' request parameter to indicate the object type of the content to return, which can be ither TAG or COMMIT. If this is not provided, then COMMIT is assumed to maintain backwards compatability. If tags are returned, then the paging parameters, 'l' and 'pg' are still supported, but searching options are currently ignored.
---
src/main/java/com/gitblit/ConfigUserService.java | 376 +++++++++++++++++------------------------------------
1 files changed, 120 insertions(+), 256 deletions(-)
diff --git a/src/main/java/com/gitblit/ConfigUserService.java b/src/main/java/com/gitblit/ConfigUserService.java
index 8a6c92f..9b4dd7f 100644
--- a/src/main/java/com/gitblit/ConfigUserService.java
+++ b/src/main/java/com/gitblit/ConfigUserService.java
@@ -35,6 +35,8 @@
import org.slf4j.LoggerFactory;
import com.gitblit.Constants.AccessPermission;
+import com.gitblit.Constants.AccountType;
+import com.gitblit.manager.IRuntimeManager;
import com.gitblit.models.TeamModel;
import com.gitblit.models.UserModel;
import com.gitblit.models.UserRepositoryPreferences;
@@ -45,16 +47,16 @@
/**
* ConfigUserService is Gitblit's default user service implementation since
* version 0.8.0.
- *
+ *
* Users and their repository memberships are stored in a git-style config file
* which is cached and dynamically reloaded when modified. This file is
* plain-text, human-readable, and may be edited with a text editor.
- *
+ *
* Additionally, this format allows for expansion of the user model without
* bringing in the complexity of a database.
- *
+ *
* @author James Moger
- *
+ *
*/
public class ConfigUserService implements IUserService {
@@ -63,21 +65,21 @@
private static final String USER = "user";
private static final String PASSWORD = "password";
-
+
private static final String DISPLAYNAME = "displayName";
-
+
private static final String EMAILADDRESS = "emailAddress";
-
+
private static final String ORGANIZATIONALUNIT = "organizationalUnit";
-
+
private static final String ORGANIZATION = "organization";
-
+
private static final String LOCALITY = "locality";
-
+
private static final String STATEPROVINCE = "stateProvince";
-
+
private static final String COUNTRYCODE = "countryCode";
-
+
private static final String COOKIE = "cookie";
private static final String REPOSITORY = "repository";
@@ -89,10 +91,14 @@
private static final String PRERECEIVE = "preReceiveScript";
private static final String POSTRECEIVE = "postReceiveScript";
-
+
private static final String STARRED = "starred";
-
+
private static final String LOCALE = "locale";
+
+ private static final String ACCOUNTTYPE = "accountType";
+
+ private static final String DISABLED = "disabled";
private final File realmFile;
@@ -105,7 +111,7 @@
private final Map<String, TeamModel> teams = new ConcurrentHashMap<String, TeamModel>();
private volatile long lastModified;
-
+
private volatile boolean forceReload;
public ConfigUserService(File realmFile) {
@@ -114,91 +120,40 @@
/**
* Setup the user service.
- *
- * @param settings
- * @since 0.7.0
+ *
+ * @param runtimeManager
+ * @since 1.4.0
*/
@Override
- public void setup(IStoredSettings settings) {
- }
-
- /**
- * Does the user service support changes to credentials?
- *
- * @return true or false
- * @since 1.0.0
- */
- @Override
- public boolean supportsCredentialChanges() {
- return true;
- }
-
- /**
- * Does the user service support changes to user display name?
- *
- * @return true or false
- * @since 1.0.0
- */
- @Override
- public boolean supportsDisplayNameChanges() {
- return true;
- }
-
- /**
- * Does the user service support changes to user email address?
- *
- * @return true or false
- * @since 1.0.0
- */
- @Override
- public boolean supportsEmailAddressChanges() {
- return true;
- }
-
- /**
- * Does the user service support changes to team memberships?
- *
- * @return true or false
- * @since 1.0.0
- */
- public boolean supportsTeamMembershipChanges() {
- return true;
- }
-
- /**
- * Does the user service support cookie authentication?
- *
- * @return true or false
- */
- @Override
- public boolean supportsCookies() {
- return true;
+ public void setup(IRuntimeManager runtimeManager) {
}
/**
* Returns the cookie value for the specified user.
- *
+ *
* @param model
* @return cookie value
*/
@Override
- public String getCookie(UserModel model) {
+ public synchronized String getCookie(UserModel model) {
if (!StringUtils.isEmpty(model.cookie)) {
return model.cookie;
}
- read();
- UserModel storedModel = users.get(model.username.toLowerCase());
+ UserModel storedModel = getUserModel(model.username);
+ if (storedModel == null) {
+ return null;
+ }
return storedModel.cookie;
}
/**
- * Authenticate a user based on their cookie.
- *
+ * Gets the user object for the specified cookie.
+ *
* @param cookie
* @return a user object or null
*/
@Override
- public UserModel authenticate(char[] cookie) {
+ public synchronized UserModel getUserModel(char[] cookie) {
String hash = new String(cookie);
if (StringUtils.isEmpty(hash)) {
return null;
@@ -208,61 +163,23 @@
if (cookies.containsKey(hash)) {
model = cookies.get(hash);
}
+
+ if (model != null) {
+ // clone the model, otherwise all changes to this object are
+ // live and unpersisted
+ model = DeepCopier.copy(model);
+ }
return model;
}
/**
- * Authenticate a user based on a username and password.
- *
- * @param username
- * @param password
- * @return a user object or null
- */
- @Override
- public UserModel authenticate(String username, char[] password) {
- read();
- UserModel returnedUser = null;
- UserModel user = getUserModel(username);
- if (user == null) {
- return null;
- }
- if (user.password.startsWith(StringUtils.MD5_TYPE)) {
- // password digest
- String md5 = StringUtils.MD5_TYPE + StringUtils.getMD5(new String(password));
- if (user.password.equalsIgnoreCase(md5)) {
- returnedUser = user;
- }
- } else if (user.password.startsWith(StringUtils.COMBINED_MD5_TYPE)) {
- // username+password digest
- String md5 = StringUtils.COMBINED_MD5_TYPE
- + StringUtils.getMD5(username.toLowerCase() + new String(password));
- if (user.password.equalsIgnoreCase(md5)) {
- returnedUser = user;
- }
- } else if (user.password.equals(new String(password))) {
- // plain-text password
- returnedUser = user;
- }
- return returnedUser;
- }
-
- /**
- * Logout a user.
- *
- * @param user
- */
- @Override
- public void logout(UserModel user) {
- }
-
- /**
* Retrieve the user object for the specified username.
- *
+ *
* @param username
* @return a user object or null
*/
@Override
- public UserModel getUserModel(String username) {
+ public synchronized UserModel getUserModel(String username) {
read();
UserModel model = users.get(username.toLowerCase());
if (model != null) {
@@ -275,24 +192,24 @@
/**
* Updates/writes a complete user object.
- *
+ *
* @param model
* @return true if update is successful
*/
@Override
- public boolean updateUserModel(UserModel model) {
+ public synchronized boolean updateUserModel(UserModel model) {
return updateUserModel(model.username, model);
}
/**
* Updates/writes all specified user objects.
- *
+ *
* @param models a list of user models
* @return true if update is successful
* @since 1.2.0
*/
@Override
- public boolean updateUserModels(Collection<UserModel> models) {
+ public synchronized boolean updateUserModels(Collection<UserModel> models) {
try {
read();
for (UserModel model : models) {
@@ -301,18 +218,22 @@
// null check on "final" teams because JSON-sourced UserModel
// can have a null teams object
if (model.teams != null) {
+ Set<TeamModel> userTeams = new HashSet<TeamModel>();
for (TeamModel team : model.teams) {
TeamModel t = teams.get(team.name.toLowerCase());
if (t == null) {
// new team
- team.addUser(model.username);
- teams.put(team.name.toLowerCase(), team);
- } else {
- // do not clobber existing team definition
- // maybe because this is a federated user
- t.addUser(model.username);
+ t = team;
+ teams.put(team.name.toLowerCase(), t);
}
+ // do not clobber existing team definition
+ // maybe because this is a federated user
+ t.addUser(model.username);
+ userTeams.add(t);
}
+ // replace Team-Models in users by new ones.
+ model.teams.clear();
+ model.teams.addAll(userTeams);
// check for implicit team removal
if (originalUser != null) {
@@ -336,7 +257,7 @@
/**
* Updates/writes and replaces a complete user object keyed by username.
* This method allows for renaming a user.
- *
+ *
* @param username
* the old username
* @param model
@@ -344,11 +265,18 @@
* @return true if update is successful
*/
@Override
- public boolean updateUserModel(String username, UserModel model) {
+ public synchronized boolean updateUserModel(String username, UserModel model) {
UserModel originalUser = null;
try {
+ if (!model.isLocalAccount()) {
+ // do not persist password
+ model.password = Constants.EXTERNAL_ACCOUNT;
+ }
read();
originalUser = users.remove(username.toLowerCase());
+ if (originalUser != null) {
+ cookies.remove(originalUser.cookie);
+ }
users.put(model.username.toLowerCase(), model);
// null check on "final" teams because JSON-sourced UserModel
// can have a null teams object
@@ -394,23 +322,23 @@
/**
* Deletes the user object from the user service.
- *
+ *
* @param model
* @return true if successful
*/
@Override
- public boolean deleteUserModel(UserModel model) {
+ public synchronized boolean deleteUserModel(UserModel model) {
return deleteUser(model.username);
}
/**
* Delete the user object with the specified username
- *
+ *
* @param username
* @return true if successful
*/
@Override
- public boolean deleteUser(String username) {
+ public synchronized boolean deleteUser(String username) {
try {
// Read realm file
read();
@@ -441,12 +369,12 @@
/**
* Returns the list of all teams available to the login service.
- *
+ *
* @return list of all teams
* @since 0.8.0
*/
@Override
- public List<String> getAllTeamNames() {
+ public synchronized List<String> getAllTeamNames() {
read();
List<String> list = new ArrayList<String>(teams.keySet());
Collections.sort(list);
@@ -455,12 +383,12 @@
/**
* Returns the list of all teams available to the login service.
- *
+ *
* @return list of all teams
* @since 0.8.0
*/
@Override
- public List<TeamModel> getAllTeams() {
+ public synchronized List<TeamModel> getAllTeams() {
read();
List<TeamModel> list = new ArrayList<TeamModel>(teams.values());
list = DeepCopier.copy(list);
@@ -471,13 +399,13 @@
/**
* Returns the list of all users who are allowed to bypass the access
* restriction placed on the specified repository.
- *
+ *
* @param role
* the repository name
* @return list of all usernames that can bypass the access restriction
*/
@Override
- public List<String> getTeamnamesForRepositoryRole(String role) {
+ public synchronized List<String> getTeamNamesForRepositoryRole(String role) {
List<String> list = new ArrayList<String>();
try {
read();
@@ -495,53 +423,14 @@
}
/**
- * Sets the list of all teams who are allowed to bypass the access
- * restriction placed on the specified repository.
- *
- * @param role
- * the repository name
- * @param teamnames
- * @return true if successful
- */
- @Override
- public boolean setTeamnamesForRepositoryRole(String role, List<String> teamnames) {
- try {
- Set<String> specifiedTeams = new HashSet<String>();
- for (String teamname : teamnames) {
- specifiedTeams.add(teamname.toLowerCase());
- }
-
- read();
-
- // identify teams which require add or remove role
- for (TeamModel team : teams.values()) {
- // team has role, check against revised team list
- if (specifiedTeams.contains(team.name.toLowerCase())) {
- team.addRepositoryPermission(role);
- } else {
- // remove role from team
- team.removeRepositoryPermission(role);
- }
- }
-
- // persist changes
- write();
- return true;
- } catch (Throwable t) {
- logger.error(MessageFormat.format("Failed to set teams for role {0}!", role), t);
- }
- return false;
- }
-
- /**
* Retrieve the team object for the specified team name.
- *
+ *
* @param teamname
* @return a team object or null
* @since 0.8.0
*/
@Override
- public TeamModel getTeamModel(String teamname) {
+ public synchronized TeamModel getTeamModel(String teamname) {
read();
TeamModel model = teams.get(teamname.toLowerCase());
if (model != null) {
@@ -554,25 +443,25 @@
/**
* Updates/writes a complete team object.
- *
+ *
* @param model
* @return true if update is successful
* @since 0.8.0
*/
@Override
- public boolean updateTeamModel(TeamModel model) {
+ public synchronized boolean updateTeamModel(TeamModel model) {
return updateTeamModel(model.name, model);
}
/**
* Updates/writes all specified team objects.
- *
+ *
* @param models a list of team models
* @return true if update is successful
* @since 1.2.0
*/
@Override
- public boolean updateTeamModels(Collection<TeamModel> models) {
+ public synchronized boolean updateTeamModels(Collection<TeamModel> models) {
try {
read();
for (TeamModel team : models) {
@@ -589,7 +478,7 @@
/**
* Updates/writes and replaces a complete team object keyed by teamname.
* This method allows for renaming a team.
- *
+ *
* @param teamname
* the old teamname
* @param model
@@ -598,7 +487,7 @@
* @since 0.8.0
*/
@Override
- public boolean updateTeamModel(String teamname, TeamModel model) {
+ public synchronized boolean updateTeamModel(String teamname, TeamModel model) {
TeamModel original = null;
try {
read();
@@ -621,25 +510,25 @@
/**
* Deletes the team object from the user service.
- *
+ *
* @param model
* @return true if successful
* @since 0.8.0
*/
@Override
- public boolean deleteTeamModel(TeamModel model) {
+ public synchronized boolean deleteTeamModel(TeamModel model) {
return deleteTeam(model.name);
}
/**
* Delete the team object with the specified teamname
- *
+ *
* @param teamname
* @return true if successful
* @since 0.8.0
*/
@Override
- public boolean deleteTeam(String teamname) {
+ public synchronized boolean deleteTeam(String teamname) {
try {
// Read realm file
read();
@@ -654,41 +543,41 @@
/**
* Returns the list of all users available to the login service.
- *
+ *
* @return list of all usernames
*/
@Override
- public List<String> getAllUsernames() {
+ public synchronized List<String> getAllUsernames() {
read();
List<String> list = new ArrayList<String>(users.keySet());
Collections.sort(list);
return list;
}
-
+
/**
* Returns the list of all users available to the login service.
- *
+ *
* @return list of all usernames
*/
@Override
- public List<UserModel> getAllUsers() {
+ public synchronized List<UserModel> getAllUsers() {
read();
List<UserModel> list = new ArrayList<UserModel>(users.values());
list = DeepCopier.copy(list);
Collections.sort(list);
return list;
- }
+ }
/**
* Returns the list of all users who are allowed to bypass the access
* restriction placed on the specified repository.
- *
+ *
* @param role
* the repository name
* @return list of all usernames that can bypass the access restriction
*/
@Override
- public List<String> getUsernamesForRepositoryRole(String role) {
+ public synchronized List<String> getUsernamesForRepositoryRole(String role) {
List<String> list = new ArrayList<String>();
try {
read();
@@ -706,54 +595,14 @@
}
/**
- * Sets the list of all uses who are allowed to bypass the access
- * restriction placed on the specified repository.
- *
- * @param role
- * the repository name
- * @param usernames
- * @return true if successful
- */
- @Override
- @Deprecated
- public boolean setUsernamesForRepositoryRole(String role, List<String> usernames) {
- try {
- Set<String> specifiedUsers = new HashSet<String>();
- for (String username : usernames) {
- specifiedUsers.add(username.toLowerCase());
- }
-
- read();
-
- // identify users which require add or remove role
- for (UserModel user : users.values()) {
- // user has role, check against revised user list
- if (specifiedUsers.contains(user.username.toLowerCase())) {
- user.addRepositoryPermission(role);
- } else {
- // remove role from user
- user.removeRepositoryPermission(role);
- }
- }
-
- // persist changes
- write();
- return true;
- } catch (Throwable t) {
- logger.error(MessageFormat.format("Failed to set usernames for role {0}!", role), t);
- }
- return false;
- }
-
- /**
* Renames a repository role.
- *
+ *
* @param oldRole
* @param newRole
* @return true if successful
*/
@Override
- public boolean renameRepositoryRole(String oldRole, String newRole) {
+ public synchronized boolean renameRepositoryRole(String oldRole, String newRole) {
try {
read();
// identify users which require role rename
@@ -783,12 +632,12 @@
/**
* Removes a repository role from all users.
- *
+ *
* @param role
* @return true if successful
*/
@Override
- public boolean deleteRepositoryRole(String role) {
+ public synchronized boolean deleteRepositoryRole(String role) {
try {
read();
@@ -813,7 +662,7 @@
/**
* Writes the properties file.
- *
+ *
* @throws IOException
*/
private synchronized void write() throws IOException {
@@ -836,6 +685,9 @@
if (!StringUtils.isEmpty(model.emailAddress)) {
config.setString(USER, model.username, EMAILADDRESS, model.emailAddress);
}
+ if (model.accountType != null) {
+ config.setString(USER, model.username, ACCOUNTTYPE, model.accountType.name());
+ }
if (!StringUtils.isEmpty(model.organizationalUnit)) {
config.setString(USER, model.username, ORGANIZATIONALUNIT, model.organizationalUnit);
}
@@ -850,6 +702,9 @@
}
if (!StringUtils.isEmpty(model.countryCode)) {
config.setString(USER, model.username, COUNTRYCODE, model.countryCode);
+ }
+ if (model.disabled) {
+ config.setBoolean(USER, model.username, DISABLED, true);
}
if (model.getPreferences() != null) {
if (!StringUtils.isEmpty(model.getPreferences().locale)) {
@@ -889,7 +744,7 @@
}
config.setStringList(USER, model.username, REPOSITORY, permissions);
}
-
+
// user preferences
if (model.getPreferences() != null) {
List<String> starred = model.getPreferences().getStarredRepositories();
@@ -918,7 +773,10 @@
roles.add(Constants.NO_ROLE);
}
config.setStringList(TEAM, model.name, ROLE, roles);
-
+ if (model.accountType != null) {
+ config.setString(TEAM, model.name, ACCOUNTTYPE, model.accountType.name());
+ }
+
if (!model.canAdmin) {
// write team permission for non-admin teams
if (model.permissions == null) {
@@ -1008,16 +866,21 @@
Set<String> usernames = config.getSubsections(USER);
for (String username : usernames) {
UserModel user = new UserModel(username.toLowerCase());
- user.password = config.getString(USER, username, PASSWORD);
+ user.password = config.getString(USER, username, PASSWORD);
user.displayName = config.getString(USER, username, DISPLAYNAME);
user.emailAddress = config.getString(USER, username, EMAILADDRESS);
+ user.accountType = AccountType.fromString(config.getString(USER, username, ACCOUNTTYPE));
+ if (Constants.EXTERNAL_ACCOUNT.equals(user.password) && user.accountType.isLocal()) {
+ user.accountType = AccountType.EXTERNAL;
+ }
+ user.disabled = config.getBoolean(USER, username, DISABLED, false);
user.organizationalUnit = config.getString(USER, username, ORGANIZATIONALUNIT);
user.organization = config.getString(USER, username, ORGANIZATION);
user.locality = config.getString(USER, username, LOCALITY);
user.stateProvince = config.getString(USER, username, STATEPROVINCE);
user.countryCode = config.getString(USER, username, COUNTRYCODE);
user.cookie = config.getString(USER, username, COOKIE);
- user.getPreferences().locale = config.getString(USER, username, LOCALE);
+ user.getPreferences().locale = config.getString(USER, username, LOCALE);
if (StringUtils.isEmpty(user.cookie) && !StringUtils.isEmpty(user.password)) {
user.cookie = StringUtils.getSHA1(user.username + user.password);
}
@@ -1064,7 +927,8 @@
team.canAdmin = roles.contains(Constants.ADMIN_ROLE);
team.canFork = roles.contains(Constants.FORK_ROLE);
team.canCreate = roles.contains(Constants.CREATE_ROLE);
-
+ team.accountType = AccountType.fromString(config.getString(TEAM, teamname, ACCOUNTTYPE));
+
if (!team.canAdmin) {
// non-admin team, read permissions
team.addRepositoryPermissions(Arrays.asList(config.getStringList(TEAM, teamname,
--
Gitblit v1.9.1