Examples of com.gitblit.models.UserModel

• com.gitblit.models.UserModel
  UserModel is a serializable model class that represents a user and the user's restricted repository memberships. Instances of UserModels are also used as servlet user principals. @author James Moger

  public boolean setUserAccessPermissions(RepositoryModel repository, Collection<RegistrantAccessPermission> permissions) {
    List<UserModel> users = new ArrayList<UserModel>();
    for (RegistrantAccessPermission up : permissions) {
      if (up.mutable) {
        // only set editable defined permissions
        UserModel user = userManager.getUserModel(up.registrant);
        user.setRepositoryPermission(repository.name, up.permission);
        users.add(user);
      }
    }
    return userManager.updateUserModels(users);
  }

    Map<String, ProjectModel> configs = getProjectConfigs();
    ProjectModel project = configs.get(name.toLowerCase());
    if (project == null) {
      project = new ProjectModel(name);
      if (ModelUtils.isPersonalRepository(name)) {
        UserModel user = userManager.getUserModel(ModelUtils.getUserNameFromRepoPath(name));
        if (user != null) {
          project.title = user.getDisplayName();
          project.description = "personal repositories";
        }
      }
    } else {
      // clone the object

  private Label descriptionPreview;

  public EditTicketPage(PageParameters params) {
    super(params);

    UserModel currentUser = GitBlitWebSession.get().getUser();
    if (currentUser == null) {
      currentUser = UserModel.ANONYMOUS;
    }

    long ticketId = 0L;
    try {
      String h = WicketUtils.getObject(params);
      ticketId = Long.parseLong(h);
    } catch (Exception e) {
      setResponsePage(TicketsPage.class, WicketUtils.newRepositoryParameter(repositoryName));
    }

    TicketModel ticket = app().tickets().getTicket(getRepositoryModel(), ticketId);
    if (ticket == null
        || !currentUser.canEdit(ticket, getRepositoryModel())
        || !app().tickets().isAcceptingTicketUpdates(getRepositoryModel())) {
      setResponsePage(TicketsPage.class, WicketUtils.newObjectParameter(repositoryName, "" + ticketId));

      // create a placeholder object so we don't trigger NPEs
      ticket = new TicketModel();
    }

    typeModel = Model.of(ticket.type);
    titleModel = Model.of(ticket.title);
    topicModel = Model.of(ticket.topic == null ? "" : ticket.topic);
    responsibleModel = Model.of();
    milestoneModel = Model.of();
    mergeToModel = Model.of(ticket.mergeTo == null ? getRepositoryModel().mergeTo : ticket.mergeTo);
    statusModel = Model.of(ticket.status);

    setStatelessHint(false);
    setOutputMarkupId(true);

    Form<Void> form = new Form<Void>("editForm");
    add(form);

    List<Type> typeChoices;
    if (ticket.isProposal()) {
      typeChoices = Arrays.asList(Type.Proposal);
    } else {
      typeChoices = Arrays.asList(TicketModel.Type.choices());
    }
    form.add(new DropDownChoice<TicketModel.Type>("type", typeModel, typeChoices));

    form.add(new TextField<String>("title", titleModel));
    form.add(new TextField<String>("topic", topicModel));

    final IModel<String> markdownPreviewModel = new Model<String>();
    descriptionPreview = new Label("descriptionPreview", markdownPreviewModel);
    descriptionPreview.setEscapeModelStrings(false);
    descriptionPreview.setOutputMarkupId(true);
    form.add(descriptionPreview);

    descriptionEditor = new MarkdownTextArea("description", markdownPreviewModel, descriptionPreview);
    descriptionEditor.setRepository(repositoryName);
    descriptionEditor.setText(ticket.body);
    form.add(descriptionEditor);

    // status
    List<Status> statusChoices;
    if (ticket.isClosed()) {
      statusChoices = Arrays.asList(ticket.status, Status.Open);
    } else if (ticket.isProposal()) {
      statusChoices = Arrays.asList(TicketModel.Status.proposalWorkflow);
    } else if (ticket.isBug()) {
      statusChoices = Arrays.asList(TicketModel.Status.bugWorkflow);
    } else {
      statusChoices = Arrays.asList(TicketModel.Status.requestWorkflow);
    }
    Fragment status = new Fragment("status", "statusFragment", this);
    status.add(new DropDownChoice<TicketModel.Status>("status", statusModel, statusChoices));
    form.add(status);

    if (currentUser.canAdmin(ticket, getRepositoryModel())) {
      // responsible
      Set<String> userlist = new TreeSet<String>(ticket.getParticipants());

      if (UserModel.ANONYMOUS.canPush(getRepositoryModel())) {
        // anonymous push
        userlist.addAll(app().users().getAllUsernames());
      } else {
        // authenticated push
        for (RegistrantAccessPermission rp : app().repositories().getUserAccessPermissions(getRepositoryModel())) {
          if (rp.permission.atLeast(AccessPermission.PUSH) && !rp.isTeam()) {
            userlist.add(rp.registrant);
          }
        }
      }

      List<TicketResponsible> responsibles = new ArrayList<TicketResponsible>();
      for (String username : userlist) {
        UserModel user = app().users().getUserModel(username);
        if (user != null && !user.disabled) {
          TicketResponsible responsible = new TicketResponsible(user);
          responsibles.add(responsible);
          if (user.username.equals(ticket.responsible)) {
            responsibleModel.setObject(responsible);

            repository.name, cmd.getRefName(), user.username));

        // responsible verification
        String responsible = PatchsetCommand.getSingleOption(cmd, PatchsetCommand.RESPONSIBLE);
        if (!StringUtils.isEmpty(responsible)) {
          UserModel assignee = gitblit.getUserModel(responsible);
          if (assignee == null) {
            // no account by this name
            sendRejection(cmd, "{0} can not be assigned any tickets because there is no user account by that name", responsible);
            continue;
          } else if (!assignee.canPush(repository)) {
            // account does not have RW permissions
            sendRejection(cmd, "{0} ({1}) can not be assigned any tickets because the user does not have RW permissions for {2}",
                assignee.getDisplayName(), assignee.username, repository.name);
            continue;
          }
        }

        // milestone verification
        String milestone = PatchsetCommand.getSingleOption(cmd, PatchsetCommand.MILESTONE);
        if (!StringUtils.isEmpty(milestone)) {
          TicketMilestone milestoneModel = ticketService.getMilestone(repository, milestone);
          if (milestoneModel == null) {
            // milestone does not exist
            sendRejection(cmd, "Sorry, \"{0}\" is not a valid milestone!", milestone);
            continue;
          }
        }

        // watcher verification
        List<String> watchers = PatchsetCommand.getOptions(cmd, PatchsetCommand.WATCH);
        if (!ArrayUtils.isEmpty(watchers)) {
          boolean verified = true;
          for (String watcher : watchers) {
            UserModel user = gitblit.getUserModel(watcher);
            if (user == null) {
              // watcher does not exist
              sendRejection(cmd, "Sorry, \"{0}\" is not a valid username for the watch list!", watcher);
              verified = false;
              break;

  private Label descriptionPreview;

  public NewTicketPage(PageParameters params) {
    super(params);

    UserModel currentUser = GitBlitWebSession.get().getUser();
    if (currentUser == null) {
      currentUser = UserModel.ANONYMOUS;
    }

    if (!currentUser.isAuthenticated || !app().tickets().isAcceptingNewTickets(getRepositoryModel())) {
      // tickets prohibited
      setResponsePage(TicketsPage.class, WicketUtils.newRepositoryParameter(repositoryName));
    }

    typeModel = Model.of(TicketModel.Type.defaultType);
    titleModel = Model.of();
    topicModel = Model.of();
    mergeToModel = Model.of(Repository.shortenRefName(getRepositoryModel().mergeTo));
    responsibleModel = Model.of();
    milestoneModel = Model.of();

    setStatelessHint(false);
    setOutputMarkupId(true);

    Form<Void> form = new Form<Void>("editForm");
    add(form);

    form.add(new DropDownChoice<TicketModel.Type>("type", typeModel, Arrays.asList(TicketModel.Type.choices())));
    form.add(new TextField<String>("title", titleModel));
    form.add(new TextField<String>("topic", topicModel));

    final IModel<String> markdownPreviewModel = new Model<String>();
    descriptionPreview = new Label("descriptionPreview", markdownPreviewModel);
    descriptionPreview.setEscapeModelStrings(false);
    descriptionPreview.setOutputMarkupId(true);
    form.add(descriptionPreview);

    descriptionEditor = new MarkdownTextArea("description", markdownPreviewModel, descriptionPreview);
    descriptionEditor.setRepository(repositoryName);
    form.add(descriptionEditor);

    if (currentUser.canAdmin(null, getRepositoryModel())) {
      // responsible
      List<TicketResponsible> responsibles = new ArrayList<TicketResponsible>();
      if (UserModel.ANONYMOUS.canPush(getRepositoryModel())) {
        // anonymous push allowed
        for (UserModel user : app().users().getAllUsers()) {
          if (!user.disabled) {
            responsibles.add(new TicketResponsible(user));
          }
        }
      } else {
        // authenticated push
        for (RegistrantAccessPermission rp : app().repositories().getUserAccessPermissions(getRepositoryModel())) {
          if (rp.permission.atLeast(AccessPermission.PUSH) && !rp.isTeam()) {
            UserModel user = app().users().getUserModel(rp.registrant);
            if (user != null && !user.disabled) {
              responsibles.add(new TicketResponsible(user));
            }
          }
        }

public class LogoutPage extends BasePage {

  public LogoutPage() {
    super();
    GitBlitWebSession session = GitBlitWebSession.get();
    UserModel user = session.getUser();
    app().authentication().logout(((WebResponse) getResponse()).getHttpServletResponse(), user);
    session.invalidate();

    /*
     * Now check whether the authentication was realized via the Authorization in the header.

        && !app().settings().getBoolean(Keys.web.authenticateViewPages, false)) {
      // no authentication enabled
      throw new RestartResponseException(getApplication().getHomePage());
    }

    UserModel user = GitBlitWebSession.get().getUser();
    if (!app().authentication().supportsCredentialChanges(user)) {
      error(MessageFormat.format(getString("gb.userServiceDoesNotPermitPasswordChanges"),
          app().settings().getString(Keys.realm.userService, "${baseFolder}/users.conf")), true);
    }

    setupPage(getString("gb.changePassword"), user.username);

    StatelessForm<Void> form = new StatelessForm<Void>("passwordForm") {

      private static final long serialVersionUID = 1L;

      @Override
      public void onSubmit() {
        String password = ChangePasswordPage.this.password.getObject();
        String confirmPassword = ChangePasswordPage.this.confirmPassword.getObject();
        // ensure passwords match
        if (!password.equals(confirmPassword)) {
          error(getString("gb.passwordsDoNotMatch"));
          return;
        }

        // ensure password satisfies minimum length requirement
        int minLength = app().settings().getInteger(Keys.realm.minPasswordLength, 5);
        if (minLength < 4) {
          minLength = 4;
        }
        if (password.length() < minLength) {
          error(MessageFormat.format(getString("gb.passwordTooShort"), minLength));
          return;
        }

        UserModel user = GitBlitWebSession.get().getUser();

        // convert to MD5 digest, if appropriate
        String type = app().settings().getString(Keys.realm.passwordStorage, "md5");
        if (type.equalsIgnoreCase("md5")) {
          // store MD5 digest of password

  /**
   * Delete the user and all associated public ssh keys.
   */
  @Override
  public boolean deleteUser(String username) {
    UserModel user = userManager.getUserModel(username);
    return deleteUserModel(user);
  }

          // then use the email address of the user. this is the original
          // behavior as contributed by github/mallowlabs
          username = current.user.mail;
        }

        UserModel user = userManager.getUserModel(username);
        if (user == null) {
          // create user object for new authenticated user
          user = new UserModel(username.toLowerCase());
        }

        // create a user cookie
        setCookie(user, password);

      Principal principal = httpRequest.getUserPrincipal();
      if (principal != null) {
        String username = principal.getName();
        if (!StringUtils.isEmpty(username)) {
          boolean internalAccount = userManager.isInternalAccount(username);
          UserModel user = userManager.getUserModel(username);
          if (user != null) {
            // existing user
            flagWicketSession(AuthenticationType.CONTAINER);
            logger.debug(MessageFormat.format("{0} authenticated by servlet container principal from {1}",
                user.username, httpRequest.getRemoteAddr()));
            return validateAuthentication(user, AuthenticationType.CONTAINER);
          } else if (settings.getBoolean(Keys.realm.container.autoCreateAccounts, false)
              && !internalAccount) {
            // auto-create user from an authenticated container principal
            user = new UserModel(username.toLowerCase());
            user.displayName = username;
            user.password = Constants.EXTERNAL_ACCOUNT;
            user.accountType = AccountType.CONTAINER;
            userManager.updateUserModel(user);
            flagWicketSession(AuthenticationType.CONTAINER);
            logger.debug(MessageFormat.format("{0} authenticated and created by servlet container principal from {1}",
                user.username, httpRequest.getRemoteAddr()));
            return validateAuthentication(user, AuthenticationType.CONTAINER);
          } else if (!internalAccount) {
            logger.warn(MessageFormat.format("Failed to find UserModel for {0}, attempted servlet container authentication from {1}",
                principal.getName(), httpRequest.getRemoteAddr()));
          }
        }
      }
    }

    // try to authenticate by certificate
    boolean checkValidity = settings.getBoolean(Keys.git.enforceCertificateValidity, true);
    String [] oids = settings.getStrings(Keys.git.certificateUsernameOIDs).toArray(new String[0]);
    UserModel model = HttpUtils.getUserModelFromCertificate(httpRequest, checkValidity, oids);
    if (model != null) {
      // grab real user model and preserve certificate serial number
      UserModel user = userManager.getUserModel(model.username);
      X509Metadata metadata = HttpUtils.getCertificateMetadata(httpRequest);
      if (user != null) {
        flagWicketSession(AuthenticationType.CERTIFICATE);
        logger.debug(MessageFormat.format("{0} authenticated by client certificate {1} from {2}",
            user.username, metadata.serialNumber, httpRequest.getRemoteAddr()));
        return validateAuthentication(user, AuthenticationType.CERTIFICATE);
      } else {
        logger.warn(MessageFormat.format("Failed to find UserModel for {0}, attempted client certificate ({1}) authentication from {2}",
            model.username, metadata.serialNumber, httpRequest.getRemoteAddr()));
      }
    }

    if (requiresCertificate) {
      // caller requires client certificate authentication (e.g. git servlet)
      return null;
    }

    UserModel user = null;

    // try to authenticate by cookie
    String cookie = getCookie(httpRequest);
    if (!StringUtils.isEmpty(cookie)) {
      user = userManager.getUserModel(cookie.toCharArray());