Require admin permissions to view the filestore page

diff --git a/src/main/java/com/gitblit/wicket/pages/FilestorePage.java b/src/main/java/com/gitblit/wicket/pages/FilestorePage.java
index 5f103edd0c0a08b6100398e8a4642758fa63aad4..97d5f25b7466a7c29d8a9f8f24a541b82fed00f8 100644 (file)
--- a/src/main/java/com/gitblit/wicket/pages/FilestorePage.java
+++ b/src/main/java/com/gitblit/wicket/pages/FilestorePage.java
@@ -29,51 +29,41 @@ import org.apache.wicket.markup.repeater.data.DataView;
 import org.apache.wicket.markup.repeater.data.ListDataProvider;
 
 import com.gitblit.Constants;
-import com.gitblit.Keys;
 import com.gitblit.models.FilestoreModel;
 import com.gitblit.models.UserModel;
 import com.gitblit.wicket.FilestoreUI;
-import com.gitblit.wicket.GitBlitWebSession;
+import com.gitblit.wicket.RequiresAdminRole;
 import com.gitblit.wicket.WicketUtils;
 
 /**
  * Page to display the current status of the filestore.
- * Certain errors also displayed to aid in fault finding  
+ * Certain errors also displayed to aid in fault finding
  *
  * @author Paul Martin
- *
- *
  */
+@RequiresAdminRole
 public class FilestorePage extends RootPage {
 
        public FilestorePage() {
                super();
                setupPage("", "");
-               // check to see if we should display a login message
-               boolean authenticateView = app().settings().getBoolean(Keys.web.authenticateViewPages, true);
-               if (authenticateView && !GitBlitWebSession.get().isLoggedIn()) {
-                       String messageSource = app().settings().getString(Keys.web.loginMessage, "gitblit");
-                       return;
-               }
-               
+
                final List<FilestoreModel> files = app().filestore().getAllObjects();
                final long nBytesUsed = app().filestore().getFilestoreUsedByteCount();
                final long nBytesAvailable = app().filestore().getFilestoreAvailableByteCount();
-               
-               // Load the markdown welcome message
-               String messageSource = app().settings().getString(Keys.web.repositoriesMessage, "gitblit");
-               String message = MessageFormat.format(getString("gb.filestoreStats"), files.size(), 
-                               FileUtils.byteCountToDisplaySize(nBytesUsed), FileUtils.byteCountToDisplaySize(nBytesAvailable) ); 
+
+               String message = MessageFormat.format(getString("gb.filestoreStats"), files.size(),
+                               FileUtils.byteCountToDisplaySize(nBytesUsed), FileUtils.byteCountToDisplaySize(nBytesAvailable) );
 
                Component repositoriesMessage = new Label("repositoriesMessage", message)
                                .setEscapeModelStrings(false).setVisible(message.length() > 0);
-               
+
                add(repositoriesMessage);
-               
+
                BookmarkablePageLink<Void> helpLink = new BookmarkablePageLink<Void>("filestoreHelp", FilestoreUsage.class);
                helpLink.add(new Label("helpMessage", getString("gb.filestoreHelp")));
                add(helpLink);
-               
+
 
                DataView<FilestoreModel> filesView = new DataView<FilestoreModel>("fileRow",
                                new ListDataProvider<FilestoreModel>(files)) {
@@ -89,26 +79,26 @@ public class FilestorePage extends RootPage {
                        @Override
                        public void populateItem(final Item<FilestoreModel> item) {
                                final FilestoreModel entry = item.getModelObject();
-                               
+
                                DateFormat dateFormater = new SimpleDateFormat(Constants.ISO8601);
-                               
+
                                UserModel user = app().users().getUserModel(entry.getChangedBy());
                                user = user == null ? UserModel.ANONYMOUS : user;
-                               
+
                                Label icon = FilestoreUI.getStatusIcon("status", entry);
                                item.add(icon);
                                item.add(new Label("on", dateFormater.format(entry.getChangedOn())));
                                item.add(new Label("by", user.getDisplayName()));
-                               
+
                                item.add(new Label("oid", entry.oid));
-                               item.add(new Label("size", FileUtils.byteCountToDisplaySize(entry.getSize())));                         
-                               
+                               item.add(new Label("size", FileUtils.byteCountToDisplaySize(entry.getSize())));
+
                                WicketUtils.setAlternatingBackground(item, counter);
                                counter++;
                        }
 
                };
-               
+
                add(filesView);
        }
 }

diff --git a/src/main/java/com/gitblit/wicket/pages/RootPage.java b/src/main/java/com/gitblit/wicket/pages/RootPage.java
index b48f7224d3c0194389929c22c1ebb31ece373fd5..6ed5a357ba19f09a2b3eaa395395ec44d78c2a6e 100644 (file)
--- a/src/main/java/com/gitblit/wicket/pages/RootPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/RootPage.java
@@ -185,6 +185,11 @@ public abstract class RootPage extends BasePage {
                // navigation links
                List<NavLink> navLinks = new ArrayList<NavLink>();
                if (!authenticateView || (authenticateView && isLoggedIn)) {
+                       UserModel user = UserModel.ANONYMOUS;
+                       if (isLoggedIn) {
+                               user = GitBlitWebSession.get().getUser();
+                       }
+
                        navLinks.add(new PageNavLink(isLoggedIn ? "gb.myDashboard" : "gb.dashboard", MyDashboardPage.class,
                                        getRootPageParameters()));
                        if (isLoggedIn && app().tickets().isReady()) {
@@ -192,7 +197,9 @@ public abstract class RootPage extends BasePage {
                        }
                        navLinks.add(new PageNavLink("gb.repositories", RepositoriesPage.class,
                                        getRootPageParameters()));
-                       navLinks.add(new PageNavLink("gb.filestore", FilestorePage.class, getRootPageParameters()));
+                       if (user.canAdmin()) {
+                               navLinks.add(new PageNavLink("gb.filestore", FilestorePage.class, getRootPageParameters()));
+                       }
                        navLinks.add(new PageNavLink("gb.activity", ActivityPage.class, getRootPageParameters()));
                        if (allowLucene) {
                                navLinks.add(new PageNavLink("gb.search", LuceneSearchPage.class));
@@ -202,11 +209,6 @@ public abstract class RootPage extends BasePage {
                                addDropDownMenus(navLinks);
                        }
 
-                       UserModel user = UserModel.ANONYMOUS;
-                       if (isLoggedIn) {
-                               user = GitBlitWebSession.get().getUser();
-                       }
-
                        // add nav link extensions
                        List<NavLinkExtension> extensions = app().plugins().getExtensions(NavLinkExtension.class);
                        for (NavLinkExtension ext : extensions) {
@@ -568,7 +570,7 @@ public abstract class RootPage extends BasePage {
                                        char[] password = RootPage.this.password.getObject().toCharArray();
 
                                        HttpServletRequest request = ((WebRequest)RequestCycle.get().getRequest()).getHttpServletRequest();
-                                       
+
                                        UserModel user = app().authentication().authenticate(username, password, request.getRemoteAddr());
                                        if (user == null) {
                                                error(getString("gb.invalidUsernameOrPassword"));