Improvements to handling internal accounts (anonymous, federation user)

diff --git a/src/main/java/com/gitblit/AuthenticationFilter.java b/src/main/java/com/gitblit/AuthenticationFilter.java
index 5319bf3af47e6c39e7c2a3473bdb8d8f7bb803d5..388452e490d5e71a8804503df4f41a46df04b2e2 100644 (file)
--- a/src/main/java/com/gitblit/AuthenticationFilter.java
+++ b/src/main/java/com/gitblit/AuthenticationFilter.java
@@ -36,6 +36,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;\r
 \r
 import com.gitblit.models.UserModel;\r
+import com.gitblit.utils.DeepCopier;\r
 import com.gitblit.utils.StringUtils;\r
 \r
 /**\r
@@ -151,8 +152,7 @@ public abstract class AuthenticationFilter implements Filter {
 \r
                public AuthenticatedRequest(HttpServletRequest req) {\r
                        super(req);\r
-                       user = new UserModel("anonymous");\r
-                       user.isAuthenticated = false;\r
+                       user = DeepCopier.copy(UserModel.ANONYMOUS);\r
                }\r
 \r
                UserModel getUser() {\r

diff --git a/src/main/java/com/gitblit/GitBlit.java b/src/main/java/com/gitblit/GitBlit.java
index 6285733bde11e52606b09717a6cc03894d3c23da..b6f7de46fd41480068c516f60524c2e80ffc9ba0 100644 (file)
--- a/src/main/java/com/gitblit/GitBlit.java
+++ b/src/main/java/com/gitblit/GitBlit.java
@@ -724,6 +724,18 @@ public class GitBlit implements ServletContextListener {
                return (user != null && user.isLocalAccount()) || userService.supportsTeamMembershipChanges();
        }
 
+       /**
+        * Returns true if the username represents an internal account
+        * 
+        * @param username
+        * @return true if the specified username represents an internal account
+        */
+       protected boolean isInternalAccount(String username) {
+               return !StringUtils.isEmpty(username)
+                               && (username.equalsIgnoreCase(Constants.FEDERATION_USER)
+                                               || username.equalsIgnoreCase(UserModel.ANONYMOUS.username));
+       }
+
        /**
         * Authenticate a user based on a username and password.
         * 
@@ -836,6 +848,7 @@ public class GitBlit implements ServletContextListener {
                if (principal != null) {
                        String username = principal.getName();
                        if (!StringUtils.isEmpty(username)) {
+                               boolean internalAccount = isInternalAccount(username);
                                UserModel user = getUserModel(username);
                                if (user != null) {
                                        // existing user
@@ -844,7 +857,7 @@ public class GitBlit implements ServletContextListener {
                                                        user.username, httpRequest.getRemoteAddr()));
                                        return user;
                                } else if (settings.getBoolean(Keys.realm.container.autoCreateAccounts, false)
-                                               && !username.equalsIgnoreCase(Constants.FEDERATION_USER)) {
+                                               && !internalAccount) {
                                        // auto-create user from an authenticated container principal
                                        user = new UserModel(username.toLowerCase());
                                        user.displayName = username;
@@ -854,7 +867,7 @@ public class GitBlit implements ServletContextListener {
                                        logger.debug(MessageFormat.format("{0} authenticated and created by servlet container principal from {1}",
                                                        user.username, httpRequest.getRemoteAddr()));
                                        return user;
-                               } else {
+                               } else if (!internalAccount) {
                                        logger.warn(MessageFormat.format("Failed to find UserModel for {0}, attempted servlet container authentication from {1}",
                                                        principal.getName(), httpRequest.getRemoteAddr()));
                                }
@@ -2933,8 +2946,7 @@ public class GitBlit implements ServletContextListener {
                String cloneUrl = sb.toString();
 
                // Retrieve all available repositories
-               UserModel user = new UserModel(Constants.FEDERATION_USER);
-               user.canAdmin = true;
+               UserModel user = getFederationUser();
                List<RepositoryModel> list = getRepositoryModels(user);
 
                // create the [cloneurl, repositoryModel] map

diff --git a/src/main/java/com/gitblit/utils/RefLogUtils.java b/src/main/java/com/gitblit/utils/RefLogUtils.java
index fed55caba3fcce564b4bc64ef0e7af3c3a8591ea..643fbc0fd0ac63e364644d203da629721bbbdeba 100644 (file)
--- a/src/main/java/com/gitblit/utils/RefLogUtils.java
+++ b/src/main/java/com/gitblit/utils/RefLogUtils.java
@@ -184,7 +184,7 @@ public class RefLogUtils {
                                PersonIdent ident;
                                if (UserModel.ANONYMOUS.equals(user)) {
                                        // anonymous push
-                                       ident = new PersonIdent("anonymous", "anonymous");
+                                       ident = new PersonIdent(user.username + "/" + user.username, user.username);
                                } else {
                                        // construct real pushing account
                                        ident = new PersonIdent(MessageFormat.format("{0}/{1}", user.getDisplayName(), user.username),

diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp.properties
index bca0dc0d1ed6e09c158118f07d3d7aa1dda440cc..e550c936aebe50167595f212912be4981fbe7531 100644 (file)
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp.properties
@@ -500,4 +500,5 @@ gb.starredAndOwned = starred & owned
 gb.reviewPatchset = review {0} patchset {1}
 gb.todaysActivityStats = today / {1} commits by {2} authors
 gb.todaysActivityNone = today / none
-gb.noActivityToday = there has been no activity today
\ No newline at end of file
+gb.noActivityToday = there has been no activity today
+gb.anonymousUser= anonymous
\ No newline at end of file

diff --git a/src/main/java/com/gitblit/wicket/panels/ReflogPanel.java b/src/main/java/com/gitblit/wicket/panels/ReflogPanel.java
index 048ce1b0e96f4da07e60ef0726a012d9907ed65f..b0a947903b752b95d2ef6720c4a40eb1ccdfc532 100644 (file)
--- a/src/main/java/com/gitblit/wicket/panels/ReflogPanel.java
+++ b/src/main/java/com/gitblit/wicket/panels/ReflogPanel.java
@@ -37,6 +37,7 @@ import com.gitblit.Keys;
 import com.gitblit.models.RefLogEntry;\r
 import com.gitblit.models.RepositoryCommit;\r
 import com.gitblit.models.RepositoryModel;\r
+import com.gitblit.models.UserModel;\r
 import com.gitblit.utils.RefLogUtils;\r
 import com.gitblit.utils.StringUtils;\r
 import com.gitblit.utils.TimeUtils;\r
@@ -163,6 +164,9 @@ public class ReflogPanel extends BasePanel {
                                if (change.user.username.equals(change.user.emailAddress) && change.user.emailAddress.indexOf('@') > -1) {\r
                                        // username is an email address - 1.2.1 push log bug\r
                                        changeItem.add(new Label("whoChanged", change.user.getDisplayName()));\r
+                               } else if (change.user.username.equals(UserModel.ANONYMOUS.username)) {\r
+                                       // anonymous change\r
+                                       changeItem.add(new Label("whoChanged", getString("gb.anonymousUser")));\r
                                } else {\r
                                        // link to user account page\r
                                        changeItem.add(new LinkPanel("whoChanged", null, change.user.getDisplayName(),\r