\r
#### fixes\r
\r
+- Bypass Wicket's inability to handle direct url addressing of a view-restricted, grouped repository for new, unauthenticated sessions (e.g. click link from email or rss feed without having an active Wicket session)\r
- Fixed MailExecutor's failure to cope with mail server connection troubles resulting in 100% CPU usage\r
- Fixed generated urls in Groovy *sendmail* hook script for grouped repositories\r
- Fixed generated urls in RSS feeds for grouped repositories\r
package com.gitblit.wicket;\r
\r
import org.apache.wicket.Component;\r
-import org.apache.wicket.RestartResponseAtInterceptPageException;\r
+import org.apache.wicket.RestartResponseException;\r
import org.apache.wicket.authorization.IUnauthorizedComponentInstantiationListener;\r
import org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy;\r
\r
GitBlitWebSession session = GitBlitWebSession.get();\r
if (authenticateView && !session.isLoggedIn()) {\r
// authentication required\r
+ session.cacheRequest(pageClass);\r
return false;\r
}\r
\r
@Override\r
public void onUnauthorizedInstantiation(Component component) {\r
if (component instanceof BasePage) {\r
- throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);\r
+ throw new RestartResponseException(RepositoriesPage.class);\r
}\r
}\r
}\r
*/\r
package com.gitblit.wicket;\r
\r
+import java.util.Map;\r
import java.util.TimeZone;\r
\r
+import org.apache.wicket.Page;\r
+import org.apache.wicket.PageParameters;\r
+import org.apache.wicket.RedirectToUrlException;\r
import org.apache.wicket.Request;\r
import org.apache.wicket.Session;\r
+import org.apache.wicket.protocol.http.RequestUtils;\r
+import org.apache.wicket.protocol.http.WebRequestCycle;\r
import org.apache.wicket.protocol.http.WebSession;\r
import org.apache.wicket.protocol.http.request.WebClientInfo;\r
\r
private UserModel user;\r
\r
private String errorMessage;\r
-\r
+ \r
+ private String requestUrl;\r
+ \r
public GitBlitWebSession(Request request) {\r
super(request);\r
}\r
super.invalidate();\r
user = null;\r
}\r
+ \r
+ /**\r
+ * Cache the requested protected resource pending successful authentication.\r
+ * \r
+ * @param pageClass\r
+ */\r
+ public void cacheRequest(Class<? extends Page> pageClass) {\r
+ // build absolute url with correctly encoded parameters?!\r
+ Request req = WebRequestCycle.get().getRequest();\r
+ Map<String, ?> params = req.getRequestParameters().getParameters();\r
+ PageParameters pageParams = new PageParameters(params);\r
+ String relativeUrl = WebRequestCycle.get().urlFor(pageClass, pageParams).toString();\r
+ requestUrl = RequestUtils.toAbsolutePath(relativeUrl);\r
+ if (isTemporary())\r
+ {\r
+ // we must bind the temporary session into the session store\r
+ // so that we can re-use this session for reporting an error message\r
+ // on the redirected page and continuing the request after\r
+ // authentication.\r
+ bind();\r
+ }\r
+ }\r
+ \r
+ /**\r
+ * Continue any cached request. This is used when a request for a protected\r
+ * resource is aborted/redirected pending proper authentication. Gitblit\r
+ * no longer uses Wicket's built-in mechanism for this because of Wicket's\r
+ * failure to properly handle parameters with forward-slashes. This is a\r
+ * constant source of headaches with Wicket.\r
+ * \r
+ * @return false if there is no cached request to process\r
+ */\r
+ public boolean continueRequest() {\r
+ if (requestUrl != null) {\r
+ String url = requestUrl;\r
+ requestUrl = null;\r
+ throw new RedirectToUrlException(url);\r
+ }\r
+ return false;\r
+ }\r
\r
public boolean isLoggedIn() {\r
return user != null;\r
}\r
return user.canAdmin;\r
}\r
+ \r
+ public String getUsername() {\r
+ return user == null ? "anonymous" : user.username;\r
+ }\r
\r
public UserModel getUser() {\r
return user;\r
import org.apache.wicket.Application;\r
import org.apache.wicket.MarkupContainer;\r
import org.apache.wicket.PageParameters;\r
-import org.apache.wicket.RestartResponseAtInterceptPageException;\r
+import org.apache.wicket.RedirectToUrlException;\r
import org.apache.wicket.RestartResponseException;\r
import org.apache.wicket.markup.html.CSSPackageResource;\r
import org.apache.wicket.markup.html.WebPage;\r
import org.apache.wicket.markup.html.link.ExternalLink;\r
import org.apache.wicket.markup.html.panel.FeedbackPanel;\r
import org.apache.wicket.markup.html.panel.Fragment;\r
+import org.apache.wicket.protocol.http.RequestUtils;\r
import org.apache.wicket.protocol.http.WebRequest;\r
import org.apache.wicket.protocol.http.WebResponse;\r
import org.apache.wicket.protocol.http.servlet.ServletWebRequest;\r
+import org.apache.wicket.request.RequestParameters;\r
import org.slf4j.Logger;\r
import org.slf4j.LoggerFactory;\r
\r
// Set Cookie\r
WebResponse response = (WebResponse) getRequestCycle().getResponse();\r
GitBlit.self().setCookie(response, user);\r
- continueToOriginalDestination();\r
+ \r
+ session.continueRequest();\r
}\r
}\r
\r
// inject username into repository url if authentication is required\r
if (repository.accessRestriction.exceeds(AccessRestrictionType.NONE)\r
&& GitBlitWebSession.get().isLoggedIn()) {\r
- String username = GitBlitWebSession.get().getUser().username;\r
+ String username = GitBlitWebSession.get().getUsername();\r
sb.insert(sb.indexOf("://") + 3, username + "@");\r
}\r
return sb.toString();\r
}\r
\r
public void error(String message, boolean redirect) {\r
- logger.error(message);\r
+ logger.error(message + " for " + GitBlitWebSession.get().getUsername());\r
if (redirect) {\r
GitBlitWebSession.get().cacheErrorMessage(message);\r
- throw new RestartResponseException(getApplication().getHomePage());\r
+ RequestParameters params = getRequest().getRequestParameters();\r
+ String relativeUrl = urlFor(RepositoriesPage.class, null).toString();\r
+ String absoluteUrl = RequestUtils.toAbsolutePath(relativeUrl);\r
+ throw new RedirectToUrlException(absoluteUrl);\r
} else {\r
super.error(message);\r
}\r
}\r
\r
public void authenticationError(String message) {\r
- logger.error(message);\r
- if (GitBlitWebSession.get().isLoggedIn()) {\r
- error(message, true);\r
- } else {\r
- throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);\r
+ logger.error(getRequest().getURL() + " for " + GitBlitWebSession.get().getUsername());\r
+ if (!GitBlitWebSession.get().isLoggedIn()) {\r
+ // cache the request if we have not authenticated.\r
+ // the request will continue after authentication.\r
+ GitBlitWebSession.get().cacheRequest(getClass());\r
}\r
+ error(message, true);\r
}\r
\r
/**\r
GitBlit.getString(Keys.realm.userService, "users.conf")), true);\r
}\r
\r
- setupPage(getString("gb.changePassword"), GitBlitWebSession.get().getUser().username);\r
+ setupPage(getString("gb.changePassword"), GitBlitWebSession.get().getUsername());\r
\r
StatelessForm<Void> form = new StatelessForm<Void>("passwordForm") {\r
\r
if (showAdmin\r
|| GitBlitWebSession.get().isLoggedIn()\r
&& (model.owner != null && model.owner.equalsIgnoreCase(GitBlitWebSession.get()\r
- .getUser().username))) {\r
+ .getUsername()))) {\r
pages.put("edit", new PageRegistration("gb.edit", EditRepositoryPage.class, params));\r
}\r
return pages;\r
RepositoryModel model = GitBlit.self().getRepositoryModel(\r
GitBlitWebSession.get().getUser(), repositoryName);\r
if (model == null) {\r
- authenticationError(getString("gb.unauthorizedAccessForRepository") + " " + repositoryName);\r
+ if (GitBlit.self().hasRepository(repositoryName)) {\r
+ // has repository, but unauthorized\r
+ authenticationError(getString("gb.unauthorizedAccessForRepository") + " " + repositoryName);\r
+ } else {\r
+ // does not have repository\r
+ error(getString("gb.canNotLoadRepository") + " " + repositoryName, true);\r
+ }\r
return null;\r
}\r
m = model;\r
GitBlit.self().setCookie(response, user);\r
}\r
\r
- if (!continueToOriginalDestination()) {\r
+ if (!session.continueRequest()) {\r
PageParameters params = getPageParameters();\r
if (params == null) {\r
// redirect to this page\r
projects / gitblit.git / commitdiff