Settings overhaul. Fixes to authentication. Bind interface feature.

Settings access has been abstracted and the way is becoming clear to
offer a WAR build in addition to the integrated server stack.  Util
methods moved around.

1 files changed, 9 insertions, 14 deletions

diff --git a/src/com/gitblit/wicket/AuthorizationStrategy.java b/src/com/gitblit/wicket/AuthorizationStrategy.java
index b73e849c..0a9d652b 100644
--- a/src/com/gitblit/wicket/AuthorizationStrategy.java
+++ b/src/com/gitblit/wicket/AuthorizationStrategy.java
@@ -15,9 +15,15 @@ public class AuthorizationStrategy extends AbstractPageAuthorizationStrategy imp
 	@SuppressWarnings({ "unchecked", "rawtypes" })

 	@Override

 	protected boolean isPageAuthorized(Class pageClass) {

-		if (BasePage.class.isAssignableFrom(pageClass))

-			return isAuthorized(pageClass);

-		// Return contruction by default

+		if (BasePage.class.isAssignableFrom(pageClass)) {

+			GitBlitWebSession session = GitBlitWebSession.get();

+			if (!session.isLoggedIn())

+				return false;

+			User user = session.getUser();

+			if (pageClass.isAnnotationPresent(AdminPage.class)) {

+				return user.canAdmin();

+			}

+		}

 		return true;

 	}

 

@@ -31,15 +37,4 @@ public class AuthorizationStrategy extends AbstractPageAuthorizationStrategy imp
 				throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);

 		}

 	}

-

-	protected boolean isAuthorized(Class<? extends BasePage> pageClass) {

-		GitBlitWebSession session = GitBlitWebSession.get();

-		if (!session.isLoggedIn())

-			return false;

-		User user = session.getUser();

-		if (pageClass.isAnnotationPresent(AdminPage.class)) {

-

-		}

-		return true;

-	}

 }