Fix user preferences selecting the wrong preferred locale.
Due to a wrong comparison, when loading the preferred locale in the
user preferences page, in cases like `zh_CN` or `de_DE` the wrong
locale would be chosen.
As with too many things, the code is duplicated on the `UserPage`
and the `EditUserPage`. And they differ. So extract the choosing of
the preferred language for display into a method in the (more up-to-date)
`UserPage` and call that from the `EditUserPage`.
Integrate the `PasswordHash` class and subclass in the user
and password editing and authentication. Replaces the old code and
the previous `SecurePasswordHashingUtils` class.
issue-361: Reset user cookie after administrative password change
Cookies were not reset on administrative password change of a user
account. This allowed accounts with changed passwords to continue
authenticating. Cookies are now reset on password changes, they are
validated on each page request, AND they will now expire 7 days after
generation.
Define manager interfaces and update all of Gitblit to use managers
These manager interfaces define how the GitBlit singleton will
eventually be split into smaller component managers. The Wicket app and
all servlets have been updated to request the needed managers. There
are _very_ few method signature changes - although there are a handful.
This is a surgical sharding of responsibility based on a proof of
concept refactor. Instead of random references to GittBlit.self()
there are now precise references to the manager interface required to
accomplish some task. Some tasks may require references to multiple
managers.
The code is now littered with calls to GitBlit.getManager(class) and
those familiar with the code-base will no doubt notice the duplication
of methods from IUserService in IUserManager and the addition of
implementation methods in the GitBlit context class. When the
GitBlit class is broken apart and the existing external authentication
user service classes are refactored to AuthenticationService classes,
this will again simplify and flatten. But in order to safely and
cleanly modularize the stable code-base we will have to live with a
little duplication for a short while.
Change-Id: I7314ec8acaab2dcc6092785ed4434cc09fdbbe16
Eliminate nearly all direct GitBlit singleton references in Wicket
This is the first step towards modularization and injection. All
direct references to the GitBlit singleton within the Wicket pages
and panels have been replaced to proxy methods in the GitBlitWebApp
singleton. There are still two Wicket classes which rely on the
GitBlit singleton; those require manual instantiation (servlet 3).
Change-Id: I0cdbbcf87959d590c446c99abb09c07c87c737bc
Reorganized to Apache Standard Directory Layout & integrated Moxie
This is a massive commit which reorganizes the entire project structure
(although it is still monolithic), removes the Build classes, and
switches to Moxie, a smarter Ant build tookit based on the original
Gitblit Build classes.
The Ant build script will likely require additional fine-tuning, but
this is big step forward.
Present the mutable permissions by default. Allow the administrator or
owner to toggle the displayed permissions to see how the user
and team permissions are applied to a repository.
Preliminary implementation of server-side forking (issue 137)
The fork mechanism clones the repository , access restrictions, and
other config options. The app has been updated throughout to handle
personal repositories and to properly display origin/fork links.
In order to fork a repository the user account must have the #fork role,
the origin repository must permit forking, and the user account must
have standard clone permissions to the repository.
Because forking introduces a new user role no existing user accounts can
automatically begin forking a repository. This is both a pro and a con.
Since the fork has the same access restrictions as the origin repository,
those who can access the origin may also access the fork. This is intentional
to facilitate integration-manager workflow. The fork owner does have the
power to completely change the access restrictions of his/her fork.
Teams simplify the management of user-repository access permissions. Teams have a list of restricted repositories. Users are also added to teams and that grants them access to those repositories.
Federation and RPC support are still in-progress.