mirrors
/
gitblit
zrcadlo https://github.com/gitblit/gitblit.git
Sledovat 1
Oblíbit 0
Rozštěpit 0
Zdrojový kód Úkoly 0 Vydání 43 Wiki Aktivita
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.
183 Revize
11 Větve
Strom: 8c5d72248c
Větve Značky
${ item.name }
Vytvořit větev ${ searchTerm }
z „8c5d72248c“
${ noResults }
gitblit/src/com/gitblit/wicket/AuthorizationStrategy.java

AuthorizationStrategy.java 2.7KB
Surový Blame Historie

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 
  1. /*

  2.  * Copyright 2011 gitblit.com.

  3.  *

  4.  * Licensed under the Apache License, Version 2.0 (the "License");

  5.  * you may not use this file except in compliance with the License.

  6.  * You may obtain a copy of the License at

  7.  *

  8.  *     http://www.apache.org/licenses/LICENSE-2.0

  9.  *

  10.  * Unless required by applicable law or agreed to in writing, software

  11.  * distributed under the License is distributed on an "AS IS" BASIS,

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13.  * See the License for the specific language governing permissions and

  14.  * limitations under the License.

  15.  */

  16. package com.gitblit.wicket;

  17. 

  18. import org.apache.wicket.Component;

  19. import org.apache.wicket.RestartResponseAtInterceptPageException;

  20. import org.apache.wicket.authorization.IUnauthorizedComponentInstantiationListener;

  21. import org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy;

  22. 

  23. import com.gitblit.GitBlit;

  24. import com.gitblit.Keys;

  25. import com.gitblit.models.UserModel;

  26. import com.gitblit.wicket.pages.BasePage;

  27. import com.gitblit.wicket.pages.RepositoriesPage;

  28. 

  29. public class AuthorizationStrategy extends AbstractPageAuthorizationStrategy implements

  30. 		IUnauthorizedComponentInstantiationListener {

  31. 

  32. 	public AuthorizationStrategy() {

  33. 	}

  34. 

  35. 	@SuppressWarnings({ "unchecked", "rawtypes" })

  36. 	@Override

  37. 	protected boolean isPageAuthorized(Class pageClass) {

  38. 		if (RepositoriesPage.class.equals(pageClass)) {

  39. 			// allow all requests to get to the RepositoriesPage with its inline

  40. 			// authentication form

  41. 			return true;

  42. 		}

  43. 

  44. 		if (BasePage.class.isAssignableFrom(pageClass)) {

  45. 			boolean authenticateView = GitBlit.getBoolean(Keys.web.authenticateViewPages, true);

  46. 			boolean authenticateAdmin = GitBlit.getBoolean(Keys.web.authenticateAdminPages, true);

  47. 			boolean allowAdmin = GitBlit.getBoolean(Keys.web.allowAdministration, true);

  48. 

  49. 			GitBlitWebSession session = GitBlitWebSession.get();

  50. 			if (authenticateView && !session.isLoggedIn()) {

  51. 				// authentication required

  52. 				return false;

  53. 			}

  54. 

  55. 			UserModel user = session.getUser();

  56. 			if (pageClass.isAnnotationPresent(RequiresAdminRole.class)) {

  57. 				// admin page

  58. 				if (allowAdmin) {

  59. 					if (authenticateAdmin) {

  60. 						// authenticate admin

  61. 						if (user != null) {

  62. 							return user.canAdmin;

  63. 						}

  64. 						return false;

  65. 					} else {

  66. 						// no admin authentication required

  67. 						return true;

  68. 					}

  69. 				} else {

  70. 					// admin prohibited

  71. 					return false;

  72. 				}

  73. 			}

  74. 		}

  75. 		return true;

  76. 	}

  77. 

  78. 	@Override

  79. 	public void onUnauthorizedInstantiation(Component component) {

  80. 		if (component instanceof BasePage) {

  81. 			throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);

  82. 		}

  83. 	}

  84. }