Search in sources :

Example 1 with WebRequest

use of org.apache.wicket.protocol.http.WebRequest in project gitblit by gitblit.

the class RepositoryUrlPanel method onInitialize.

@Override
protected void onInitialize() {
    super.onInitialize();
    HttpServletRequest req = ((WebRequest) getRequest()).getHttpServletRequest();
    List<RepositoryUrl> repositoryUrls = app().services().getRepositoryUrls(req, user, repository);
    // grab primary url from the top of the list
    primaryUrl = repositoryUrls.size() == 0 ? null : repositoryUrls.get(0);
    boolean canClone = primaryUrl != null && (!primaryUrl.hasPermission() || primaryUrl.permission.atLeast(AccessPermission.CLONE));
    if (repositoryUrls.size() == 0 || !canClone) {
        // no urls, nothing to show.
        add(new Label("repositoryUrlPanel").setVisible(false));
        add(new Label("applicationMenusPanel").setVisible(false));
        add(new Label("repositoryIndicators").setVisible(false));
        return;
    }
    // display primary url
    add(createPrimaryUrlPanel("repositoryUrlPanel", repository, repositoryUrls));
    if (onlyUrls) {
        add(new Label("repositoryIndicators").setVisible(false));
    } else {
        add(createRepositoryIndicators(repository));
    }
    boolean allowAppLinks = app().settings().getBoolean(Keys.web.allowAppCloneLinks, true);
    if (onlyUrls || !canClone || !allowAppLinks) {
        // only display the url(s)
        add(new Label("applicationMenusPanel").setVisible(false));
        return;
    }
    // create the git client application menus
    add(createApplicationMenus("applicationMenusPanel", user, repository, repositoryUrls));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) WebRequest(org.apache.wicket.protocol.http.WebRequest) Label(org.apache.wicket.markup.html.basic.Label) RepositoryUrl(com.gitblit.models.RepositoryUrl)

Example 2 with WebRequest

use of org.apache.wicket.protocol.http.WebRequest in project gitblit by gitblit.

the class TicketPage method getRepositoryUrl.

/**
	 * Returns the primary repository url
	 *
	 * @param user
	 * @param repository
	 * @return the primary repository url
	 */
protected RepositoryUrl getRepositoryUrl(UserModel user, RepositoryModel repository) {
    HttpServletRequest req = ((WebRequest) getRequest()).getHttpServletRequest();
    List<RepositoryUrl> urls = app().services().getRepositoryUrls(req, user, repository);
    if (ArrayUtils.isEmpty(urls)) {
        return null;
    }
    RepositoryUrl primary = urls.get(0);
    return primary;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) WebRequest(org.apache.wicket.protocol.http.WebRequest) RepositoryUrl(com.gitblit.models.RepositoryUrl)

Example 3 with WebRequest

use of org.apache.wicket.protocol.http.WebRequest in project gitblit by gitblit.

the class RootPage method loginUser.

private void loginUser(UserModel user) {
    if (user != null) {
        HttpServletRequest request = ((WebRequest) getRequest()).getHttpServletRequest();
        HttpServletResponse response = ((WebResponse) getResponse()).getHttpServletResponse();
        // Set the user into the session
        GitBlitWebSession session = GitBlitWebSession.get();
        // issue 62: fix session fixation vulnerability
        session.replaceSession();
        session.setUser(user);
        request = ((WebRequest) getRequest()).getHttpServletRequest();
        response = ((WebResponse) getResponse()).getHttpServletResponse();
        request.getSession().setAttribute(Constants.ATTRIB_AUTHTYPE, AuthenticationType.CREDENTIALS);
        // Set Cookie
        app().authentication().setCookie(request, response, user);
        if (!session.continueRequest()) {
            PageParameters params = getPageParameters();
            if (params == null) {
                // redirect to this page
                redirectTo(getClass());
            } else {
                // Strip username and password and redirect to this page
                params.remove("username");
                params.remove("password");
                redirectTo(getClass(), params);
            }
        }
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) WebResponse(org.apache.wicket.protocol.http.WebResponse) WebRequest(org.apache.wicket.protocol.http.WebRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) GitBlitWebSession(com.gitblit.wicket.GitBlitWebSession) PageParameters(org.apache.wicket.PageParameters)

Example 4 with WebRequest

use of org.apache.wicket.protocol.http.WebRequest in project gitblit by gitblit.

the class SessionPage method login.

private void login() {
    GitBlitWebSession session = GitBlitWebSession.get();
    HttpServletRequest request = ((WebRequest) getRequest()).getHttpServletRequest();
    HttpServletResponse response = ((WebResponse) getResponse()).getHttpServletResponse();
    // If using container/external servlet authentication, use request attribute
    String authedUser = (String) request.getAttribute(Constants.ATTRIB_AUTHUSER);
    // Default to trusting session authentication if not set in request by external processing
    if (StringUtils.isEmpty(authedUser) && session.isLoggedIn()) {
        authedUser = session.getUsername();
    }
    if (!StringUtils.isEmpty(authedUser)) {
        // the old session entirely, without trusting any session values
        if (!authedUser.equals(session.getUsername())) {
            session.replaceSession();
        }
        if (!session.isSessionInvalidated()) {
            // Refresh usermodel to pick up any changes to permissions or roles (issue-186)
            UserModel user = app().users().getUserModel(authedUser);
            if (user == null || user.disabled) {
                // user was deleted/disabled during session
                app().authentication().logout(request, response, user);
                session.setUser(null);
                session.invalidateNow();
                return;
            }
            // validate cookie during session (issue-361)
            if (app().settings().getBoolean(Keys.web.allowCookieAuthentication, true)) {
                String requestCookie = app().authentication().getCookie(request);
                if (!StringUtils.isEmpty(requestCookie) && !StringUtils.isEmpty(user.cookie)) {
                    if (!requestCookie.equals(user.cookie)) {
                        // cookie was changed during our session
                        app().authentication().logout(request, response, user);
                        session.setUser(null);
                        session.invalidateNow();
                        return;
                    }
                }
            }
            session.setUser(user);
            session.continueRequest();
            return;
        }
    }
    // try to authenticate by servlet request
    UserModel user = app().authentication().authenticate(request);
    // Login the user
    if (user != null) {
        AuthenticationType authenticationType = (AuthenticationType) request.getAttribute(Constants.ATTRIB_AUTHTYPE);
        // don't like
        if (AuthenticationType.CONTAINER != authenticationType) {
            session.replaceSession();
        }
        session.setUser(user);
        // Set Cookie
        app().authentication().setCookie(request, response, user);
        session.continueRequest();
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) UserModel(com.gitblit.models.UserModel) WebResponse(org.apache.wicket.protocol.http.WebResponse) WebRequest(org.apache.wicket.protocol.http.WebRequest) GitBlitWebSession(com.gitblit.wicket.GitBlitWebSession) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthenticationType(com.gitblit.Constants.AuthenticationType)

Aggregations

HttpServletRequest (javax.servlet.http.HttpServletRequest)4 WebRequest (org.apache.wicket.protocol.http.WebRequest)4 RepositoryUrl (com.gitblit.models.RepositoryUrl)2 GitBlitWebSession (com.gitblit.wicket.GitBlitWebSession)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2 WebResponse (org.apache.wicket.protocol.http.WebResponse)2 AuthenticationType (com.gitblit.Constants.AuthenticationType)1 UserModel (com.gitblit.models.UserModel)1 PageParameters (org.apache.wicket.PageParameters)1 Label (org.apache.wicket.markup.html.basic.Label)1