githubFork/gitblit.git - Solinfo Gitblit

James Moger

2015-11-22 ed552ba47c02779c270ffd62841d6d1048dade70

commit \| author \| age
20165d	1	/*
JM	2	* Copyright 2011 gitblit.com.
	3	*
	4	* Licensed under the Apache License, Version 2.0 (the "License");
	5	* you may not use this file except in compliance with the License.
	6	* You may obtain a copy of the License at
	7	*
	8	* http://www.apache.org/licenses/LICENSE-2.0
	9	*
	10	* Unless required by applicable law or agreed to in writing, software
	11	* distributed under the License is distributed on an "AS IS" BASIS,
	12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	13	* See the License for the specific language governing permissions and
	14	* limitations under the License.
	15	*/
	16	package com.gitblit.wicket.pages;
	17
	18	import java.text.MessageFormat;
	19
	20	import org.apache.wicket.RestartResponseException;
	21	import org.apache.wicket.markup.html.form.Button;
	22	import org.apache.wicket.markup.html.form.StatelessForm;
	23	import org.apache.wicket.model.IModel;
	24	import org.apache.wicket.model.Model;
ec7ed8	25	import org.apache.wicket.protocol.http.WebRequest;
20165d	26	import org.apache.wicket.protocol.http.WebResponse;
JM	27
	28	import com.gitblit.GitBlitException;
	29	import com.gitblit.Keys;
	30	import com.gitblit.models.UserModel;
	31	import com.gitblit.utils.StringUtils;
	32	import com.gitblit.wicket.GitBlitWebSession;
979c75	33	import com.gitblit.wicket.NonTrimmedPasswordTextField;
20165d	34
d376ab	35	public class ChangePasswordPage extends RootSubPage {
20165d	36
JM	37	IModel<String> password = new Model<String>("");
	38	IModel<String> confirmPassword = new Model<String>("");
	39
	40	public ChangePasswordPage() {
	41	super();
	42
	43	if (!GitBlitWebSession.get().isLoggedIn()) {
	44	// Change password requires a login
	45	throw new RestartResponseException(getApplication().getHomePage());
	46	}
	47
99d0d4	48	if (!app().settings().getBoolean(Keys.web.authenticateAdminPages, true)
JM	49	&& !app().settings().getBoolean(Keys.web.authenticateViewPages, false)) {
20165d	50	// no authentication enabled
JM	51	throw new RestartResponseException(getApplication().getHomePage());
	52	}
699e71	53
JM	54	UserModel user = GitBlitWebSession.get().getUser();
04a985	55	if (!app().authentication().supportsCredentialChanges(user)) {
6cca86	56	error(MessageFormat.format(getString("gb.userServiceDoesNotPermitPasswordChanges"),
99d0d4	57	app().settings().getString(Keys.realm.userService, "${baseFolder}/users.conf")), true);
6cca86	58	}
699e71	59
4e3c15	60	setupPage(getString("gb.changePassword"), user.username);
20165d	61
JM	62	StatelessForm<Void> form = new StatelessForm<Void>("passwordForm") {
	63
	64	private static final long serialVersionUID = 1L;
	65
	66	@Override
	67	public void onSubmit() {
	68	String password = ChangePasswordPage.this.password.getObject();
	69	String confirmPassword = ChangePasswordPage.this.confirmPassword.getObject();
	70	// ensure passwords match
	71	if (!password.equals(confirmPassword)) {
6caa93	72	error(getString("gb.passwordsDoNotMatch"));
20165d	73	return;
JM	74	}
	75
	76	// ensure password satisfies minimum length requirement
99d0d4	77	int minLength = app().settings().getInteger(Keys.realm.minPasswordLength, 5);
20165d	78	if (minLength < 4) {
JM	79	minLength = 4;
	80	}
	81	if (password.length() < minLength) {
6caa93	82	error(MessageFormat.format(getString("gb.passwordTooShort"), minLength));
20165d	83	return;
JM	84	}
	85
d5623a	86	UserModel user = GitBlitWebSession.get().getUser();
JM	87
20165d	88	// convert to MD5 digest, if appropriate
99d0d4	89	String type = app().settings().getString(Keys.realm.passwordStorage, "md5");
20165d	90	if (type.equalsIgnoreCase("md5")) {
JM	91	// store MD5 digest of password
	92	password = StringUtils.MD5_TYPE + StringUtils.getMD5(password);
d5623a	93	} else if (type.equalsIgnoreCase("combined-md5")) {
JM	94	// store MD5 digest of username+password
	95	password = StringUtils.COMBINED_MD5_TYPE
	96	+ StringUtils.getMD5(user.username.toLowerCase() + password);
20165d	97	}
JM	98
	99	user.password = password;
	100	try {
5ae529	101	app().gitblit().reviseUser(user.username, user);
99d0d4	102	if (app().settings().getBoolean(Keys.web.allowCookieAuthentication, false)) {
ec7ed8	103	WebRequest request = (WebRequest) getRequestCycle().getRequest();
20165d	104	WebResponse response = (WebResponse) getRequestCycle().getResponse();
ec7ed8	105	app().authentication().setCookie(request.getHttpServletRequest(),
JM	106	response.getHttpServletResponse(), user);
20165d	107	}
JM	108	} catch (GitBlitException e) {
	109	error(e.getMessage());
	110	return;
	111	}
	112	setRedirect(false);
6caa93	113	info(getString("gb.passwordChanged"));
20165d	114	setResponsePage(RepositoriesPage.class);
JM	115	}
	116	};
979c75	117	NonTrimmedPasswordTextField passwordField = new NonTrimmedPasswordTextField("password", password);
20165d	118	passwordField.setResetPassword(false);
JM	119	form.add(passwordField);
979c75	120	NonTrimmedPasswordTextField confirmPasswordField = new NonTrimmedPasswordTextField("confirmPassword",
20165d	121	confirmPassword);
JM	122	confirmPasswordField.setResetPassword(false);
	123	form.add(confirmPasswordField);
88598b	124
719798	125	form.add(new Button("save"));
JM	126	Button cancel = new Button("cancel") {
20165d	127	private static final long serialVersionUID = 1L;
JM	128
	129	@Override
	130	public void onSubmit() {
5cc40c	131	setRedirect(false);
6caa93	132	error(getString("gb.passwordChangeAborted"));
88598b	133	setResponsePage(RepositoriesPage.class);
JM	134	}
	135	};
	136	cancel.setDefaultFormProcessing(false);
	137	form.add(cancel);
	138
20165d	139	add(form);
JM	140	}
	141	}