Gitblit devel
view | history | commit | commitdiff
James Moger
2011-09-29 fd6ac68c0b1136182b5d713ec88ea94e26c4a76d
commit | author | age
f13c4c 1 /*
JM 2  * Copyright 2011 gitblit.com.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
94b96b 16 package com.gitblit.wicket;
JM 17
18 import org.apache.wicket.Component;
19 import org.apache.wicket.RestartResponseAtInterceptPageException;
20 import org.apache.wicket.authorization.IUnauthorizedComponentInstantiationListener;
21 import org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy;
22
b55030 23 import com.gitblit.GitBlit;
JM 24 import com.gitblit.Keys;
1f9dae 25 import com.gitblit.models.UserModel;
JM 26 import com.gitblit.wicket.pages.BasePage;
94b96b 27 import com.gitblit.wicket.pages.RepositoriesPage;
JM 28
2a7306 29 public class AuthorizationStrategy extends AbstractPageAuthorizationStrategy implements
JM 30         IUnauthorizedComponentInstantiationListener {
94b96b 31
JM 32     public AuthorizationStrategy() {
33     }
34
35     @SuppressWarnings({ "unchecked", "rawtypes" })
36     @Override
37     protected boolean isPageAuthorized(Class pageClass) {
87cc1e 38         if (BasePage.class.isAssignableFrom(pageClass)) {
2a7306 39             boolean authenticateView = GitBlit.getBoolean(Keys.web.authenticateViewPages, true);
JM 40             boolean authenticateAdmin = GitBlit.getBoolean(Keys.web.authenticateAdminPages, true);
41             boolean allowAdmin = GitBlit.getBoolean(Keys.web.allowAdministration, true);
42
43             GitBlitWebSession session = GitBlitWebSession.get();
b55030 44             if (authenticateView && !session.isLoggedIn()) {
JM 45                 // authentication required
87cc1e 46                 return false;
b55030 47             }
2a7306 48
511554 49             UserModel user = session.getUser();
1f9dae 50             if (pageClass.isAnnotationPresent(RequiresAdminRole.class)) {
b55030 51                 // admin page
JM 52                 if (allowAdmin) {
53                     if (authenticateAdmin) {
54                         // authenticate admin
55                         if (user != null) {
2a7306 56                             return user.canAdmin;
b55030 57                         }
JM 58                         return false;
59                     } else {
60                         // no admin authentication required
61                         return true;
62                     }
63                 } else {
2a7306 64                     // admin prohibited
b55030 65                     return false;
JM 66                 }
87cc1e 67             }
JM 68         }
94b96b 69         return true;
JM 70     }
71
72     @Override
73     public void onUnauthorizedInstantiation(Component component) {
155bf7 74         if (component instanceof BasePage) {
a7571b 75             throw new RestartResponseAtInterceptPageException(RepositoriesPage.class);
94b96b 76         }
JM 77     }
78 }