From ba2f9aa95ee55f3672cd59474c65b959d0fe7fb5 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 26 Feb 2014 23:52:45 -0500
Subject: [PATCH] Do not grant fork CLONE permissions to users/teams with implied regex CLONE permissions (issue-320)

---
 src/main/java/com/gitblit/wicket/pages/EditUserPage.java |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/src/main/java/com/gitblit/wicket/pages/EditUserPage.java b/src/main/java/com/gitblit/wicket/pages/EditUserPage.java
index 62a8ea5..15c35fa 100644
--- a/src/main/java/com/gitblit/wicket/pages/EditUserPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/EditUserPage.java
@@ -154,6 +154,9 @@
 							return;
 						}
 
+						// change the cookie
+						userModel.cookie = StringUtils.getSHA1(userModel.username + password);
+
 						// Optionally store the password MD5 digest.
 						String type = app().settings().getString(Keys.realm.passwordStorage, "md5");
 						if (type.equalsIgnoreCase("md5")) {

--
Gitblit v1.9.1