From bb79224f6b59d71098863ada728623bd728df6ff Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Mon, 23 Sep 2013 10:53:27 -0400
Subject: [PATCH] Fix potential NPE in cookie retrieval

---
 src/main/java/com/gitblit/ConfigUserService.java |   36 ++++++++++++++++++++++++++++++++++++
 1 files changed, 36 insertions(+), 0 deletions(-)

diff --git a/src/main/java/com/gitblit/ConfigUserService.java b/src/main/java/com/gitblit/ConfigUserService.java
index 7aa0998..2475b9a 100644
--- a/src/main/java/com/gitblit/ConfigUserService.java
+++ b/src/main/java/com/gitblit/ConfigUserService.java
@@ -37,6 +37,7 @@
 import com.gitblit.Constants.AccessPermission;
 import com.gitblit.models.TeamModel;
 import com.gitblit.models.UserModel;
+import com.gitblit.models.UserRepositoryPreferences;
 import com.gitblit.utils.ArrayUtils;
 import com.gitblit.utils.DeepCopier;
 import com.gitblit.utils.StringUtils;
@@ -88,6 +89,10 @@
 	private static final String PRERECEIVE = "preReceiveScript";
 
 	private static final String POSTRECEIVE = "postReceiveScript";
+	
+	private static final String STARRED = "starred";
+	
+	private static final String LOCALE = "locale";
 
 	private final File realmFile;
 
@@ -183,6 +188,9 @@
 		}
 		read();
 		UserModel storedModel = users.get(model.username.toLowerCase());
+		if (storedModel == null) {
+			return null;
+		}
 		return storedModel.cookie;
 	}
 
@@ -202,6 +210,12 @@
 		UserModel model = null;
 		if (cookies.containsKey(hash)) {
 			model = cookies.get(hash);
+		}
+		
+		if (model != null) {
+			// clone the model, otherwise all changes to this object are
+			// live and unpersisted
+			model = DeepCopier.copy(model);
 		}
 		return model;
 	}
@@ -846,6 +860,11 @@
 			if (!StringUtils.isEmpty(model.countryCode)) {
 				config.setString(USER, model.username, COUNTRYCODE, model.countryCode);
 			}
+			if (model.getPreferences() != null) {
+				if (!StringUtils.isEmpty(model.getPreferences().locale)) {
+					config.setString(USER, model.username, LOCALE, model.getPreferences().locale);
+				}
+			}
 
 			// user roles
 			List<String> roles = new ArrayList<String>();
@@ -878,6 +897,14 @@
 					}
 				}
 				config.setStringList(USER, model.username, REPOSITORY, permissions);
+			}
+			
+			// user preferences
+			if (model.getPreferences() != null) {
+				List<String> starred =  model.getPreferences().getStarredRepositories();
+				if (starred.size() > 0) {
+					config.setStringList(USER, model.username, STARRED, starred);
+				}
 			}
 		}
 
@@ -999,6 +1026,7 @@
 					user.stateProvince = config.getString(USER, username, STATEPROVINCE);
 					user.countryCode = config.getString(USER, username, COUNTRYCODE);
 					user.cookie = config.getString(USER, username, COOKIE);
+					user.getPreferences().locale = config.getString(USER, username, LOCALE);	
 					if (StringUtils.isEmpty(user.cookie) && !StringUtils.isEmpty(user.password)) {
 						user.cookie = StringUtils.getSHA1(user.username + user.password);
 					}
@@ -1021,6 +1049,14 @@
 						}
 					}
 
+					// starred repositories
+					Set<String> starred = new HashSet<String>(Arrays.asList(config
+							.getStringList(USER, username, STARRED)));
+					for (String repository : starred) {
+						UserRepositoryPreferences prefs = user.getPreferences().getRepositoryPreferences(repository);
+						prefs.starred = true;
+					}
+
 					// update cache
 					users.put(user.username, user);
 					if (!StringUtils.isEmpty(user.cookie)) {

--
Gitblit v1.9.1