From d40adc7553bc900328afa918f45b6d9e9c3087fb Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Mon, 24 Oct 2011 08:20:35 -0400
Subject: [PATCH] Fixed security hole when cloning repository with TortoiseGit (issue 28)

---
 src/com/gitblit/client/EditUserDialog.java |   32 ++++++++++++++++++++++----------
 1 files changed, 22 insertions(+), 10 deletions(-)

diff --git a/src/com/gitblit/client/EditUserDialog.java b/src/com/gitblit/client/EditUserDialog.java
index 0a1ddd9..c77713a 100644
--- a/src/com/gitblit/client/EditUserDialog.java
+++ b/src/com/gitblit/client/EditUserDialog.java
@@ -29,7 +29,6 @@
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.List;
-import java.util.Map;
 import java.util.Set;
 
 import javax.swing.ImageIcon;
@@ -48,7 +47,7 @@
 import com.gitblit.Constants.AccessRestrictionType;
 import com.gitblit.Keys;
 import com.gitblit.models.RepositoryModel;
-import com.gitblit.models.SettingModel;
+import com.gitblit.models.ServerSettings;
 import com.gitblit.models.UserModel;
 import com.gitblit.utils.StringUtils;
 
@@ -56,12 +55,14 @@
 
 	private static final long serialVersionUID = 1L;
 
+	private final String username;
+
 	private final UserModel user;
 
-	private final Map<String, SettingModel> settings;
+	private final ServerSettings settings;
 
 	private boolean isCreate;
-	
+
 	private boolean canceled = true;
 
 	private JTextField usernameField;
@@ -78,14 +79,15 @@
 
 	private Set<String> usernames;
 
-	public EditUserDialog(Map<String, SettingModel> settings) {
+	public EditUserDialog(ServerSettings settings) {
 		this(new UserModel(""), settings);
 		this.isCreate = true;
-		setTitle(Translation.get("gb.newUser"));		
+		setTitle(Translation.get("gb.newUser"));
 	}
 
-	public EditUserDialog(UserModel anUser, Map<String, SettingModel> settings) {
+	public EditUserDialog(UserModel anUser, ServerSettings settings) {
 		super();
+		this.username = anUser.username;
 		this.user = new UserModel("");
 		this.settings = settings;
 		this.usernames = new HashSet<String>();
@@ -95,7 +97,7 @@
 		setTitle(Translation.get("gb.edit") + ": " + anUser.username);
 		setIconImage(new ImageIcon(getClass().getResource("/gitblt-favicon.png")).getImage());
 	}
-	
+
 	@Override
 	protected JRootPane createRootPane() {
 		KeyStroke stroke = KeyStroke.getKeyStroke(KeyEvent.VK_ESCAPE, 0);
@@ -195,6 +197,16 @@
 				error(MessageFormat.format("Username ''{0}'' is unavailable.", uname));
 				return false;
 			}
+		} else {
+			// check rename collision
+			if (!username.equalsIgnoreCase(uname)) {
+				if (usernames.contains(uname.toLowerCase())) {
+					error(MessageFormat.format(
+							"Failed to rename ''{0}'' because ''{1}'' already exists.", username,
+							uname));
+					return false;
+				}
+			}
 		}
 
 		int minLength = settings.get(Keys.realm.minPasswordLength).getInteger(5);
@@ -203,8 +215,8 @@
 		}
 		char[] pw = passwordField.getPassword();
 		if (pw == null || pw.length < minLength) {
-			error(MessageFormat.format(
-					"Password is too short. Minimum length is {0} characters.", minLength));
+			error(MessageFormat.format("Password is too short. Minimum length is {0} characters.",
+					minLength));
 			return false;
 		}
 		char[] cpw = confirmPasswordField.getPassword();

--
Gitblit v1.9.1