Examples of com.gitblit.models.UserModel

• com.gitblit.models.UserModel
  UserModel is a serializable model class that represents a user and the user's restricted repository memberships. Instances of UserModels are also used as servlet user principals. @author James Moger

   *            the user object to use for username
   * @return true if update is successful
   */
  @Override
  public synchronized boolean updateUserModel(String username, UserModel model) {
    UserModel originalUser = null;
    try {
      if (!model.isLocalAccount()) {
        // do not persist password
        model.password = Constants.EXTERNAL_ACCOUNT;
      }

  @Override
  public synchronized boolean deleteUser(String username) {
    try {
      // Read realm file
      read();
      UserModel model = users.remove(username.toLowerCase());
      if (model == null) {
        // user does not exist
        return false;
      }
      // remove user from team

  public synchronized List<String> getUsernamesForRepositoryRole(String role) {
    List<String> list = new ArrayList<String>();
    try {
      read();
      for (Map.Entry<String, UserModel> entry : users.entrySet()) {
        UserModel model = entry.getValue();
        if (model.hasRepositoryPermission(role)) {
          list.add(model.username);
        }
      }
    } catch (Throwable t) {
      logger.error(MessageFormat.format("Failed to get usernames for role {0}!", role), t);

      try {
        StoredConfig config = new FileBasedConfig(realmFile, FS.detect());
        config.load();
        Set<String> usernames = config.getSubsections(USER);
        for (String username : usernames) {
          UserModel user = new UserModel(username.toLowerCase());
          user.password = config.getString(USER, username, PASSWORD);
          user.displayName = config.getString(USER, username, DISPLAYNAME);
          user.emailAddress = config.getString(USER, username, EMAILADDRESS);
          user.accountType = AccountType.fromString(config.getString(USER, username, ACCOUNTTYPE));
          if (Constants.EXTERNAL_ACCOUNT.equals(user.password) && user.accountType.isLocal()) {
            user.accountType = AccountType.EXTERNAL;
          }
          user.disabled = config.getBoolean(USER, username, DISABLED, false);
          user.organizationalUnit = config.getString(USER, username, ORGANIZATIONALUNIT);
          user.organization = config.getString(USER, username, ORGANIZATION);
          user.locality = config.getString(USER, username, LOCALITY);
          user.stateProvince = config.getString(USER, username, STATEPROVINCE);
          user.countryCode = config.getString(USER, username, COUNTRYCODE);
          user.cookie = config.getString(USER, username, COOKIE);
          user.getPreferences().locale = config.getString(USER, username, LOCALE);
          if (StringUtils.isEmpty(user.cookie) && !StringUtils.isEmpty(user.password)) {
            user.cookie = StringUtils.getSHA1(user.username + user.password);
          }

          // user roles
          Set<String> roles = new HashSet<String>(Arrays.asList(config.getStringList(
              USER, username, ROLE)));
          user.canAdmin = roles.contains(Constants.ADMIN_ROLE);
          user.canFork = roles.contains(Constants.FORK_ROLE);
          user.canCreate = roles.contains(Constants.CREATE_ROLE);
          user.excludeFromFederation = roles.contains(Constants.NOT_FEDERATED_ROLE);

          // repository memberships
          if (!user.canAdmin) {
            // non-admin, read permissions
            Set<String> repositories = new HashSet<String>(Arrays.asList(config
                .getStringList(USER, username, REPOSITORY)));
            for (String repository : repositories) {
              user.addRepositoryPermission(repository);
            }
          }

          // starred repositories
          Set<String> starred = new HashSet<String>(Arrays.asList(config
              .getStringList(USER, username, STARRED)));
          for (String repository : starred) {
            UserRepositoryPreferences prefs = user.getPreferences().getRepositoryPreferences(repository);
            prefs.starred = true;
          }

          // update cache
          users.put(user.username, user);
          if (!StringUtils.isEmpty(user.cookie)) {
            cookies.put(user.cookie, user);
          }
        }

        // load the teams
        Set<String> teamnames = config.getSubsections(TEAM);
        for (String teamname : teamnames) {
          TeamModel team = new TeamModel(teamname);
          Set<String> roles = new HashSet<String>(Arrays.asList(config.getStringList(
              TEAM, teamname, ROLE)));
          team.canAdmin = roles.contains(Constants.ADMIN_ROLE);
          team.canFork = roles.contains(Constants.FORK_ROLE);
          team.canCreate = roles.contains(Constants.CREATE_ROLE);
          team.accountType = AccountType.fromString(config.getString(TEAM, teamname, ACCOUNTTYPE));

          if (!team.canAdmin) {
            // non-admin team, read permissions
            team.addRepositoryPermissions(Arrays.asList(config.getStringList(TEAM, teamname,
                REPOSITORY)));
          }
          team.addUsers(Arrays.asList(config.getStringList(TEAM, teamname, USER)));
          team.addMailingLists(Arrays.asList(config.getStringList(TEAM, teamname,
              MAILINGLIST)));
          team.preReceiveScripts.addAll(Arrays.asList(config.getStringList(TEAM,
              teamname, PRERECEIVE)));
          team.postReceiveScripts.addAll(Arrays.asList(config.getStringList(TEAM,
              teamname, POSTRECEIVE)));

          teams.put(team.name.toLowerCase(), team);

          // set the teams on the users
          for (String user : team.users) {
            UserModel model = users.get(user);
            if (model != null) {
              model.teams.add(team);
            }
          }
        }

   * @throws IOException
   */
  public static UserModel getUser(String username, String serverUrl, String account, char[] password)
      throws IOException {
    String url = asLink(serverUrl, RpcRequest.GET_USER);
    UserModel model = JsonUtils.retrieveJson(url, UserModel.class, account, password);
    return model;
  }

    @Test
    public void testAuthenticate() throws Exception {
      IAuthenticationManager auth = newAuthenticationManager();

      UserModel user = new UserModel("sunnyjim");
    user.password = "password";
    users.updateUserModel(user);

    assertNotNull(auth.authenticate(user.username, user.password.toCharArray()));
    user.disabled = true;

    @Test
    public void testAuthenticate() throws Exception {
      RedmineAuthProvider redmine = newRedmineAuthentication();
        redmine.setTestingCurrentUserAsJson(JSON);
        UserModel userModel = redmine.authenticate("RedmineAdminId", "RedmineAPIKey".toCharArray());
        assertThat(userModel.getName(), is("redmineadminid"));
        assertThat(userModel.getDisplayName(), is("baz foo"));
        assertThat(userModel.emailAddress, is("baz@example.com"));
        assertNotNull(userModel.cookie);
    }

    }

    @Test
    public void testAuthenticationManager() throws Exception {
      AuthenticationManager auth = newAuthenticationManager();
        UserModel userModel = auth.authenticate("RedmineAdminId", "RedmineAPIKey".toCharArray());
        assertThat(userModel.getName(), is("redmineadminid"));
        assertThat(userModel.getDisplayName(), is("baz foo"));
        assertThat(userModel.emailAddress, is("baz@example.com"));
        assertNotNull(userModel.cookie);
    }

  /**
   * Admin access rights/permissions
   */
  @Test
  public void testAdmin() throws Exception {
    UserModel user = new UserModel("admin");
    user.canAdmin = true;

    for (AccessRestrictionType ar : AccessRestrictionType.values()) {
      RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
      repository.authorizationControl = AuthorizationControl.NAMED;
      repository.accessRestriction = ar;

      assertTrue("admin CAN NOT view!", user.canView(repository));
      assertTrue("admin CAN NOT clone!", user.canClone(repository));
      assertTrue("admin CAN NOT push!", user.canPush(repository));

      assertTrue("admin CAN NOT create ref!", user.canCreateRef(repository));
      assertTrue("admin CAN NOT delete ref!", user.canDeleteRef(repository));
      assertTrue("admin CAN NOT rewind ref!", user.canRewindRef(repository));

      assertEquals("admin has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

      assertTrue("admin CAN NOT fork!", user.canFork(repository));

      assertTrue("admin CAN NOT delete!", user.canDelete(repository));
      assertTrue("admin CAN NOT edit!", user.canEdit(repository));
    }
  }

  public void testAnonymous_NONE() throws Exception {
    RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
    repository.authorizationControl = AuthorizationControl.NAMED;
    repository.accessRestriction = AccessRestrictionType.NONE;

    UserModel user = UserModel.ANONYMOUS;

    // all permissions, except fork
    assertTrue("anonymous CAN NOT view!", user.canView(repository));
    assertTrue("anonymous CAN NOT clone!", user.canClone(repository));
    assertTrue("anonymous CAN NOT push!", user.canPush(repository));

    assertTrue("anonymous CAN NOT create ref!", user.canCreateRef(repository));
    assertTrue("anonymous CAN NOT delete ref!", user.canDeleteRef(repository));
    assertTrue("anonymous CAN NOT rewind ref!", user.canRewindRef(repository));

    assertEquals("anonymous has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

    repository.allowForks = false;
    assertFalse("anonymous CAN fork!", user.canFork(repository));
    repository.allowForks = true;
    assertFalse("anonymous CAN fork!", user.canFork(repository));

    assertFalse("anonymous CAN delete!", user.canDelete(repository));
    assertFalse("anonymous CAN edit!", user.canEdit(repository));
  }