commit | author | age
|
c828cf
|
1 |
/* |
JM |
2 |
* Copyright 2014 gitblit.com. |
|
3 |
* |
|
4 |
* Licensed under the Apache License, Version 2.0 (the "License"); |
|
5 |
* you may not use this file except in compliance with the License. |
|
6 |
* You may obtain a copy of the License at |
|
7 |
* |
|
8 |
* http://www.apache.org/licenses/LICENSE-2.0 |
|
9 |
* |
|
10 |
* Unless required by applicable law or agreed to in writing, software |
|
11 |
* distributed under the License is distributed on an "AS IS" BASIS, |
|
12 |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
13 |
* See the License for the specific language governing permissions and |
|
14 |
* limitations under the License. |
|
15 |
*/ |
|
16 |
package com.gitblit.guice; |
|
17 |
|
|
18 |
import java.util.HashMap; |
|
19 |
import java.util.Map; |
|
20 |
|
f790d5
|
21 |
import com.gitblit.AvatarGenerator; |
c828cf
|
22 |
import com.gitblit.Constants; |
e5227a
|
23 |
import com.gitblit.servlet.AccessDeniedServlet; |
c828cf
|
24 |
import com.gitblit.servlet.BranchGraphServlet; |
52daae
|
25 |
import com.gitblit.servlet.DownloadZipFilter; |
c828cf
|
26 |
import com.gitblit.servlet.DownloadZipServlet; |
JM |
27 |
import com.gitblit.servlet.EnforceAuthenticationFilter; |
|
28 |
import com.gitblit.servlet.FederationServlet; |
bd0e83
|
29 |
import com.gitblit.servlet.FilestoreServlet; |
52daae
|
30 |
import com.gitblit.servlet.GitFilter; |
c828cf
|
31 |
import com.gitblit.servlet.GitServlet; |
JM |
32 |
import com.gitblit.servlet.LogoServlet; |
52daae
|
33 |
import com.gitblit.servlet.PagesFilter; |
c828cf
|
34 |
import com.gitblit.servlet.PagesServlet; |
JM |
35 |
import com.gitblit.servlet.ProxyFilter; |
|
36 |
import com.gitblit.servlet.PtServlet; |
52daae
|
37 |
import com.gitblit.servlet.RawFilter; |
c828cf
|
38 |
import com.gitblit.servlet.RawServlet; |
JM |
39 |
import com.gitblit.servlet.RobotsTxtServlet; |
52daae
|
40 |
import com.gitblit.servlet.RpcFilter; |
c828cf
|
41 |
import com.gitblit.servlet.RpcServlet; |
JM |
42 |
import com.gitblit.servlet.SparkleShareInviteServlet; |
cdb2fe
|
43 |
import com.gitblit.servlet.SyndicationFilter; |
c828cf
|
44 |
import com.gitblit.servlet.SyndicationServlet; |
JM |
45 |
import com.gitblit.wicket.GitblitWicketFilter; |
|
46 |
import com.google.common.base.Joiner; |
|
47 |
import com.google.inject.servlet.ServletModule; |
|
48 |
|
|
49 |
/** |
|
50 |
* Defines all the web servlets & filters. |
|
51 |
* |
|
52 |
* @author James Moger |
|
53 |
* |
|
54 |
*/ |
|
55 |
public class WebModule extends ServletModule { |
|
56 |
|
|
57 |
final static String ALL = "/*"; |
|
58 |
|
|
59 |
@Override |
|
60 |
protected void configureServlets() { |
f790d5
|
61 |
|
JM |
62 |
// bind web component providers |
|
63 |
bind(AvatarGenerator.class).toProvider(AvatarGeneratorProvider.class); |
|
64 |
|
c828cf
|
65 |
// servlets |
bd0e83
|
66 |
serveRegex(FilestoreServlet.REGEX_PATH).with(FilestoreServlet.class); |
c828cf
|
67 |
serve(fuzzy(Constants.R_PATH), fuzzy(Constants.GIT_PATH)).with(GitServlet.class); |
JM |
68 |
serve(fuzzy(Constants.RAW_PATH)).with(RawServlet.class); |
|
69 |
serve(fuzzy(Constants.PAGES)).with(PagesServlet.class); |
|
70 |
serve(fuzzy(Constants.RPC_PATH)).with(RpcServlet.class); |
|
71 |
serve(fuzzy(Constants.ZIP_PATH)).with(DownloadZipServlet.class); |
|
72 |
serve(fuzzy(Constants.SYNDICATION_PATH)).with(SyndicationServlet.class); |
bd0e83
|
73 |
|
c828cf
|
74 |
|
JM |
75 |
serve(fuzzy(Constants.FEDERATION_PATH)).with(FederationServlet.class); |
|
76 |
serve(fuzzy(Constants.SPARKLESHARE_INVITE_PATH)).with(SparkleShareInviteServlet.class); |
|
77 |
serve(fuzzy(Constants.BRANCH_GRAPH_PATH)).with(BranchGraphServlet.class); |
|
78 |
serve(Constants.PT_PATH).with(PtServlet.class); |
|
79 |
serve("/robots.txt").with(RobotsTxtServlet.class); |
|
80 |
serve("/logo.png").with(LogoServlet.class); |
d5548e
|
81 |
|
JM |
82 |
/* Prevent accidental access to 'resources' such as GitBlit java classes |
|
83 |
* |
|
84 |
* In the GO setup the JAR containing the application and the WAR injected |
|
85 |
* into Jetty are the same file. However Jetty expects to serve the entire WAR |
|
86 |
* contents, except the WEB-INF folder. Thus, all java binary classes in the |
|
87 |
* JAR are served by default as is they were legitimate resources. |
|
88 |
* |
|
89 |
* The below servlet mappings prevent that behavior |
|
90 |
*/ |
|
91 |
serve(fuzzy("/com/")).with(AccessDeniedServlet.class); |
|
92 |
|
c828cf
|
93 |
// global filters |
JM |
94 |
filter(ALL).through(ProxyFilter.class); |
|
95 |
filter(ALL).through(EnforceAuthenticationFilter.class); |
|
96 |
|
|
97 |
// security filters |
52daae
|
98 |
filter(fuzzy(Constants.R_PATH), fuzzy(Constants.GIT_PATH)).through(GitFilter.class); |
JM |
99 |
filter(fuzzy(Constants.RAW_PATH)).through(RawFilter.class); |
|
100 |
filter(fuzzy(Constants.PAGES)).through(PagesFilter.class); |
|
101 |
filter(fuzzy(Constants.RPC_PATH)).through(RpcFilter.class); |
|
102 |
filter(fuzzy(Constants.ZIP_PATH)).through(DownloadZipFilter.class); |
cdb2fe
|
103 |
filter(fuzzy(Constants.SYNDICATION_PATH)).through(SyndicationFilter.class); |
bd0e83
|
104 |
|
PM |
105 |
|
c828cf
|
106 |
// Wicket |
JM |
107 |
String toIgnore = Joiner.on(",").join(Constants.R_PATH, Constants.GIT_PATH, Constants.RAW_PATH, |
|
108 |
Constants.PAGES, Constants.RPC_PATH, Constants.ZIP_PATH, Constants.SYNDICATION_PATH, |
|
109 |
Constants.FEDERATION_PATH, Constants.SPARKLESHARE_INVITE_PATH, Constants.BRANCH_GRAPH_PATH, |
|
110 |
Constants.PT_PATH, "/robots.txt", "/logo.png"); |
|
111 |
|
|
112 |
Map<String, String> params = new HashMap<String, String>(); |
|
113 |
params.put(GitblitWicketFilter.FILTER_MAPPING_PARAM, ALL); |
|
114 |
params.put(GitblitWicketFilter.IGNORE_PATHS_PARAM, toIgnore); |
|
115 |
filter(ALL).through(GitblitWicketFilter.class, params); |
|
116 |
} |
|
117 |
|
|
118 |
private String fuzzy(String path) { |
|
119 |
if (path.endsWith(ALL)) { |
|
120 |
return path; |
|
121 |
} else if (path.endsWith("/")) { |
|
122 |
return path + "*"; |
|
123 |
} |
|
124 |
return path + ALL; |
|
125 |
} |
|
126 |
} |