commit | author | age
|
ca31f5
|
1 |
/*
|
JM |
2 |
* Copyright 2012 gitblit.com.
|
|
3 |
*
|
|
4 |
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
5 |
* you may not use this file except in compliance with the License.
|
|
6 |
* You may obtain a copy of the License at
|
|
7 |
*
|
|
8 |
* http://www.apache.org/licenses/LICENSE-2.0
|
|
9 |
*
|
|
10 |
* Unless required by applicable law or agreed to in writing, software
|
|
11 |
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
12 |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
13 |
* See the License for the specific language governing permissions and
|
|
14 |
* limitations under the License.
|
|
15 |
*/
|
|
16 |
package com.gitblit.servlet;
|
|
17 |
|
cdb2fe
|
18 |
import com.google.inject.Inject;
|
JM |
19 |
import com.google.inject.Singleton;
|
1b34b0
|
20 |
|
ca31f5
|
21 |
import org.eclipse.jgit.lib.Repository;
|
JM |
22 |
|
|
23 |
import com.gitblit.Constants.AccessRestrictionType;
|
1b34b0
|
24 |
import com.gitblit.manager.IAuthenticationManager;
|
JM |
25 |
import com.gitblit.manager.IRepositoryManager;
|
|
26 |
import com.gitblit.manager.IRuntimeManager;
|
ca31f5
|
27 |
import com.gitblit.models.RepositoryModel;
|
JM |
28 |
import com.gitblit.models.UserModel;
|
|
29 |
|
|
30 |
/**
|
ff17f7
|
31 |
* The RawFilter is an AccessRestrictionFilter which ensures http branch
|
ca31f5
|
32 |
* requests for a view-restricted repository are authenticated and authorized.
|
JM |
33 |
*
|
|
34 |
* @author James Moger
|
|
35 |
*
|
|
36 |
*/
|
1b34b0
|
37 |
@Singleton
|
ff17f7
|
38 |
public class RawFilter extends AccessRestrictionFilter {
|
ca31f5
|
39 |
|
1b34b0
|
40 |
@Inject
|
JM |
41 |
public RawFilter(
|
|
42 |
IRuntimeManager runtimeManager,
|
|
43 |
IAuthenticationManager authenticationManager,
|
|
44 |
IRepositoryManager repositoryManager) {
|
|
45 |
|
|
46 |
super(runtimeManager, authenticationManager, repositoryManager);
|
|
47 |
}
|
|
48 |
|
ca31f5
|
49 |
/**
|
JM |
50 |
* Extract the repository name from the url.
|
|
51 |
*
|
|
52 |
* @param url
|
|
53 |
* @return repository name
|
|
54 |
*/
|
|
55 |
@Override
|
|
56 |
protected String extractRepositoryName(String url) {
|
|
57 |
// get the repository name from the url by finding a known url suffix
|
|
58 |
String repository = "";
|
|
59 |
Repository r = null;
|
|
60 |
int offset = 0;
|
|
61 |
while (r == null) {
|
|
62 |
int slash = url.indexOf('/', offset);
|
|
63 |
if (slash == -1) {
|
|
64 |
repository = url;
|
|
65 |
} else {
|
|
66 |
repository = url.substring(0, slash);
|
|
67 |
}
|
|
68 |
r = repositoryManager.getRepository(repository, false);
|
|
69 |
if (r == null) {
|
|
70 |
// try again
|
|
71 |
offset = slash + 1;
|
|
72 |
} else {
|
|
73 |
// close the repo
|
|
74 |
r.close();
|
|
75 |
}
|
|
76 |
if (repository.equals(url)) {
|
|
77 |
// either only repository in url or no repository found
|
|
78 |
break;
|
|
79 |
}
|
|
80 |
}
|
|
81 |
return repository;
|
|
82 |
}
|
|
83 |
|
|
84 |
/**
|
|
85 |
* Analyze the url and returns the action of the request.
|
|
86 |
*
|
|
87 |
* @param cloneUrl
|
|
88 |
* @return action of the request
|
|
89 |
*/
|
|
90 |
@Override
|
|
91 |
protected String getUrlRequestAction(String suffix) {
|
|
92 |
return "VIEW";
|
|
93 |
}
|
|
94 |
|
|
95 |
/**
|
|
96 |
* Determine if a non-existing repository can be created using this filter.
|
|
97 |
*
|
|
98 |
* @return true if the filter allows repository creation
|
|
99 |
*/
|
|
100 |
@Override
|
bd0e83
|
101 |
protected boolean isCreationAllowed(String action) {
|
ca31f5
|
102 |
return false;
|
JM |
103 |
}
|
|
104 |
|
|
105 |
/**
|
|
106 |
* Determine if the action may be executed on the repository.
|
|
107 |
*
|
|
108 |
* @param repository
|
|
109 |
* @param action
|
bd0e83
|
110 |
* @param method
|
ca31f5
|
111 |
* @return true if the action may be performed
|
JM |
112 |
*/
|
|
113 |
@Override
|
bd0e83
|
114 |
protected boolean isActionAllowed(RepositoryModel repository, String action, String method) {
|
ca31f5
|
115 |
return true;
|
JM |
116 |
}
|
|
117 |
|
|
118 |
/**
|
|
119 |
* Determine if the repository requires authentication.
|
|
120 |
*
|
|
121 |
* @param repository
|
|
122 |
* @param action
|
bd0e83
|
123 |
* @param method
|
ca31f5
|
124 |
* @return true if authentication required
|
JM |
125 |
*/
|
|
126 |
@Override
|
bd0e83
|
127 |
protected boolean requiresAuthentication(RepositoryModel repository, String action, String method) {
|
ca31f5
|
128 |
return repository.accessRestriction.atLeast(AccessRestrictionType.VIEW);
|
JM |
129 |
}
|
|
130 |
|
|
131 |
/**
|
|
132 |
* Determine if the user can access the repository and perform the specified
|
|
133 |
* action.
|
|
134 |
*
|
|
135 |
* @param repository
|
|
136 |
* @param user
|
|
137 |
* @param action
|
|
138 |
* @return true if user may execute the action on the repository
|
|
139 |
*/
|
|
140 |
@Override
|
|
141 |
protected boolean canAccess(RepositoryModel repository, UserModel user, String action) {
|
|
142 |
return user.canView(repository);
|
|
143 |
}
|
|
144 |
}
|