commit | author | age
|
269c50
|
1 |
/* |
JM |
2 |
* Copyright 2013 gitblit.com. |
|
3 |
* |
|
4 |
* Licensed under the Apache License, Version 2.0 (the "License"); |
|
5 |
* you may not use this file except in compliance with the License. |
|
6 |
* You may obtain a copy of the License at |
|
7 |
* |
|
8 |
* http://www.apache.org/licenses/LICENSE-2.0 |
|
9 |
* |
|
10 |
* Unless required by applicable law or agreed to in writing, software |
|
11 |
* distributed under the License is distributed on an "AS IS" BASIS, |
|
12 |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
13 |
* See the License for the specific language governing permissions and |
|
14 |
* limitations under the License. |
|
15 |
*/ |
|
16 |
package com.gitblit.manager; |
|
17 |
|
|
18 |
import java.io.File; |
|
19 |
import java.io.FileFilter; |
23e08c
|
20 |
import java.nio.charset.Charset; |
269c50
|
21 |
import java.text.MessageFormat; |
JM |
22 |
import java.util.ArrayList; |
|
23 |
import java.util.Collections; |
|
24 |
import java.util.HashMap; |
|
25 |
import java.util.List; |
|
26 |
import java.util.Map; |
|
27 |
import java.util.concurrent.ConcurrentHashMap; |
23e08c
|
28 |
|
JM |
29 |
import javax.servlet.http.HttpServletRequest; |
269c50
|
30 |
|
JM |
31 |
import org.slf4j.Logger; |
|
32 |
import org.slf4j.LoggerFactory; |
|
33 |
|
|
34 |
import com.gitblit.Constants; |
|
35 |
import com.gitblit.Constants.FederationRequest; |
|
36 |
import com.gitblit.Constants.FederationToken; |
|
37 |
import com.gitblit.IStoredSettings; |
|
38 |
import com.gitblit.Keys; |
|
39 |
import com.gitblit.models.FederationModel; |
|
40 |
import com.gitblit.models.FederationProposal; |
|
41 |
import com.gitblit.models.FederationSet; |
|
42 |
import com.gitblit.models.RepositoryModel; |
|
43 |
import com.gitblit.models.UserModel; |
23e08c
|
44 |
import com.gitblit.utils.Base64; |
269c50
|
45 |
import com.gitblit.utils.FederationUtils; |
JM |
46 |
import com.gitblit.utils.JsonUtils; |
|
47 |
import com.gitblit.utils.StringUtils; |
f9980e
|
48 |
import com.google.inject.Inject; |
JM |
49 |
import com.google.inject.Singleton; |
269c50
|
50 |
|
JM |
51 |
/** |
|
52 |
* Federation manager controls all aspects of handling federation sets, tokens, |
|
53 |
* and proposals. |
|
54 |
* |
|
55 |
* @author James Moger |
|
56 |
* |
|
57 |
*/ |
f9980e
|
58 |
@Singleton |
269c50
|
59 |
public class FederationManager implements IFederationManager { |
JM |
60 |
|
|
61 |
private final Logger logger = LoggerFactory.getLogger(getClass()); |
|
62 |
|
|
63 |
private final List<FederationModel> federationRegistrations = Collections |
|
64 |
.synchronizedList(new ArrayList<FederationModel>()); |
|
65 |
|
|
66 |
private final Map<String, FederationModel> federationPullResults = new ConcurrentHashMap<String, FederationModel>(); |
|
67 |
|
|
68 |
private final IStoredSettings settings; |
|
69 |
|
|
70 |
private final IRuntimeManager runtimeManager; |
|
71 |
|
|
72 |
private final INotificationManager notificationManager; |
|
73 |
|
|
74 |
private final IRepositoryManager repositoryManager; |
|
75 |
|
1b34b0
|
76 |
@Inject |
269c50
|
77 |
public FederationManager( |
JM |
78 |
IRuntimeManager runtimeManager, |
|
79 |
INotificationManager notificationManager, |
|
80 |
IRepositoryManager repositoryManager) { |
|
81 |
|
|
82 |
this.settings = runtimeManager.getSettings(); |
|
83 |
this.runtimeManager = runtimeManager; |
|
84 |
this.notificationManager = notificationManager; |
|
85 |
this.repositoryManager = repositoryManager; |
|
86 |
} |
|
87 |
|
|
88 |
@Override |
|
89 |
public FederationManager start() { |
|
90 |
return this; |
|
91 |
} |
|
92 |
|
|
93 |
@Override |
|
94 |
public FederationManager stop() { |
|
95 |
return this; |
|
96 |
} |
|
97 |
|
|
98 |
/** |
|
99 |
* Returns the path of the proposals folder. This method checks to see if |
|
100 |
* Gitblit is running on a cloud service and may return an adjusted path. |
|
101 |
* |
|
102 |
* @return the proposals folder path |
|
103 |
*/ |
|
104 |
@Override |
|
105 |
public File getProposalsFolder() { |
|
106 |
return runtimeManager.getFileOrFolder(Keys.federation.proposalsFolder, "${baseFolder}/proposals"); |
|
107 |
} |
|
108 |
|
|
109 |
@Override |
23e08c
|
110 |
public boolean canFederate() { |
JM |
111 |
String passphrase = settings.getString(Keys.federation.passphrase, ""); |
|
112 |
return !StringUtils.isEmpty(passphrase); |
|
113 |
} |
|
114 |
|
|
115 |
/** |
|
116 |
* Returns the federation user account. |
|
117 |
* |
|
118 |
* @return the federation user account |
|
119 |
*/ |
|
120 |
@Override |
269c50
|
121 |
public UserModel getFederationUser() { |
JM |
122 |
// the federation user is an administrator |
|
123 |
UserModel federationUser = new UserModel(Constants.FEDERATION_USER); |
|
124 |
federationUser.canAdmin = true; |
|
125 |
return federationUser; |
|
126 |
} |
|
127 |
|
|
128 |
@Override |
23e08c
|
129 |
public UserModel authenticate(HttpServletRequest httpRequest) { |
JM |
130 |
if (canFederate()) { |
|
131 |
// try to authenticate federation user for cloning |
|
132 |
final String authorization = httpRequest.getHeader("Authorization"); |
|
133 |
if (authorization != null && authorization.startsWith("Basic")) { |
|
134 |
// Authorization: Basic base64credentials |
|
135 |
String base64Credentials = authorization.substring("Basic".length()).trim(); |
|
136 |
String credentials = new String(Base64.decode(base64Credentials), |
|
137 |
Charset.forName("UTF-8")); |
|
138 |
// credentials = username:password |
|
139 |
final String[] values = credentials.split(":", 2); |
|
140 |
if (values.length == 2) { |
|
141 |
String username = StringUtils.decodeUsername(values[0]); |
|
142 |
String password = values[1]; |
|
143 |
if (username.equalsIgnoreCase(Constants.FEDERATION_USER)) { |
|
144 |
List<String> tokens = getFederationTokens(); |
|
145 |
if (tokens.contains(password)) { |
|
146 |
return getFederationUser(); |
|
147 |
} |
|
148 |
} |
|
149 |
} |
|
150 |
} |
|
151 |
} |
|
152 |
return null; |
269c50
|
153 |
} |
JM |
154 |
|
|
155 |
/** |
|
156 |
* Returns the list of federated gitblit instances that this instance will |
|
157 |
* try to pull. |
|
158 |
* |
|
159 |
* @return list of registered gitblit instances |
|
160 |
*/ |
|
161 |
@Override |
|
162 |
public List<FederationModel> getFederationRegistrations() { |
|
163 |
if (federationRegistrations.isEmpty()) { |
|
164 |
federationRegistrations.addAll(FederationUtils.getFederationRegistrations(settings)); |
|
165 |
} |
|
166 |
return federationRegistrations; |
|
167 |
} |
|
168 |
|
|
169 |
/** |
|
170 |
* Retrieve the specified federation registration. |
|
171 |
* |
|
172 |
* @param name |
|
173 |
* the name of the registration |
|
174 |
* @return a federation registration |
|
175 |
*/ |
|
176 |
@Override |
|
177 |
public FederationModel getFederationRegistration(String url, String name) { |
|
178 |
// check registrations |
|
179 |
for (FederationModel r : getFederationRegistrations()) { |
|
180 |
if (r.name.equals(name) && r.url.equals(url)) { |
|
181 |
return r; |
|
182 |
} |
|
183 |
} |
|
184 |
|
|
185 |
// check the results |
|
186 |
for (FederationModel r : getFederationResultRegistrations()) { |
|
187 |
if (r.name.equals(name) && r.url.equals(url)) { |
|
188 |
return r; |
|
189 |
} |
|
190 |
} |
|
191 |
return null; |
|
192 |
} |
|
193 |
|
|
194 |
/** |
|
195 |
* Returns the list of federation sets. |
|
196 |
* |
|
197 |
* @return list of federation sets |
|
198 |
*/ |
|
199 |
@Override |
|
200 |
public List<FederationSet> getFederationSets(String gitblitUrl) { |
|
201 |
List<FederationSet> list = new ArrayList<FederationSet>(); |
|
202 |
// generate standard tokens |
|
203 |
for (FederationToken type : FederationToken.values()) { |
|
204 |
FederationSet fset = new FederationSet(type.toString(), type, getFederationToken(type)); |
|
205 |
fset.repositories = getRepositories(gitblitUrl, fset.token); |
|
206 |
list.add(fset); |
|
207 |
} |
|
208 |
// generate tokens for federation sets |
|
209 |
for (String set : settings.getStrings(Keys.federation.sets)) { |
|
210 |
FederationSet fset = new FederationSet(set, FederationToken.REPOSITORIES, |
|
211 |
getFederationToken(set)); |
|
212 |
fset.repositories = getRepositories(gitblitUrl, fset.token); |
|
213 |
list.add(fset); |
|
214 |
} |
|
215 |
return list; |
|
216 |
} |
|
217 |
|
|
218 |
/** |
|
219 |
* Returns the list of possible federation tokens for this Gitblit instance. |
|
220 |
* |
|
221 |
* @return list of federation tokens |
|
222 |
*/ |
|
223 |
@Override |
|
224 |
public List<String> getFederationTokens() { |
|
225 |
List<String> tokens = new ArrayList<String>(); |
|
226 |
// generate standard tokens |
|
227 |
for (FederationToken type : FederationToken.values()) { |
|
228 |
tokens.add(getFederationToken(type)); |
|
229 |
} |
|
230 |
// generate tokens for federation sets |
|
231 |
for (String set : settings.getStrings(Keys.federation.sets)) { |
|
232 |
tokens.add(getFederationToken(set)); |
|
233 |
} |
|
234 |
return tokens; |
|
235 |
} |
|
236 |
|
|
237 |
/** |
|
238 |
* Returns the specified federation token for this Gitblit instance. |
|
239 |
* |
|
240 |
* @param type |
|
241 |
* @return a federation token |
|
242 |
*/ |
|
243 |
@Override |
|
244 |
public String getFederationToken(FederationToken type) { |
|
245 |
return getFederationToken(type.name()); |
|
246 |
} |
|
247 |
|
|
248 |
/** |
|
249 |
* Returns the specified federation token for this Gitblit instance. |
|
250 |
* |
|
251 |
* @param value |
|
252 |
* @return a federation token |
|
253 |
*/ |
|
254 |
@Override |
|
255 |
public String getFederationToken(String value) { |
|
256 |
String passphrase = settings.getString(Keys.federation.passphrase, ""); |
|
257 |
return StringUtils.getSHA1(passphrase + "-" + value); |
|
258 |
} |
|
259 |
|
|
260 |
/** |
|
261 |
* Compares the provided token with this Gitblit instance's tokens and |
|
262 |
* determines if the requested permission may be granted to the token. |
|
263 |
* |
|
264 |
* @param req |
|
265 |
* @param token |
|
266 |
* @return true if the request can be executed |
|
267 |
*/ |
|
268 |
@Override |
|
269 |
public boolean validateFederationRequest(FederationRequest req, String token) { |
|
270 |
String all = getFederationToken(FederationToken.ALL); |
|
271 |
String unr = getFederationToken(FederationToken.USERS_AND_REPOSITORIES); |
|
272 |
String jur = getFederationToken(FederationToken.REPOSITORIES); |
|
273 |
switch (req) { |
|
274 |
case PULL_REPOSITORIES: |
|
275 |
return token.equals(all) || token.equals(unr) || token.equals(jur); |
|
276 |
case PULL_USERS: |
|
277 |
case PULL_TEAMS: |
|
278 |
return token.equals(all) || token.equals(unr); |
|
279 |
case PULL_SETTINGS: |
|
280 |
case PULL_SCRIPTS: |
|
281 |
return token.equals(all); |
|
282 |
default: |
|
283 |
break; |
|
284 |
} |
|
285 |
return false; |
|
286 |
} |
|
287 |
|
|
288 |
/** |
|
289 |
* Acknowledge and cache the status of a remote Gitblit instance. |
|
290 |
* |
|
291 |
* @param identification |
|
292 |
* the identification of the pulling Gitblit instance |
|
293 |
* @param registration |
|
294 |
* the registration from the pulling Gitblit instance |
|
295 |
* @return true if acknowledged |
|
296 |
*/ |
|
297 |
@Override |
|
298 |
public boolean acknowledgeFederationStatus(String identification, FederationModel registration) { |
|
299 |
// reset the url to the identification of the pulling Gitblit instance |
|
300 |
registration.url = identification; |
|
301 |
String id = identification; |
|
302 |
if (!StringUtils.isEmpty(registration.folder)) { |
|
303 |
id += "-" + registration.folder; |
|
304 |
} |
|
305 |
federationPullResults.put(id, registration); |
|
306 |
return true; |
|
307 |
} |
|
308 |
|
|
309 |
/** |
|
310 |
* Returns the list of registration results. |
|
311 |
* |
|
312 |
* @return the list of registration results |
|
313 |
*/ |
|
314 |
@Override |
|
315 |
public List<FederationModel> getFederationResultRegistrations() { |
|
316 |
return new ArrayList<FederationModel>(federationPullResults.values()); |
|
317 |
} |
|
318 |
|
|
319 |
/** |
|
320 |
* Submit a federation proposal. The proposal is cached locally and the |
|
321 |
* Gitblit administrator(s) are notified via email. |
|
322 |
* |
|
323 |
* @param proposal |
|
324 |
* the proposal |
|
325 |
* @param gitblitUrl |
|
326 |
* the url of your gitblit instance to send an email to |
|
327 |
* administrators |
|
328 |
* @return true if the proposal was submitted |
|
329 |
*/ |
|
330 |
@Override |
|
331 |
public boolean submitFederationProposal(FederationProposal proposal, String gitblitUrl) { |
|
332 |
// convert proposal to json |
|
333 |
String json = JsonUtils.toJsonString(proposal); |
|
334 |
|
|
335 |
try { |
|
336 |
// make the proposals folder |
|
337 |
File proposalsFolder = getProposalsFolder(); |
|
338 |
proposalsFolder.mkdirs(); |
|
339 |
|
|
340 |
// cache json to a file |
|
341 |
File file = new File(proposalsFolder, proposal.token + Constants.PROPOSAL_EXT); |
|
342 |
com.gitblit.utils.FileUtils.writeContent(file, json); |
|
343 |
} catch (Exception e) { |
|
344 |
logger.error(MessageFormat.format("Failed to cache proposal from {0}", proposal.url), e); |
|
345 |
} |
|
346 |
|
|
347 |
// send an email, if possible |
|
348 |
notificationManager.sendMailToAdministrators("Federation proposal from " + proposal.url, |
|
349 |
"Please review the proposal @ " + gitblitUrl + "/proposal/" + proposal.token); |
|
350 |
return true; |
|
351 |
} |
|
352 |
|
|
353 |
/** |
|
354 |
* Returns the list of pending federation proposals |
|
355 |
* |
|
356 |
* @return list of federation proposals |
|
357 |
*/ |
|
358 |
@Override |
|
359 |
public List<FederationProposal> getPendingFederationProposals() { |
|
360 |
List<FederationProposal> list = new ArrayList<FederationProposal>(); |
|
361 |
File folder = getProposalsFolder(); |
|
362 |
if (folder.exists()) { |
|
363 |
File[] files = folder.listFiles(new FileFilter() { |
|
364 |
@Override |
|
365 |
public boolean accept(File file) { |
|
366 |
return file.isFile() |
|
367 |
&& file.getName().toLowerCase().endsWith(Constants.PROPOSAL_EXT); |
|
368 |
} |
|
369 |
}); |
|
370 |
for (File file : files) { |
|
371 |
String json = com.gitblit.utils.FileUtils.readContent(file, null); |
|
372 |
FederationProposal proposal = JsonUtils.fromJsonString(json, |
|
373 |
FederationProposal.class); |
|
374 |
list.add(proposal); |
|
375 |
} |
|
376 |
} |
|
377 |
return list; |
|
378 |
} |
|
379 |
|
|
380 |
/** |
|
381 |
* Get repositories for the specified token. |
|
382 |
* |
|
383 |
* @param gitblitUrl |
|
384 |
* the base url of this gitblit instance |
|
385 |
* @param token |
|
386 |
* the federation token |
|
387 |
* @return a map of <cloneurl, RepositoryModel> |
|
388 |
*/ |
|
389 |
@Override |
|
390 |
public Map<String, RepositoryModel> getRepositories(String gitblitUrl, String token) { |
|
391 |
Map<String, String> federationSets = new HashMap<String, String>(); |
|
392 |
for (String set : settings.getStrings(Keys.federation.sets)) { |
|
393 |
federationSets.put(getFederationToken(set), set); |
|
394 |
} |
|
395 |
|
|
396 |
// Determine the Gitblit clone url |
|
397 |
StringBuilder sb = new StringBuilder(); |
|
398 |
sb.append(gitblitUrl); |
c5069a
|
399 |
sb.append(Constants.R_PATH); |
269c50
|
400 |
sb.append("{0}"); |
JM |
401 |
String cloneUrl = sb.toString(); |
|
402 |
|
|
403 |
// Retrieve all available repositories |
|
404 |
UserModel user = getFederationUser(); |
|
405 |
List<RepositoryModel> list = repositoryManager.getRepositoryModels(user); |
|
406 |
|
|
407 |
// create the [cloneurl, repositoryModel] map |
|
408 |
Map<String, RepositoryModel> repositories = new HashMap<String, RepositoryModel>(); |
|
409 |
for (RepositoryModel model : list) { |
|
410 |
// by default, setup the url for THIS repository |
|
411 |
String url = MessageFormat.format(cloneUrl, model.name); |
|
412 |
switch (model.federationStrategy) { |
|
413 |
case EXCLUDE: |
|
414 |
// skip this repository |
|
415 |
continue; |
|
416 |
case FEDERATE_ORIGIN: |
|
417 |
// federate the origin, if it is defined |
|
418 |
if (!StringUtils.isEmpty(model.origin)) { |
|
419 |
url = model.origin; |
|
420 |
} |
|
421 |
break; |
|
422 |
default: |
|
423 |
break; |
|
424 |
} |
|
425 |
|
|
426 |
if (federationSets.containsKey(token)) { |
|
427 |
// include repositories only for federation set |
|
428 |
String set = federationSets.get(token); |
|
429 |
if (model.federationSets.contains(set)) { |
|
430 |
repositories.put(url, model); |
|
431 |
} |
|
432 |
} else { |
|
433 |
// standard federation token for ALL |
|
434 |
repositories.put(url, model); |
|
435 |
} |
|
436 |
} |
|
437 |
return repositories; |
|
438 |
} |
|
439 |
|
|
440 |
/** |
|
441 |
* Creates a proposal from the token. |
|
442 |
* |
|
443 |
* @param gitblitUrl |
|
444 |
* the url of this Gitblit instance |
|
445 |
* @param token |
|
446 |
* @return a potential proposal |
|
447 |
*/ |
|
448 |
@Override |
|
449 |
public FederationProposal createFederationProposal(String gitblitUrl, String token) { |
|
450 |
FederationToken tokenType = FederationToken.REPOSITORIES; |
|
451 |
for (FederationToken type : FederationToken.values()) { |
|
452 |
if (token.equals(getFederationToken(type))) { |
|
453 |
tokenType = type; |
|
454 |
break; |
|
455 |
} |
|
456 |
} |
|
457 |
Map<String, RepositoryModel> repositories = getRepositories(gitblitUrl, token); |
|
458 |
FederationProposal proposal = new FederationProposal(gitblitUrl, tokenType, token, |
|
459 |
repositories); |
|
460 |
return proposal; |
|
461 |
} |
|
462 |
|
|
463 |
/** |
|
464 |
* Returns the proposal identified by the supplied token. |
|
465 |
* |
|
466 |
* @param token |
|
467 |
* @return the specified proposal or null |
|
468 |
*/ |
|
469 |
@Override |
|
470 |
public FederationProposal getPendingFederationProposal(String token) { |
|
471 |
List<FederationProposal> list = getPendingFederationProposals(); |
|
472 |
for (FederationProposal proposal : list) { |
|
473 |
if (proposal.token.equals(token)) { |
|
474 |
return proposal; |
|
475 |
} |
|
476 |
} |
|
477 |
return null; |
|
478 |
} |
|
479 |
|
|
480 |
/** |
|
481 |
* Deletes a pending federation proposal. |
|
482 |
* |
|
483 |
* @param a |
|
484 |
* proposal |
|
485 |
* @return true if the proposal was deleted |
|
486 |
*/ |
|
487 |
@Override |
|
488 |
public boolean deletePendingFederationProposal(FederationProposal proposal) { |
|
489 |
File folder = getProposalsFolder(); |
|
490 |
File file = new File(folder, proposal.token + Constants.PROPOSAL_EXT); |
|
491 |
return file.delete(); |
|
492 |
} |
|
493 |
} |