/*
|
* Copyright 2011 gitblit.com.
|
*
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
* you may not use this file except in compliance with the License.
|
* You may obtain a copy of the License at
|
*
|
* http://www.apache.org/licenses/LICENSE-2.0
|
*
|
* Unless required by applicable law or agreed to in writing, software
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
* See the License for the specific language governing permissions and
|
* limitations under the License.
|
*/
|
package com.gitblit.servlet;
|
|
import java.text.MessageFormat;
|
|
import com.google.inject.Inject;
|
import com.google.inject.Singleton;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import com.gitblit.Constants.AccessRestrictionType;
|
import com.gitblit.Constants.AuthorizationControl;
|
import com.gitblit.GitBlitException;
|
import com.gitblit.IStoredSettings;
|
import com.gitblit.Keys;
|
import com.gitblit.manager.IAuthenticationManager;
|
import com.gitblit.manager.IFederationManager;
|
import com.gitblit.manager.IRepositoryManager;
|
import com.gitblit.manager.IRuntimeManager;
|
import com.gitblit.models.RepositoryModel;
|
import com.gitblit.models.UserModel;
|
import com.gitblit.utils.StringUtils;
|
|
/**
|
* The GitFilter is an AccessRestrictionFilter which ensures that Git client
|
* requests for push, clone, or view restricted repositories are authenticated
|
* and authorized.
|
*
|
* @author James Moger
|
*
|
*/
|
@Singleton
|
public class GitFilter extends AccessRestrictionFilter {
|
|
protected static final String gitReceivePack = "/git-receive-pack";
|
|
protected static final String gitUploadPack = "/git-upload-pack";
|
|
protected static final String gitLfs = "/info/lfs";
|
|
protected static final String[] suffixes = { gitReceivePack, gitUploadPack, "/info/refs", "/HEAD",
|
"/objects", gitLfs };
|
|
private IStoredSettings settings;
|
|
private IFederationManager federationManager;
|
|
@Inject
|
public GitFilter(
|
IStoredSettings settings,
|
IRuntimeManager runtimeManager,
|
IAuthenticationManager authenticationManager,
|
IRepositoryManager repositoryManager,
|
IFederationManager federationManager) {
|
|
super(runtimeManager, authenticationManager, repositoryManager);
|
|
this.settings = settings;
|
this.federationManager = federationManager;
|
}
|
|
/**
|
* Extract the repository name from the url.
|
*
|
* @param cloneUrl
|
* @return repository name
|
*/
|
public static String getRepositoryName(String value) {
|
String repository = value;
|
// get the repository name from the url by finding a known url suffix
|
for (String urlSuffix : suffixes) {
|
if (repository.indexOf(urlSuffix) > -1) {
|
repository = repository.substring(0, repository.indexOf(urlSuffix));
|
}
|
}
|
return repository;
|
}
|
|
/**
|
* Extract the repository name from the url.
|
*
|
* @param url
|
* @return repository name
|
*/
|
@Override
|
protected String extractRepositoryName(String url) {
|
return GitFilter.getRepositoryName(url);
|
}
|
|
/**
|
* Analyze the url and returns the action of the request. Return values are
|
* either "/git-receive-pack" or "/git-upload-pack".
|
*
|
* @param serverUrl
|
* @return action of the request
|
*/
|
@Override
|
protected String getUrlRequestAction(String suffix) {
|
if (!StringUtils.isEmpty(suffix)) {
|
if (suffix.startsWith(gitReceivePack)) {
|
return gitReceivePack;
|
} else if (suffix.startsWith(gitUploadPack)) {
|
return gitUploadPack;
|
} else if (suffix.contains("?service=git-receive-pack")) {
|
return gitReceivePack;
|
} else if (suffix.contains("?service=git-upload-pack")) {
|
return gitUploadPack;
|
} else if (suffix.startsWith(gitLfs)) {
|
return gitLfs;
|
} else {
|
return gitUploadPack;
|
}
|
}
|
return null;
|
}
|
|
/**
|
* Returns the user making the request, if the user has authenticated.
|
*
|
* @param httpRequest
|
* @return user
|
*/
|
@Override
|
protected UserModel getUser(HttpServletRequest httpRequest) {
|
UserModel user = authenticationManager.authenticate(httpRequest, requiresClientCertificate());
|
if (user == null) {
|
user = federationManager.authenticate(httpRequest);
|
}
|
return user;
|
}
|
|
/**
|
* Determine if a non-existing repository can be created using this filter.
|
*
|
* @return true if the server allows repository creation on-push
|
*/
|
@Override
|
protected boolean isCreationAllowed(String action) {
|
|
//Repository must already exist before large files can be deposited
|
if (action.equals(gitLfs)) {
|
return false;
|
}
|
|
return settings.getBoolean(Keys.git.allowCreateOnPush, true);
|
}
|
|
/**
|
* Determine if the repository can receive pushes.
|
*
|
* @param repository
|
* @param action
|
* @return true if the action may be performed
|
*/
|
@Override
|
protected boolean isActionAllowed(RepositoryModel repository, String action, String method) {
|
// the log here has been moved into ReceiveHook to provide clients with
|
// error messages
|
if (gitLfs.equals(action)) {
|
if (!method.matches("GET|POST|PUT|HEAD")) {
|
return false;
|
}
|
}
|
|
return true;
|
}
|
|
@Override
|
protected boolean requiresClientCertificate() {
|
return settings.getBoolean(Keys.git.requiresClientCertificate, false);
|
}
|
|
/**
|
* Determine if the repository requires authentication.
|
*
|
* @param repository
|
* @param action
|
* @param method
|
* @return true if authentication required
|
*/
|
@Override
|
protected boolean requiresAuthentication(RepositoryModel repository, String action, String method) {
|
if (gitUploadPack.equals(action)) {
|
// send to client
|
return repository.accessRestriction.atLeast(AccessRestrictionType.CLONE);
|
} else if (gitReceivePack.equals(action)) {
|
// receive from client
|
return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH);
|
} else if (gitLfs.equals(action)) {
|
|
if (method.matches("GET|HEAD")) {
|
return repository.accessRestriction.atLeast(AccessRestrictionType.CLONE);
|
} else {
|
//NOTE: Treat POST as PUT as as without reading message type cannot determine
|
return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH);
|
}
|
}
|
return false;
|
}
|
|
/**
|
* Determine if the user can access the repository and perform the specified
|
* action.
|
*
|
* @param repository
|
* @param user
|
* @param action
|
* @return true if user may execute the action on the repository
|
*/
|
@Override
|
protected boolean canAccess(RepositoryModel repository, UserModel user, String action) {
|
if (!settings.getBoolean(Keys.git.enableGitServlet, true)) {
|
// Git Servlet disabled
|
return false;
|
}
|
if (action.equals(gitReceivePack)) {
|
// push permissions are enforced in the receive pack
|
return true;
|
} else if (action.equals(gitUploadPack)) {
|
// Clone request
|
if (user.canClone(repository)) {
|
return true;
|
} else {
|
// user is unauthorized to clone this repository
|
logger.warn(MessageFormat.format("user {0} is not authorized to clone {1}",
|
user.username, repository));
|
return false;
|
}
|
}
|
return true;
|
}
|
|
/**
|
* An authenticated user with the CREATE role can create a repository on
|
* push.
|
*
|
* @param user
|
* @param repository
|
* @param action
|
* @return the repository model, if it is created, null otherwise
|
*/
|
@Override
|
protected RepositoryModel createRepository(UserModel user, String repository, String action) {
|
boolean isPush = !StringUtils.isEmpty(action) && gitReceivePack.equals(action);
|
|
if (action.equals(gitLfs)) {
|
//Repository must already exist for any filestore actions
|
return null;
|
}
|
|
if (isPush) {
|
if (user.canCreate(repository)) {
|
// user is pushing to a new repository
|
// validate name
|
if (repository.startsWith("../")) {
|
logger.error(MessageFormat.format("Illegal relative path in repository name! {0}", repository));
|
return null;
|
}
|
if (repository.contains("/../")) {
|
logger.error(MessageFormat.format("Illegal relative path in repository name! {0}", repository));
|
return null;
|
}
|
|
// confirm valid characters in repository name
|
Character c = StringUtils.findInvalidCharacter(repository);
|
if (c != null) {
|
logger.error(MessageFormat.format("Invalid character '{0}' in repository name {1}!", c, repository));
|
return null;
|
}
|
|
// create repository
|
RepositoryModel model = new RepositoryModel();
|
model.name = repository;
|
model.addOwner(user.username);
|
model.projectPath = StringUtils.getFirstPathElement(repository);
|
if (model.isUsersPersonalRepository(user.username)) {
|
// personal repository, default to private for user
|
model.authorizationControl = AuthorizationControl.NAMED;
|
model.accessRestriction = AccessRestrictionType.VIEW;
|
} else {
|
// common repository, user default server settings
|
model.authorizationControl = AuthorizationControl.fromName(settings.getString(Keys.git.defaultAuthorizationControl, ""));
|
model.accessRestriction = AccessRestrictionType.fromName(settings.getString(Keys.git.defaultAccessRestriction, "PUSH"));
|
}
|
|
// create the repository
|
try {
|
repositoryManager.updateRepositoryModel(model.name, model, true);
|
logger.info(MessageFormat.format("{0} created {1} ON-PUSH", user.username, model.name));
|
return repositoryManager.getRepositoryModel(model.name);
|
} catch (GitBlitException e) {
|
logger.error(MessageFormat.format("{0} failed to create repository {1} ON-PUSH!", user.username, model.name), e);
|
}
|
} else {
|
logger.warn(MessageFormat.format("{0} is not permitted to create repository {1} ON-PUSH!", user.username, repository));
|
}
|
}
|
|
// repository could not be created or action was not a push
|
return null;
|
}
|
|
/**
|
* Git lfs action uses an alternative authentication header,
|
*
|
* @param action
|
* @return
|
*/
|
@Override
|
protected String getAuthenticationHeader(String action) {
|
|
if (action.equals(gitLfs)) {
|
return "LFS-Authenticate";
|
}
|
|
return super.getAuthenticationHeader(action);
|
}
|
|
/**
|
* Interrogates the request headers based on the action
|
* @param action
|
* @param request
|
* @return
|
*/
|
@Override
|
protected boolean hasValidRequestHeader(String action,
|
HttpServletRequest request) {
|
|
if (action.equals(gitLfs) && request.getMethod().equals("POST")) {
|
if ( !hasContentInRequestHeader(request, "Accept", FilestoreServlet.GIT_LFS_META_MIME)
|
|| !hasContentInRequestHeader(request, "Content-Type", FilestoreServlet.GIT_LFS_META_MIME)) {
|
return false;
|
}
|
}
|
|
return super.hasValidRequestHeader(action, request);
|
}
|
}
|
