githubFork/gitblit.git - Solinfo Gitblit

			@@ -17,8 +17,14 @@

			import java.text.MessageFormat;

			import javax.inject.Inject;
			import javax.inject.Singleton;

			import com.gitblit.Constants.AccessRestrictionType;
			import com.gitblit.Constants.AuthorizationControl;
			import com.gitblit.manager.IRepositoryManager;
			import com.gitblit.manager.IRuntimeManager;
			import com.gitblit.manager.ISessionManager;
			import com.gitblit.models.RepositoryModel;
			import com.gitblit.models.UserModel;
			import com.gitblit.utils.StringUtils;
			@@ -27,10 +33,11 @@
			* The GitFilter is an AccessRestrictionFilter which ensures that Git client
			* requests for push, clone, or view restricted repositories are authenticated
			* and authorized.
			*
			*
			* @author James Moger
			*
			*
			*/
			@Singleton
			public class GitFilter extends AccessRestrictionFilter {

			protected static final String gitReceivePack = "/git-receive-pack";
			@@ -40,9 +47,21 @@
			protected static final String[] suffixes = { gitReceivePack, gitUploadPack, "/info/refs", "/HEAD",
			"/objects" };

			private final IStoredSettings settings;

			@Inject
			public GitFilter(
			IRuntimeManager runtimeManager,
			ISessionManager sessionManager,
			IRepositoryManager repositoryManager) {

			super(runtimeManager, sessionManager, repositoryManager);
			this.settings = runtimeManager.getSettings();
			}

			/**
			* Extract the repository name from the url.
			*
			*
			* @param cloneUrl
			* @return repository name
			*/
			@@ -59,7 +78,7 @@

			/**
			* Extract the repository name from the url.
			*
			*
			* @param url
			* @return repository name
			*/
			@@ -71,7 +90,7 @@
			/**
			* Analyze the url and returns the action of the request. Return values are
			* either "/git-receive-pack" or "/git-upload-pack".
			*
			*
			* @param serverUrl
			* @return action of the request
			*/
			@@ -92,20 +111,20 @@
			}
			return null;
			}


			/**
			* Determine if a non-existing repository can be created using this filter.
			*
			*
			* @return true if the server allows repository creation on-push
			*/
			@Override
			protected boolean isCreationAllowed() {
			return GitBlit.getBoolean(Keys.git.allowCreateOnPush, true);
			return settings.getBoolean(Keys.git.allowCreateOnPush, true);
			}


			/**
			* Determine if the repository can receive pushes.
			*
			*
			* @param repository
			* @param action
			* @return true if the action may be performed
			@@ -119,12 +138,12 @@

			@Override
			protected boolean requiresClientCertificate() {
			return GitBlit.getBoolean(Keys.git.requiresClientCertificate, false);
			return settings.getBoolean(Keys.git.requiresClientCertificate, false);
			}

			/**
			* Determine if the repository requires authentication.
			*
			*
			* @param repository
			* @param action
			* @return true if authentication required
			@@ -133,7 +152,7 @@
			protected boolean requiresAuthentication(RepositoryModel repository, String action) {
			if (gitUploadPack.equals(action)) {
			// send to client
			return repository.accessRestriction.atLeast(AccessRestrictionType.CLONE);
			return repository.accessRestriction.atLeast(AccessRestrictionType.CLONE);
			} else if (gitReceivePack.equals(action)) {
			// receive from client
			return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH);
			@@ -144,7 +163,7 @@
			/**
			* Determine if the user can access the repository and perform the specified
			* action.
			*
			*
			* @param repository
			* @param user
			* @param action
			@@ -152,10 +171,10 @@
			*/
			@Override
			protected boolean canAccess(RepositoryModel repository, UserModel user, String action) {
			if (!GitBlit.getBoolean(Keys.git.enableGitServlet, true)) {
			if (!settings.getBoolean(Keys.git.enableGitServlet, true)) {
			// Git Servlet disabled
			return false;
			}
			}
			if (action.equals(gitReceivePack)) {
			// Push request
			if (user.canPush(repository)) {
			@@ -179,11 +198,11 @@
			}
			return true;
			}


			/**
			* An authenticated user with the CREATE role can create a repository on
			* push.
			*
			*
			* @param user
			* @param repository
			* @param action
			@@ -203,7 +222,7 @@
			if (repository.contains("/../")) {
			logger.error(MessageFormat.format("Illegal relative path in repository name! {0}", repository));
			return null;
			}
			}

			// confirm valid characters in repository name
			Character c = StringUtils.findInvalidCharacter(repository);
			@@ -223,15 +242,15 @@
			model.accessRestriction = AccessRestrictionType.VIEW;
			} else {
			// common repository, user default server settings
			model.authorizationControl = AuthorizationControl.fromName(GitBlit.getString(Keys.git.defaultAuthorizationControl, ""));
			model.accessRestriction = AccessRestrictionType.fromName(GitBlit.getString(Keys.git.defaultAccessRestriction, ""));
			model.authorizationControl = AuthorizationControl.fromName(settings.getString(Keys.git.defaultAuthorizationControl, ""));
			model.accessRestriction = AccessRestrictionType.fromName(settings.getString(Keys.git.defaultAccessRestriction, "PUSH"));
			}

			// create the repository
			try {
			GitBlit.self().updateRepositoryModel(model.name, model, true);
			repositoryManager.updateRepositoryModel(model.name, model, true);
			logger.info(MessageFormat.format("{0} created {1} ON-PUSH", user.username, model.name));
			return GitBlit.self().getRepositoryModel(model.name);
			return repositoryManager.getRepositoryModel(model.name);
			} catch (GitBlitException e) {
			logger.error(MessageFormat.format("{0} failed to create repository {1} ON-PUSH!", user.username, model.name), e);
			}
			@@ -239,7 +258,7 @@
			logger.warn(MessageFormat.format("{0} is not permitted to create repository {1} ON-PUSH!", user.username, repository));
			}
			}


			// repository could not be created or action was not a push
			return null;
			}