githubFork/gitblit.git - Solinfo Gitblit

			@@ -18,10 +18,15 @@
			import java.io.BufferedReader;
			import java.io.File;
			import java.io.FileFilter;
			import java.io.FileInputStream;
			import java.io.FileNotFoundException;
			import java.io.FileOutputStream;
			import java.io.IOException;
			import java.io.InputStream;
			import java.io.InputStreamReader;
			import java.io.OutputStream;
			import java.lang.reflect.Field;
			import java.lang.reflect.Type;
			import java.net.URI;
			import java.net.URISyntaxException;
			import java.nio.charset.Charset;
			@@ -71,7 +76,6 @@
			import org.eclipse.jgit.lib.RepositoryCache.FileKey;
			import org.eclipse.jgit.lib.StoredConfig;
			import org.eclipse.jgit.storage.file.FileBasedConfig;
			import org.eclipse.jgit.storage.file.WindowCache;
			import org.eclipse.jgit.storage.file.WindowCacheConfig;
			import org.eclipse.jgit.util.FS;
			import org.eclipse.jgit.util.FileUtils;
			@@ -90,14 +94,17 @@
			import com.gitblit.fanout.FanoutNioService;
			import com.gitblit.fanout.FanoutService;
			import com.gitblit.fanout.FanoutSocketService;
			import com.gitblit.git.GitDaemon;
			import com.gitblit.models.FederationModel;
			import com.gitblit.models.FederationProposal;
			import com.gitblit.models.FederationSet;
			import com.gitblit.models.ForkModel;
			import com.gitblit.models.GitClientApplication;
			import com.gitblit.models.Metric;
			import com.gitblit.models.ProjectModel;
			import com.gitblit.models.RegistrantAccessPermission;
			import com.gitblit.models.RepositoryModel;
			import com.gitblit.models.RepositoryUrl;
			import com.gitblit.models.SearchResult;
			import com.gitblit.models.ServerSettings;
			import com.gitblit.models.ServerStatus;
			@@ -120,6 +127,11 @@
			import com.gitblit.utils.X509Utils.X509Metadata;
			import com.gitblit.wicket.GitBlitWebSession;
			import com.gitblit.wicket.WicketUtils;
			import com.google.gson.Gson;
			import com.google.gson.GsonBuilder;
			import com.google.gson.JsonIOException;
			import com.google.gson.JsonSyntaxException;
			import com.google.gson.reflect.TypeToken;

			/**
			* GitBlit is the servlet context listener singleton that acts as the core for
			@@ -147,6 +159,8 @@

			private final List<FederationModel> federationRegistrations = Collections
			.synchronizedList(new ArrayList<FederationModel>());

			private final ObjectCache<Collection<GitClientApplication>> clientApplications = new ObjectCache<Collection<GitClientApplication>>();

			private final Map<String, FederationModel> federationPullResults = new ConcurrentHashMap<String, FederationModel>();

			@@ -189,6 +203,8 @@
			private FileBasedConfig projectConfigs;

			private FanoutService fanoutService;

			private GitDaemon gitDaemon;

			public GitBlit() {
			if (gitblit == null) {
			@@ -448,21 +464,166 @@
			serverStatus.heapFree = Runtime.getRuntime().freeMemory();
			return serverStatus;
			}

			/**
			* Returns a list of repository URLs and the user access permission.
			*
			* @param request
			* @param user
			* @param repository
			* @return a list of repository urls
			*/
			public List<RepositoryUrl> getRepositoryUrls(HttpServletRequest request, UserModel user, RepositoryModel repository) {
			if (user == null) {
			user = UserModel.ANONYMOUS;
			}
			String username = UserModel.ANONYMOUS.equals(user) ? "" : user.username;

			List<RepositoryUrl> list = new ArrayList<RepositoryUrl>();
			// http/https url
			if (settings.getBoolean(Keys.git.enableGitServlet, true)) {
			AccessPermission permission = user.getRepositoryPermission(repository).permission;
			if (permission.exceeds(AccessPermission.NONE)) {
			list.add(new RepositoryUrl(getRepositoryUrl(request, username, repository), permission));
			}
			}

			// git daemon url
			String gitDaemonUrl = getGitDaemonUrl(request, user, repository);
			if (!StringUtils.isEmpty(gitDaemonUrl)) {
			AccessPermission permission = getGitDaemonAccessPermission(user, repository);
			if (permission.exceeds(AccessPermission.NONE)) {
			list.add(new RepositoryUrl(gitDaemonUrl, permission));
			}
			}

			// add all other urls
			// {0} = repository
			// {1} = username
			for (String url : settings.getStrings(Keys.web.otherUrls)) {
			if (url.contains("{1}")) {
			// external url requires username, only add url IF we have one
			if(!StringUtils.isEmpty(username)) {
			list.add(new RepositoryUrl(MessageFormat.format(url, repository.name, username), null));
			}
			} else {
			// external url does not require username
			list.add(new RepositoryUrl(MessageFormat.format(url, repository.name), null));
			}
			}
			return list;
			}

			protected String getRepositoryUrl(HttpServletRequest request, String username, RepositoryModel repository) {
			StringBuilder sb = new StringBuilder();
			sb.append(HttpUtils.getGitblitURL(request));
			sb.append(Constants.GIT_PATH);
			sb.append(repository.name);

			// inject username into repository url if authentication is required
			if (repository.accessRestriction.exceeds(AccessRestrictionType.NONE)
			&& !StringUtils.isEmpty(username)) {
			sb.insert(sb.indexOf("://") + 3, username + "@");
			}
			return sb.toString();
			}

			protected String getGitDaemonUrl(HttpServletRequest request, UserModel user, RepositoryModel repository) {
			if (gitDaemon != null) {
			String bindInterface = settings.getString(Keys.git.daemonBindInterface, "localhost");
			if (bindInterface.equals("localhost")
			&& (!request.getServerName().equals("localhost") && !request.getServerName().equals("127.0.0.1"))) {
			// git daemon is bound to localhost and the request is from elsewhere
			return null;
			}
			if (user.canClone(repository)) {
			String servername = request.getServerName();
			String url = gitDaemon.formatUrl(servername, repository.name);
			return url;
			}
			}
			return null;
			}

			protected AccessPermission getGitDaemonAccessPermission(UserModel user, RepositoryModel repository) {
			if (gitDaemon != null && user.canClone(repository)) {
			AccessPermission gitDaemonPermission = user.getRepositoryPermission(repository).permission;
			if (gitDaemonPermission.atLeast(AccessPermission.CLONE)) {
			if (repository.accessRestriction.atLeast(AccessRestrictionType.CLONE)) {
			// can not authenticate clone via anonymous git protocol
			gitDaemonPermission = AccessPermission.NONE;
			} else if (repository.accessRestriction.atLeast(AccessRestrictionType.PUSH)) {
			// can not authenticate push via anonymous git protocol
			gitDaemonPermission = AccessPermission.CLONE;
			} else {
			// normal user permission
			}
			}
			return gitDaemonPermission;
			}
			return AccessPermission.NONE;
			}

			/**
			* Returns the list of non-Gitblit clone urls. This allows Gitblit to
			* advertise alternative urls for Git client repository access.
			* Returns the list of custom client applications to be used for the
			* repository url panel;
			*
			* @param repositoryName
			* @param userName
			* @return list of non-gitblit clone urls
			* @return a collection of client applications
			*/
			public List<String> getOtherCloneUrls(String repositoryName, String username) {
			List<String> cloneUrls = new ArrayList<String>();
			for (String url : settings.getStrings(Keys.web.otherUrls)) {
			cloneUrls.add(MessageFormat.format(url, repositoryName, username));
			public Collection<GitClientApplication> getClientApplications() {
			// prefer user definitions, if they exist
			File userDefs = new File(baseFolder, "clientapps.json");
			if (userDefs.exists()) {
			Date lastModified = new Date(userDefs.lastModified());
			if (clientApplications.hasCurrent("user", lastModified)) {
			return clientApplications.getObject("user");
			} else {
			// (re)load user definitions
			try {
			InputStream is = new FileInputStream(userDefs);
			Collection<GitClientApplication> clients = readClientApplications(is);
			is.close();
			if (clients != null) {
			clientApplications.updateObject("user", lastModified, clients);
			return clients;
			}
			} catch (IOException e) {
			logger.error("Failed to deserialize " + userDefs.getAbsolutePath(), e);
			}
			}
			}
			return cloneUrls;

			// no user definitions, use system definitions
			if (!clientApplications.hasCurrent("system", new Date(0))) {
			try {
			InputStream is = getClass().getResourceAsStream("/clientapps.json");
			Collection<GitClientApplication> clients = readClientApplications(is);
			is.close();
			if (clients != null) {
			clientApplications.updateObject("system", new Date(0), clients);
			}
			} catch (IOException e) {
			logger.error("Failed to deserialize clientapps.json resource!", e);
			}
			}

			return clientApplications.getObject("system");
			}

			private Collection<GitClientApplication> readClientApplications(InputStream is) {
			try {
			Type type = new TypeToken<Collection<GitClientApplication>>() {
			}.getType();
			InputStreamReader reader = new InputStreamReader(is);
			Gson gson = new GsonBuilder().create();
			Collection<GitClientApplication> links = gson.fromJson(reader, type);
			return links;
			} catch (JsonIOException e) {
			logger.error("Error deserializing client applications!", e);
			} catch (JsonSyntaxException e) {
			logger.error("Error deserializing client applications!", e);
			}
			return null;
			}

			/**
			@@ -633,15 +794,18 @@
			// try to authenticate by servlet container principal
			Principal principal = httpRequest.getUserPrincipal();
			if (principal != null) {
			UserModel user = getUserModel(principal.getName());
			if (user != null) {
			flagWicketSession(AuthenticationType.CONTAINER);
			logger.debug(MessageFormat.format("{0} authenticated by servlet container principal from {1}",
			user.username, httpRequest.getRemoteAddr()));
			return user;
			} else {
			logger.warn(MessageFormat.format("Failed to find UserModel for {0}, attempted servlet container authentication from {1}",
			principal.getName(), httpRequest.getRemoteAddr()));
			String username = principal.getName();
			if (StringUtils.isEmpty(username)) {
			UserModel user = getUserModel(username);
			if (user != null) {
			flagWicketSession(AuthenticationType.CONTAINER);
			logger.debug(MessageFormat.format("{0} authenticated by servlet container principal from {1}",
			user.username, httpRequest.getRemoteAddr()));
			return user;
			} else {
			logger.warn(MessageFormat.format("Failed to find UserModel for {0}, attempted servlet container authentication from {1}",
			principal.getName(), httpRequest.getRemoteAddr()));
			}
			}
			}

			@@ -1289,7 +1453,15 @@
			for (String repo : list) {
			RepositoryModel model = getRepositoryModel(user, repo);
			if (model != null) {
			repositories.add(model);
			if (!model.hasCommits) {
			// only add empty repositories that user can push to
			if (UserModel.ANONYMOUS.canPush(model)
			\|\| user != null && user.canPush(model)) {
			repositories.add(model);
			}
			} else {
			repositories.add(model);
			}
			}
			}
			if (getBoolean(Keys.web.showRepositorySizes, true)) {
			@@ -1376,7 +1548,7 @@
			FileBasedConfig config = (FileBasedConfig) getRepositoryConfig(r);
			if (config.isOutdated()) {
			// reload model
			logger.info(MessageFormat.format("Config for \"{0}\" has changed. Reloading model and updating cache.", repositoryName));
			logger.debug(MessageFormat.format("Config for \"{0}\" has changed. Reloading model and updating cache.", repositoryName));
			model = loadRepositoryModel(model.name);
			removeFromCachedRepositoryList(model.name);
			addToCachedRepositoryList(model);
			@@ -1676,7 +1848,8 @@
			model.addOwners(ArrayUtils.fromString(getConfig(config, "owner", "")));
			model.useTickets = getConfig(config, "useTickets", false);
			model.useDocs = getConfig(config, "useDocs", false);
			model.useIncrementalRevisionNumbers = getConfig(config, "useIncrementalRevisionNumbers", false);
			model.useIncrementalPushTags = getConfig(config, "useIncrementalPushTags", false);
			model.incrementalPushTagPrefix = getConfig(config, "incrementalPushTagPrefix", null);
			model.allowForks = getConfig(config, "allowForks", true);
			model.accessRestriction = AccessRestrictionType.fromName(getConfig(config,
			"accessRestriction", settings.getString(Keys.git.defaultAccessRestriction, null)));
			@@ -2198,7 +2371,13 @@
			config.setString(Constants.CONFIG_GITBLIT, null, "owner", ArrayUtils.toString(repository.owners));
			config.setBoolean(Constants.CONFIG_GITBLIT, null, "useTickets", repository.useTickets);
			config.setBoolean(Constants.CONFIG_GITBLIT, null, "useDocs", repository.useDocs);
			config.setBoolean(Constants.CONFIG_GITBLIT, null, "useIncrementalRevisionNumbers", repository.useIncrementalRevisionNumbers);
			config.setBoolean(Constants.CONFIG_GITBLIT, null, "useIncrementalPushTags", repository.useIncrementalPushTags);
			if (StringUtils.isEmpty(repository.incrementalPushTagPrefix) \|\|
			repository.incrementalPushTagPrefix.equals(settings.getString(Keys.git.defaultIncrementalPushTagPrefix, "r"))) {
			config.unset(Constants.CONFIG_GITBLIT, null, "incrementalPushTagPrefix");
			} else {
			config.setString(Constants.CONFIG_GITBLIT, null, "incrementalPushTagPrefix", repository.incrementalPushTagPrefix);
			}
			config.setBoolean(Constants.CONFIG_GITBLIT, null, "allowForks", repository.allowForks);
			config.setString(Constants.CONFIG_GITBLIT, null, "accessRestriction", repository.accessRestriction.name());
			config.setString(Constants.CONFIG_GITBLIT, null, "authorizationControl", repository.authorizationControl.name());
			@@ -2990,11 +3169,10 @@
			* Parse the properties file and aggregate all the comments by the setting
			* key. A setting model tracks the current value, the default value, the
			* description of the setting and and directives about the setting.
			* @param referencePropertiesInputStream
			*
			* @return Map<String, SettingModel>
			*/
			private ServerSettings loadSettingModels(InputStream referencePropertiesInputStream) {
			private ServerSettings loadSettingModels() {
			ServerSettings settingsModel = new ServerSettings();
			settingsModel.supportsCredentialChanges = userService.supportsCredentialChanges();
			settingsModel.supportsDisplayNameChanges = userService.supportsDisplayNameChanges();
			@@ -3004,7 +3182,7 @@
			// Read bundled Gitblit properties to extract setting descriptions.
			// This copy is pristine and only used for populating the setting
			// models map.
			InputStream is = referencePropertiesInputStream;
			InputStream is = getClass().getResourceAsStream("/reference.properties");
			BufferedReader propertiesReader = new BufferedReader(new InputStreamReader(is));
			StringBuilder description = new StringBuilder();
			SettingModel setting = new SettingModel();
			@@ -3109,18 +3287,34 @@
			projectConfigs = new FileBasedConfig(getFileOrFolder(Keys.web.projectsFile, "${baseFolder}/projects.conf"), FS.detect());
			getProjectConfigs();

			// schedule mail engine
			configureMailExecutor();
			configureLuceneIndexing();
			configureGarbageCollector();
			if (startFederation) {
			configureFederation();
			}
			configureJGit();
			configureFanout();
			configureGitDaemon();

			ContainerUtils.CVE_2007_0450.test();
			}

			protected void configureMailExecutor() {
			if (mailExecutor.isReady()) {
			logger.info("Mail executor is scheduled to process the message queue every 2 minutes.");
			scheduledExecutor.scheduleAtFixedRate(mailExecutor, 1, 2, TimeUnit.MINUTES);
			} else {
			logger.warn("Mail server is not properly configured. Mail services disabled.");
			}

			// schedule lucene engine
			enableLuceneIndexing();


			}

			protected void configureLuceneIndexing() {
			scheduledExecutor.scheduleAtFixedRate(luceneExecutor, 1, 2, TimeUnit.MINUTES);
			logger.info("Lucene executor is scheduled to process indexed branches every 2 minutes.");
			}

			protected void configureGarbageCollector() {
			// schedule gc engine
			if (gcExecutor.isReady()) {
			logger.info("GC executor is scheduled to scan repositories every 24 hours.");
			@@ -3144,23 +3338,21 @@
			logger.info(MessageFormat.format("Next scheculed GC scan is in {0}", when));
			scheduledExecutor.scheduleAtFixedRate(gcExecutor, delay, 60*24, TimeUnit.MINUTES);
			}

			if (startFederation) {
			configureFederation();
			}

			}

			protected void configureJGit() {
			// Configure JGit
			WindowCacheConfig cfg = new WindowCacheConfig();


			cfg.setPackedGitWindowSize(settings.getFilesize(Keys.git.packedGitWindowSize, cfg.getPackedGitWindowSize()));
			cfg.setPackedGitLimit(settings.getFilesize(Keys.git.packedGitLimit, cfg.getPackedGitLimit()));
			cfg.setDeltaBaseCacheLimit(settings.getFilesize(Keys.git.deltaBaseCacheLimit, cfg.getDeltaBaseCacheLimit()));
			cfg.setPackedGitOpenFiles(settings.getFilesize(Keys.git.packedGitOpenFiles, cfg.getPackedGitOpenFiles()));
			cfg.setStreamFileThreshold(settings.getFilesize(Keys.git.streamFileThreshold, cfg.getStreamFileThreshold()));
			cfg.setPackedGitMMAP(settings.getBoolean(Keys.git.packedGitMmap, cfg.isPackedGitMMAP()));


			try {
			WindowCache.reconfigure(cfg);
			cfg.install();
			logger.debug(MessageFormat.format("{0} = {1,number,0}", Keys.git.packedGitWindowSize, cfg.getPackedGitWindowSize()));
			logger.debug(MessageFormat.format("{0} = {1,number,0}", Keys.git.packedGitLimit, cfg.getPackedGitLimit()));
			logger.debug(MessageFormat.format("{0} = {1,number,0}", Keys.git.deltaBaseCacheLimit, cfg.getDeltaBaseCacheLimit()));
			@@ -3170,16 +3362,16 @@
			} catch (IllegalArgumentException e) {
			logger.error("Failed to configure JGit parameters!", e);
			}

			ContainerUtils.CVE_2007_0450.test();

			}

			protected void configureFanout() {
			// startup Fanout PubSub service
			if (settings.getInteger(Keys.fanout.port, 0) > 0) {
			String bindInterface = settings.getString(Keys.fanout.bindInterface, null);
			int port = settings.getInteger(Keys.fanout.port, FanoutService.DEFAULT_PORT);
			boolean useNio = settings.getBoolean(Keys.fanout.useNio, true);
			int limit = settings.getInteger(Keys.fanout.connectionLimit, 0);


			if (useNio) {
			if (StringUtils.isEmpty(bindInterface)) {
			fanoutService = new FanoutNioService(port);
			@@ -3193,16 +3385,25 @@
			fanoutService = new FanoutSocketService(bindInterface, port);
			}
			}


			fanoutService.setConcurrentConnectionLimit(limit);
			fanoutService.setAllowAllChannelAnnouncements(false);
			fanoutService.start();
			}
			}

			protected void enableLuceneIndexing() {
			scheduledExecutor.scheduleAtFixedRate(luceneExecutor, 1, 2, TimeUnit.MINUTES);
			logger.info("Lucene executor is scheduled to process indexed branches every 2 minutes.");
			protected void configureGitDaemon() {
			int port = settings.getInteger(Keys.git.daemonPort, 0);
			String bindInterface = settings.getString(Keys.git.daemonBindInterface, "localhost");
			if (port > 0) {
			try {
			gitDaemon = new GitDaemon(bindInterface, port, getRepositoriesFolder());
			gitDaemon.start();
			} catch (IOException e) {
			gitDaemon = null;
			logger.error(MessageFormat.format("Failed to start Git daemon on {0}:{1,number,0}", bindInterface, port), e);
			}
			}
			}

			protected final Logger getLogger() {
			@@ -3232,16 +3433,13 @@
			*/
			@Override
			public void contextInitialized(ServletContextEvent contextEvent) {
			contextInitialized(contextEvent, contextEvent.getServletContext().getResourceAsStream("/WEB-INF/reference.properties"));
			}

			public void contextInitialized(ServletContextEvent contextEvent, InputStream referencePropertiesInputStream) {
			servletContext = contextEvent.getServletContext();
			if (settings == null) {
			// Gitblit is running in a servlet container
			ServletContext context = contextEvent.getServletContext();
			WebXmlSettings webxmlSettings = new WebXmlSettings(context);
			File contextFolder = new File(context.getRealPath("/"));
			String contextRealPath = context.getRealPath("/");
			File contextFolder = (contextRealPath != null) ? new File(contextRealPath) : null;
			String openShift = System.getenv("OPENSHIFT_DATA_DIR");

			if (!StringUtils.isEmpty(openShift)) {
			@@ -3273,35 +3471,84 @@
			configureContext(webxmlSettings, base, true);
			} else {
			// Gitblit is running in a standard servlet container
			logger.info("WAR contextFolder is " + contextFolder.getAbsolutePath());
			logger.info("WAR contextFolder is " + ((contextFolder != null) ? contextFolder.getAbsolutePath() : "<empty>"));

			String path = webxmlSettings.getString(Constants.baseFolder, Constants.contextFolder$ + "/WEB-INF/data");
			File base = com.gitblit.utils.FileUtils.resolveParameter(Constants.contextFolder$, contextFolder, path);
			base.mkdirs();

			// try to copy the data folder contents to the baseFolder
			File localSettings = new File(base, "gitblit.properties");
			if (!localSettings.exists()) {
			File contextData = new File(contextFolder, "/WEB-INF/data");
			if (!base.equals(contextData)) {
			try {
			com.gitblit.utils.FileUtils.copy(base, contextData.listFiles());
			} catch (IOException e) {
			logger.error(MessageFormat.format(
			"Failed to copy included data from {0} to {1}",
			contextData, base));
			}
			}
			if (path.contains(Constants.contextFolder$) && contextFolder == null) {
			// warn about null contextFolder (issue-199)
			logger.error("");
			logger.error(MessageFormat.format("\"{0}\" depends on \"{1}\" but \"{2}\" is returning NULL for \"{1}\"!",
			Constants.baseFolder, Constants.contextFolder$, context.getServerInfo()));
			logger.error(MessageFormat.format("Please specify a non-parameterized path for <context-param> {0} in web.xml!!", Constants.baseFolder));
			logger.error(MessageFormat.format("OR configure your servlet container to specify a \"{0}\" parameter in the context configuration!!", Constants.baseFolder));
			logger.error("");
			}

			File base = com.gitblit.utils.FileUtils.resolveParameter(Constants.contextFolder$, contextFolder, path);
			base.mkdirs();

			// try to extract the data folder resource to the baseFolder
			File localSettings = new File(base, "gitblit.properties");
			if (!localSettings.exists()) {
			extractResources(context, "/WEB-INF/data/", base);
			}

			// delegate all config to baseFolder/gitblit.properties file
			FileSettings settings = new FileSettings(localSettings.getAbsolutePath());
			configureContext(settings, base, true);
			}
			}

			settingsModel = loadSettingModels(referencePropertiesInputStream);
			settingsModel = loadSettingModels();
			serverStatus.servletContainer = servletContext.getServerInfo();
			}

			protected void extractResources(ServletContext context, String path, File toDir) {
			for (String resource : context.getResourcePaths(path)) {
			// extract the resource to the directory if it does not exist
			File f = new File(toDir, resource.substring(path.length()));
			if (!f.exists()) {
			InputStream is = null;
			OutputStream os = null;
			try {
			if (resource.charAt(resource.length() - 1) == '/') {
			// directory
			f.mkdirs();
			extractResources(context, resource, f);
			} else {
			// file
			f.getParentFile().mkdirs();
			is = context.getResourceAsStream(resource);
			os = new FileOutputStream(f);
			byte [] buffer = new byte[4096];
			int len = 0;
			while ((len = is.read(buffer)) > -1) {
			os.write(buffer, 0, len);
			}
			}
			} catch (FileNotFoundException e) {
			logger.error("Failed to find resource \"" + resource + "\"", e);
			} catch (IOException e) {
			logger.error("Failed to copy resource \"" + resource + "\" to " + f, e);
			} finally {
			if (is != null) {
			try {
			is.close();
			} catch (IOException e) {
			// ignore
			}
			}
			if (os != null) {
			try {
			os.close();
			} catch (IOException e) {
			// ignore
			}
			}
			}
			}
			}
			}

			/**
			@@ -3317,6 +3564,9 @@
			if (fanoutService != null) {
			fanoutService.stop();
			}
			if (gitDaemon != null) {
			gitDaemon.stop();
			}
			}

			/**