githubFork/gitblit.git - Solinfo Gitblit

			@@ -18,6 +18,7 @@
			import java.text.MessageFormat;

			import com.gitblit.Constants.AccessRestrictionType;
			import com.gitblit.Constants.AuthorizationControl;
			import com.gitblit.models.RepositoryModel;
			import com.gitblit.models.UserModel;
			import com.gitblit.utils.StringUtils;
			@@ -93,6 +94,16 @@
			}

			/**
			* Determine if a non-existing repository can be created using this filter.
			*
			* @return true if the server allows repository creation on-push
			*/
			@Override
			protected boolean isCreationAllowed() {
			return GitBlit.getBoolean(Keys.git.allowCreateOnPush, true);
			}

			/**
			* Determine if the repository can receive pushes.
			*
			* @param repository
			@@ -147,35 +158,91 @@
			// Git Servlet disabled
			return false;
			}
			boolean readOnly = repository.isFrozen;
			if (readOnly \|\| repository.accessRestriction.atLeast(AccessRestrictionType.PUSH)) {
			boolean authorizedUser = user.canAccessRepository(repository);
			if (action.equals(gitReceivePack)) {
			// Push request
			if (!readOnly && authorizedUser) {
			// clone-restricted or push-authorized
			return true;
			} else {
			// user is unauthorized to push to this repository
			logger.warn(MessageFormat.format("user {0} is not authorized to push to {1}",
			user.username, repository));
			return false;
			}
			} else if (action.equals(gitUploadPack)) {
			// Clone request
			boolean cloneRestricted = repository.accessRestriction
			.atLeast(AccessRestrictionType.CLONE);
			if (!cloneRestricted \|\| (cloneRestricted && authorizedUser)) {
			// push-restricted or clone-authorized
			return true;
			} else {
			// user is unauthorized to clone this repository
			logger.warn(MessageFormat.format("user {0} is not authorized to clone {1}",
			user.username, repository));
			return false;
			}
			if (action.equals(gitReceivePack)) {
			// Push request
			if (user.canPush(repository)) {
			return true;
			} else {
			// user is unauthorized to push to this repository
			logger.warn(MessageFormat.format("user {0} is not authorized to push to {1}",
			user.username, repository));
			return false;
			}
			} else if (action.equals(gitUploadPack)) {
			// Clone request
			if (user.canClone(repository)) {
			return true;
			} else {
			// user is unauthorized to clone this repository
			logger.warn(MessageFormat.format("user {0} is not authorized to clone {1}",
			user.username, repository));
			return false;
			}
			}
			return true;
			}

			/**
			* An authenticated user with the CREATE role can create a repository on
			* push.
			*
			* @param user
			* @param repository
			* @param action
			* @return the repository model, if it is created, null otherwise
			*/
			@Override
			protected RepositoryModel createRepository(UserModel user, String repository, String action) {
			boolean isPush = !StringUtils.isEmpty(action) && gitReceivePack.equals(action);
			if (isPush) {
			if (user.canCreate(repository)) {
			// user is pushing to a new repository
			// validate name
			if (repository.startsWith("../")) {
			logger.error(MessageFormat.format("Illegal relative path in repository name! {0}", repository));
			return null;
			}
			if (repository.contains("/../")) {
			logger.error(MessageFormat.format("Illegal relative path in repository name! {0}", repository));
			return null;
			}

			// confirm valid characters in repository name
			Character c = StringUtils.findInvalidCharacter(repository);
			if (c != null) {
			logger.error(MessageFormat.format("Invalid character '{0}' in repository name {1}!", c, repository));
			return null;
			}

			// create repository
			RepositoryModel model = new RepositoryModel();
			model.name = repository;
			model.owner = user.username;
			model.projectPath = StringUtils.getFirstPathElement(repository);
			if (model.isUsersPersonalRepository(user.username)) {
			// personal repository, default to private for user
			model.authorizationControl = AuthorizationControl.NAMED;
			model.accessRestriction = AccessRestrictionType.VIEW;
			} else {
			// common repository, user default server settings
			model.authorizationControl = AuthorizationControl.fromName(GitBlit.getString(Keys.git.defaultAuthorizationControl, ""));
			model.accessRestriction = AccessRestrictionType.fromName(GitBlit.getString(Keys.git.defaultAccessRestriction, ""));
			}

			// create the repository
			try {
			GitBlit.self().updateRepositoryModel(model.name, model, true);
			logger.info(MessageFormat.format("{0} created {1} ON-PUSH", user.username, model.name));
			return GitBlit.self().getRepositoryModel(model.name);
			} catch (GitBlitException e) {
			logger.error(MessageFormat.format("{0} failed to create repository {1} ON-PUSH!", user.username, model.name), e);
			}
			} else {
			logger.warn(MessageFormat.format("{0} is not permitted to create repository {1} ON-PUSH!", user.username, repository));
			}
			}

			// repository could not be created or action was not a push
			return null;
			}
			}