Create infrastructure for XSS sanitization
2 files added
21 files modified
| | |
| | | <classpathentry kind="lib" path="ext/commons-pool2-2.0.jar" sourcepath="ext/src/commons-pool2-2.0.jar" /> |
| | | <classpathentry kind="lib" path="ext/pf4j-0.8.0.jar" sourcepath="ext/src/pf4j-0.8.0.jar" /> |
| | | <classpathentry kind="lib" path="ext/tika-core-1.5.jar" sourcepath="ext/src/tika-core-1.5.jar" /> |
| | | <classpathentry kind="lib" path="ext/jsoup-1.7.3.jar" sourcepath="ext/src/jsoup-1.7.3.jar" /> |
| | | <classpathentry kind="lib" path="ext/junit-4.11.jar" sourcepath="ext/src/junit-4.11.jar" /> |
| | | <classpathentry kind="lib" path="ext/hamcrest-core-1.3.jar" sourcepath="ext/src/hamcrest-core-1.3.jar" /> |
| | | <classpathentry kind="lib" path="ext/selenium-java-2.28.0.jar" sourcepath="ext/src/selenium-java-2.28.0.jar" /> |
| | |
| | | - compile 'redis.clients:jedis:2.3.1' :war |
| | | - compile 'ro.fortsoft.pf4j:pf4j:0.8.0' :war |
| | | - compile 'org.apache.tika:tika-core:1.5' :war |
| | | - compile 'org.jsoup:jsoup:1.7.3' :war |
| | | - test 'junit' |
| | | # Dependencies for Selenium web page testing |
| | | - test 'org.seleniumhq.selenium:selenium-java:${selenium.version}' @jar |
| | |
| | | </SOURCES> |
| | | </library> |
| | | </orderEntry> |
| | | <orderEntry type="module-library"> |
| | | <library name="jsoup-1.7.3.jar"> |
| | | <CLASSES> |
| | | <root url="jar://$MODULE_DIR$/ext/jsoup-1.7.3.jar!/" /> |
| | | </CLASSES> |
| | | <JAVADOC /> |
| | | <SOURCES> |
| | | <root url="jar://$MODULE_DIR$/ext/src/jsoup-1.7.3.jar!/" /> |
| | | </SOURCES> |
| | | </library> |
| | | </orderEntry> |
| | | <orderEntry type="module-library" scope="TEST"> |
| | | <library name="junit-4.11.jar"> |
| | | <CLASSES> |
| | |
| | | import com.gitblit.transport.ssh.IPublicKeyManager; |
| | | import com.gitblit.transport.ssh.MemoryKeyManager; |
| | | import com.gitblit.transport.ssh.NullKeyManager; |
| | | import com.gitblit.utils.JSoupXssFilter; |
| | | import com.gitblit.utils.StringUtils; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.wicket.GitBlitWebApp; |
| | | |
| | | import dagger.Module; |
| | |
| | | library = true, |
| | | injects = { |
| | | IStoredSettings.class, |
| | | XssFilter.class, |
| | | |
| | | // core managers |
| | | IRuntimeManager.class, |
| | |
| | | return new FileSettings(); |
| | | } |
| | | |
| | | @Provides @Singleton IRuntimeManager provideRuntimeManager(IStoredSettings settings) { |
| | | return new RuntimeManager(settings); |
| | | @Provides @Singleton XssFilter provideXssFilter() { |
| | | return new JSoupXssFilter(); |
| | | } |
| | | |
| | | @Provides @Singleton IRuntimeManager provideRuntimeManager(IStoredSettings settings, XssFilter xssFilter) { |
| | | return new RuntimeManager(settings, xssFilter); |
| | | } |
| | | |
| | | @Provides @Singleton IPluginManager providePluginManager(IRuntimeManager runtimeManager) { |
| | |
| | | import com.gitblit.service.FederationPullService;
|
| | | import com.gitblit.utils.FederationUtils;
|
| | | import com.gitblit.utils.StringUtils;
|
| | | import com.gitblit.utils.XssFilter;
|
| | | import com.gitblit.utils.XssFilter.AllowXssFilter;
|
| | |
|
| | | /**
|
| | | * Command-line client to pull federated Gitblit repositories.
|
| | |
| | | }
|
| | |
|
| | | // configure the Gitblit singleton for minimal, non-server operation
|
| | | RuntimeManager runtime = new RuntimeManager(settings, baseFolder).start();
|
| | | XssFilter xssFilter = new AllowXssFilter();
|
| | | RuntimeManager runtime = new RuntimeManager(settings, xssFilter, baseFolder).start();
|
| | | NoopNotificationManager notifications = new NoopNotificationManager().start();
|
| | | UserManager users = new UserManager(runtime, null).start();
|
| | | RepositoryManager repositories = new RepositoryManager(runtime, null, users).start();
|
| | |
| | | import com.gitblit.tickets.ITicketService; |
| | | import com.gitblit.tickets.RedisTicketService; |
| | | import com.gitblit.utils.StringUtils; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.utils.XssFilter.AllowXssFilter; |
| | | |
| | | /** |
| | | * A command-line tool to move all tickets from one ticket service to another. |
| | |
| | | settings.overrideSetting(Keys.web.activityCacheDays, 0); |
| | | settings.overrideSetting(ITicketService.SETTING_UPDATE_DIFFSTATS, false); |
| | | |
| | | IRuntimeManager runtimeManager = new RuntimeManager(settings, baseFolder).start(); |
| | | XssFilter xssFilter = new AllowXssFilter(); |
| | | IRuntimeManager runtimeManager = new RuntimeManager(settings, xssFilter, baseFolder).start(); |
| | | IRepositoryManager repositoryManager = new RepositoryManager(runtimeManager, null, null).start(); |
| | | |
| | | String inputServiceName = settings.getString(Keys.tickets.service, BranchTicketService.class.getSimpleName()); |
| | |
| | | import com.gitblit.tickets.ITicketService; |
| | | import com.gitblit.tickets.RedisTicketService; |
| | | import com.gitblit.utils.StringUtils; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.utils.XssFilter.AllowXssFilter; |
| | | |
| | | /** |
| | | * A command-line tool to reindex all tickets in all repositories when the |
| | |
| | | settings.overrideSetting(Keys.git.enableMirroring, false); |
| | | settings.overrideSetting(Keys.web.activityCacheDays, 0); |
| | | |
| | | IRuntimeManager runtimeManager = new RuntimeManager(settings, baseFolder).start(); |
| | | XssFilter xssFilter = new AllowXssFilter(); |
| | | IRuntimeManager runtimeManager = new RuntimeManager(settings, xssFilter, baseFolder).start(); |
| | | IRepositoryManager repositoryManager = new RepositoryManager(runtimeManager, null, null).start(); |
| | | |
| | | String serviceName = settings.getString(Keys.tickets.service, BranchTicketService.class.getSimpleName()); |
| | |
| | | import com.gitblit.transport.ssh.IPublicKeyManager; |
| | | import com.gitblit.transport.ssh.SshKey; |
| | | import com.gitblit.utils.ArrayUtils; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.utils.HttpUtils; |
| | | import com.gitblit.utils.JsonUtils; |
| | | import com.gitblit.utils.ObjectCache; |
| | |
| | | return runtimeManager.getStatus(); |
| | | } |
| | | |
| | | @Override |
| | | public XssFilter getXssFilter() { |
| | | return runtimeManager.getXssFilter(); |
| | | } |
| | | |
| | | /* |
| | | * NOTIFICATION MANAGER |
| | | */ |
| | |
| | | import com.gitblit.IStoredSettings; |
| | | import com.gitblit.models.ServerSettings; |
| | | import com.gitblit.models.ServerStatus; |
| | | import com.gitblit.utils.XssFilter; |
| | | |
| | | public interface IRuntimeManager extends IManager { |
| | | |
| | |
| | | * @since 1.4.0 |
| | | */ |
| | | boolean updateSettings(Map<String, String> updatedSettings); |
| | | |
| | | /** |
| | | * Returns the HTML sanitizer used to clean user content. |
| | | * |
| | | * @return the HTML sanitizer |
| | | */ |
| | | XssFilter getXssFilter(); |
| | | } |
| | |
| | | import com.gitblit.models.ServerStatus; |
| | | import com.gitblit.models.SettingModel; |
| | | import com.gitblit.utils.StringUtils; |
| | | import com.gitblit.utils.XssFilter; |
| | | |
| | | public class RuntimeManager implements IRuntimeManager { |
| | | |
| | | private final Logger logger = LoggerFactory.getLogger(getClass()); |
| | | |
| | | private final IStoredSettings settings; |
| | | |
| | | private final XssFilter xssFilter; |
| | | |
| | | private final ServerStatus serverStatus; |
| | | |
| | |
| | | |
| | | private TimeZone timezone; |
| | | |
| | | public RuntimeManager(IStoredSettings settings) { |
| | | this(settings, null); |
| | | public RuntimeManager(IStoredSettings settings, XssFilter xssFilter) { |
| | | this(settings, xssFilter, null); |
| | | } |
| | | |
| | | public RuntimeManager(IStoredSettings settings, File baseFolder) { |
| | | public RuntimeManager(IStoredSettings settings, XssFilter xssFilter, File baseFolder) { |
| | | this.settings = settings; |
| | | this.settingsModel = new ServerSettings(); |
| | | this.serverStatus = new ServerStatus(); |
| | | this.xssFilter = xssFilter; |
| | | this.baseFolder = baseFolder == null ? new File("") : baseFolder; |
| | | } |
| | | |
| | |
| | | serverStatus.heapFree = Runtime.getRuntime().freeMemory(); |
| | | return serverStatus; |
| | | } |
| | | |
| | | /** |
| | | * Returns the XSS filter. |
| | | * |
| | | * @return the XSS filter |
| | | */ |
| | | @Override |
| | | public XssFilter getXssFilter() { |
| | | return xssFilter; |
| | | } |
| | | |
| | | } |
New file |
| | |
| | | /* |
| | | * Copyright 2014 gitblit.com. |
| | | * |
| | | * Licensed under the Apache License, Version 2.0 (the "License"); |
| | | * you may not use this file except in compliance with the License. |
| | | * You may obtain a copy of the License at |
| | | * |
| | | * http://www.apache.org/licenses/LICENSE-2.0 |
| | | * |
| | | * Unless required by applicable law or agreed to in writing, software |
| | | * distributed under the License is distributed on an "AS IS" BASIS, |
| | | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| | | * See the License for the specific language governing permissions and |
| | | * limitations under the License. |
| | | */ |
| | | package com.gitblit.utils; |
| | | |
| | | import org.jsoup.Jsoup; |
| | | import org.jsoup.nodes.Document; |
| | | import org.jsoup.safety.Cleaner; |
| | | import org.jsoup.safety.Whitelist; |
| | | |
| | | /** |
| | | * Implementation of an XSS filter based on JSoup. |
| | | * |
| | | * @author James Moger |
| | | * |
| | | */ |
| | | public class JSoupXssFilter implements XssFilter { |
| | | |
| | | private final Cleaner none; |
| | | |
| | | private final Cleaner relaxed; |
| | | |
| | | public JSoupXssFilter() { |
| | | none = new Cleaner(Whitelist.none()); |
| | | relaxed = new Cleaner(getRelaxedWhiteList()); |
| | | } |
| | | |
| | | @Override |
| | | public String none(String input) { |
| | | return clean(input, none); |
| | | } |
| | | |
| | | @Override |
| | | public String relaxed(String input) { |
| | | return clean(input, relaxed); |
| | | } |
| | | |
| | | protected String clean(String input, Cleaner cleaner) { |
| | | Document unsafe = Jsoup.parse(input); |
| | | Document safe = cleaner.clean(unsafe); |
| | | return safe.body().html(); |
| | | } |
| | | |
| | | /** |
| | | * Builds & returns a loose HTML whitelist similar to Github. |
| | | * |
| | | * https://github.com/github/markup/tree/master#html-sanitization |
| | | * @return a loose HTML whitelist |
| | | */ |
| | | protected Whitelist getRelaxedWhiteList() { |
| | | return new Whitelist() |
| | | .addTags( |
| | | "a", "b", "blockquote", "br", "caption", "cite", "code", "col", |
| | | "colgroup", "dd", "del", "div", "dl", "dt", "em", "h1", "h2", "h3", "h4", "h5", "h6", "hr", |
| | | "i", "img", "ins", "kbd", "li", "ol", "p", "pre", "q", "samp", "small", "strike", "strong", |
| | | "sub", "sup", "table", "tbody", "td", "tfoot", "th", "thead", "tr", "tt", "u", |
| | | "ul", "var") |
| | | |
| | | .addAttributes("a", "href", "title") |
| | | .addAttributes("blockquote", "cite") |
| | | .addAttributes("col", "span", "width") |
| | | .addAttributes("colgroup", "span", "width") |
| | | .addAttributes("img", "align", "alt", "height", "src", "title", "width") |
| | | .addAttributes("ol", "start", "type") |
| | | .addAttributes("q", "cite") |
| | | .addAttributes("table", "summary", "width") |
| | | .addAttributes("td", "abbr", "axis", "colspan", "rowspan", "width") |
| | | .addAttributes("th", "abbr", "axis", "colspan", "rowspan", "scope", "width") |
| | | .addAttributes("ul", "type") |
| | | |
| | | .addEnforcedAttribute("a", "rel", "nofollow") |
| | | ; |
| | | } |
| | | |
| | | } |
New file |
| | |
| | | /* |
| | | * Copyright 2014 gitblit.com. |
| | | * |
| | | * Licensed under the Apache License, Version 2.0 (the "License"); |
| | | * you may not use this file except in compliance with the License. |
| | | * You may obtain a copy of the License at |
| | | * |
| | | * http://www.apache.org/licenses/LICENSE-2.0 |
| | | * |
| | | * Unless required by applicable law or agreed to in writing, software |
| | | * distributed under the License is distributed on an "AS IS" BASIS, |
| | | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| | | * See the License for the specific language governing permissions and |
| | | * limitations under the License. |
| | | */ |
| | | package com.gitblit.utils; |
| | | |
| | | /** |
| | | * Defines the contract for an XSS filter implementation. |
| | | * |
| | | * @author James Moger |
| | | * |
| | | */ |
| | | public interface XssFilter { |
| | | |
| | | /** |
| | | * Returns a filtered version of the input value that contains no html |
| | | * elements. |
| | | * |
| | | * @param input |
| | | * @return a plain text value |
| | | */ |
| | | String none(String input); |
| | | |
| | | /** |
| | | * Returns a filtered version of the input that contains structural html |
| | | * elements. |
| | | * |
| | | * @param input |
| | | * @return a filtered html value |
| | | */ |
| | | String relaxed(String input); |
| | | |
| | | /** |
| | | * A NOOP XSS filter. |
| | | * |
| | | * @author James Moger |
| | | * |
| | | */ |
| | | public class AllowXssFilter implements XssFilter { |
| | | |
| | | @Override |
| | | public String none(String input) { |
| | | return input; |
| | | } |
| | | |
| | | @Override |
| | | public String relaxed(String input) { |
| | | return input; |
| | | } |
| | | |
| | | } |
| | | |
| | | } |
| | |
| | | import com.gitblit.manager.IUserManager; |
| | | import com.gitblit.tickets.ITicketService; |
| | | import com.gitblit.transport.ssh.IPublicKeyManager; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.wicket.pages.ActivityPage; |
| | | import com.gitblit.wicket.pages.BlamePage; |
| | | import com.gitblit.wicket.pages.BlobDiffPage; |
| | |
| | | |
| | | private final IStoredSettings settings; |
| | | |
| | | private final XssFilter xssFilter; |
| | | |
| | | private final IRuntimeManager runtimeManager; |
| | | |
| | | private final IPluginManager pluginManager; |
| | |
| | | |
| | | super(); |
| | | this.settings = runtimeManager.getSettings(); |
| | | this.xssFilter = runtimeManager.getXssFilter(); |
| | | this.runtimeManager = runtimeManager; |
| | | this.pluginManager = pluginManager; |
| | | this.notificationManager = notificationManager; |
| | |
| | | } |
| | | |
| | | /* (non-Javadoc) |
| | | * @see com.gitblit.wicket.Webapp#xssFilter() |
| | | */ |
| | | @Override |
| | | public XssFilter xssFilter() { |
| | | return xssFilter; |
| | | } |
| | | |
| | | /* (non-Javadoc) |
| | | * @see com.gitblit.wicket.Webapp#isDebugMode() |
| | | */ |
| | | @Override |
| | |
| | | import com.gitblit.manager.IUserManager; |
| | | import com.gitblit.tickets.ITicketService; |
| | | import com.gitblit.transport.ssh.IPublicKeyManager; |
| | | import com.gitblit.utils.XssFilter; |
| | | |
| | | public interface GitblitWicketApp { |
| | | |
| | |
| | | |
| | | public abstract IStoredSettings settings(); |
| | | |
| | | public abstract XssFilter xssFilter(); |
| | | |
| | | /** |
| | | * Is Gitblit running in debug mode? |
| | | * |
| | |
| | | import com.gitblit.manager.UserManager; |
| | | import com.gitblit.models.UserModel; |
| | | import com.gitblit.tests.mock.MemorySettings; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.utils.XssFilter.AllowXssFilter; |
| | | |
| | | /** |
| | | * Class for testing local authentication. |
| | |
| | | } |
| | | |
| | | IAuthenticationManager newAuthenticationManager() { |
| | | RuntimeManager runtime = new RuntimeManager(getSettings(), GitBlitSuite.BASEFOLDER).start(); |
| | | XssFilter xssFilter = new AllowXssFilter(); |
| | | RuntimeManager runtime = new RuntimeManager(getSettings(), xssFilter, GitBlitSuite.BASEFOLDER).start(); |
| | | users = new UserManager(runtime, null).start(); |
| | | AuthenticationManager auth = new AuthenticationManager(runtime, users).start(); |
| | | return auth; |
| | |
| | | import com.gitblit.models.RepositoryModel; |
| | | import com.gitblit.tickets.BranchTicketService; |
| | | import com.gitblit.tickets.ITicketService; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.utils.XssFilter.AllowXssFilter; |
| | | |
| | | /** |
| | | * Tests the branch ticket service. |
| | |
| | | protected ITicketService getService(boolean deleteAll) throws Exception { |
| | | |
| | | IStoredSettings settings = getSettings(deleteAll); |
| | | |
| | | IRuntimeManager runtimeManager = new RuntimeManager(settings).start(); |
| | | XssFilter xssFilter = new AllowXssFilter(); |
| | | IRuntimeManager runtimeManager = new RuntimeManager(settings, xssFilter).start(); |
| | | IPluginManager pluginManager = new PluginManager(runtimeManager).start(); |
| | | INotificationManager notificationManager = new NotificationManager(settings).start(); |
| | | IUserManager userManager = new UserManager(runtimeManager, pluginManager).start(); |
| | |
| | | import com.gitblit.models.RepositoryModel; |
| | | import com.gitblit.tickets.FileTicketService; |
| | | import com.gitblit.tickets.ITicketService; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.utils.XssFilter.AllowXssFilter; |
| | | |
| | | /** |
| | | * Tests the file ticket service. |
| | |
| | | protected ITicketService getService(boolean deleteAll) throws Exception { |
| | | |
| | | IStoredSettings settings = getSettings(deleteAll); |
| | | |
| | | IRuntimeManager runtimeManager = new RuntimeManager(settings).start(); |
| | | XssFilter xssFilter = new AllowXssFilter(); |
| | | IRuntimeManager runtimeManager = new RuntimeManager(settings, xssFilter).start(); |
| | | IPluginManager pluginManager = new PluginManager(runtimeManager).start(); |
| | | INotificationManager notificationManager = new NotificationManager(settings).start(); |
| | | IUserManager userManager = new UserManager(runtimeManager, pluginManager).start(); |
| | |
| | | import com.gitblit.manager.UserManager; |
| | | import com.gitblit.models.UserModel; |
| | | import com.gitblit.tests.mock.MemorySettings; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.utils.XssFilter.AllowXssFilter; |
| | | |
| | | /** |
| | | * Test the Htpasswd user service. |
| | |
| | | } |
| | | |
| | | private HtpasswdAuthProvider newHtpasswdAuthentication(IStoredSettings settings) { |
| | | RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start(); |
| | | XssFilter xssFilter = new AllowXssFilter(); |
| | | RuntimeManager runtime = new RuntimeManager(settings, xssFilter, GitBlitSuite.BASEFOLDER).start(); |
| | | UserManager users = new UserManager(runtime, null).start(); |
| | | HtpasswdAuthProvider htpasswd = new HtpasswdAuthProvider(); |
| | | htpasswd.setup(runtime, users); |
| | |
| | | } |
| | | |
| | | private AuthenticationManager newAuthenticationManager(IStoredSettings settings) { |
| | | RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start(); |
| | | XssFilter xssFilter = new AllowXssFilter(); |
| | | RuntimeManager runtime = new RuntimeManager(settings, xssFilter, GitBlitSuite.BASEFOLDER).start(); |
| | | UserManager users = new UserManager(runtime, null).start(); |
| | | HtpasswdAuthProvider htpasswd = new HtpasswdAuthProvider(); |
| | | htpasswd.setup(runtime, users); |
| | |
| | | import com.gitblit.models.TeamModel; |
| | | import com.gitblit.models.UserModel; |
| | | import com.gitblit.tests.mock.MemorySettings; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.utils.XssFilter.AllowXssFilter; |
| | | import com.unboundid.ldap.listener.InMemoryDirectoryServer; |
| | | import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig; |
| | | import com.unboundid.ldap.listener.InMemoryListenerConfig; |
| | |
| | | } |
| | | |
| | | private LdapAuthProvider newLdapAuthentication(IStoredSettings settings) { |
| | | RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start(); |
| | | XssFilter xssFilter = new AllowXssFilter(); |
| | | RuntimeManager runtime = new RuntimeManager(settings, xssFilter, GitBlitSuite.BASEFOLDER).start(); |
| | | userManager = new UserManager(runtime, null).start(); |
| | | LdapAuthProvider ldap = new LdapAuthProvider(); |
| | | ldap.setup(runtime, userManager); |
| | |
| | | } |
| | | |
| | | private AuthenticationManager newAuthenticationManager(IStoredSettings settings) { |
| | | RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start(); |
| | | XssFilter xssFilter = new AllowXssFilter(); |
| | | RuntimeManager runtime = new RuntimeManager(settings, xssFilter, GitBlitSuite.BASEFOLDER).start(); |
| | | AuthenticationManager auth = new AuthenticationManager(runtime, userManager); |
| | | auth.addAuthenticationProvider(newLdapAuthentication(settings)); |
| | | return auth; |
| | |
| | | import com.gitblit.tests.mock.MemorySettings;
|
| | | import com.gitblit.utils.FileUtils;
|
| | | import com.gitblit.utils.JGitUtils;
|
| | | import com.gitblit.utils.XssFilter;
|
| | | import com.gitblit.utils.XssFilter.AllowXssFilter;
|
| | |
|
| | | /**
|
| | | * Tests Lucene indexing and querying.
|
| | |
| | | private LuceneService newLuceneExecutor() {
|
| | | MemorySettings settings = new MemorySettings();
|
| | | settings.put(Keys.git.repositoriesFolder, GitBlitSuite.REPOSITORIES);
|
| | | RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start();
|
| | | XssFilter xssFilter = new AllowXssFilter();
|
| | | RuntimeManager runtime = new RuntimeManager(settings, xssFilter, GitBlitSuite.BASEFOLDER).start();
|
| | | UserManager users = new UserManager(runtime, null).start();
|
| | | RepositoryManager repos = new RepositoryManager(runtime, null, users);
|
| | | return new LuceneService(settings, repos);
|
| | |
| | | import com.gitblit.models.RepositoryModel; |
| | | import com.gitblit.tickets.ITicketService; |
| | | import com.gitblit.tickets.RedisTicketService; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.utils.XssFilter.AllowXssFilter; |
| | | |
| | | /** |
| | | * Tests the Redis ticket service. |
| | |
| | | protected ITicketService getService(boolean deleteAll) throws Exception { |
| | | |
| | | IStoredSettings settings = getSettings(deleteAll); |
| | | |
| | | IRuntimeManager runtimeManager = new RuntimeManager(settings).start(); |
| | | XssFilter xssFilter = new AllowXssFilter(); |
| | | IRuntimeManager runtimeManager = new RuntimeManager(settings, xssFilter).start(); |
| | | IPluginManager pluginManager = new PluginManager(runtimeManager).start(); |
| | | INotificationManager notificationManager = new NotificationManager(settings).start(); |
| | | IUserManager userManager = new UserManager(runtimeManager, pluginManager).start(); |
| | |
| | | import com.gitblit.manager.UserManager; |
| | | import com.gitblit.models.UserModel; |
| | | import com.gitblit.tests.mock.MemorySettings; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.utils.XssFilter.AllowXssFilter; |
| | | |
| | | public class RedmineAuthenticationTest extends GitblitUnitTest { |
| | | |
| | |
| | | } |
| | | |
| | | RedmineAuthProvider newRedmineAuthentication(IStoredSettings settings) { |
| | | RuntimeManager runtime = new RuntimeManager(settings, GitBlitSuite.BASEFOLDER).start(); |
| | | XssFilter xssFilter = new AllowXssFilter(); |
| | | RuntimeManager runtime = new RuntimeManager(settings, xssFilter, GitBlitSuite.BASEFOLDER).start(); |
| | | UserManager users = new UserManager(runtime, null).start(); |
| | | RedmineAuthProvider redmine = new RedmineAuthProvider(); |
| | | redmine.setup(runtime, users); |
| | |
| | | } |
| | | |
| | | AuthenticationManager newAuthenticationManager() { |
| | | RuntimeManager runtime = new RuntimeManager(getSettings(), GitBlitSuite.BASEFOLDER).start(); |
| | | XssFilter xssFilter = new AllowXssFilter(); |
| | | RuntimeManager runtime = new RuntimeManager(getSettings(), xssFilter, GitBlitSuite.BASEFOLDER).start(); |
| | | UserManager users = new UserManager(runtime, null).start(); |
| | | RedmineAuthProvider redmine = new RedmineAuthProvider(); |
| | | redmine.setup(runtime, users); |
| | |
| | | import com.gitblit.models.ServerSettings; |
| | | import com.gitblit.models.ServerStatus; |
| | | import com.gitblit.models.SettingModel; |
| | | import com.gitblit.utils.XssFilter; |
| | | import com.gitblit.utils.XssFilter.AllowXssFilter; |
| | | |
| | | public class MockRuntimeManager implements IRuntimeManager { |
| | | |
| | |
| | | } |
| | | |
| | | @Override |
| | | public XssFilter getXssFilter() { |
| | | return new AllowXssFilter(); |
| | | } |
| | | |
| | | @Override |
| | | public boolean updateSettings(Map<String, String> updatedSettings) { |
| | | return settings.saveSettings(updatedSettings); |
| | | } |