/* * Copyright 2012 gitblit.com. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.gitblit.servlet; import com.google.inject.Inject; import com.google.inject.Singleton; import org.eclipse.jgit.lib.Repository; import com.gitblit.Constants.AccessRestrictionType; import com.gitblit.manager.IAuthenticationManager; import com.gitblit.manager.IRepositoryManager; import com.gitblit.manager.IRuntimeManager; import com.gitblit.models.RepositoryModel; import com.gitblit.models.UserModel; /** * The RawFilter is an AccessRestrictionFilter which ensures http branch * requests for a view-restricted repository are authenticated and authorized. * * @author James Moger * */ @Singleton public class RawFilter extends AccessRestrictionFilter { @Inject public RawFilter( IRuntimeManager runtimeManager, IAuthenticationManager authenticationManager, IRepositoryManager repositoryManager) { super(runtimeManager, authenticationManager, repositoryManager); } /** * Extract the repository name from the url. * * @param url * @return repository name */ @Override protected String extractRepositoryName(String url) { // get the repository name from the url by finding a known url suffix String repository = ""; Repository r = null; int offset = 0; while (r == null) { int slash = url.indexOf('/', offset); if (slash == -1) { repository = url; } else { repository = url.substring(0, slash); } r = repositoryManager.getRepository(repository, false); if (r == null) { // try again offset = slash + 1; } else { // close the repo r.close(); } if (repository.equals(url)) { // either only repository in url or no repository found break; } } return repository; } /** * Analyze the url and returns the action of the request. * * @param cloneUrl * @return action of the request */ @Override protected String getUrlRequestAction(String suffix) { return "VIEW"; } /** * Determine if a non-existing repository can be created using this filter. * * @return true if the filter allows repository creation */ @Override protected boolean isCreationAllowed(String action) { return false; } /** * Determine if the action may be executed on the repository. * * @param repository * @param action * @param method * @return true if the action may be performed */ @Override protected boolean isActionAllowed(RepositoryModel repository, String action, String method) { return true; } /** * Determine if the repository requires authentication. * * @param repository * @param action * @param method * @return true if authentication required */ @Override protected boolean requiresAuthentication(RepositoryModel repository, String action, String method) { return repository.accessRestriction.atLeast(AccessRestrictionType.VIEW); } /** * Determine if the user can access the repository and perform the specified * action. * * @param repository * @param user * @param action * @return true if user may execute the action on the repository */ @Override protected boolean canAccess(RepositoryModel repository, UserModel user, String action) { return user.canView(repository); } }