/* * Copyright 2013 gitblit.com. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.gitblit.manager; import java.io.File; import java.io.FileFilter; import java.nio.charset.Charset; import java.text.MessageFormat; import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; import javax.servlet.http.HttpServletRequest; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.gitblit.Constants; import com.gitblit.Constants.FederationRequest; import com.gitblit.Constants.FederationToken; import com.gitblit.IStoredSettings; import com.gitblit.Keys; import com.gitblit.models.FederationModel; import com.gitblit.models.FederationProposal; import com.gitblit.models.FederationSet; import com.gitblit.models.RepositoryModel; import com.gitblit.models.UserModel; import com.gitblit.utils.Base64; import com.gitblit.utils.FederationUtils; import com.gitblit.utils.JsonUtils; import com.gitblit.utils.StringUtils; import com.google.inject.Inject; import com.google.inject.Singleton; /** * Federation manager controls all aspects of handling federation sets, tokens, * and proposals. * * @author James Moger * */ @Singleton public class FederationManager implements IFederationManager { private final Logger logger = LoggerFactory.getLogger(getClass()); private final List federationRegistrations = Collections .synchronizedList(new ArrayList()); private final Map federationPullResults = new ConcurrentHashMap(); private final IStoredSettings settings; private final IRuntimeManager runtimeManager; private final INotificationManager notificationManager; private final IRepositoryManager repositoryManager; @Inject public FederationManager( IRuntimeManager runtimeManager, INotificationManager notificationManager, IRepositoryManager repositoryManager) { this.settings = runtimeManager.getSettings(); this.runtimeManager = runtimeManager; this.notificationManager = notificationManager; this.repositoryManager = repositoryManager; } @Override public FederationManager start() { return this; } @Override public FederationManager stop() { return this; } /** * Returns the path of the proposals folder. This method checks to see if * Gitblit is running on a cloud service and may return an adjusted path. * * @return the proposals folder path */ @Override public File getProposalsFolder() { return runtimeManager.getFileOrFolder(Keys.federation.proposalsFolder, "${baseFolder}/proposals"); } @Override public boolean canFederate() { String passphrase = settings.getString(Keys.federation.passphrase, ""); return !StringUtils.isEmpty(passphrase); } /** * Returns the federation user account. * * @return the federation user account */ @Override public UserModel getFederationUser() { // the federation user is an administrator UserModel federationUser = new UserModel(Constants.FEDERATION_USER); federationUser.canAdmin = true; return federationUser; } @Override public UserModel authenticate(HttpServletRequest httpRequest) { if (canFederate()) { // try to authenticate federation user for cloning final String authorization = httpRequest.getHeader("Authorization"); if (authorization != null && authorization.startsWith("Basic")) { // Authorization: Basic base64credentials String base64Credentials = authorization.substring("Basic".length()).trim(); String credentials = new String(Base64.decode(base64Credentials), Charset.forName("UTF-8")); // credentials = username:password final String[] values = credentials.split(":", 2); if (values.length == 2) { String username = StringUtils.decodeUsername(values[0]); String password = values[1]; if (username.equalsIgnoreCase(Constants.FEDERATION_USER)) { List tokens = getFederationTokens(); if (tokens.contains(password)) { return getFederationUser(); } } } } } return null; } /** * Returns the list of federated gitblit instances that this instance will * try to pull. * * @return list of registered gitblit instances */ @Override public List getFederationRegistrations() { if (federationRegistrations.isEmpty()) { federationRegistrations.addAll(FederationUtils.getFederationRegistrations(settings)); } return federationRegistrations; } /** * Retrieve the specified federation registration. * * @param name * the name of the registration * @return a federation registration */ @Override public FederationModel getFederationRegistration(String url, String name) { // check registrations for (FederationModel r : getFederationRegistrations()) { if (r.name.equals(name) && r.url.equals(url)) { return r; } } // check the results for (FederationModel r : getFederationResultRegistrations()) { if (r.name.equals(name) && r.url.equals(url)) { return r; } } return null; } /** * Returns the list of federation sets. * * @return list of federation sets */ @Override public List getFederationSets(String gitblitUrl) { List list = new ArrayList(); // generate standard tokens for (FederationToken type : FederationToken.values()) { FederationSet fset = new FederationSet(type.toString(), type, getFederationToken(type)); fset.repositories = getRepositories(gitblitUrl, fset.token); list.add(fset); } // generate tokens for federation sets for (String set : settings.getStrings(Keys.federation.sets)) { FederationSet fset = new FederationSet(set, FederationToken.REPOSITORIES, getFederationToken(set)); fset.repositories = getRepositories(gitblitUrl, fset.token); list.add(fset); } return list; } /** * Returns the list of possible federation tokens for this Gitblit instance. * * @return list of federation tokens */ @Override public List getFederationTokens() { List tokens = new ArrayList(); // generate standard tokens for (FederationToken type : FederationToken.values()) { tokens.add(getFederationToken(type)); } // generate tokens for federation sets for (String set : settings.getStrings(Keys.federation.sets)) { tokens.add(getFederationToken(set)); } return tokens; } /** * Returns the specified federation token for this Gitblit instance. * * @param type * @return a federation token */ @Override public String getFederationToken(FederationToken type) { return getFederationToken(type.name()); } /** * Returns the specified federation token for this Gitblit instance. * * @param value * @return a federation token */ @Override public String getFederationToken(String value) { String passphrase = settings.getString(Keys.federation.passphrase, ""); return StringUtils.getSHA1(passphrase + "-" + value); } /** * Compares the provided token with this Gitblit instance's tokens and * determines if the requested permission may be granted to the token. * * @param req * @param token * @return true if the request can be executed */ @Override public boolean validateFederationRequest(FederationRequest req, String token) { String all = getFederationToken(FederationToken.ALL); String unr = getFederationToken(FederationToken.USERS_AND_REPOSITORIES); String jur = getFederationToken(FederationToken.REPOSITORIES); switch (req) { case PULL_REPOSITORIES: return token.equals(all) || token.equals(unr) || token.equals(jur); case PULL_USERS: case PULL_TEAMS: return token.equals(all) || token.equals(unr); case PULL_SETTINGS: case PULL_SCRIPTS: return token.equals(all); default: break; } return false; } /** * Acknowledge and cache the status of a remote Gitblit instance. * * @param identification * the identification of the pulling Gitblit instance * @param registration * the registration from the pulling Gitblit instance * @return true if acknowledged */ @Override public boolean acknowledgeFederationStatus(String identification, FederationModel registration) { // reset the url to the identification of the pulling Gitblit instance registration.url = identification; String id = identification; if (!StringUtils.isEmpty(registration.folder)) { id += "-" + registration.folder; } federationPullResults.put(id, registration); return true; } /** * Returns the list of registration results. * * @return the list of registration results */ @Override public List getFederationResultRegistrations() { return new ArrayList(federationPullResults.values()); } /** * Submit a federation proposal. The proposal is cached locally and the * Gitblit administrator(s) are notified via email. * * @param proposal * the proposal * @param gitblitUrl * the url of your gitblit instance to send an email to * administrators * @return true if the proposal was submitted */ @Override public boolean submitFederationProposal(FederationProposal proposal, String gitblitUrl) { // convert proposal to json String json = JsonUtils.toJsonString(proposal); try { // make the proposals folder File proposalsFolder = getProposalsFolder(); proposalsFolder.mkdirs(); // cache json to a file File file = new File(proposalsFolder, proposal.token + Constants.PROPOSAL_EXT); com.gitblit.utils.FileUtils.writeContent(file, json); } catch (Exception e) { logger.error(MessageFormat.format("Failed to cache proposal from {0}", proposal.url), e); } // send an email, if possible notificationManager.sendMailToAdministrators("Federation proposal from " + proposal.url, "Please review the proposal @ " + gitblitUrl + "/proposal/" + proposal.token); return true; } /** * Returns the list of pending federation proposals * * @return list of federation proposals */ @Override public List getPendingFederationProposals() { List list = new ArrayList(); File folder = getProposalsFolder(); if (folder.exists()) { File[] files = folder.listFiles(new FileFilter() { @Override public boolean accept(File file) { return file.isFile() && file.getName().toLowerCase().endsWith(Constants.PROPOSAL_EXT); } }); for (File file : files) { String json = com.gitblit.utils.FileUtils.readContent(file, null); FederationProposal proposal = JsonUtils.fromJsonString(json, FederationProposal.class); list.add(proposal); } } return list; } /** * Get repositories for the specified token. * * @param gitblitUrl * the base url of this gitblit instance * @param token * the federation token * @return a map of */ @Override public Map getRepositories(String gitblitUrl, String token) { Map federationSets = new HashMap(); for (String set : settings.getStrings(Keys.federation.sets)) { federationSets.put(getFederationToken(set), set); } // Determine the Gitblit clone url StringBuilder sb = new StringBuilder(); sb.append(gitblitUrl); sb.append(Constants.R_PATH); sb.append("{0}"); String cloneUrl = sb.toString(); // Retrieve all available repositories UserModel user = getFederationUser(); List list = repositoryManager.getRepositoryModels(user); // create the [cloneurl, repositoryModel] map Map repositories = new HashMap(); for (RepositoryModel model : list) { // by default, setup the url for THIS repository String url = MessageFormat.format(cloneUrl, model.name); switch (model.federationStrategy) { case EXCLUDE: // skip this repository continue; case FEDERATE_ORIGIN: // federate the origin, if it is defined if (!StringUtils.isEmpty(model.origin)) { url = model.origin; } break; default: break; } if (federationSets.containsKey(token)) { // include repositories only for federation set String set = federationSets.get(token); if (model.federationSets.contains(set)) { repositories.put(url, model); } } else { // standard federation token for ALL repositories.put(url, model); } } return repositories; } /** * Creates a proposal from the token. * * @param gitblitUrl * the url of this Gitblit instance * @param token * @return a potential proposal */ @Override public FederationProposal createFederationProposal(String gitblitUrl, String token) { FederationToken tokenType = FederationToken.REPOSITORIES; for (FederationToken type : FederationToken.values()) { if (token.equals(getFederationToken(type))) { tokenType = type; break; } } Map repositories = getRepositories(gitblitUrl, token); FederationProposal proposal = new FederationProposal(gitblitUrl, tokenType, token, repositories); return proposal; } /** * Returns the proposal identified by the supplied token. * * @param token * @return the specified proposal or null */ @Override public FederationProposal getPendingFederationProposal(String token) { List list = getPendingFederationProposals(); for (FederationProposal proposal : list) { if (proposal.token.equals(token)) { return proposal; } } return null; } /** * Deletes a pending federation proposal. * * @param a * proposal * @return true if the proposal was deleted */ @Override public boolean deletePendingFederationProposal(FederationProposal proposal) { File folder = getProposalsFolder(); File file = new File(folder, proposal.token + Constants.PROPOSAL_EXT); return file.delete(); } }