Gitblit devel
blame | history | patch | commit | commitdiff | ignore whitespace
James Moger
2014-02-28 131da2786c1bf275c07ba628af4254a40d1dc42f 
 src/main/java/com/gitblit/git/GitblitUploadPackFactory.java


@@ -15,22 +15,15 @@


 */


package com.gitblit.git;




import java.util.ArrayList;


import java.util.List;


import java.util.Map;




import javax.servlet.http.HttpServletRequest;




import org.eclipse.jgit.lib.Ref;


import org.eclipse.jgit.lib.Repository;


import org.eclipse.jgit.transport.RefFilter;


import org.eclipse.jgit.transport.UploadPack;


import org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException;


import org.eclipse.jgit.transport.resolver.ServiceNotEnabledException;


import org.eclipse.jgit.transport.resolver.UploadPackFactory;




import com.gitblit.Constants;


import com.gitblit.GitBlit;


import com.gitblit.manager.IAuthenticationManager;


import com.gitblit.models.UserModel;




/**


@@ -43,6 +36,12 @@


 */


public class GitblitUploadPackFactory<X> implements UploadPackFactory<X> {




   private final IAuthenticationManager authenticationManager;




   public GitblitUploadPackFactory(IAuthenticationManager authenticationManager) {


      this.authenticationManager = authenticationManager;


   }




   @Override


   public UploadPack create(X req, Repository db)


         throws ServiceNotEnabledException, ServiceNotAuthorizedException {


@@ -52,7 +51,7 @@




      if (req instanceof HttpServletRequest) {


         // http/https request may or may not be authenticated


         user = GitBlit.self().authenticate((HttpServletRequest) req);


         user = authenticationManager.authenticate((HttpServletRequest) req);


         if (user == null) {


            user = UserModel.ANONYMOUS;


         }


@@ -63,45 +62,9 @@


         timeout = client.getDaemon().getTimeout();


      }




      RefFilter refFilter = new UserRefFilter(user);


      UploadPack up = new UploadPack(db);


      up.setRefFilter(refFilter);


      up.setTimeout(timeout);




      return up;


   }




   /**


    * Restricts advertisement of certain refs based on the permission of the


    * requesting user.


    */


   public static class UserRefFilter implements RefFilter {




      final UserModel user;




      public UserRefFilter(UserModel user) {


         this.user = user;


      }




      @Override


      public Map<String, Ref> filter(Map<String, Ref> refs) {


         if (user.canAdmin()) {


            // admins can see all refs


            return refs;


         }




         // normal users can not clone any gitblit refs


         // JGit's RefMap is custom and does not support iterator removal :(


         List<String> toRemove = new ArrayList<String>();


         for (String ref : refs.keySet()) {


            if (ref.startsWith(Constants.R_GITBLIT)) {


               toRemove.add(ref);


            }


         }


         for (String ref : toRemove) {


            refs.remove(ref);


         }


         return refs;


      }


   }


}