Gitblit devel
blame | history | patch | commit | commitdiff | ignore whitespace
James Moger
2015-09-18 a592329a82d0a85d33abcc63f08df20b79e8e4f7 
 src/main/java/com/gitblit/git/GitblitReceivePackFactory.java


@@ -15,6 +15,9 @@


 */


package com.gitblit.git;




import java.util.HashSet;


import java.util.Set;




import javax.servlet.http.HttpServletRequest;




import org.eclipse.jgit.lib.PersonIdent;


@@ -26,10 +29,14 @@


import org.slf4j.Logger;


import org.slf4j.LoggerFactory;




import com.gitblit.GitBlit;


import com.gitblit.Constants.Transport;


import com.gitblit.IStoredSettings;


import com.gitblit.Keys;


import com.gitblit.manager.IGitblit;


import com.gitblit.models.RepositoryModel;


import com.gitblit.models.UserModel;


import com.gitblit.transport.git.GitDaemonClient;


import com.gitblit.transport.ssh.SshDaemonClient;


import com.gitblit.utils.HttpUtils;


import com.gitblit.utils.StringUtils;




@@ -44,6 +51,16 @@




   protected final Logger logger = LoggerFactory.getLogger(GitblitReceivePackFactory.class);




   private final IStoredSettings settings;




   private final IGitblit gitblit;




   public GitblitReceivePackFactory(IGitblit gitblit) {


      super();


      this.settings = gitblit.getSettings();


      this.gitblit = gitblit;


   }




   @Override


   public ReceivePack create(X req, Repository db)


         throws ServiceNotEnabledException, ServiceNotAuthorizedException {


@@ -52,24 +69,30 @@


      String repositoryName = "";


      String origin = "";


      String gitblitUrl = "";


      String repositoryUrl = "";


      int timeout = 0;


      Transport transport = null;




      if (req instanceof HttpServletRequest) {


         // http/https request may or may not be authenticated


         HttpServletRequest request = (HttpServletRequest) req;


         repositoryName = request.getAttribute("gitblitRepositoryName").toString();


         origin = request.getRemoteHost();


         gitblitUrl = HttpUtils.getGitblitURL(request);


         repositoryUrl = request.getRequestURI();


         HttpServletRequest client = (HttpServletRequest) req;


         repositoryName = client.getAttribute("gitblitRepositoryName").toString();


         origin = client.getRemoteHost();


         gitblitUrl = HttpUtils.getGitblitURL(client);




         // determine pushing user


         String username = request.getRemoteUser();


         String username = client.getRemoteUser();


         if (!StringUtils.isEmpty(username)) {


            UserModel u = GitBlit.self().getUserModel(username);


            UserModel u = gitblit.getUserModel(username);


            if (u != null) {


               user = u;


            }


         }




         // determine the transport


         if ("http".equals(client.getScheme())) {


            transport = Transport.HTTP;


         } else if ("https".equals(client.getScheme())) {


            transport = Transport.HTTPS;


         }


      } else if (req instanceof GitDaemonClient) {


         // git daemon request is always anonymous


@@ -79,22 +102,73 @@




         // set timeout from Git daemon


         timeout = client.getDaemon().getTimeout();




         transport = Transport.GIT;


      } else if (req instanceof SshDaemonClient) {


         // SSH request is always authenticated


         SshDaemonClient client = (SshDaemonClient) req;


         repositoryName = client.getRepositoryName();


         origin = client.getRemoteAddress().toString();


         user = client.getUser();




         transport = Transport.SSH;


      }




      boolean allowAnonymousPushes = GitBlit.getBoolean(Keys.git.allowAnonymousPushes, true);


      if (!acceptPush(transport)) {


         throw new ServiceNotAuthorizedException();


      }




      boolean allowAnonymousPushes = settings.getBoolean(Keys.git.allowAnonymousPushes, false);


      if (!allowAnonymousPushes && UserModel.ANONYMOUS.equals(user)) {


         // prohibit anonymous pushes


         throw new ServiceNotEnabledException();


      }




      final RepositoryModel repository = GitBlit.self().getRepositoryModel(repositoryName);


      String url = settings.getString(Keys.web.canonicalUrl, null);


      if (StringUtils.isEmpty(url)) {


         url = gitblitUrl;


      }




      final GitblitReceivePack rp = new GitblitReceivePack(db, repository, user);


      rp.setGitblitUrl(gitblitUrl);


      rp.setRepositoryUrl(repositoryUrl);


      final RepositoryModel repository = gitblit.getRepositoryModel(repositoryName);




      // Determine which receive pack to use for pushes


      final GitblitReceivePack rp;


      if (gitblit.getTicketService().isAcceptingNewPatchsets(repository)) {


         rp = new PatchsetReceivePack(gitblit, db, repository, user);


      } else {


         rp = new GitblitReceivePack(gitblit, db, repository, user);


      }




      rp.setGitblitUrl(url);


      rp.setRefLogIdent(new PersonIdent(user.username, user.username + "@" + origin));


      rp.setTimeout(timeout);




      return rp;


   }




   protected boolean acceptPush(Transport byTransport) {


      if (byTransport == null) {


         logger.info("Unknown transport, push rejected!");


         return false;


      }




      Set<Transport> transports = new HashSet<Transport>();


      for (String value : gitblit.getSettings().getStrings(Keys.git.acceptedPushTransports)) {


         Transport transport = Transport.fromString(value);


         if (transport == null) {


            logger.info(String.format("Ignoring unknown registered transport %s", value));


            continue;


         }




         transports.add(transport);


      }




      if (transports.isEmpty()) {


         // no transports are explicitly specified, all are acceptable


         return true;


      }




      // verify that the transport is permitted


      return transports.contains(byTransport);


   }


}