From eecaad8b8e2c447429c31a01d49260ddd6b4ee03 Mon Sep 17 00:00:00 2001
From: Paul Martin <paul@paulsputer.com>
Date: Sat, 16 Apr 2016 17:35:32 -0400
Subject: [PATCH] Proof of concept #1026
---
src/test/java/com/gitblit/tests/GitServletTest.java | 101 +++++++++++++++++++++++---------------------------
1 files changed, 47 insertions(+), 54 deletions(-)
diff --git a/src/test/java/com/gitblit/tests/GitServletTest.java b/src/test/java/com/gitblit/tests/GitServletTest.java
index 08c4a23..705684a 100644
--- a/src/test/java/com/gitblit/tests/GitServletTest.java
+++ b/src/test/java/com/gitblit/tests/GitServletTest.java
@@ -15,10 +15,6 @@
*/
package com.gitblit.tests;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileOutputStream;
@@ -53,7 +49,6 @@
import com.gitblit.Constants.AccessPermission;
import com.gitblit.Constants.AccessRestrictionType;
import com.gitblit.Constants.AuthorizationControl;
-import com.gitblit.GitBlit;
import com.gitblit.Keys;
import com.gitblit.models.RefLogEntry;
import com.gitblit.models.RepositoryModel;
@@ -62,7 +57,7 @@
import com.gitblit.utils.JGitUtils;
import com.gitblit.utils.RefLogUtils;
-public class GitServletTest {
+public class GitServletTest extends GitblitUnitTest {
static File ticgitFolder = new File(GitBlitSuite.REPOSITORIES, "working/ticgit");
@@ -87,8 +82,8 @@
}
private static void delete(UserModel user) {
- if (GitBlit.self().getUserModel(user.username) != null) {
- GitBlit.self().deleteUser(user.username);
+ if (users().getUserModel(user.username) != null) {
+ users().deleteUser(user.username);
}
}
@@ -148,9 +143,9 @@
@Test
public void testBogusLoginClone() throws Exception {
// restrict repository access
- RepositoryModel model = GitBlit.self().getRepositoryModel("ticgit.git");
+ RepositoryModel model = repositories().getRepositoryModel("ticgit.git");
model.accessRestriction = AccessRestrictionType.CLONE;
- GitBlit.self().updateRepositoryModel(model.name, model, false);
+ repositories().updateRepositoryModel(model.name, model, false);
// delete any existing working folder
boolean cloned = false;
@@ -169,7 +164,7 @@
// restore anonymous repository access
model.accessRestriction = AccessRestrictionType.NONE;
- GitBlit.self().updateRepositoryModel(model.name, model, false);
+ repositories().updateRepositoryModel(model.name, model, false);
assertFalse("Bogus login cloned a repository?!", cloned);
}
@@ -177,13 +172,13 @@
@Test
public void testUnauthorizedLoginClone() throws Exception {
// restrict repository access
- RepositoryModel model = GitBlit.self().getRepositoryModel("ticgit.git");
+ RepositoryModel model = repositories().getRepositoryModel("ticgit.git");
model.accessRestriction = AccessRestrictionType.CLONE;
model.authorizationControl = AuthorizationControl.NAMED;
UserModel user = new UserModel("james");
user.password = "james";
- GitBlit.self().updateUserModel(user.username, user, true);
- GitBlit.self().updateRepositoryModel(model.name, model, false);
+ gitblit().addUser(user);
+ repositories().updateRepositoryModel(model.name, model, false);
FileUtils.delete(ticgit2Folder, FileUtils.RECURSIVE);
@@ -208,7 +203,7 @@
// switch to authenticated
model.authorizationControl = AuthorizationControl.AUTHENTICATED;
- GitBlit.self().updateRepositoryModel(model.name, model, false);
+ repositories().updateRepositoryModel(model.name, model, false);
// try clone again
cloned = false;
@@ -228,7 +223,7 @@
// restore anonymous repository access
model.accessRestriction = AccessRestrictionType.NONE;
model.authorizationControl = AuthorizationControl.NAMED;
- GitBlit.self().updateRepositoryModel(model.name, model, false);
+ repositories().updateRepositoryModel(model.name, model, false);
delete(user);
}
@@ -240,9 +235,9 @@
FileUtils.delete(ticgitFolder, FileUtils.RECURSIVE | FileUtils.RETRY);
}
- RepositoryModel model = GitBlit.self().getRepositoryModel("ticgit.git");
+ RepositoryModel model = repositories().getRepositoryModel("ticgit.git");
model.accessRestriction = AccessRestrictionType.NONE;
- GitBlit.self().updateRepositoryModel(model.name, model, false);
+ repositories().updateRepositoryModel(model.name, model, false);
CloneCommand clone = Git.cloneRepository();
clone.setURI(MessageFormat.format("{0}/ticgit.git", url));
@@ -320,9 +315,9 @@
assertTrue(true);
// freeze repo
- RepositoryModel model = GitBlit.self().getRepositoryModel("test/jgit.git");
+ RepositoryModel model = repositories().getRepositoryModel("test/jgit.git");
model.isFrozen = true;
- GitBlit.self().updateRepositoryModel(model.name, model, false);
+ repositories().updateRepositoryModel(model.name, model, false);
Git git = Git.open(jgitFolder);
File file = new File(jgitFolder, "TODO");
@@ -342,7 +337,7 @@
// unfreeze repo
model.isFrozen = false;
- GitBlit.self().updateRepositoryModel(model.name, model, false);
+ repositories().updateRepositoryModel(model.name, model, false);
results = git.push().setPushAll().setCredentialsProvider(new UsernamePasswordCredentialsProvider(account, password)).call();
GitBlitSuite.close(git);
@@ -385,27 +380,15 @@
public void testCommitterVerification() throws Exception {
UserModel user = getUser();
- // account only uses account name to verify
- testCommitterVerification(user, user.username, null, true);
- // committer email address is ignored because account does not specify email
- testCommitterVerification(user, user.username, "something", true);
- // completely different committer
testCommitterVerification(user, "joe", null, false);
+ testCommitterVerification(user, "joe", user.emailAddress, false);
+ testCommitterVerification(user, user.username, null, false);
+ testCommitterVerification(user, user.username, user.emailAddress, true);
- // test display name verification
user.displayName = "James Moger";
- testCommitterVerification(user, user.displayName, null, true);
- testCommitterVerification(user, user.displayName, "something", true);
- testCommitterVerification(user, "joe", null, false);
-
- // test email address verification
- user.emailAddress = "something";
testCommitterVerification(user, user.displayName, null, false);
- testCommitterVerification(user, user.displayName, "somethingelse", false);
+ testCommitterVerification(user, user.displayName, "something", false);
testCommitterVerification(user, user.displayName, user.emailAddress, true);
-
- // use same email address but with different committer
- testCommitterVerification(user, "joe", "somethingelse", false);
}
private void testCommitterVerification(UserModel user, String displayName, String emailAddress, boolean expectedSuccess) throws Exception {
@@ -428,7 +411,7 @@
GitBlitSuite.close(clone.call());
// require push permissions and committer verification
- RepositoryModel model = GitBlit.self().getRepositoryModel("refchecks/verify-committer.git");
+ RepositoryModel model = repositories().getRepositoryModel("refchecks/verify-committer.git");
model.authorizationControl = AuthorizationControl.NAMED;
model.accessRestriction = AccessRestrictionType.PUSH;
model.verifyCommitter = true;
@@ -436,8 +419,8 @@
// grant user push permission
user.setRepositoryPermission(model.name, AccessPermission.PUSH);
- GitBlit.self().updateUserModel(user.username, user, true);
- GitBlit.self().updateRepositoryModel(model.name, model, false);
+ gitblit().addUser(user);
+ repositories().updateRepositoryModel(model.name, model, false);
// clone temp bare repo to working copy
File local = new File(GitBlitSuite.REPOSITORIES, "refchecks/verify-wc");
@@ -513,7 +496,7 @@
GitBlitSuite.close(clone.call());
// require push permissions and committer verification
- RepositoryModel model = GitBlit.self().getRepositoryModel("refchecks/verify-committer.git");
+ RepositoryModel model = repositories().getRepositoryModel("refchecks/verify-committer.git");
model.authorizationControl = AuthorizationControl.NAMED;
model.accessRestriction = AccessRestrictionType.PUSH;
model.verifyCommitter = true;
@@ -521,8 +504,8 @@
// grant user push permission
user.setRepositoryPermission(model.name, AccessPermission.PUSH);
- GitBlit.self().updateUserModel(user.username, user, true);
- GitBlit.self().updateRepositoryModel(model.name, model, false);
+ gitblit().addUser(user);
+ repositories().updateRepositoryModel(model.name, model, false);
// clone temp bare repo to working copy
File local = new File(GitBlitSuite.REPOSITORIES, "refchecks/verify-wc");
@@ -629,18 +612,28 @@
private void testRefChange(AccessPermission permission, Status expectedCreate, Status expectedDelete, Status expectedRewind) throws Exception {
+ final String originName = "ticgit.git";
+ final String forkName = "refchecks/ticgit.git";
+ final String workingCopy = "refchecks/ticgit-wc";
+
+
+ // lower access restriction on origin repository
+ RepositoryModel origin = repositories().getRepositoryModel(originName);
+ origin.accessRestriction = AccessRestrictionType.NONE;
+ repositories().updateRepositoryModel(origin.name, origin, false);
+
UserModel user = getUser();
delete(user);
CredentialsProvider cp = new UsernamePasswordCredentialsProvider(user.username, user.password);
// fork from original to a temporary bare repo
- File refChecks = new File(GitBlitSuite.REPOSITORIES, "refchecks/ticgit.git");
+ File refChecks = new File(GitBlitSuite.REPOSITORIES, forkName);
if (refChecks.exists()) {
FileUtils.delete(refChecks, FileUtils.RECURSIVE);
}
CloneCommand clone = Git.cloneRepository();
- clone.setURI(MessageFormat.format("{0}/ticgit.git", url));
+ clone.setURI(url + "/" + originName);
clone.setDirectory(refChecks);
clone.setBare(true);
clone.setCloneAllBranches(true);
@@ -648,7 +641,7 @@
GitBlitSuite.close(clone.call());
// elevate repository to clone permission
- RepositoryModel model = GitBlit.self().getRepositoryModel("refchecks/ticgit.git");
+ RepositoryModel model = repositories().getRepositoryModel(forkName);
switch (permission) {
case VIEW:
model.accessRestriction = AccessRestrictionType.CLONE;
@@ -664,11 +657,11 @@
// grant user specified
user.setRepositoryPermission(model.name, permission);
- GitBlit.self().updateUserModel(user.username, user, true);
- GitBlit.self().updateRepositoryModel(model.name, model, false);
+ gitblit().addUser(user);
+ repositories().updateRepositoryModel(model.name, model, false);
// clone temp bare repo to working copy
- File local = new File(GitBlitSuite.REPOSITORIES, "refchecks/ticgit-wc");
+ File local = new File(GitBlitSuite.REPOSITORIES, workingCopy);
if (local.exists()) {
FileUtils.delete(local, FileUtils.RECURSIVE);
}
@@ -834,7 +827,7 @@
user.canCreate = canCreate;
user.canAdmin = canAdmin;
- GitBlit.self().updateUserModel(user.username, user, true);
+ gitblit().addUser(user);
CredentialsProvider cp = new UsernamePasswordCredentialsProvider(user.username, user.password);
@@ -885,7 +878,7 @@
assertTrue("User canAdmin:" + user.canAdmin + " canCreate:" + user.canCreate, user.canAdmin || user.canCreate);
// confirm default personal repository permissions
- RepositoryModel model = GitBlit.self().getRepositoryModel(MessageFormat.format("~{0}/ticgit.git", user.username));
+ RepositoryModel model = repositories().getRepositoryModel(MessageFormat.format("~{0}/ticgit.git", user.username));
assertEquals("Unexpected owner", user.username, ArrayUtils.toString(model.owners));
assertEquals("Unexpected authorization control", AuthorizationControl.NAMED, model.authorizationControl);
assertEquals("Unexpected access restriction", AccessRestrictionType.VIEW, model.accessRestriction);
@@ -909,10 +902,10 @@
assertTrue("User canAdmin:" + user.canAdmin, user.canAdmin);
// confirm default project repository permissions
- RepositoryModel model = GitBlit.self().getRepositoryModel("project/ticgit.git");
+ RepositoryModel model = repositories().getRepositoryModel("project/ticgit.git");
assertEquals("Unexpected owner", user.username, ArrayUtils.toString(model.owners));
- assertEquals("Unexpected authorization control", AuthorizationControl.fromName(GitBlit.getString(Keys.git.defaultAuthorizationControl, "NAMED")), model.authorizationControl);
- assertEquals("Unexpected access restriction", AccessRestrictionType.fromName(GitBlit.getString(Keys.git.defaultAccessRestriction, "NONE")), model.accessRestriction);
+ assertEquals("Unexpected authorization control", AuthorizationControl.fromName(settings().getString(Keys.git.defaultAuthorizationControl, "NAMED")), model.authorizationControl);
+ assertEquals("Unexpected access restriction", AccessRestrictionType.fromName(settings().getString(Keys.git.defaultAccessRestriction, "NONE")), model.accessRestriction);
} catch (GitAPIException e) {
assertTrue(e.getMessage(), e.getMessage().contains("git-receive-pack not found"));
--
Gitblit v1.9.1