From f76fee63ed9cb3a30d3c0c092d860b1cb93a481b Mon Sep 17 00:00:00 2001
From: Gerard Smyth <gerard.smyth@gmail.com>
Date: Thu, 08 May 2014 13:09:30 -0400
Subject: [PATCH] Updated the SyndicationServlet to provide an additional option to return details of the tags in the repository instead of the commits. This uses a new 'ot' request parameter to indicate the object type of the content to return, which can be ither TAG or COMMIT. If this is not provided, then COMMIT is assumed to maintain backwards compatability. If tags are returned, then the paging parameters, 'l' and 'pg' are still supported, but searching options are currently ignored.
---
src/main/java/com/gitblit/git/GitblitReceivePack.java | 118 +++++++++++++++++++++++++++++++++++++++++++++++++++++++---
1 files changed, 111 insertions(+), 7 deletions(-)
diff --git a/src/main/java/com/gitblit/git/GitblitReceivePack.java b/src/main/java/com/gitblit/git/GitblitReceivePack.java
index 35f0d86..b4449f0 100644
--- a/src/main/java/com/gitblit/git/GitblitReceivePack.java
+++ b/src/main/java/com/gitblit/git/GitblitReceivePack.java
@@ -47,9 +47,11 @@
import com.gitblit.IStoredSettings;
import com.gitblit.Keys;
import com.gitblit.client.Translation;
+import com.gitblit.extensions.ReceiveHook;
import com.gitblit.manager.IGitblit;
import com.gitblit.models.RepositoryModel;
import com.gitblit.models.UserModel;
+import com.gitblit.tickets.BranchTicketService;
import com.gitblit.utils.ArrayUtils;
import com.gitblit.utils.ClientLogger;
import com.gitblit.utils.CommitCache;
@@ -117,9 +119,46 @@
setAllowDeletes(user.canDeleteRef(repository));
setAllowNonFastForwards(user.canRewindRef(repository));
+ int maxObjectSz = settings.getInteger(Keys.git.maxObjectSizeLimit, -1);
+ if (maxObjectSz >= 0) {
+ setMaxObjectSizeLimit(maxObjectSz);
+ }
+ int maxPackSz = settings.getInteger(Keys.git.maxPackSizeLimit, -1);
+ if (maxPackSz >= 0) {
+ setMaxPackSizeLimit(maxPackSz);
+ }
+ setCheckReceivedObjects(settings.getBoolean(Keys.git.checkReceivedObjects, true));
+ setCheckReferencedObjectsAreReachable(settings.getBoolean(Keys.git.checkReferencedObjectsAreReachable, true));
+
// setup pre and post receive hook
setPreReceiveHook(this);
setPostReceiveHook(this);
+ }
+
+ /**
+ * Returns true if the user is permitted to apply the receive commands to
+ * the repository.
+ *
+ * @param commands
+ * @return true if the user may push these commands
+ */
+ protected boolean canPush(Collection<ReceiveCommand> commands) {
+ // TODO Consider supporting branch permissions here (issue-36)
+ // Not sure if that should be Gerrit-style, refs/meta/config, or
+ // gitolite-style, permissions in users.conf
+ //
+ // How could commands be empty?
+ //
+ // Because a subclass, like PatchsetReceivePack, filters receive
+ // commands before this method is called. This makes it possible for
+ // this method to test an empty list. In this case, we assume that the
+ // subclass receive pack properly enforces push restrictions. for the
+ // ref.
+ //
+ // The empty test is not explicitly required, it's written here to
+ // clarify special-case behavior.
+
+ return commands.isEmpty() ? true : user.canPush(repository);
}
/**
@@ -129,6 +168,14 @@
*/
@Override
public void onPreReceive(ReceivePack rp, Collection<ReceiveCommand> commands) {
+
+ if (commands.size() == 0) {
+ // no receive commands to process
+ // this can happen if receive pack subclasses intercept and filter
+ // the commands
+ LOGGER.debug("skipping pre-receive processing, no refs created, updated, or removed");
+ return;
+ }
if (repository.isMirror) {
// repository is a mirror
@@ -154,7 +201,7 @@
return;
}
- if (!user.canPush(repository)) {
+ if (!canPush(commands)) {
// user does not have push permissions
for (ReceiveCommand cmd : commands) {
sendRejection(cmd, "User \"{0}\" does not have push permissions for \"{1}\"!", user.username, repository.name);
@@ -236,6 +283,25 @@
default:
break;
}
+ } else if (ref.equals(BranchTicketService.BRANCH)) {
+ // ensure pushing user is an administrator OR an owner
+ // i.e. prevent ticket tampering
+ boolean permitted = user.canAdmin() || repository.isOwner(user.username);
+ if (!permitted) {
+ sendRejection(cmd, "{0} is not permitted to push to {1}", user.username, ref);
+ }
+ } else if (ref.startsWith(Constants.R_FOR)) {
+ // prevent accidental push to refs/for
+ sendRejection(cmd, "{0} is not configured to receive patchsets", repository.name);
+ }
+ }
+
+ // call pre-receive plugins
+ for (ReceiveHook hook : gitblit.getExtensions(ReceiveHook.class)) {
+ try {
+ hook.onPreReceive(this, commands);
+ } catch (Exception e) {
+ LOGGER.error("Failed to execute extension", e);
}
}
@@ -261,9 +327,11 @@
@Override
public void onPostReceive(ReceivePack rp, Collection<ReceiveCommand> commands) {
if (commands.size() == 0) {
- LOGGER.debug("skipping post-receive hooks, no refs created, updated, or removed");
+ LOGGER.debug("skipping post-receive processing, no refs created, updated, or removed");
return;
}
+
+ boolean isRefCreationOrDeletion = false;
// log ref changes
for (ReceiveCommand cmd : commands) {
@@ -273,9 +341,11 @@
switch (cmd.getType()) {
case DELETE:
LOGGER.info(MessageFormat.format("{0} DELETED {1} in {2} ({3})", user.username, cmd.getRefName(), repository.name, cmd.getOldId().name()));
+ isRefCreationOrDeletion = true;
break;
case CREATE:
LOGGER.info(MessageFormat.format("{0} CREATED {1} in {2}", user.username, cmd.getRefName(), repository.name));
+ isRefCreationOrDeletion = true;
break;
case UPDATE:
LOGGER.info(MessageFormat.format("{0} UPDATED {1} in {2} (from {3} to {4})", user.username, cmd.getRefName(), repository.name, cmd.getOldId().name(), cmd.getNewId().name()));
@@ -287,6 +357,10 @@
break;
}
}
+ }
+
+ if (isRefCreationOrDeletion) {
+ gitblit.resetRepositoryCache(repository.name);
}
if (repository.useIncrementalPushTags) {
@@ -331,6 +405,24 @@
LOGGER.debug(MessageFormat.format("{0} push log updated", repository.name));
} catch (Exception e) {
LOGGER.error(MessageFormat.format("Failed to update {0} pushlog", repository.name), e);
+ }
+
+ // check for updates pushed to the BranchTicketService branch
+ // if the BranchTicketService is active it will reindex, as appropriate
+ for (ReceiveCommand cmd : commands) {
+ if (Result.OK.equals(cmd.getResult())
+ && BranchTicketService.BRANCH.equals(cmd.getRefName())) {
+ rp.getRepository().fireEvent(new ReceiveCommandEvent(repository, cmd));
+ }
+ }
+
+ // call post-receive plugins
+ for (ReceiveHook hook : gitblit.getExtensions(ReceiveHook.class)) {
+ try {
+ hook.onPostReceive(this, commands);
+ } catch (Exception e) {
+ LOGGER.error("Failed to execute extension", e);
+ }
}
// run Groovy hook scripts
@@ -388,7 +480,7 @@
this.gitblitUrl = url;
}
- protected void sendRejection(final ReceiveCommand cmd, final String why, Object... objects) {
+ public void sendRejection(final ReceiveCommand cmd, final String why, Object... objects) {
String text;
if (ArrayUtils.isEmpty(objects)) {
text = why;
@@ -399,15 +491,15 @@
LOGGER.error(text + " (" + user.username + ")");
}
- protected void sendHeader(String msg, Object... objects) {
+ public void sendHeader(String msg, Object... objects) {
sendInfo("--> ", msg, objects);
}
- protected void sendInfo(String msg, Object... objects) {
+ public void sendInfo(String msg, Object... objects) {
sendInfo(" ", msg, objects);
}
- protected void sendInfo(String prefix, String msg, Object... objects) {
+ private void sendInfo(String prefix, String msg, Object... objects) {
String text;
if (ArrayUtils.isEmpty(objects)) {
text = msg;
@@ -421,7 +513,7 @@
}
}
- protected void sendError(String msg, Object... objects) {
+ public void sendError(String msg, Object... objects) {
String text;
if (ArrayUtils.isEmpty(objects)) {
text = msg;
@@ -486,4 +578,16 @@
}
}
}
+
+ public IGitblit getGitblit() {
+ return gitblit;
+ }
+
+ public RepositoryModel getRepositoryModel() {
+ return repository;
+ }
+
+ public UserModel getUserModel() {
+ return user;
+ }
}
--
Gitblit v1.9.1