| | |
|---|
| | |
|
|---|
| | | public static void deleteWorkingFolders() throws Exception {
|
|---|
| | | if (ticgitFolder.exists()) {
|
|---|
| | | GitBlitSuite.close(ticgitFolder);
|
|---|
| | | FileUtils.delete(ticgitFolder, FileUtils.RECURSIVE);
|
|---|
| | | }
|
|---|
| | | if (ticgit2Folder.exists()) {
|
|---|
| | | GitBlitSuite.close(ticgit2Folder);
|
|---|
| | | FileUtils.delete(ticgit2Folder, FileUtils.RECURSIVE);
|
|---|
| | | }
|
|---|
| | | if (jgitFolder.exists()) {
|
|---|
| | | GitBlitSuite.close(jgitFolder);
|
|---|
| | | FileUtils.delete(jgitFolder, FileUtils.RECURSIVE);
|
|---|
| | | }
|
|---|
| | | if (jgit2Folder.exists()) {
|
|---|
| | | GitBlitSuite.close(jgit2Folder);
|
|---|
| | | FileUtils.delete(jgit2Folder, FileUtils.RECURSIVE);
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|---|
| | | clone.setBare(false);
|
|---|
| | | clone.setCloneAllBranches(true);
|
|---|
| | | clone.setCredentialsProvider(new UsernamePasswordCredentialsProvider(account, password));
|
|---|
| | | close(clone.call()); |
|---|
| | | GitBlitSuite.close(clone.call()); |
|---|
| | | assertTrue(true);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | |
|---|
| | | clone.setBare(false);
|
|---|
| | | clone.setCloneAllBranches(true);
|
|---|
| | | clone.setCredentialsProvider(new UsernamePasswordCredentialsProvider("bogus", "bogus"));
|
|---|
| | | close(clone.call());
|
|---|
| | | GitBlitSuite.close(clone.call());
|
|---|
| | | cloned = true;
|
|---|
| | | } catch (Exception e) {
|
|---|
| | | // swallow the exception which we expect
|
|---|
| | |
|---|
| | | clone.setBare(false);
|
|---|
| | | clone.setCloneAllBranches(true);
|
|---|
| | | clone.setCredentialsProvider(new UsernamePasswordCredentialsProvider(user.username, user.password));
|
|---|
| | | close(clone.call());
|
|---|
| | | GitBlitSuite.close(clone.call());
|
|---|
| | | cloned = true;
|
|---|
| | | } catch (Exception e) {
|
|---|
| | | // swallow the exception which we expect
|
|---|
| | |
|---|
| | | clone.setBare(false);
|
|---|
| | | clone.setCloneAllBranches(true);
|
|---|
| | | clone.setCredentialsProvider(new UsernamePasswordCredentialsProvider(user.username, user.password));
|
|---|
| | | close(clone.call());
|
|---|
| | | GitBlitSuite.close(clone.call());
|
|---|
| | | cloned = true;
|
|---|
| | |
|
|---|
| | | assertTrue("Authenticated login could not clone!", cloned);
|
|---|
| | |
|---|
| | | git.add().addFilepattern(file.getName()).call();
|
|---|
| | | git.commit().setMessage("test commit").call();
|
|---|
| | | git.push().setPushAll().call();
|
|---|
| | | close(git);
|
|---|
| | | GitBlitSuite.close(git);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | @Test
|
|---|
| | |
|---|
| | | clone.setBare(false);
|
|---|
| | | clone.setCloneAllBranches(true);
|
|---|
| | | clone.setCredentialsProvider(new UsernamePasswordCredentialsProvider(account, password));
|
|---|
| | | close(clone.call());
|
|---|
| | | GitBlitSuite.close(clone.call());
|
|---|
| | | assertTrue(true);
|
|---|
| | |
|
|---|
| | | Git git = Git.open(jgitFolder);
|
|---|
| | |
|---|
| | | git.add().addFilepattern(file.getName()).call();
|
|---|
| | | git.commit().setMessage("test commit").call();
|
|---|
| | | git.push().setPushAll().call();
|
|---|
| | | close(git);
|
|---|
| | | GitBlitSuite.close(git);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | @Test
|
|---|
| | |
|---|
| | | clone.setBare(false);
|
|---|
| | | clone.setCloneAllBranches(true);
|
|---|
| | | clone.setCredentialsProvider(new UsernamePasswordCredentialsProvider(account, password));
|
|---|
| | | close(clone.call());
|
|---|
| | | GitBlitSuite.close(clone.call());
|
|---|
| | | assertTrue(true);
|
|---|
| | |
|
|---|
| | | Git git = Git.open(jgit2Folder);
|
|---|
| | |
|---|
| | | } catch (Exception e) {
|
|---|
| | | assertTrue(e.getCause().getMessage().contains("git-receive-pack not permitted"));
|
|---|
| | | }
|
|---|
| | | close(git);
|
|---|
| | | GitBlitSuite.close(git);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | @Test
|
|---|
| | | public void testCommitterVerification() throws Exception {
|
|---|
| | | UserModel user = new UserModel("james");
|
|---|
| | | user.password = "james";
|
|---|
| | |
|
|---|
| | | // account only uses account name to verify
|
|---|
| | | testCommitterVerification(user, user.username, null, true);
|
|---|
| | | // committer email address is ignored because account does not specify email
|
|---|
| | | testCommitterVerification(user, user.username, "something", true);
|
|---|
| | | // completely different committer
|
|---|
| | | testCommitterVerification(user, "joe", null, false);
|
|---|
| | |
|
|---|
| | | // test display name verification
|
|---|
| | | user.displayName = "James Moger";
|
|---|
| | | testCommitterVerification(user, user.displayName, null, true);
|
|---|
| | | testCommitterVerification(user, user.displayName, "something", true);
|
|---|
| | | testCommitterVerification(user, "joe", null, false);
|
|---|
| | | |
|---|
| | | // test email address verification
|
|---|
| | | user.emailAddress = "something";
|
|---|
| | | testCommitterVerification(user, user.displayName, null, false);
|
|---|
| | | testCommitterVerification(user, user.displayName, "somethingelse", false);
|
|---|
| | | testCommitterVerification(user, user.displayName, user.emailAddress, true);
|
|---|
| | | |
|---|
| | | // use same email address but with different committer
|
|---|
| | | testCommitterVerification(user, "joe", "somethingelse", false);
|
|---|
| | | }
|
|---|
| | | |
|---|
| | | private void testCommitterVerification(UserModel user, String displayName, String emailAddress, boolean expectedSuccess) throws Exception {
|
|---|
| | | |
|---|
| | | if (GitBlit.self().getUserModel(user.username) != null) {
|
|---|
| | | GitBlit.self().deleteUser(user.username);
|
|---|
| | | }
|
|---|
| | | |
|---|
| | | CredentialsProvider cp = new UsernamePasswordCredentialsProvider(user.username, user.password);
|
|---|
| | | |
|---|
| | | // fork from original to a temporary bare repo
|
|---|
| | | File verification = new File(GitBlitSuite.REPOSITORIES, "refchecks/verify-committer.git");
|
|---|
| | | if (verification.exists()) {
|
|---|
| | | FileUtils.delete(verification, FileUtils.RECURSIVE);
|
|---|
| | | }
|
|---|
| | | CloneCommand clone = Git.cloneRepository();
|
|---|
| | | clone.setURI(MessageFormat.format("{0}/git/ticgit.git", url));
|
|---|
| | | clone.setDirectory(verification);
|
|---|
| | | clone.setBare(true);
|
|---|
| | | clone.setCloneAllBranches(true);
|
|---|
| | | clone.setCredentialsProvider(cp);
|
|---|
| | | GitBlitSuite.close(clone.call());
|
|---|
| | | |
|---|
| | | // require push permissions and committer verification
|
|---|
| | | RepositoryModel model = GitBlit.self().getRepositoryModel("refchecks/verify-committer.git");
|
|---|
| | | model.authorizationControl = AuthorizationControl.NAMED;
|
|---|
| | | model.accessRestriction = AccessRestrictionType.PUSH;
|
|---|
| | | model.verifyCommitter = true;
|
|---|
| | | |
|---|
| | | // grant user push permission
|
|---|
| | | user.setRepositoryPermission(model.name, AccessPermission.PUSH);
|
|---|
| | | |
|---|
| | | GitBlit.self().updateUserModel(user.username, user, true);
|
|---|
| | | GitBlit.self().updateRepositoryModel(model.name, model, false);
|
|---|
| | |
|
|---|
| | | // clone temp bare repo to working copy
|
|---|
| | | File local = new File(GitBlitSuite.REPOSITORIES, "refchecks/verify-wc");
|
|---|
| | | if (local.exists()) {
|
|---|
| | | FileUtils.delete(local, FileUtils.RECURSIVE);
|
|---|
| | | }
|
|---|
| | | clone = Git.cloneRepository();
|
|---|
| | | clone.setURI(MessageFormat.format("{0}/git/{1}", url, model.name));
|
|---|
| | | clone.setDirectory(local);
|
|---|
| | | clone.setBare(false);
|
|---|
| | | clone.setCloneAllBranches(true);
|
|---|
| | | clone.setCredentialsProvider(cp);
|
|---|
| | | GitBlitSuite.close(clone.call());
|
|---|
| | | |
|---|
| | | Git git = Git.open(local);
|
|---|
| | | |
|---|
| | | // force an identity which may or may not match the account's identity
|
|---|
| | | git.getRepository().getConfig().setString("user", null, "name", displayName);
|
|---|
| | | git.getRepository().getConfig().setString("user", null, "email", emailAddress);
|
|---|
| | | git.getRepository().getConfig().save();
|
|---|
| | | |
|---|
| | | // commit a file and push it
|
|---|
| | | File file = new File(local, "PUSHCHK");
|
|---|
| | | OutputStreamWriter os = new OutputStreamWriter(new FileOutputStream(file, true), Constants.CHARSET);
|
|---|
| | | BufferedWriter w = new BufferedWriter(os);
|
|---|
| | | w.write("// " + new Date().toString() + "\n");
|
|---|
| | | w.close();
|
|---|
| | | git.add().addFilepattern(file.getName()).call();
|
|---|
| | | git.commit().setMessage("push test").call();
|
|---|
| | | Iterable<PushResult> results = git.push().setCredentialsProvider(cp).setRemote("origin").call();
|
|---|
| | | |
|---|
| | | for (PushResult result : results) {
|
|---|
| | | RemoteRefUpdate ref = result.getRemoteUpdate("refs/heads/master");
|
|---|
| | | Status status = ref.getStatus();
|
|---|
| | | if (expectedSuccess) {
|
|---|
| | | assertTrue("Verification failed! User was NOT able to push commit! " + status.name(), Status.OK.equals(status));
|
|---|
| | | } else {
|
|---|
| | | assertTrue("Verification failed! User was able to push commit! " + status.name(), Status.REJECTED_OTHER_REASON.equals(status));
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | | |
|---|
| | | GitBlitSuite.close(git);
|
|---|
| | | // close serving repository
|
|---|
| | | GitBlitSuite.close(verification);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | @Test
|
|---|
| | |
|---|
| | | clone.setBare(true);
|
|---|
| | | clone.setCloneAllBranches(true);
|
|---|
| | | clone.setCredentialsProvider(cp);
|
|---|
| | | close(clone.call());
|
|---|
| | | GitBlitSuite.close(clone.call());
|
|---|
| | |
|
|---|
| | | // elevate repository to clone permission
|
|---|
| | | RepositoryModel model = GitBlit.self().getRepositoryModel("refchecks/ticgit.git");
|
|---|
| | |
|---|
| | | clone.setCredentialsProvider(cp);
|
|---|
| | |
|
|---|
| | | try {
|
|---|
| | | close(clone.call());
|
|---|
| | | GitBlitSuite.close(clone.call());
|
|---|
| | | } catch (GitAPIException e) {
|
|---|
| | | if (permission.atLeast(AccessPermission.CLONE)) {
|
|---|
| | | throw e;
|
|---|
| | | } else {
|
|---|
| | | // close serving repository
|
|---|
| | | GitBlitSuite.close(refChecks);
|
|---|
| | | |
|---|
| | | // user does not have clone permission
|
|---|
| | | assertTrue(e.getMessage(), e.getMessage().contains("not permitted")); |
|---|
| | | assertTrue(e.getMessage(), e.getMessage().contains("not permitted")); |
|---|
| | | return;
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|---|
| | | if (permission.atLeast(AccessPermission.PUSH)) {
|
|---|
| | | throw e;
|
|---|
| | | } else {
|
|---|
| | | // close serving repository
|
|---|
| | | GitBlitSuite.close(refChecks);
|
|---|
| | | |
|---|
| | | // user does not have push permission
|
|---|
| | | assertTrue(e.getMessage(), e.getMessage().contains("not permitted"));
|
|---|
| | | close(git);
|
|---|
| | | GitBlitSuite.close(git);
|
|---|
| | | return;
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|---|
| | | if (permission.atLeast(AccessPermission.PUSH)) {
|
|---|
| | | assertTrue("User failed to push commit?! " + status.name(), Status.OK.equals(status));
|
|---|
| | | } else {
|
|---|
| | | // close serving repository
|
|---|
| | | GitBlitSuite.close(refChecks);
|
|---|
| | |
|
|---|
| | | assertTrue("User was able to push commit! " + status.name(), Status.REJECTED_OTHER_REASON.equals(status));
|
|---|
| | | close(git);
|
|---|
| | | GitBlitSuite.close(git);
|
|---|
| | | // skip delete test
|
|---|
| | | return;
|
|---|
| | | }
|
|---|
| | |
|---|
| | | if (Status.OK.equals(expectedCreate)) {
|
|---|
| | | assertTrue("User failed to push creation?! " + status.name(), status.equals(expectedCreate));
|
|---|
| | | } else {
|
|---|
| | | // close serving repository
|
|---|
| | | GitBlitSuite.close(refChecks);
|
|---|
| | |
|
|---|
| | | assertTrue("User was able to push ref creation! " + status.name(), status.equals(expectedCreate));
|
|---|
| | | close(git);
|
|---|
| | | GitBlitSuite.close(git);
|
|---|
| | | // skip delete test
|
|---|
| | | return;
|
|---|
| | | }
|
|---|
| | |
|---|
| | | if (Status.OK.equals(expectedDelete)) {
|
|---|
| | | assertTrue("User failed to push ref deletion?! " + status.name(), status.equals(Status.OK));
|
|---|
| | | } else {
|
|---|
| | | // close serving repository
|
|---|
| | | GitBlitSuite.close(refChecks);
|
|---|
| | |
|
|---|
| | | assertTrue("User was able to push ref deletion?! " + status.name(), status.equals(expectedDelete));
|
|---|
| | | close(git);
|
|---|
| | | GitBlitSuite.close(git);
|
|---|
| | | // skip rewind test
|
|---|
| | | return;
|
|---|
| | | }
|
|---|
| | |
|---|
| | | assertTrue("User was able to rewind master?! " + status.name(), status.equals(expectedRewind));
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | | close(git);
|
|---|
| | | GitBlitSuite.close(git);
|
|---|
| | |
|
|---|
| | | GitBlit.self().deleteUser(user.username);
|
|---|
| | | }
|
|---|
| | | // close serving repository
|
|---|
| | | GitBlitSuite.close(refChecks);
|
|---|
| | |
|
|---|
| | | |
|---|
| | | private void close(Git git) {
|
|---|
| | | // really close the repository
|
|---|
| | | // decrement the use counter to 0
|
|---|
| | | for (int i = 0; i < 2; i++) {
|
|---|
| | | git.getRepository().close();
|
|---|
| | | }
|
|---|
| | | GitBlit.self().deleteUser(user.username);
|
|---|
| | | }
|
|---|
| | | }
|
|---|
