| | |
|---|
| | | * Analyze the url and returns the action of the request. Return values are
|
|---|
| | | * either "/git-receive-pack" or "/git-upload-pack".
|
|---|
| | | *
|
|---|
| | | * @param url
|
|---|
| | | * @param serverUrl
|
|---|
| | | * @return action of the request
|
|---|
| | | */
|
|---|
| | | @Override
|
|---|
| | |
|---|
| | | return gitReceivePack;
|
|---|
| | | } else if (suffix.contains("?service=git-upload-pack")) {
|
|---|
| | | return gitUploadPack;
|
|---|
| | | } else {
|
|---|
| | | return gitUploadPack;
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | | return null;
|
|---|
| | | }
|
|---|
| | | |
|---|
| | | /**
|
|---|
| | | * Determine if the repository can receive pushes.
|
|---|
| | | * |
|---|
| | | * @param repository
|
|---|
| | | * @param action
|
|---|
| | | * @return true if the action may be performed
|
|---|
| | | */
|
|---|
| | | @Override
|
|---|
| | | protected boolean isActionAllowed(RepositoryModel repository, String action) {
|
|---|
| | | if (action.equals(gitReceivePack)) {
|
|---|
| | | // Push request
|
|---|
| | | if (!repository.isBare) {
|
|---|
| | | logger.warn("Gitblit does not allow pushes to repositories with a working copy");
|
|---|
| | | return false;
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | | return true;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | | * Determine if the repository requires authentication.
|
|---|
| | | *
|
|---|
| | | * @param repository
|
|---|
| | | * @param action
|
|---|
| | | * @return true if authentication required
|
|---|
| | | */
|
|---|
| | | @Override
|
|---|
| | | protected boolean requiresAuthentication(RepositoryModel repository) {
|
|---|
| | | return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH);
|
|---|
| | | protected boolean requiresAuthentication(RepositoryModel repository, String action) {
|
|---|
| | | if (gitUploadPack.equals(action)) {
|
|---|
| | | // send to client
|
|---|
| | | return repository.accessRestriction.atLeast(AccessRestrictionType.CLONE); |
|---|
| | | } else if (gitReceivePack.equals(action)) {
|
|---|
| | | // receive from client
|
|---|
| | | return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH);
|
|---|
| | | }
|
|---|
| | | return false;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | |
|---|
| | | if (!GitBlit.getBoolean(Keys.git.enableGitServlet, true)) {
|
|---|
| | | // Git Servlet disabled
|
|---|
| | | return false;
|
|---|
| | | }
|
|---|
| | | if (repository.isFrozen || repository.accessRestriction.atLeast(AccessRestrictionType.PUSH)) {
|
|---|
| | | boolean authorizedUser = user.canAccessRepository(repository.name);
|
|---|
| | | } |
|---|
| | | boolean readOnly = repository.isFrozen; |
|---|
| | | if (readOnly || repository.accessRestriction.atLeast(AccessRestrictionType.PUSH)) {
|
|---|
| | | boolean authorizedUser = user.canAccessRepository(repository);
|
|---|
| | | if (action.equals(gitReceivePack)) {
|
|---|
| | | // Push request
|
|---|
| | | if (!repository.isFrozen && authorizedUser) {
|
|---|
| | | if (!readOnly && authorizedUser) {
|
|---|
| | | // clone-restricted or push-authorized
|
|---|
| | | return true;
|
|---|
| | | } else {
|
|---|
