| | |
|---|
| | | |
|---|
| | | import java.text.MessageFormat; |
|---|
| | | import java.util.ArrayList; |
|---|
| | | import java.util.Collections; |
|---|
| | | import java.util.Comparator; |
|---|
| | | import java.util.HashSet; |
|---|
| | | import java.util.Iterator; |
|---|
| | | import java.util.List; |
|---|
| | | import java.util.Set; |
|---|
| | | |
|---|
| | | import javax.inject.Singleton; |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | |
|---|
| | | import com.gitblit.Constants.AccessPermission; |
|---|
| | | import com.gitblit.Constants.Transport; |
|---|
| | | import com.gitblit.manager.GitblitManager; |
|---|
| | | import com.gitblit.manager.IAuthenticationManager; |
|---|
| | | import com.gitblit.manager.IFederationManager; |
|---|
| | |
|---|
| | | return this; |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public boolean isServingRepositories() { |
|---|
| | | return servicesManager.isServingRepositories(); |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public boolean isServingHTTP() { |
|---|
| | | return servicesManager.isServingHTTP(); |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public boolean isServingGIT() { |
|---|
| | | return servicesManager.isServingGIT(); |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public boolean isServingSSH() { |
|---|
| | | return servicesManager.isServingSSH(); |
|---|
| | | } |
|---|
| | | |
|---|
| | | protected Object [] getModules() { |
|---|
| | | return new Object [] { new GitBlitModule()}; |
|---|
| | | } |
|---|
| | | |
|---|
| | | protected boolean acceptPush(Transport byTransport) { |
|---|
| | | if (byTransport == null) { |
|---|
| | | logger.info("Unknown transport, push rejected!"); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | |
|---|
| | | Set<Transport> transports = new HashSet<Transport>(); |
|---|
| | | for (String value : getSettings().getStrings(Keys.git.acceptedPushTransports)) { |
|---|
| | | Transport transport = Transport.fromString(value); |
|---|
| | | if (transport == null) { |
|---|
| | | logger.info(String.format("Ignoring unknown registered transport %s", value)); |
|---|
| | | continue; |
|---|
| | | } |
|---|
| | | |
|---|
| | | transports.add(transport); |
|---|
| | | } |
|---|
| | | |
|---|
| | | if (transports.isEmpty()) { |
|---|
| | | // no transports are explicitly specified, all are acceptable |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | |
|---|
| | | // verify that the transport is permitted |
|---|
| | | return transports.contains(byTransport); |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | |
|---|
| | | if (settings.getBoolean(Keys.git.enableGitServlet, true)) { |
|---|
| | | AccessPermission permission = user.getRepositoryPermission(repository).permission; |
|---|
| | | if (permission.exceeds(AccessPermission.NONE)) { |
|---|
| | | Transport transport = Transport.fromString(request.getScheme()); |
|---|
| | | if (permission.atLeast(AccessPermission.PUSH) && !acceptPush(transport)) { |
|---|
| | | // downgrade the repo permission for this transport |
|---|
| | | // because it is not an acceptable PUSH transport |
|---|
| | | permission = AccessPermission.CLONE; |
|---|
| | | } |
|---|
| | | list.add(new RepositoryUrl(getRepositoryUrl(request, username, repository), permission)); |
|---|
| | | } |
|---|
| | | } |
|---|
| | |
|---|
| | | if (!StringUtils.isEmpty(sshDaemonUrl)) { |
|---|
| | | AccessPermission permission = user.getRepositoryPermission(repository).permission; |
|---|
| | | if (permission.exceeds(AccessPermission.NONE)) { |
|---|
| | | if (permission.atLeast(AccessPermission.PUSH) && !acceptPush(Transport.SSH)) { |
|---|
| | | // downgrade the repo permission for this transport |
|---|
| | | // because it is not an acceptable PUSH transport |
|---|
| | | permission = AccessPermission.CLONE; |
|---|
| | | } |
|---|
| | | |
|---|
| | | list.add(new RepositoryUrl(sshDaemonUrl, permission)); |
|---|
| | | } |
|---|
| | | } |
|---|
| | |
|---|
| | | if (!StringUtils.isEmpty(gitDaemonUrl)) { |
|---|
| | | AccessPermission permission = servicesManager.getGitDaemonAccessPermission(user, repository); |
|---|
| | | if (permission.exceeds(AccessPermission.NONE)) { |
|---|
| | | if (permission.atLeast(AccessPermission.PUSH) && !acceptPush(Transport.GIT)) { |
|---|
| | | // downgrade the repo permission for this transport |
|---|
| | | // because it is not an acceptable PUSH transport |
|---|
| | | permission = AccessPermission.CLONE; |
|---|
| | | } |
|---|
| | | list.add(new RepositoryUrl(gitDaemonUrl, permission)); |
|---|
| | | } |
|---|
| | | } |
|---|
| | |
|---|
| | | list.add(new RepositoryUrl(MessageFormat.format(url, repository.name), null)); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | // sort transports by highest permission and then by transport security |
|---|
| | | Collections.sort(list, new Comparator<RepositoryUrl>() { |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public int compare(RepositoryUrl o1, RepositoryUrl o2) { |
|---|
| | | if (!o1.isExternal() && o2.isExternal()) { |
|---|
| | | // prefer Gitblit over external |
|---|
| | | return -1; |
|---|
| | | } else if (o1.isExternal() && !o2.isExternal()) { |
|---|
| | | // prefer Gitblit over external |
|---|
| | | return 1; |
|---|
| | | } else if (o1.isExternal() && o2.isExternal()) { |
|---|
| | | // sort by Transport ordinal |
|---|
| | | return o1.transport.compareTo(o2.transport); |
|---|
| | | } else if (o1.permission.exceeds(o2.permission)) { |
|---|
| | | // prefer highest permission |
|---|
| | | return -1; |
|---|
| | | } else if (o2.permission.exceeds(o1.permission)) { |
|---|
| | | // prefer highest permission |
|---|
| | | return 1; |
|---|
| | | } |
|---|
| | | |
|---|
| | | // prefer more secure transports |
|---|
| | | return o1.transport.compareTo(o2.transport); |
|---|
| | | } |
|---|
| | | }); |
|---|
| | | |
|---|
| | | // consider the user's transport preference |
|---|
| | | RepositoryUrl preferredUrl = null; |
|---|
| | | Transport preferredTransport = user.getPreferences().getTransport(); |
|---|
| | | if (preferredTransport != null) { |
|---|
| | | Iterator<RepositoryUrl> itr = list.iterator(); |
|---|
| | | while (itr.hasNext()) { |
|---|
| | | RepositoryUrl url = itr.next(); |
|---|
| | | if (url.transport.equals(preferredTransport)) { |
|---|
| | | itr.remove(); |
|---|
| | | preferredUrl = url; |
|---|
| | | break; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | if (preferredUrl != null) { |
|---|
| | | list.add(0, preferredUrl); |
|---|
| | | } |
|---|
| | | |
|---|
| | | return list; |
|---|
| | | } |
|---|
| | | |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * Delete the user and all associated public ssh keys. |
|---|
| | | */ |
|---|
| | | @Override |
|---|
| | | public boolean deleteUser(String username) { |
|---|
| | | UserModel user = userManager.getUserModel(username); |
|---|
| | | return deleteUserModel(user); |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public boolean deleteUserModel(UserModel model) { |
|---|
| | | boolean success = userManager.deleteUserModel(model); |
|---|
| | | if (success) { |
|---|
| | | getPublicKeyManager().removeAllKeys(model.username); |
|---|
| | | } |
|---|
| | | return success; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * Delete the repository and all associated tickets. |
|---|
| | | */ |
|---|
| | | @Override |
|---|
| | |
|---|
| | | public boolean deleteRepositoryModel(RepositoryModel model) { |
|---|
| | | boolean success = repositoryManager.deleteRepositoryModel(model); |
|---|
| | | if (success && ticketService != null) { |
|---|
| | | return ticketService.deleteAll(model); |
|---|
| | | ticketService.deleteAll(model); |
|---|
| | | } |
|---|
| | | return success; |
|---|
| | | } |
|---|
| | |
|---|
| | | |
|---|
| | | // core managers |
|---|
| | | IRuntimeManager.class, |
|---|
| | | IPluginManager.class, |
|---|
| | | INotificationManager.class, |
|---|
| | | IUserManager.class, |
|---|
| | | IAuthenticationManager.class, |
|---|
| | |
|---|
| | | |
|---|
| | | @Provides @Singleton IRuntimeManager provideRuntimeManager() { |
|---|
| | | return runtimeManager; |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Provides @Singleton IPluginManager providePluginManager() { |
|---|
| | | return pluginManager; |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Provides @Singleton INotificationManager provideNotificationManager() { |
|---|
| | |
|---|
| | | @Provides @Singleton NullTicketService provideNullTicketService() { |
|---|
| | | return new NullTicketService( |
|---|
| | | runtimeManager, |
|---|
| | | pluginManager, |
|---|
| | | notificationManager, |
|---|
| | | userManager, |
|---|
| | | repositoryManager); |
|---|
| | |
|---|
| | | @Provides @Singleton FileTicketService provideFileTicketService() { |
|---|
| | | return new FileTicketService( |
|---|
| | | runtimeManager, |
|---|
| | | pluginManager, |
|---|
| | | notificationManager, |
|---|
| | | userManager, |
|---|
| | | repositoryManager); |
|---|
| | |
|---|
| | | @Provides @Singleton BranchTicketService provideBranchTicketService() { |
|---|
| | | return new BranchTicketService( |
|---|
| | | runtimeManager, |
|---|
| | | pluginManager, |
|---|
| | | notificationManager, |
|---|
| | | userManager, |
|---|
| | | repositoryManager); |
|---|
| | |
|---|
| | | @Provides @Singleton RedisTicketService provideRedisTicketService() { |
|---|
| | | return new RedisTicketService( |
|---|
| | | runtimeManager, |
|---|
| | | pluginManager, |
|---|
| | | notificationManager, |
|---|
| | | userManager, |
|---|
| | | repositoryManager); |
|---|
