githubFork/gitblit.git - Solinfo Gitblit

			@@ -32,12 +32,29 @@
			*/
			public class GitFilter extends AccessRestrictionFilter {

			protected final String gitReceivePack = "/git-receive-pack";
			protected static final String gitReceivePack = "/git-receive-pack";

			protected final String gitUploadPack = "/git-upload-pack";
			protected static final String gitUploadPack = "/git-upload-pack";

			protected final String[] suffixes = { gitReceivePack, gitUploadPack, "/info/refs", "/HEAD",
			protected static final String[] suffixes = { gitReceivePack, gitUploadPack, "/info/refs", "/HEAD",
			"/objects" };

			/**
			* Extract the repository name from the url.
			*
			* @param url
			* @return repository name
			*/
			public static String getRepositoryName(String value) {
			String repository = value;
			// get the repository name from the url by finding a known url suffix
			for (String urlSuffix : suffixes) {
			if (repository.indexOf(urlSuffix) > -1) {
			repository = repository.substring(0, repository.indexOf(urlSuffix));
			}
			}
			return repository;
			}

			/**
			* Extract the repository name from the url.
			@@ -47,14 +64,7 @@
			*/
			@Override
			protected String extractRepositoryName(String url) {
			String repository = url;
			// get the repository name from the url by finding a known url suffix
			for (String urlSuffix : suffixes) {
			if (repository.indexOf(urlSuffix) > -1) {
			repository = repository.substring(0, repository.indexOf(urlSuffix));
			}
			}
			return repository;
			return GitFilter.getRepositoryName(url);
			}

			/**
			@@ -91,11 +101,13 @@
			*/
			@Override
			protected boolean isActionAllowed(RepositoryModel repository, String action) {
			if (action.equals(gitReceivePack)) {
			// Push request
			if (!repository.isBare) {
			logger.warn("Gitblit does not allow pushes to repositories with a working copy");
			return false;
			if (!StringUtils.isEmpty(action)) {
			if (action.equals(gitReceivePack)) {
			// Push request
			if (!repository.isBare) {
			logger.warn("Gitblit does not allow pushes to repositories with a working copy");
			return false;
			}
			}
			}
			return true;
			@@ -135,33 +147,25 @@
			// Git Servlet disabled
			return false;
			}
			boolean readOnly = repository.isFrozen;
			if (readOnly \|\| repository.accessRestriction.atLeast(AccessRestrictionType.PUSH)) {
			boolean authorizedUser = user.canAccessRepository(repository);
			if (action.equals(gitReceivePack)) {
			// Push request
			if (!readOnly && authorizedUser) {
			// clone-restricted or push-authorized
			return true;
			} else {
			// user is unauthorized to push to this repository
			logger.warn(MessageFormat.format("user {0} is not authorized to push to {1}",
			user.username, repository));
			return false;
			}
			} else if (action.equals(gitUploadPack)) {
			// Clone request
			boolean cloneRestricted = repository.accessRestriction
			.atLeast(AccessRestrictionType.CLONE);
			if (!cloneRestricted \|\| (cloneRestricted && authorizedUser)) {
			// push-restricted or clone-authorized
			return true;
			} else {
			// user is unauthorized to clone this repository
			logger.warn(MessageFormat.format("user {0} is not authorized to clone {1}",
			user.username, repository));
			return false;
			}
			if (action.equals(gitReceivePack)) {
			// Push request
			if (user.canPush(repository)) {
			return true;
			} else {
			// user is unauthorized to push to this repository
			logger.warn(MessageFormat.format("user {0} is not authorized to push to {1}",
			user.username, repository));
			return false;
			}
			} else if (action.equals(gitUploadPack)) {
			// Clone request
			if (user.canClone(repository)) {
			return true;
			} else {
			// user is unauthorized to clone this repository
			logger.warn(MessageFormat.format("user {0} is not authorized to clone {1}",
			user.username, repository));
			return false;
			}
			}
			return true;