Gitblit devel
blame | history | patch | commit | commitdiff | ignore whitespace
Paul Martin
2016-04-30 a502d96a860456ec5e8c96761db70f7cabb74751 
 src/main/java/com/gitblit/servlet/RpcFilter.java


@@ -18,6 +18,8 @@


import java.io.IOException;



import java.text.MessageFormat;







import com.google.inject.Inject;



import com.google.inject.Singleton;



import javax.servlet.FilterChain;



import javax.servlet.ServletException;



import javax.servlet.ServletRequest;



@@ -28,10 +30,9 @@


import com.gitblit.Constants.RpcRequest;



import com.gitblit.IStoredSettings;



import com.gitblit.Keys;



import com.gitblit.manager.IAuthenticationManager;



import com.gitblit.manager.IRuntimeManager;



import com.gitblit.models.UserModel;







import dagger.ObjectGraph;







/**



 * The RpcFilter is a servlet filter that secures the RpcServlet.



@@ -46,17 +47,23 @@


 * @author James Moger



 *



 */



@Singleton



public class RpcFilter extends AuthenticationFilter {







   private IStoredSettings settings;







   private IRuntimeManager runtimeManager;







   @Override



   protected void inject(ObjectGraph dagger) {



      super.inject(dagger);



      this.settings = dagger.get(IStoredSettings.class);



      this.runtimeManager = dagger.get(IRuntimeManager.class);



   @Inject



   public RpcFilter(



         IStoredSettings settings,



         IRuntimeManager runtimeManager,



         IAuthenticationManager authenticationManager) {







      super(authenticationManager);







      this.settings = settings;



      this.runtimeManager = runtimeManager;



   }







   /**



@@ -121,7 +128,7 @@


            return;



         } else {



            // check user access for request



            if (user.canAdmin() || canAccess(user, requestType)) {



            if (user.canAdmin() || !adminRequest) {



               // authenticated request permitted.



               // pass processing to the restricted servlet.



               newSession(authenticatedRequest, httpResponse);



@@ -146,15 +153,4 @@


      // pass processing to the restricted servlet.



      chain.doFilter(authenticatedRequest, httpResponse);



   }







   private boolean canAccess(UserModel user, RpcRequest requestType) {



      switch (requestType) {



      case GET_PROTOCOL:



         return true;



      case LIST_REPOSITORIES:



         return true;



      default:



         return user.canAdmin();



      }



   }



}


}