githubFork/gitblit.git - Solinfo Gitblit

parent: 234933ef | patch | commit | show whitespace

Added setting to globally disable anonymous pushes in the receive pack

James Moger

2013-09-27 629806c4c04d3bfc058056069c3123fd91782639

Added setting to globally disable anonymous pushes in the receive pack

Change-Id: I3460c9c0eeb32503d58325fd09793a0cd40aa2c4

5 files modified

	releases.moxie	2 ●●●●● patch \| view \| raw \| blame \| history
	src/main/distrib/data/gitblit.properties	12 ●●●●● patch \| view \| raw \| blame \| history
	src/main/java/com/gitblit/Constants.java	11 ●●●●● patch \| view \| raw \| blame \| history
	src/main/java/com/gitblit/git/GitblitReceivePackFactory.java	4 ●●●●● patch \| view \| raw \| blame \| history
	src/main/java/com/gitblit/wicket/pages/EditRepositoryPage.java	4 ●●●●● patch \| view \| raw \| blame \| history

 releases.moxie

@@ -23,9 +23,11 @@
    - Added branch graph image servlet based on EGit's branch graph renderer (issue-194)
    - Added option to render Markdown commit messages (issue-203)
    - Added setting to control creating a repository as --shared on Unix servers (issue-263)
    - Added setting to globally disable anonymous pushes in the receive pack
    dependencyChanges: ~
    settings:
    - { name: 'git.createRepositoriesShared', defaultValue: 'false' }
    - { name: 'git.allowAnonymousPushes', defaultValue: 'true' }
    - { name: 'web.commitMessageRenderer', defaultValue: 'plain' }
    - { name: 'web.showBranchGraph', defaultValue: 'true' }
    contributors:

 src/main/distrib/data/gitblit.properties

@@ -145,6 +145,18 @@
# SINCE 1.2.0

git.allowCreateOnPush = true



# Global setting to control anonymous pushes.

#

# This setting allows/rejects anonymous pushes at the level of the receive pack.

# This trumps all repository config settings.  While anonymous pushes are convenient

# on your own box when you are a lone developer,  they are not recommended for

# any multi-user installation where accountability is required.  Since Gitblit

# tracks pushes and user accounts, allowing anonymous pushes compromises that

# information.

#

# SINCE 1.4.0

git.allowAnonymousPushes = true



# The default access restriction for new repositories.

# Valid values are NONE, PUSH, CLONE, VIEW

#  NONE = anonymous view, clone, & push


 src/main/java/com/gitblit/Constants.java

@@ -19,6 +19,8 @@
import java.lang.annotation.Retention;

import java.lang.annotation.RetentionPolicy;

import java.net.URL;

import java.util.Arrays;

import java.util.List;

import java.util.jar.Attributes;

import java.util.jar.Manifest;



@@ -149,6 +151,8 @@
    public static enum AccessRestrictionType {

        NONE, PUSH, CLONE, VIEW;



        private static final AccessRestrictionType [] AUTH_TYPES = { PUSH, CLONE, VIEW };



        public static AccessRestrictionType fromName(String name) {

            for (AccessRestrictionType type : values()) {

                if (type.name().equalsIgnoreCase(name)) {

@@ -158,6 +162,13 @@
            return NONE;

        }



        public static List<AccessRestrictionType> choices(boolean allowAnonymousPush) {

            if (allowAnonymousPush) {

                return Arrays.asList(values());

            }

            return Arrays.asList(AUTH_TYPES);

        }



        public boolean exceeds(AccessRestrictionType type) {

            return this.ordinal() > type.ordinal();

        }


 src/main/java/com/gitblit/git/GitblitReceivePackFactory.java

@@ -27,6 +27,7 @@
import org.slf4j.LoggerFactory;

import com.gitblit.GitBlit;
import com.gitblit.Keys;
import com.gitblit.models.RepositoryModel;
import com.gitblit.models.UserModel;
import com.gitblit.utils.HttpUtils;
@@ -80,8 +81,7 @@
            timeout = client.getDaemon().getTimeout();
        }

        // TODO make this a setting
        boolean allowAnonymousPushes = true;
        boolean allowAnonymousPushes = GitBlit.getBoolean(Keys.git.allowAnonymousPushes, true);
        if (!allowAnonymousPushes && UserModel.ANONYMOUS.equals(user)) {
            // prohibit anonymous pushes
            throw new ServiceNotEnabledException();

 src/main/java/com/gitblit/wicket/pages/EditRepositoryPage.java

@@ -417,8 +417,8 @@
        form.add(new TextField<String>("description"));

        form.add(ownersPalette);

        form.add(new CheckBox("allowForks").setEnabled(GitBlit.getBoolean(Keys.web.allowForking, true)));

        DropDownChoice<AccessRestrictionType> accessRestriction = new DropDownChoice<AccessRestrictionType>("accessRestriction", Arrays

                .asList(AccessRestrictionType.values()), new AccessRestrictionRenderer());

        DropDownChoice<AccessRestrictionType> accessRestriction = new DropDownChoice<AccessRestrictionType>("accessRestriction",

                AccessRestrictionType.choices(GitBlit.getBoolean(Keys.git.allowAnonymousPushes, true)), new AccessRestrictionRenderer());

        form.add(accessRestriction);

        form.add(new CheckBox("isFrozen"));

        // TODO enable origin definition

			@@ -23,9 +23,11 @@
			- Added branch graph image servlet based on EGit's branch graph renderer (issue-194)
			- Added option to render Markdown commit messages (issue-203)
			- Added setting to control creating a repository as --shared on Unix servers (issue-263)
			- Added setting to globally disable anonymous pushes in the receive pack
			dependencyChanges: ~
			settings:
			- { name: 'git.createRepositoriesShared', defaultValue: 'false' }
			- { name: 'git.allowAnonymousPushes', defaultValue: 'true' }
			- { name: 'web.commitMessageRenderer', defaultValue: 'plain' }
			- { name: 'web.showBranchGraph', defaultValue: 'true' }
			contributors:

			@@ -145,6 +145,18 @@
			# SINCE 1.2.0
			git.allowCreateOnPush = true

			# Global setting to control anonymous pushes.
			#
			# This setting allows/rejects anonymous pushes at the level of the receive pack.
			# This trumps all repository config settings. While anonymous pushes are convenient
			# on your own box when you are a lone developer, they are not recommended for
			# any multi-user installation where accountability is required. Since Gitblit
			# tracks pushes and user accounts, allowing anonymous pushes compromises that
			# information.
			#
			# SINCE 1.4.0
			git.allowAnonymousPushes = true

			# The default access restriction for new repositories.
			# Valid values are NONE, PUSH, CLONE, VIEW
			# NONE = anonymous view, clone, & push

			@@ -19,6 +19,8 @@
			import java.lang.annotation.Retention;
			import java.lang.annotation.RetentionPolicy;
			import java.net.URL;
			import java.util.Arrays;
			import java.util.List;
			import java.util.jar.Attributes;
			import java.util.jar.Manifest;

			@@ -149,6 +151,8 @@
			public static enum AccessRestrictionType {
			NONE, PUSH, CLONE, VIEW;

			private static final AccessRestrictionType [] AUTH_TYPES = { PUSH, CLONE, VIEW };

			public static AccessRestrictionType fromName(String name) {
			for (AccessRestrictionType type : values()) {
			if (type.name().equalsIgnoreCase(name)) {
			@@ -158,6 +162,13 @@
			return NONE;
			}

			public static List<AccessRestrictionType> choices(boolean allowAnonymousPush) {
			if (allowAnonymousPush) {
			return Arrays.asList(values());
			}
			return Arrays.asList(AUTH_TYPES);
			}

			public boolean exceeds(AccessRestrictionType type) {
			return this.ordinal() > type.ordinal();
			}

			@@ -27,6 +27,7 @@
			import org.slf4j.LoggerFactory;

			import com.gitblit.GitBlit;
			import com.gitblit.Keys;
			import com.gitblit.models.RepositoryModel;
			import com.gitblit.models.UserModel;
			import com.gitblit.utils.HttpUtils;
			@@ -80,8 +81,7 @@
			timeout = client.getDaemon().getTimeout();
			}

			// TODO make this a setting
			boolean allowAnonymousPushes = true;
			boolean allowAnonymousPushes = GitBlit.getBoolean(Keys.git.allowAnonymousPushes, true);
			if (!allowAnonymousPushes && UserModel.ANONYMOUS.equals(user)) {
			// prohibit anonymous pushes
			throw new ServiceNotEnabledException();

			@@ -417,8 +417,8 @@
			form.add(new TextField<String>("description"));
			form.add(ownersPalette);
			form.add(new CheckBox("allowForks").setEnabled(GitBlit.getBoolean(Keys.web.allowForking, true)));
			DropDownChoice<AccessRestrictionType> accessRestriction = new DropDownChoice<AccessRestrictionType>("accessRestriction", Arrays
			.asList(AccessRestrictionType.values()), new AccessRestrictionRenderer());
			DropDownChoice<AccessRestrictionType> accessRestriction = new DropDownChoice<AccessRestrictionType>("accessRestriction",
			AccessRestrictionType.choices(GitBlit.getBoolean(Keys.git.allowAnonymousPushes, true)), new AccessRestrictionRenderer());
			form.add(accessRestriction);
			form.add(new CheckBox("isFrozen"));
			// TODO enable origin definition