From 282b8fd82c46ba6874fb24c8715af103645f3406 Mon Sep 17 00:00:00 2001
From: David Ostrovsky <david@ostrovsky.org>
Date: Thu, 10 Apr 2014 18:58:08 -0400
Subject: [PATCH] Fix message formatting
---
src/main/java/com/gitblit/git/GitblitReceivePack.java | 127 ++++++++++++++++++++++++++++--------------
1 files changed, 84 insertions(+), 43 deletions(-)
diff --git a/src/main/java/com/gitblit/git/GitblitReceivePack.java b/src/main/java/com/gitblit/git/GitblitReceivePack.java
index 8da603a..73da3d3 100644
--- a/src/main/java/com/gitblit/git/GitblitReceivePack.java
+++ b/src/main/java/com/gitblit/git/GitblitReceivePack.java
@@ -44,14 +44,13 @@
import com.gitblit.Constants;
import com.gitblit.Constants.AccessRestrictionType;
-import com.gitblit.GitBlit;
import com.gitblit.IStoredSettings;
import com.gitblit.Keys;
import com.gitblit.client.Translation;
-import com.gitblit.manager.IRepositoryManager;
-import com.gitblit.manager.IRuntimeManager;
+import com.gitblit.manager.IGitblit;
import com.gitblit.models.RepositoryModel;
import com.gitblit.models.UserModel;
+import com.gitblit.tickets.BranchTicketService;
import com.gitblit.utils.ArrayUtils;
import com.gitblit.utils.ClientLogger;
import com.gitblit.utils.CommitCache;
@@ -87,21 +86,27 @@
protected String gitblitUrl;
- protected String repositoryUrl;
-
protected GroovyScriptEngine gse;
- public GitblitReceivePack(Repository db, RepositoryModel repository, UserModel user) {
+ protected final IStoredSettings settings;
+
+ protected final IGitblit gitblit;
+
+ public GitblitReceivePack(
+ IGitblit gitblit,
+ Repository db,
+ RepositoryModel repository,
+ UserModel user) {
+
super(db);
-
- IRepositoryManager repositoryManager = GitBlit.getManager(IRepositoryManager.class);
-
+ this.settings = gitblit.getSettings();
+ this.gitblit = gitblit;
this.repository = repository;
- this.user = user == null ? UserModel.ANONYMOUS : user;
- this.groovyDir = repositoryManager.getHooksFolder();
+ this.user = user;
+ this.groovyDir = gitblit.getHooksFolder();
try {
// set Grape root
- File grapeRoot = repositoryManager.getGrapesFolder();
+ File grapeRoot = gitblit.getGrapesFolder();
grapeRoot.mkdirs();
System.setProperty("grape.root", grapeRoot.getAbsolutePath());
this.gse = new GroovyScriptEngine(groovyDir.getAbsolutePath());
@@ -116,6 +121,32 @@
// setup pre and post receive hook
setPreReceiveHook(this);
setPostReceiveHook(this);
+ }
+
+ /**
+ * Returns true if the user is permitted to apply the receive commands to
+ * the repository.
+ *
+ * @param commands
+ * @return true if the user may push these commands
+ */
+ protected boolean canPush(Collection<ReceiveCommand> commands) {
+ // TODO Consider supporting branch permissions here (issue-36)
+ // Not sure if that should be Gerrit-style, refs/meta/config, or
+ // gitolite-style, permissions in users.conf
+ //
+ // How could commands be empty?
+ //
+ // Because a subclass, like PatchsetReceivePack, filters receive
+ // commands before this method is called. This makes it possible for
+ // this method to test an empty list. In this case, we assume that the
+ // subclass receive pack properly enforces push restrictions. for the
+ // ref.
+ //
+ // The empty test is not explicitly required, it's written here to
+ // clarify special-case behavior.
+
+ return commands.isEmpty() ? true : user.canPush(repository);
}
/**
@@ -150,7 +181,7 @@
return;
}
- if (!user.canPush(repository)) {
+ if (!canPush(commands)) {
// user does not have push permissions
for (ReceiveCommand cmd : commands) {
sendRejection(cmd, "User \"{0}\" does not have push permissions for \"{1}\"!", user.username, repository.name);
@@ -161,8 +192,11 @@
if (repository.accessRestriction.atLeast(AccessRestrictionType.PUSH) && repository.verifyCommitter) {
// enforce committer verification
if (StringUtils.isEmpty(user.emailAddress)) {
- // emit warning if user does not have an email address
- LOGGER.warn(MessageFormat.format("Consider setting an email address for {0} ({1}) to improve committer verification.", user.getDisplayName(), user.username));
+ // reject the push because the pushing account does not have an email address
+ for (ReceiveCommand cmd : commands) {
+ sendRejection(cmd, "Sorry, the account \"{0}\" does not have an email address set for committer verification!", user.username);
+ }
+ return;
}
// Optionally enforce that the committer of first parent chain
@@ -195,16 +229,9 @@
PersonIdent committer = commit.getCommitterIdent();
if (!user.is(committer.getName(), committer.getEmailAddress())) {
- String reason;
- if (StringUtils.isEmpty(user.emailAddress)) {
- // account does not have an email address
- reason = MessageFormat.format("{0} by {1} <{2}> was not committed by {3} ({4})",
- commit.getId().name(), committer.getName(), StringUtils.isEmpty(committer.getEmailAddress()) ? "?":committer.getEmailAddress(), user.getDisplayName(), user.username);
- } else {
- // account has an email address
- reason = MessageFormat.format("{0} by {1} <{2}> was not committed by {3} ({4}) <{5}>",
- commit.getId().name(), committer.getName(), StringUtils.isEmpty(committer.getEmailAddress()) ? "?":committer.getEmailAddress(), user.getDisplayName(), user.username, user.emailAddress);
- }
+ // verification failed
+ String reason = MessageFormat.format("{0} by {1} <{2}> was not committed by {3} ({4}) <{5}>",
+ commit.getId().name(), committer.getName(), StringUtils.isEmpty(committer.getEmailAddress()) ? "?":committer.getEmailAddress(), user.getDisplayName(), user.username, user.emailAddress);
LOGGER.warn(reason);
cmd.setResult(Result.REJECTED_OTHER_REASON, reason);
allRejected &= true;
@@ -224,24 +251,33 @@
}
}
- // reset branch commit cache on REWIND and DELETE
for (ReceiveCommand cmd : commands) {
String ref = cmd.getRefName();
if (ref.startsWith(Constants.R_HEADS)) {
switch (cmd.getType()) {
case UPDATE_NONFASTFORWARD:
case DELETE:
+ // reset branch commit cache on REWIND and DELETE
CommitCache.instance().clear(repository.name, ref);
break;
default:
break;
}
+ } else if (ref.equals(BranchTicketService.BRANCH)) {
+ // ensure pushing user is an administrator OR an owner
+ // i.e. prevent ticket tampering
+ boolean permitted = user.canAdmin() || repository.isOwner(user.username);
+ if (!permitted) {
+ sendRejection(cmd, "{0} is not permitted to push to {1}", user.username, ref);
+ }
+ } else if (ref.startsWith(Constants.R_FOR)) {
+ // prevent accidental push to refs/for
+ sendRejection(cmd, "{0} is not configured to receive patchsets", repository.name);
}
}
- IRepositoryManager repositoryManager = GitBlit.getManager(IRepositoryManager.class);
Set<String> scripts = new LinkedHashSet<String>();
- scripts.addAll(repositoryManager.getPreReceiveScriptsInherited(repository));
+ scripts.addAll(gitblit.getPreReceiveScriptsInherited(repository));
if (!ArrayUtils.isEmpty(repository.preReceiveScripts)) {
scripts.addAll(repository.preReceiveScripts);
}
@@ -265,8 +301,6 @@
LOGGER.debug("skipping post-receive hooks, no refs created, updated, or removed");
return;
}
-
- IStoredSettings settings = GitBlit.getManager(IRuntimeManager.class).getSettings();
// log ref changes
for (ReceiveCommand cmd : commands) {
@@ -336,11 +370,18 @@
LOGGER.error(MessageFormat.format("Failed to update {0} pushlog", repository.name), e);
}
- IRepositoryManager repositoryManager = GitBlit.getManager(IRepositoryManager.class);
+ // check for updates pushed to the BranchTicketService branch
+ // if the BranchTicketService is active it will reindex, as appropriate
+ for (ReceiveCommand cmd : commands) {
+ if (Result.OK.equals(cmd.getResult())
+ && BranchTicketService.BRANCH.equals(cmd.getRefName())) {
+ rp.getRepository().fireEvent(new ReceiveCommandEvent(repository, cmd));
+ }
+ }
// run Groovy hook scripts
Set<String> scripts = new LinkedHashSet<String>();
- scripts.addAll(repositoryManager.getPostReceiveScriptsInherited(repository));
+ scripts.addAll(gitblit.getPostReceiveScriptsInherited(repository));
if (!ArrayUtils.isEmpty(repository.postReceiveScripts)) {
scripts.addAll(repository.postReceiveScripts);
}
@@ -393,10 +434,6 @@
this.gitblitUrl = url;
}
- protected void setRepositoryUrl(String url) {
- this.repositoryUrl = url;
- }
-
protected void sendRejection(final ReceiveCommand cmd, final String why, Object... objects) {
String text;
if (ArrayUtils.isEmpty(objects)) {
@@ -409,14 +446,14 @@
}
protected void sendHeader(String msg, Object... objects) {
- sendMessage("--->", msg, objects);
+ sendInfo("--> ", msg, objects);
}
- protected void sendMessage(String msg, Object... objects) {
- sendMessage(" ", msg, objects);
+ protected void sendInfo(String msg, Object... objects) {
+ sendInfo(" ", msg, objects);
}
- protected void sendMessage(String prefix, String msg, Object... objects) {
+ protected void sendInfo(String prefix, String msg, Object... objects) {
String text;
if (ArrayUtils.isEmpty(objects)) {
text = msg;
@@ -425,7 +462,9 @@
text = MessageFormat.format(msg, objects);
super.sendMessage(prefix + text);
}
- LOGGER.info(text + " (" + user.username + ")");
+ if (!StringUtils.isEmpty(msg)) {
+ LOGGER.info(text + " (" + user.username + ")");
+ }
}
protected void sendError(String msg, Object... objects) {
@@ -437,7 +476,9 @@
text = MessageFormat.format(msg, objects);
super.sendError(text);
}
- LOGGER.error(text + " (" + user.username + ")");
+ if (!StringUtils.isEmpty(msg)) {
+ LOGGER.error(text + " (" + user.username + ")");
+ }
}
/**
@@ -455,7 +496,7 @@
}
Binding binding = new Binding();
- binding.setVariable("gitblit", GitBlit.self());
+ binding.setVariable("gitblit", gitblit);
binding.setVariable("repository", repository);
binding.setVariable("receivePack", this);
binding.setVariable("user", user);
--
Gitblit v1.9.1