From 3e44b65e329c199f95488f9429c1a20362c70b4d Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Mon, 22 Oct 2012 08:55:44 -0400
Subject: [PATCH] Ensure illegal repository names are rejected in create-on-push

---
 src/com/gitblit/RpcServlet.java |   52 ++++++++++++++++++++++++++++++++++------------------
 1 files changed, 34 insertions(+), 18 deletions(-)

diff --git a/src/com/gitblit/RpcServlet.java b/src/com/gitblit/RpcServlet.java
index c33bd8a..0c9ac37 100644
--- a/src/com/gitblit/RpcServlet.java
+++ b/src/com/gitblit/RpcServlet.java
@@ -30,6 +30,7 @@
 import org.eclipse.jgit.lib.Repository;
 
 import com.gitblit.Constants.RpcRequest;
+import com.gitblit.models.RegistrantAccessPermission;
 import com.gitblit.models.RefModel;
 import com.gitblit.models.RepositoryModel;
 import com.gitblit.models.ServerSettings;
@@ -49,7 +50,7 @@
 
 	private static final long serialVersionUID = 1L;
 
-	public static final int PROTOCOL_VERSION = 2;
+	public static final int PROTOCOL_VERSION = 5;
 
 	public RpcServlet() {
 		super();
@@ -73,10 +74,10 @@
 
 		UserModel user = (UserModel) request.getUserPrincipal();
 
-		boolean allowManagement = user != null && user.canAdmin
+		boolean allowManagement = user != null && user.canAdmin()
 				&& GitBlit.getBoolean(Keys.web.enableRpcManagement, false);
 
-		boolean allowAdmin = user != null && user.canAdmin
+		boolean allowAdmin = user != null && user.canAdmin()
 				&& GitBlit.getBoolean(Keys.web.enableRpcAdministration, false);
 
 		Object result = null;
@@ -226,25 +227,33 @@
 			RepositoryModel model = GitBlit.self().getRepositoryModel(objectName);
 			result = GitBlit.self().getRepositoryUsers(model);
 		} else if (RpcRequest.SET_REPOSITORY_MEMBERS.equals(reqType)) {
-			// update repository access list
+			// rejected since 1.2.0
+			response.setStatus(failureCode);
+		} else if (RpcRequest.LIST_REPOSITORY_MEMBER_PERMISSIONS.equals(reqType)) {
+			// get repository member permissions
 			RepositoryModel model = GitBlit.self().getRepositoryModel(objectName);
-			Collection<String> names = deserialize(request, response, RpcUtils.NAMES_TYPE);
-			List<String> users = new ArrayList<String>(names);
-			if (!GitBlit.self().setRepositoryUsers(model, users)) {
-				response.setStatus(failureCode);
-			}
+			result = GitBlit.self().getUserAccessPermissions(model);
+		} else if (RpcRequest.SET_REPOSITORY_MEMBER_PERMISSIONS.equals(reqType)) {
+			// set the repository permissions for the specified users
+			RepositoryModel model = GitBlit.self().getRepositoryModel(objectName);
+			Collection<RegistrantAccessPermission> permissions = deserialize(request, response, RpcUtils.REGISTRANT_PERMISSIONS_TYPE);
+			result = GitBlit.self().setUserAccessPermissions(model, permissions);
 		} else if (RpcRequest.LIST_REPOSITORY_TEAMS.equals(reqType)) {
 			// get repository teams
 			RepositoryModel model = GitBlit.self().getRepositoryModel(objectName);
 			result = GitBlit.self().getRepositoryTeams(model);
 		} else if (RpcRequest.SET_REPOSITORY_TEAMS.equals(reqType)) {
-			// update repository team access list
+			// rejected since 1.2.0
+			response.setStatus(failureCode);
+		} else if (RpcRequest.LIST_REPOSITORY_TEAM_PERMISSIONS.equals(reqType)) {
+			// get repository team permissions
 			RepositoryModel model = GitBlit.self().getRepositoryModel(objectName);
-			Collection<String> names = deserialize(request, response, RpcUtils.NAMES_TYPE);
-			List<String> teams = new ArrayList<String>(names);
-			if (!GitBlit.self().setRepositoryTeams(model, teams)) {
-				response.setStatus(failureCode);
-			}
+			result = GitBlit.self().getTeamAccessPermissions(model);
+		} else if (RpcRequest.SET_REPOSITORY_TEAM_PERMISSIONS.equals(reqType)) {
+			// set the repository permissions for the specified teams
+			RepositoryModel model = GitBlit.self().getRepositoryModel(objectName);
+			Collection<RegistrantAccessPermission> permissions = deserialize(request, response, RpcUtils.REGISTRANT_PERMISSIONS_TYPE);
+			result = GitBlit.self().setTeamAccessPermissions(model, permissions);
 		} else if (RpcRequest.LIST_FEDERATION_REGISTRATIONS.equals(reqType)) {
 			// return the list of federation registrations
 			if (allowAdmin) {
@@ -276,7 +285,7 @@
 			}
 		} else if (RpcRequest.LIST_SETTINGS.equals(reqType)) {
 			// return the server's settings
-			ServerSettings settings = GitBlit.self().getSettingsModel();			
+			ServerSettings settings = GitBlit.self().getSettingsModel();
 			if (allowAdmin) {
 				// return all settings
 				result = settings;
@@ -294,12 +303,12 @@
 					keys.add(Keys.federation.sets);
 				}
 				// build the settings
-				ServerSettings managementSettings = new ServerSettings();				
+				ServerSettings managementSettings = new ServerSettings();
 				for (String key : keys) {
 					managementSettings.add(settings.get(key));
 				}
 				if (allowManagement) {
-					settings.pushScripts = settings.pushScripts;
+					managementSettings.pushScripts = settings.pushScripts;
 				}
 				result = managementSettings;
 			}
@@ -319,6 +328,13 @@
 			} else {
 				response.sendError(notAllowedCode);
 			}
+		} else if (RpcRequest.CLEAR_REPOSITORY_CACHE.equals(reqType)) {
+			// clear the repository list cache
+			if (allowManagement) {
+				GitBlit.self().resetRepositoryListCache();
+			} else {
+				response.sendError(notAllowedCode);
+			}
 		}
 
 		// send the result of the request

--
Gitblit v1.9.1