From 54cc7d7c2483d7ca100a5db47f4e1e98bd97c7fe Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 25 Sep 2014 09:27:04 -0400
Subject: [PATCH] Merged #187 "Restrict Gitblit cookie to the context path"
---
src/main/java/com/gitblit/manager/GitblitManager.java | 66 +++++++++++++++++++++++++++++++++
1 files changed, 66 insertions(+), 0 deletions(-)
diff --git a/src/main/java/com/gitblit/manager/GitblitManager.java b/src/main/java/com/gitblit/manager/GitblitManager.java
index 790445a..88fa804 100644
--- a/src/main/java/com/gitblit/manager/GitblitManager.java
+++ b/src/main/java/com/gitblit/manager/GitblitManager.java
@@ -27,6 +27,7 @@
import java.util.Collection;
import java.util.Date;
import java.util.List;
+import java.util.Locale;
import java.util.Map;
import java.util.TimeZone;
@@ -82,6 +83,7 @@
import com.gitblit.utils.JsonUtils;
import com.gitblit.utils.ObjectCache;
import com.gitblit.utils.StringUtils;
+import com.gitblit.utils.XssFilter;
import com.google.gson.Gson;
import com.google.gson.JsonIOException;
import com.google.gson.JsonSyntaxException;
@@ -215,6 +217,13 @@
RepositoryModel cloneModel = repository.cloneAs(cloneName);
// owner has REWIND/RW+ permissions
cloneModel.addOwner(user.username);
+
+ // ensure initial access restriction of the fork
+ // is not lower than the source repository (issue-495/ticket-167)
+ if (repository.accessRestriction.exceeds(cloneModel.accessRestriction)) {
+ cloneModel.accessRestriction = repository.accessRestriction;
+ }
+
repositoryManager.updateRepositoryModel(cloneName, cloneModel, false);
// add the owner of the source repository to the clone's access list
@@ -601,8 +610,28 @@
}
@Override
+ public boolean isServingHTTP() {
+ return runtimeManager.isServingHTTP();
+ }
+
+ @Override
+ public boolean isServingGIT() {
+ return runtimeManager.isServingGIT();
+ }
+
+ @Override
+ public boolean isServingSSH() {
+ return runtimeManager.isServingSSH();
+ }
+
+ @Override
public TimeZone getTimezone() {
return runtimeManager.getTimezone();
+ }
+
+ @Override
+ public Locale getLocale() {
+ return runtimeManager.getLocale();
}
@Override
@@ -635,9 +664,19 @@
return runtimeManager.getStatus();
}
+ @Override
+ public XssFilter getXssFilter() {
+ return runtimeManager.getXssFilter();
+ }
+
/*
* NOTIFICATION MANAGER
*/
+
+ @Override
+ public boolean isSendingMail() {
+ return notificationManager.isSendingMail();
+ }
@Override
public void sendMailToAdministrators(String subject, String message) {
@@ -697,13 +736,25 @@
}
@Override
+ @Deprecated
public void setCookie(HttpServletResponse response, UserModel user) {
authenticationManager.setCookie(response, user);
}
@Override
+ public void setCookie(HttpServletRequest request, HttpServletResponse response, UserModel user) {
+ authenticationManager.setCookie(request, response, user);
+ }
+
+ @Override
+ @Deprecated
public void logout(HttpServletResponse response, UserModel user) {
authenticationManager.logout(response, user);
+ }
+
+ @Override
+ public void logout(HttpServletRequest request, HttpServletResponse response, UserModel user) {
+ authenticationManager.logout(request, response, user);
}
@Override
@@ -923,6 +974,11 @@
}
@Override
+ public void resetRepositoryCache(String repositoryName) {
+ repositoryManager.resetRepositoryCache(repositoryName);
+ }
+
+ @Override
public List<String> getRepositoryList() {
return repositoryManager.getRepositoryList();
}
@@ -935,6 +991,11 @@
@Override
public Repository getRepository(String repositoryName, boolean logError) {
return repositoryManager.getRepository(repositoryName, logError);
+ }
+
+ @Override
+ public List<RepositoryModel> getRepositoryModels() {
+ return repositoryManager.getRepositoryModels();
}
@Override
@@ -1004,6 +1065,11 @@
}
@Override
+ public boolean canDelete(RepositoryModel model) {
+ return repositoryManager.canDelete(model);
+ }
+
+ @Override
public boolean deleteRepositoryModel(RepositoryModel model) {
return repositoryManager.deleteRepositoryModel(model);
}
--
Gitblit v1.9.1