From a74ddc24545ec45d0bb82ca2bb8f628ffdaa9da3 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 10 Oct 2014 12:04:39 -0400
Subject: [PATCH] Improve relative path determination using Java 7 Paths

---
 src/main/java/com/gitblit/servlet/AccessRestrictionFilter.java |   24 ++++++++++++++----------
 1 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/src/main/java/com/gitblit/servlet/AccessRestrictionFilter.java b/src/main/java/com/gitblit/servlet/AccessRestrictionFilter.java
index d5ded33..7f69119 100644
--- a/src/main/java/com/gitblit/servlet/AccessRestrictionFilter.java
+++ b/src/main/java/com/gitblit/servlet/AccessRestrictionFilter.java
@@ -19,6 +19,7 @@
 import java.text.MessageFormat;
 
 import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
@@ -27,10 +28,11 @@
 
 import com.gitblit.manager.IRepositoryManager;
 import com.gitblit.manager.IRuntimeManager;
-import com.gitblit.manager.ISessionManager;
 import com.gitblit.models.RepositoryModel;
 import com.gitblit.models.UserModel;
 import com.gitblit.utils.StringUtils;
+
+import dagger.ObjectGraph;
 
 /**
  * The AccessRestrictionFilter is an AuthenticationFilter that confirms that the
@@ -48,17 +50,15 @@
  */
 public abstract class AccessRestrictionFilter extends AuthenticationFilter {
 
-	protected final IRuntimeManager runtimeManager;
+	protected IRuntimeManager runtimeManager;
 
-	protected final IRepositoryManager repositoryManager;
+	protected IRepositoryManager repositoryManager;
 
-	protected AccessRestrictionFilter(
-			IRuntimeManager runtimeManager,
-			ISessionManager sessionManager,
-			IRepositoryManager repositoryManager) {
-		super(sessionManager);
-		this.runtimeManager = runtimeManager;
-		this.repositoryManager = repositoryManager;
+	@Override
+	protected void inject(ObjectGraph dagger, FilterConfig filterConfig) {
+		super.inject(dagger, filterConfig);
+		this.runtimeManager = dagger.get(IRuntimeManager.class);
+		this.repositoryManager = dagger.get(IRepositoryManager.class);
 	}
 
 	/**
@@ -141,6 +141,10 @@
 
 		String fullUrl = getFullUrl(httpRequest);
 		String repository = extractRepositoryName(fullUrl);
+		if (StringUtils.isEmpty(repository)) {
+			httpResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+			return;
+		}
 
 		if (repositoryManager.isCollectingGarbage(repository)) {
 			logger.info(MessageFormat.format("ARF: Rejecting request for {0}, busy collecting garbage!", repository));

--
Gitblit v1.9.1