From b799d545f37f7123aaa1ee1d0ff3b61f1f3cc8c2 Mon Sep 17 00:00:00 2001
From: David Ostrovsky <david@ostrovsky.org>
Date: Thu, 10 Apr 2014 18:58:08 -0400
Subject: [PATCH] Add review SSH command
---
src/main/java/com/gitblit/git/GitblitUploadPackFactory.java | 69 ++++++++++++----------------------
1 files changed, 25 insertions(+), 44 deletions(-)
diff --git a/src/main/java/com/gitblit/git/GitblitUploadPackFactory.java b/src/main/java/com/gitblit/git/GitblitUploadPackFactory.java
index 85750f8..a72d4ad 100644
--- a/src/main/java/com/gitblit/git/GitblitUploadPackFactory.java
+++ b/src/main/java/com/gitblit/git/GitblitUploadPackFactory.java
@@ -15,33 +15,34 @@
*/
package com.gitblit.git;
-import java.util.Map;
-
import javax.servlet.http.HttpServletRequest;
-import org.eclipse.jgit.lib.Ref;
import org.eclipse.jgit.lib.Repository;
-import org.eclipse.jgit.transport.DaemonClient;
-import org.eclipse.jgit.transport.RefFilter;
import org.eclipse.jgit.transport.UploadPack;
import org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException;
import org.eclipse.jgit.transport.resolver.ServiceNotEnabledException;
import org.eclipse.jgit.transport.resolver.UploadPackFactory;
-import com.gitblit.GitBlit;
+import com.gitblit.manager.IAuthenticationManager;
import com.gitblit.models.UserModel;
-import com.gitblit.utils.IssueUtils;
-import com.gitblit.utils.PushLogUtils;
+import com.gitblit.transport.git.GitDaemonClient;
+import com.gitblit.transport.ssh.SshSession;
/**
* The upload pack factory creates an upload pack which controls what refs are
* advertised to cloning/pulling clients.
- *
+ *
* @author James Moger
- *
+ *
* @param <X> the connection type
*/
public class GitblitUploadPackFactory<X> implements UploadPackFactory<X> {
+
+ private final IAuthenticationManager authenticationManager;
+
+ public GitblitUploadPackFactory(IAuthenticationManager authenticationManager) {
+ this.authenticationManager = authenticationManager;
+ }
@Override
public UploadPack create(X req, Repository db)
@@ -51,49 +52,29 @@
int timeout = 0;
if (req instanceof HttpServletRequest) {
- // http/https request may or may not be authenticated
- user = GitBlit.self().authenticate((HttpServletRequest) req);
+ // http/https request may or may not be authenticated
+ HttpServletRequest client = (HttpServletRequest) req;
+ user = authenticationManager.authenticate(client);
if (user == null) {
user = UserModel.ANONYMOUS;
}
- } else if (req instanceof DaemonClient) {
+ } else if (req instanceof GitDaemonClient) {
// git daemon request is always anonymous
- DaemonClient client = (DaemonClient) req;
+ GitDaemonClient client = (GitDaemonClient) req;
// set timeout from Git daemon
timeout = client.getDaemon().getTimeout();
+ } else if (req instanceof SshSession) {
+ // SSH request is always authenticated
+ SshSession client = (SshSession) req;
+ user = authenticationManager.authenticate(client);
+ if (user == null) {
+ throw new ServiceNotAuthorizedException();
+ }
}
- RefFilter refFilter = new UserRefFilter(user);
UploadPack up = new UploadPack(db);
- up.setRefFilter(refFilter);
up.setTimeout(timeout);
-
+
return up;
}
-
- /**
- * Restricts advertisement of certain refs based on the permission of the
- * requesting user.
- */
- public static class UserRefFilter implements RefFilter {
-
- final UserModel user;
-
- public UserRefFilter(UserModel user) {
- this.user = user;
- }
-
- @Override
- public Map<String, Ref> filter(Map<String, Ref> refs) {
- if (user.canAdmin()) {
- // admins can see all refs
- return refs;
- }
-
- // normal users can not clone gitblit refs
- refs.remove(IssueUtils.GB_ISSUES);
- refs.remove(PushLogUtils.GB_PUSHES);
- return refs;
- }
- }
-}
+}
\ No newline at end of file
--
Gitblit v1.9.1