From b82a0f3d502c0f6861b0910c409f4992f3f32f86 Mon Sep 17 00:00:00 2001
From: Rafael Cavazin <rafaelcavazin@gmail.com>
Date: Thu, 06 Dec 2012 15:08:50 -0500
Subject: [PATCH] translation of lastest properties

---
 src/com/gitblit/GitFilter.java |  126 +++++++++++++++++++++++++++++++++---------
 1 files changed, 99 insertions(+), 27 deletions(-)

diff --git a/src/com/gitblit/GitFilter.java b/src/com/gitblit/GitFilter.java
index 8ce4d3a..2b769d4 100644
--- a/src/com/gitblit/GitFilter.java
+++ b/src/com/gitblit/GitFilter.java
@@ -18,6 +18,7 @@
 import java.text.MessageFormat;
 
 import com.gitblit.Constants.AccessRestrictionType;
+import com.gitblit.Constants.AuthorizationControl;
 import com.gitblit.models.RepositoryModel;
 import com.gitblit.models.UserModel;
 import com.gitblit.utils.StringUtils;
@@ -93,6 +94,16 @@
 	}
 	
 	/**
+	 * Determine if a non-existing repository can be created using this filter.
+	 *  
+	 * @return true if the server allows repository creation on-push
+	 */
+	@Override
+	protected boolean isCreationAllowed() {
+		return GitBlit.getBoolean(Keys.git.allowCreateOnPush, true);
+	}
+	
+	/**
 	 * Determine if the repository can receive pushes.
 	 * 
 	 * @param repository
@@ -111,6 +122,11 @@
 			}
 		}
 		return true;
+	}
+
+	@Override
+	protected boolean requiresClientCertificate() {
+		return GitBlit.getBoolean(Keys.git.requiresClientCertificate, false);
 	}
 
 	/**
@@ -147,35 +163,91 @@
 			// Git Servlet disabled
 			return false;
 		}		
-		boolean readOnly = repository.isFrozen;	
-		if (readOnly || repository.accessRestriction.atLeast(AccessRestrictionType.PUSH)) {
-			boolean authorizedUser = user.canAccessRepository(repository);
-			if (action.equals(gitReceivePack)) {
-				// Push request
-				if (!readOnly && authorizedUser) {
-					// clone-restricted or push-authorized
-					return true;
-				} else {
-					// user is unauthorized to push to this repository
-					logger.warn(MessageFormat.format("user {0} is not authorized to push to {1}",
-							user.username, repository));
-					return false;
-				}
-			} else if (action.equals(gitUploadPack)) {
-				// Clone request
-				boolean cloneRestricted = repository.accessRestriction
-						.atLeast(AccessRestrictionType.CLONE);
-				if (!cloneRestricted || (cloneRestricted && authorizedUser)) {
-					// push-restricted or clone-authorized
-					return true;
-				} else {
-					// user is unauthorized to clone this repository
-					logger.warn(MessageFormat.format("user {0} is not authorized to clone {1}",
-							user.username, repository));
-					return false;
-				}
+		if (action.equals(gitReceivePack)) {
+			// Push request
+			if (user.canPush(repository)) {
+				return true;
+			} else {
+				// user is unauthorized to push to this repository
+				logger.warn(MessageFormat.format("user {0} is not authorized to push to {1}",
+						user.username, repository));
+				return false;
+			}
+		} else if (action.equals(gitUploadPack)) {
+			// Clone request
+			if (user.canClone(repository)) {
+				return true;
+			} else {
+				// user is unauthorized to clone this repository
+				logger.warn(MessageFormat.format("user {0} is not authorized to clone {1}",
+						user.username, repository));
+				return false;
 			}
 		}
 		return true;
 	}
+	
+	/**
+	 * An authenticated user with the CREATE role can create a repository on
+	 * push.
+	 * 
+	 * @param user
+	 * @param repository
+	 * @param action
+	 * @return the repository model, if it is created, null otherwise
+	 */
+	@Override
+	protected RepositoryModel createRepository(UserModel user, String repository, String action) {
+		boolean isPush = !StringUtils.isEmpty(action) && gitReceivePack.equals(action);
+		if (isPush) {
+			if (user.canCreate(repository)) {
+				// user is pushing to a new repository
+				// validate name
+				if (repository.startsWith("../")) {
+					logger.error(MessageFormat.format("Illegal relative path in repository name! {0}", repository));
+					return null;
+				}
+				if (repository.contains("/../")) {
+					logger.error(MessageFormat.format("Illegal relative path in repository name! {0}", repository));
+					return null;
+				}					
+
+				// confirm valid characters in repository name
+				Character c = StringUtils.findInvalidCharacter(repository);
+				if (c != null) {
+					logger.error(MessageFormat.format("Invalid character '{0}' in repository name {1}!", c, repository));
+					return null;
+				}
+
+				// create repository
+				RepositoryModel model = new RepositoryModel();
+				model.name = repository;
+				model.owner = user.username;
+				model.projectPath = StringUtils.getFirstPathElement(repository);
+				if (model.isUsersPersonalRepository(user.username)) {
+					// personal repository, default to private for user
+					model.authorizationControl = AuthorizationControl.NAMED;
+					model.accessRestriction = AccessRestrictionType.VIEW;
+				} else {
+					// common repository, user default server settings
+					model.authorizationControl = AuthorizationControl.fromName(GitBlit.getString(Keys.git.defaultAuthorizationControl, ""));
+					model.accessRestriction = AccessRestrictionType.fromName(GitBlit.getString(Keys.git.defaultAccessRestriction, ""));
+				}
+
+				// create the repository
+				try {
+					GitBlit.self().updateRepositoryModel(model.name, model, true);
+					logger.info(MessageFormat.format("{0} created {1} ON-PUSH", user.username, model.name));
+					return GitBlit.self().getRepositoryModel(model.name);
+				} catch (GitBlitException e) {
+					logger.error(MessageFormat.format("{0} failed to create repository {1} ON-PUSH!", user.username, model.name), e);
+				}
+			} else {
+				logger.warn(MessageFormat.format("{0} is not permitted to create repository {1} ON-PUSH!", user.username, repository));
+			}
+		}
+		
+		// repository could not be created or action was not a push
+		return null;
+	}
 }

--
Gitblit v1.9.1