Example 1 with AccessPermission
use of com.gitblit.Constants.AccessPermission in project gitblit by gitblit.
the class ConfigUserService method write.
/**
* Writes the properties file.
*
* @throws IOException
*/
private synchronized void write() throws IOException {
// Write a temporary copy of the users file
File realmFileCopy = new File(realmFile.getAbsolutePath() + ".tmp");
StoredUserConfig config = new StoredUserConfig(realmFileCopy);
// write users
for (UserModel model : users.values()) {
if (!StringUtils.isEmpty(model.password)) {
config.setString(USER, model.username, PASSWORD, model.password);
}
if (!StringUtils.isEmpty(model.cookie)) {
config.setString(USER, model.username, COOKIE, model.cookie);
}
if (!StringUtils.isEmpty(model.displayName)) {
config.setString(USER, model.username, DISPLAYNAME, model.displayName);
}
if (!StringUtils.isEmpty(model.emailAddress)) {
config.setString(USER, model.username, EMAILADDRESS, model.emailAddress);
}
if (model.accountType != null) {
config.setString(USER, model.username, ACCOUNTTYPE, model.accountType.name());
}
if (!StringUtils.isEmpty(model.organizationalUnit)) {
config.setString(USER, model.username, ORGANIZATIONALUNIT, model.organizationalUnit);
}
if (!StringUtils.isEmpty(model.organization)) {
config.setString(USER, model.username, ORGANIZATION, model.organization);
}
if (!StringUtils.isEmpty(model.locality)) {
config.setString(USER, model.username, LOCALITY, model.locality);
}
if (!StringUtils.isEmpty(model.stateProvince)) {
config.setString(USER, model.username, STATEPROVINCE, model.stateProvince);
}
if (!StringUtils.isEmpty(model.countryCode)) {
config.setString(USER, model.username, COUNTRYCODE, model.countryCode);
}
if (model.disabled) {
config.setBoolean(USER, model.username, DISABLED, true);
}
if (model.getPreferences() != null) {
Locale locale = model.getPreferences().getLocale();
if (locale != null) {
String val;
if (StringUtils.isEmpty(locale.getCountry())) {
val = locale.getLanguage();
} else {
val = locale.getLanguage() + "_" + locale.getCountry();
}
config.setString(USER, model.username, LOCALE, val);
}
config.setBoolean(USER, model.username, EMAILONMYTICKETCHANGES, model.getPreferences().isEmailMeOnMyTicketChanges());
if (model.getPreferences().getTransport() != null) {
config.setString(USER, model.username, TRANSPORT, model.getPreferences().getTransport().name());
}
}
// user roles
List<String> roles = new ArrayList<String>();
if (model.canAdmin) {
roles.add(Role.ADMIN.getRole());
}
if (model.canFork) {
roles.add(Role.FORK.getRole());
}
if (model.canCreate) {
roles.add(Role.CREATE.getRole());
}
if (model.excludeFromFederation) {
roles.add(Role.NOT_FEDERATED.getRole());
}
if (roles.size() == 0) {
// we do this to ensure that user record with no password
// is written. otherwise, StoredConfig optimizes that account
// away. :(
roles.add(Role.NONE.getRole());
}
config.setStringList(USER, model.username, ROLE, roles);
// discrete repository permissions
if (model.permissions != null && !model.canAdmin) {
List<String> permissions = new ArrayList<String>();
for (Map.Entry<String, AccessPermission> entry : model.permissions.entrySet()) {
if (entry.getValue().exceeds(AccessPermission.NONE)) {
permissions.add(entry.getValue().asRole(entry.getKey()));
}
}
config.setStringList(USER, model.username, REPOSITORY, permissions);
}
// user preferences
if (model.getPreferences() != null) {
List<String> starred = model.getPreferences().getStarredRepositories();
if (starred.size() > 0) {
config.setStringList(USER, model.username, STARRED, starred);
}
}
}
// write teams
for (TeamModel model : teams.values()) {
// team roles
List<String> roles = new ArrayList<String>();
if (model.canAdmin) {
roles.add(Role.ADMIN.getRole());
}
if (model.canFork) {
roles.add(Role.FORK.getRole());
}
if (model.canCreate) {
roles.add(Role.CREATE.getRole());
}
if (roles.size() == 0) {
// we do this to ensure that team record is written.
// Otherwise, StoredConfig might optimizes that record away.
roles.add(Role.NONE.getRole());
}
config.setStringList(TEAM, model.name, ROLE, roles);
if (model.accountType != null) {
config.setString(TEAM, model.name, ACCOUNTTYPE, model.accountType.name());
}
if (!model.canAdmin) {
// write team permission for non-admin teams
if (model.permissions == null) {
// can have a null repositories object
if (!ArrayUtils.isEmpty(model.repositories)) {
config.setStringList(TEAM, model.name, REPOSITORY, new ArrayList<String>(model.repositories));
}
} else {
// discrete repository permissions
List<String> permissions = new ArrayList<String>();
for (Map.Entry<String, AccessPermission> entry : model.permissions.entrySet()) {
if (entry.getValue().exceeds(AccessPermission.NONE)) {
// code:repository (e.g. RW+:~james/myrepo.git
permissions.add(entry.getValue().asRole(entry.getKey()));
}
}
config.setStringList(TEAM, model.name, REPOSITORY, permissions);
}
}
// can have a null users object
if (!ArrayUtils.isEmpty(model.users)) {
config.setStringList(TEAM, model.name, USER, new ArrayList<String>(model.users));
}
// TeamModel can have a null users object
if (!ArrayUtils.isEmpty(model.mailingLists)) {
config.setStringList(TEAM, model.name, MAILINGLIST, new ArrayList<String>(model.mailingLists));
}
// TeamModel can have a null preReceiveScripts object
if (!ArrayUtils.isEmpty(model.preReceiveScripts)) {
config.setStringList(TEAM, model.name, PRERECEIVE, model.preReceiveScripts);
}
// TeamModel can have a null postReceiveScripts object
if (!ArrayUtils.isEmpty(model.postReceiveScripts)) {
config.setStringList(TEAM, model.name, POSTRECEIVE, model.postReceiveScripts);
}
}
config.save();
// manually set the forceReload flag because not all JVMs support real
// millisecond resolution of lastModified. (issue-55)
forceReload = true;
// the temporary copy to the original filename.
if (realmFileCopy.exists() && realmFileCopy.length() > 0) {
if (realmFile.exists()) {
if (!realmFile.delete()) {
throw new IOException(MessageFormat.format("Failed to delete {0}!", realmFile.getAbsolutePath()));
}
}
if (!realmFileCopy.renameTo(realmFile)) {
throw new IOException(MessageFormat.format("Failed to rename {0} to {1}!", realmFileCopy.getAbsolutePath(), realmFile.getAbsolutePath()));
}
} else {
throw new IOException(MessageFormat.format("Failed to save {0}!", realmFileCopy.getAbsolutePath()));
}
}
Also used :
Locale(java.util.Locale)
ArrayList(java.util.ArrayList)
AccessPermission(com.gitblit.Constants.AccessPermission)
IOException(java.io.IOException)
UserModel(com.gitblit.models.UserModel)
TeamModel(com.gitblit.models.TeamModel)
File(java.io.File)
Map(java.util.Map)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
Example 2 with AccessPermission
use of com.gitblit.Constants.AccessPermission in project gitblit by gitblit.
the class FileKeyManager method getKeysImpl.
@Override
protected List<SshKey> getKeysImpl(String username) {
try {
log.info("loading ssh keystore for {}", username);
File keystore = getKeystore(username);
if (!keystore.exists()) {
return null;
}
if (keystore.exists()) {
List<SshKey> list = new ArrayList<SshKey>();
for (String entry : Files.readLines(keystore, Charsets.ISO_8859_1)) {
if (entry.trim().length() == 0) {
// skip blanks
continue;
}
if (entry.charAt(0) == '#') {
// skip comments
continue;
}
String[] parts = entry.split(" ", 2);
AccessPermission perm = AccessPermission.fromCode(parts[0]);
if (perm.equals(AccessPermission.NONE)) {
// ssh-rsa DATA COMMENT
SshKey key = new SshKey(entry);
list.add(key);
} else if (perm.exceeds(AccessPermission.NONE)) {
// PERMISSION ssh-rsa DATA COMMENT
SshKey key = new SshKey(parts[1]);
key.setPermission(perm);
list.add(key);
}
}
if (list.isEmpty()) {
return null;
}
lastModifieds.put(keystore, keystore.lastModified());
return list;
}
} catch (IOException e) {
throw new RuntimeException("Cannot read ssh keys", e);
}
return null;
}
Also used :
ArrayList(java.util.ArrayList)
AccessPermission(com.gitblit.Constants.AccessPermission)
IOException(java.io.IOException)
File(java.io.File)
Example 3 with AccessPermission
use of com.gitblit.Constants.AccessPermission in project gitblit by gitblit.
the class FileKeyManager method parseKey.
protected SshKey parseKey(String line) {
String[] parts = line.split(" ", 2);
AccessPermission perm = AccessPermission.fromCode(parts[0]);
if (perm.equals(AccessPermission.NONE)) {
// ssh-rsa DATA COMMENT
SshKey key = new SshKey(line);
return key;
} else {
// PERMISSION ssh-rsa DATA COMMENT
SshKey key = new SshKey(parts[1]);
key.setPermission(perm);
return key;
}
}
Also used :
AccessPermission(com.gitblit.Constants.AccessPermission)
Example 4 with AccessPermission
use of com.gitblit.Constants.AccessPermission in project gitblit by gitblit.
the class SshKeysPanel method onInitialize.
@Override
protected void onInitialize() {
super.onInitialize();
setOutputMarkupId(true);
final List<SshKey> keys = new ArrayList<SshKey>(app().keys().getKeys(user.username));
final ListDataProvider<SshKey> dp = new ListDataProvider<SshKey>(keys);
final DataView<SshKey> keysView = new DataView<SshKey>("keys", dp) {
private static final long serialVersionUID = 1L;
@Override
public void populateItem(final Item<SshKey> item) {
final SshKey key = item.getModelObject();
item.add(new Label("comment", key.getComment()));
item.add(new Label("fingerprint", key.getFingerprint()));
item.add(new Label("permission", key.getPermission().toString()));
item.add(new Label("algorithm", key.getAlgorithm()));
AjaxLink<Void> delete = new AjaxLink<Void>("delete") {
private static final long serialVersionUID = 1L;
@Override
public void onClick(AjaxRequestTarget target) {
if (app().keys().removeKey(user.username, key)) {
// reset the keys list
keys.clear();
keys.addAll(app().keys().getKeys(user.username));
// update the panel
target.addComponent(SshKeysPanel.this);
}
}
};
if (!canWriteKeys) {
delete.setVisibilityAllowed(false);
}
item.add(delete);
}
};
add(keysView);
Form<Void> addKeyForm = new Form<Void>("addKeyForm");
final IModel<String> keyData = Model.of("");
addKeyForm.add(new TextAreaOption("addKeyData", getString("gb.key"), null, "span5", keyData));
final IModel<AccessPermission> keyPermission = Model.of(AccessPermission.PUSH);
addKeyForm.add(new ChoiceOption<AccessPermission>("addKeyPermission", getString("gb.permission"), getString("gb.sshKeyPermissionDescription"), keyPermission, Arrays.asList(AccessPermission.SSHPERMISSIONS)));
final IModel<String> keyComment = Model.of("");
addKeyForm.add(new TextOption("addKeyComment", getString("gb.sshKeyComment"), getString("gb.sshKeyCommentDescription"), "span5", keyComment));
addKeyForm.add(new AjaxButton("addKeyButton") {
private static final long serialVersionUID = 1L;
@Override
protected void onSubmit(AjaxRequestTarget target, Form<?> form) {
UserModel user = GitBlitWebSession.get().getUser();
String data = keyData.getObject();
if (StringUtils.isEmpty(data)) {
// do not submit empty key
return;
}
SshKey key = new SshKey(data);
try {
key.getPublicKey();
} catch (Exception e) {
// failed to parse the key
return;
}
AccessPermission permission = keyPermission.getObject();
key.setPermission(permission);
String comment = keyComment.getObject();
if (!StringUtils.isEmpty(comment)) {
key.setComment(comment);
}
if (app().keys().addKey(user.username, key)) {
// reset add key fields
keyData.setObject("");
keyPermission.setObject(AccessPermission.PUSH);
keyComment.setObject("");
// reset the keys list
keys.clear();
keys.addAll(app().keys().getKeys(user.username));
// update the panel
target.addComponent(SshKeysPanel.this);
}
}
});
if (!canWriteKeys) {
addKeyForm.setVisibilityAllowed(false);
}
add(addKeyForm);
}
Also used :
ListDataProvider(org.apache.wicket.markup.repeater.data.ListDataProvider)
Form(org.apache.wicket.markup.html.form.Form)
ArrayList(java.util.ArrayList)
Label(org.apache.wicket.markup.html.basic.Label)
UserModel(com.gitblit.models.UserModel)
Item(org.apache.wicket.markup.repeater.Item)
AjaxButton(org.apache.wicket.ajax.markup.html.form.AjaxButton)
AjaxLink(org.apache.wicket.ajax.markup.html.AjaxLink)
AccessPermission(com.gitblit.Constants.AccessPermission)
SshKey(com.gitblit.transport.ssh.SshKey)
AjaxRequestTarget(org.apache.wicket.ajax.AjaxRequestTarget)
DataView(org.apache.wicket.markup.repeater.data.DataView)
Example 5 with AccessPermission
use of com.gitblit.Constants.AccessPermission in project gitblit by gitblit.
the class ConfigUserService method renameRepositoryRole.
/**
* Renames a repository role.
*
* @param oldRole
* @param newRole
* @return true if successful
*/
@Override
public synchronized boolean renameRepositoryRole(String oldRole, String newRole) {
try {
read();
// identify users which require role rename
for (UserModel model : users.values()) {
if (model.hasRepositoryPermission(oldRole)) {
AccessPermission permission = model.removeRepositoryPermission(oldRole);
model.setRepositoryPermission(newRole, permission);
}
}
// identify teams which require role rename
for (TeamModel model : teams.values()) {
if (model.hasRepositoryPermission(oldRole)) {
AccessPermission permission = model.removeRepositoryPermission(oldRole);
model.setRepositoryPermission(newRole, permission);
}
}
// persist changes
write();
return true;
} catch (Throwable t) {
logger.error(MessageFormat.format("Failed to rename role {0} to {1}!", oldRole, newRole), t);
}
return false;
}
Also used :
UserModel(com.gitblit.models.UserModel)
TeamModel(com.gitblit.models.TeamModel)
AccessPermission(com.gitblit.Constants.AccessPermission)
Aggregations
AccessPermission (com.gitblit.Constants.AccessPermission)14
ArrayList (java.util.ArrayList)7
UserModel (com.gitblit.models.UserModel)4
Map (java.util.Map)4
TeamModel (com.gitblit.models.TeamModel)3
File (java.io.File)3
IOException (java.io.IOException)3
PermissionType (com.gitblit.Constants.PermissionType)2
LinkedHashMap (java.util.LinkedHashMap)2
ConfigUserService (com.gitblit.ConfigUserService)1
Transport (com.gitblit.Constants.Transport)1
ForbiddenException (com.gitblit.GitBlitException.ForbiddenException)1
IUserService (com.gitblit.IUserService)1
RefModel (com.gitblit.models.RefModel)1
RepositoryModel (com.gitblit.models.RepositoryModel)1
RepositoryUrl (com.gitblit.models.RepositoryUrl)1
SshKey (com.gitblit.transport.ssh.SshKey)1
CloneResult (com.gitblit.utils.JGitUtils.CloneResult)1
FileOutputStream (java.io.FileOutputStream)1
HashMap (java.util.HashMap)1
