Example 1 with RepositoryModel
use of com.gitblit.models.RepositoryModel in project gitblit by gitblit.
the class GitServletTest method testRefChange.
private void testRefChange(AccessPermission permission, Status expectedCreate, Status expectedDelete, Status expectedRewind) throws Exception {
final String originName = "ticgit.git";
final String forkName = "refchecks/ticgit.git";
final String workingCopy = "refchecks/ticgit-wc";
// lower access restriction on origin repository
RepositoryModel origin = repositories().getRepositoryModel(originName);
origin.accessRestriction = AccessRestrictionType.NONE;
repositories().updateRepositoryModel(origin.name, origin, false);
UserModel user = getUser();
delete(user);
CredentialsProvider cp = new UsernamePasswordCredentialsProvider(user.username, user.password);
// fork from original to a temporary bare repo
File refChecks = new File(GitBlitSuite.REPOSITORIES, forkName);
if (refChecks.exists()) {
FileUtils.delete(refChecks, FileUtils.RECURSIVE | FileUtils.RETRY);
}
CloneCommand clone = Git.cloneRepository();
clone.setURI(url + "/" + originName);
clone.setDirectory(refChecks);
clone.setBare(true);
clone.setCloneAllBranches(true);
clone.setCredentialsProvider(cp);
GitBlitSuite.close(clone.call());
// elevate repository to clone permission
RepositoryModel model = repositories().getRepositoryModel(forkName);
switch(permission) {
case VIEW:
model.accessRestriction = AccessRestrictionType.CLONE;
break;
case CLONE:
model.accessRestriction = AccessRestrictionType.CLONE;
break;
default:
model.accessRestriction = AccessRestrictionType.PUSH;
}
model.authorizationControl = AuthorizationControl.NAMED;
// grant user specified
user.setRepositoryPermission(model.name, permission);
gitblit().addUser(user);
repositories().updateRepositoryModel(model.name, model, false);
// clone temp bare repo to working copy
File local = new File(GitBlitSuite.REPOSITORIES, workingCopy);
if (local.exists()) {
FileUtils.delete(local, FileUtils.RECURSIVE | FileUtils.RETRY);
}
clone = Git.cloneRepository();
clone.setURI(MessageFormat.format("{0}/{1}", url, model.name));
clone.setDirectory(local);
clone.setBare(false);
clone.setCloneAllBranches(true);
clone.setCredentialsProvider(cp);
try {
GitBlitSuite.close(clone.call());
} catch (GitAPIException e) {
if (permission.atLeast(AccessPermission.CLONE)) {
throw e;
} else {
// close serving repository
GitBlitSuite.close(refChecks);
// user does not have clone permission
assertTrue(e.getMessage(), e.getMessage().contains("not permitted"));
return;
}
}
Git git = Git.open(local);
// commit a file and push it
File file = new File(local, "PUSHCHK");
OutputStreamWriter os = new OutputStreamWriter(new FileOutputStream(file, true), Constants.CHARSET);
BufferedWriter w = new BufferedWriter(os);
w.write("// " + new Date().toString() + "\n");
w.close();
git.add().addFilepattern(file.getName()).call();
git.commit().setMessage("push test").call();
Iterable<PushResult> results = null;
try {
results = git.push().setCredentialsProvider(cp).setRemote("origin").call();
} catch (GitAPIException e) {
if (permission.atLeast(AccessPermission.PUSH)) {
throw e;
} else {
// close serving repository
GitBlitSuite.close(refChecks);
// user does not have push permission
assertTrue(e.getMessage(), e.getMessage().contains("not permitted"));
GitBlitSuite.close(git);
return;
}
}
for (PushResult result : results) {
RemoteRefUpdate ref = result.getRemoteUpdate("refs/heads/master");
Status status = ref.getStatus();
if (permission.atLeast(AccessPermission.PUSH)) {
assertTrue("User failed to push commit?! " + status.name(), Status.OK.equals(status));
} else {
// close serving repository
GitBlitSuite.close(refChecks);
assertTrue("User was able to push commit! " + status.name(), Status.REJECTED_OTHER_REASON.equals(status));
GitBlitSuite.close(git);
// skip delete test
return;
}
}
// create a local branch and push the new branch back to the origin
git.branchCreate().setName("protectme").call();
RefSpec refSpec = new RefSpec("refs/heads/protectme:refs/heads/protectme");
results = git.push().setCredentialsProvider(cp).setRefSpecs(refSpec).setRemote("origin").call();
for (PushResult result : results) {
RemoteRefUpdate ref = result.getRemoteUpdate("refs/heads/protectme");
Status status = ref.getStatus();
if (Status.OK.equals(expectedCreate)) {
assertTrue("User failed to push creation?! " + status.name(), status.equals(expectedCreate));
} else {
// close serving repository
GitBlitSuite.close(refChecks);
assertTrue("User was able to push ref creation! " + status.name(), status.equals(expectedCreate));
GitBlitSuite.close(git);
// skip delete test
return;
}
}
// delete the branch locally
git.branchDelete().setBranchNames("protectme").call();
// push a delete ref command
refSpec = new RefSpec(":refs/heads/protectme");
results = git.push().setCredentialsProvider(cp).setRefSpecs(refSpec).setRemote("origin").call();
for (PushResult result : results) {
RemoteRefUpdate ref = result.getRemoteUpdate("refs/heads/protectme");
Status status = ref.getStatus();
if (Status.OK.equals(expectedDelete)) {
assertTrue("User failed to push ref deletion?! " + status.name(), status.equals(Status.OK));
} else {
// close serving repository
GitBlitSuite.close(refChecks);
assertTrue("User was able to push ref deletion?! " + status.name(), status.equals(expectedDelete));
GitBlitSuite.close(git);
// skip rewind test
return;
}
}
// rewind master by two commits
git.reset().setRef("HEAD~2").setMode(ResetType.HARD).call();
// commit a change on this detached HEAD
file = new File(local, "REWINDCHK");
os = new OutputStreamWriter(new FileOutputStream(file, true), Constants.CHARSET);
w = new BufferedWriter(os);
w.write("// " + new Date().toString() + "\n");
w.close();
git.add().addFilepattern(file.getName()).call();
RevCommit commit = git.commit().setMessage("rewind master and new commit").call();
// Reset master to our new commit now we our local branch tip is no longer
// upstream of the remote branch tip. It is an alternate tip of the branch.
JGitUtils.setBranchRef(git.getRepository(), "refs/heads/master", commit.getName());
// Try pushing our new tip to the origin.
// This requires the server to "rewind" it's master branch and update it
// to point to our alternate tip. This leaves the original master tip
// unreferenced.
results = git.push().setCredentialsProvider(cp).setRemote("origin").setForce(true).call();
for (PushResult result : results) {
RemoteRefUpdate ref = result.getRemoteUpdate("refs/heads/master");
Status status = ref.getStatus();
if (Status.OK.equals(expectedRewind)) {
assertTrue("User failed to rewind master?! " + status.name(), status.equals(expectedRewind));
} else {
assertTrue("User was able to rewind master?! " + status.name(), status.equals(expectedRewind));
}
}
GitBlitSuite.close(git);
// close serving repository
GitBlitSuite.close(refChecks);
delete(user);
}
Also used :
CloneCommand(org.eclipse.jgit.api.CloneCommand)
RemoteRefUpdate(org.eclipse.jgit.transport.RemoteRefUpdate)
Status(org.eclipse.jgit.transport.RemoteRefUpdate.Status)
UsernamePasswordCredentialsProvider(org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider)
RepositoryModel(com.gitblit.models.RepositoryModel)
UsernamePasswordCredentialsProvider(org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider)
CredentialsProvider(org.eclipse.jgit.transport.CredentialsProvider)
PushResult(org.eclipse.jgit.transport.PushResult)
Date(java.util.Date)
BufferedWriter(java.io.BufferedWriter)
UserModel(com.gitblit.models.UserModel)
GitAPIException(org.eclipse.jgit.api.errors.GitAPIException)
Git(org.eclipse.jgit.api.Git)
RefSpec(org.eclipse.jgit.transport.RefSpec)
FileOutputStream(java.io.FileOutputStream)
OutputStreamWriter(java.io.OutputStreamWriter)
File(java.io.File)
RevCommit(org.eclipse.jgit.revwalk.RevCommit)
Example 2 with RepositoryModel
use of com.gitblit.models.RepositoryModel in project gitblit by gitblit.
the class GitServletTest method testPushToFrozenRepo.
@Test
public void testPushToFrozenRepo() throws Exception {
GitBlitSuite.close(jgitFolder);
if (jgitFolder.exists()) {
FileUtils.delete(jgitFolder, FileUtils.RECURSIVE | FileUtils.RETRY);
}
CloneCommand clone = Git.cloneRepository();
clone.setURI(MessageFormat.format("{0}/test/jgit.git", url));
clone.setDirectory(jgitFolder);
clone.setBare(false);
clone.setCloneAllBranches(true);
clone.setCredentialsProvider(new UsernamePasswordCredentialsProvider(account, password));
GitBlitSuite.close(clone.call());
assertTrue(true);
// freeze repo
RepositoryModel model = repositories().getRepositoryModel("test/jgit.git");
model.isFrozen = true;
repositories().updateRepositoryModel(model.name, model, false);
Git git = Git.open(jgitFolder);
File file = new File(jgitFolder, "TODO");
OutputStreamWriter os = new OutputStreamWriter(new FileOutputStream(file, true), Constants.CHARSET);
BufferedWriter w = new BufferedWriter(os);
w.write("// " + new Date().toString() + "\n");
w.close();
git.add().addFilepattern(file.getName()).call();
git.commit().setMessage("test commit").call();
Iterable<PushResult> results = git.push().setPushAll().setCredentialsProvider(new UsernamePasswordCredentialsProvider(account, password)).call();
for (PushResult result : results) {
for (RemoteRefUpdate update : result.getRemoteUpdates()) {
assertEquals(Status.REJECTED_OTHER_REASON, update.getStatus());
}
}
// unfreeze repo
model.isFrozen = false;
repositories().updateRepositoryModel(model.name, model, false);
results = git.push().setPushAll().setCredentialsProvider(new UsernamePasswordCredentialsProvider(account, password)).call();
GitBlitSuite.close(git);
for (PushResult result : results) {
for (RemoteRefUpdate update : result.getRemoteUpdates()) {
assertEquals(Status.OK, update.getStatus());
}
}
}
Also used :
CloneCommand(org.eclipse.jgit.api.CloneCommand)
RemoteRefUpdate(org.eclipse.jgit.transport.RemoteRefUpdate)
UsernamePasswordCredentialsProvider(org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider)
Git(org.eclipse.jgit.api.Git)
FileOutputStream(java.io.FileOutputStream)
OutputStreamWriter(java.io.OutputStreamWriter)
RepositoryModel(com.gitblit.models.RepositoryModel)
PushResult(org.eclipse.jgit.transport.PushResult)
File(java.io.File)
Date(java.util.Date)
BufferedWriter(java.io.BufferedWriter)
Test(org.junit.Test)
Example 3 with RepositoryModel
use of com.gitblit.models.RepositoryModel in project gitblit by gitblit.
the class GitServletTest method testBogusLoginClone.
@Test
public void testBogusLoginClone() throws Exception {
// restrict repository access
RepositoryModel model = repositories().getRepositoryModel("ticgit.git");
model.accessRestriction = AccessRestrictionType.CLONE;
repositories().updateRepositoryModel(model.name, model, false);
// delete any existing working folder
boolean cloned = false;
try {
CloneCommand clone = Git.cloneRepository();
clone.setURI(MessageFormat.format("{0}/ticgit.git", url));
clone.setDirectory(ticgit2Folder);
clone.setBare(false);
clone.setCloneAllBranches(true);
clone.setCredentialsProvider(new UsernamePasswordCredentialsProvider("bogus", "bogus"));
GitBlitSuite.close(clone.call());
cloned = true;
} catch (Exception e) {
// swallow the exception which we expect
}
// restore anonymous repository access
model.accessRestriction = AccessRestrictionType.NONE;
repositories().updateRepositoryModel(model.name, model, false);
assertFalse("Bogus login cloned a repository?!", cloned);
}
Also used :
CloneCommand(org.eclipse.jgit.api.CloneCommand)
UsernamePasswordCredentialsProvider(org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider)
RepositoryModel(com.gitblit.models.RepositoryModel)
GitAPIException(org.eclipse.jgit.api.errors.GitAPIException)
IOException(java.io.IOException)
Test(org.junit.Test)
Example 4 with RepositoryModel
use of com.gitblit.models.RepositoryModel in project gitblit by gitblit.
the class GitServletTest method testUnauthorizedLoginClone.
@Test
public void testUnauthorizedLoginClone() throws Exception {
// restrict repository access
RepositoryModel model = repositories().getRepositoryModel("ticgit.git");
model.accessRestriction = AccessRestrictionType.CLONE;
model.authorizationControl = AuthorizationControl.NAMED;
UserModel user = new UserModel("james");
user.password = "james";
gitblit().addUser(user);
repositories().updateRepositoryModel(model.name, model, false);
FileUtils.delete(ticgit2Folder, FileUtils.RECURSIVE);
// delete any existing working folder
boolean cloned = false;
try {
CloneCommand clone = Git.cloneRepository();
clone.setURI(MessageFormat.format("{0}/ticgit.git", url));
clone.setDirectory(ticgit2Folder);
clone.setBare(false);
clone.setCloneAllBranches(true);
clone.setCredentialsProvider(new UsernamePasswordCredentialsProvider(user.username, user.password));
GitBlitSuite.close(clone.call());
cloned = true;
} catch (Exception e) {
// swallow the exception which we expect
}
assertFalse("Unauthorized login cloned a repository?!", cloned);
FileUtils.delete(ticgit2Folder, FileUtils.RECURSIVE);
// switch to authenticated
model.authorizationControl = AuthorizationControl.AUTHENTICATED;
repositories().updateRepositoryModel(model.name, model, false);
// try clone again
cloned = false;
CloneCommand clone = Git.cloneRepository();
clone.setURI(MessageFormat.format("{0}/ticgit.git", url));
clone.setDirectory(ticgit2Folder);
clone.setBare(false);
clone.setCloneAllBranches(true);
clone.setCredentialsProvider(new UsernamePasswordCredentialsProvider(user.username, user.password));
GitBlitSuite.close(clone.call());
cloned = true;
assertTrue("Authenticated login could not clone!", cloned);
FileUtils.delete(ticgit2Folder, FileUtils.RECURSIVE);
// restore anonymous repository access
model.accessRestriction = AccessRestrictionType.NONE;
model.authorizationControl = AuthorizationControl.NAMED;
repositories().updateRepositoryModel(model.name, model, false);
delete(user);
}
Also used :
UserModel(com.gitblit.models.UserModel)
CloneCommand(org.eclipse.jgit.api.CloneCommand)
UsernamePasswordCredentialsProvider(org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider)
RepositoryModel(com.gitblit.models.RepositoryModel)
GitAPIException(org.eclipse.jgit.api.errors.GitAPIException)
IOException(java.io.IOException)
Test(org.junit.Test)
Example 5 with RepositoryModel
use of com.gitblit.models.RepositoryModel in project gitblit by gitblit.
the class FilestoreServletTest method testUpload.
@Test
public void testUpload() throws Exception {
FileUtils.delete(filestore().getStorageFolder());
filestore().clearFilestoreCache();
RepositoryModel r = gitblit().getRepositoryModel(repoName);
UserModel u = new UserModel("admin");
u.canAdmin = true;
// No upload limit
settings().overrideSetting(Keys.filestore.maxUploadSize, FilestoreManager.UNDEFINED_SIZE);
final BlobInfo blob = new BlobInfo(512 * FileUtils.KB);
final String expectedUploadURL = GitBlitSuite.url + repoLfs + blob.hash;
final String initialUploadURL = GitBlitSuite.url + repoLfs + "batch";
HttpClient client = HttpClientBuilder.create().build();
HttpPost request = new HttpPost(initialUploadURL);
// add request header
request.addHeader(HttpHeaders.ACCEPT, FilestoreServlet.GIT_LFS_META_MIME);
request.addHeader(HttpHeaders.CONTENT_ENCODING, FilestoreServlet.GIT_LFS_META_MIME);
String content = String.format("{%s:%s,%s:[{%s:%s,%s:%d}]}", "\"operation\"", "\"upload\"", "\"objects\"", "\"oid\"", "\"" + blob.hash + "\"", "\"size\"", blob.length);
HttpEntity entity = new ByteArrayEntity(content.getBytes("UTF-8"));
request.setEntity(entity);
HttpResponse response = client.execute(request);
String responseMessage = IOUtils.toString(response.getEntity().getContent(), "UTF-8");
assertEquals(200, response.getStatusLine().getStatusCode());
String expectedContent = String.format("{%s:[{%s:%s,%s:%d,%s:{%s:{%s:%s}}}]}", "\"objects\"", "\"oid\"", "\"" + blob.hash + "\"", "\"size\"", blob.length, "\"actions\"", "\"upload\"", "\"href\"", "\"" + expectedUploadURL + "\"");
assertEquals(expectedContent, responseMessage);
// Now try to upload the binary download
HttpPut putRequest = new HttpPut(expectedUploadURL);
putRequest.setEntity(new ByteArrayEntity(blob.blob));
response = client.execute(putRequest);
responseMessage = IOUtils.toString(response.getEntity().getContent(), "UTF-8");
assertEquals(200, response.getStatusLine().getStatusCode());
// Confirm behind the scenes that it is available
ByteArrayOutputStream savedBlob = new ByteArrayOutputStream();
assertEquals(Status.Available, filestore().downloadBlob(blob.hash, u, r, savedBlob));
assertArrayEquals(blob.blob, savedBlob.toByteArray());
}
Also used :
UserModel(com.gitblit.models.UserModel)
HttpPost(org.apache.http.client.methods.HttpPost)
HttpEntity(org.apache.http.HttpEntity)
ByteArrayEntity(org.apache.http.entity.ByteArrayEntity)
HttpClient(org.apache.http.client.HttpClient)
HttpResponse(org.apache.http.HttpResponse)
RepositoryModel(com.gitblit.models.RepositoryModel)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
HttpPut(org.apache.http.client.methods.HttpPut)
Test(org.junit.Test)
Aggregations
RepositoryModel (com.gitblit.models.RepositoryModel)236
Test (org.junit.Test)146
Date (java.util.Date)135
UserModel (com.gitblit.models.UserModel)116
TeamModel (com.gitblit.models.TeamModel)68
ArrayList (java.util.ArrayList)39
File (java.io.File)21
Repository (org.eclipse.jgit.lib.Repository)20
CloneCommand (org.eclipse.jgit.api.CloneCommand)16
Git (org.eclipse.jgit.api.Git)13
ReceiveCommand (org.eclipse.jgit.transport.ReceiveCommand)13
UsernamePasswordCredentialsProvider (org.eclipse.jgit.transport.UsernamePasswordCredentialsProvider)12
GitBlitException (com.gitblit.GitBlitException)11
Label (org.apache.wicket.markup.html.basic.Label)11
PushResult (org.eclipse.jgit.transport.PushResult)10
RemoteRefUpdate (org.eclipse.jgit.transport.RemoteRefUpdate)10
RegistrantAccessPermission (com.gitblit.models.RegistrantAccessPermission)9
BufferedWriter (java.io.BufferedWriter)9
FileOutputStream (java.io.FileOutputStream)9
RevCommit (org.eclipse.jgit.revwalk.RevCommit)9
