Search in sources :

Example 1 with GitDaemonClient

use of com.gitblit.transport.git.GitDaemonClient in project gitblit by gitblit.

the class RepositoryResolver method isExportOk.

/**
	 * Check if this repository can be served by the requested client connection.
	 */
@Override
protected boolean isExportOk(X req, String repositoryName, Repository db) throws IOException {
    RepositoryModel model = gitblit.getRepositoryModel(repositoryName);
    UserModel user = UserModel.ANONYMOUS;
    String scheme = null;
    String origin = null;
    if (req instanceof GitDaemonClient) {
        // git daemon request
        // this is an anonymous/unauthenticated protocol
        GitDaemonClient client = (GitDaemonClient) req;
        scheme = "git";
        origin = client.getRemoteAddress().toString();
    } else if (req instanceof HttpServletRequest) {
        // http/https request
        HttpServletRequest client = (HttpServletRequest) req;
        scheme = client.getScheme();
        origin = client.getRemoteAddr();
        user = gitblit.authenticate(client);
        if (user == null) {
            user = UserModel.ANONYMOUS;
        }
    } else if (req instanceof SshDaemonClient) {
        // ssh is always authenticated
        SshDaemonClient client = (SshDaemonClient) req;
        user = client.getUser();
    }
    if (user.canClone(model)) {
        // user can access this git repo
        logger.debug(MessageFormat.format("{0}:// access of {1} by {2} from {3} PERMITTED", scheme, repositoryName, user.username, origin));
        return true;
    }
    // user can not access this git repo
    logger.warn(MessageFormat.format("{0}:// access of {1} by {2} from {3} DENIED", scheme, repositoryName, user.username, origin));
    return false;
}
Also used : UserModel(com.gitblit.models.UserModel) HttpServletRequest(javax.servlet.http.HttpServletRequest) RepositoryModel(com.gitblit.models.RepositoryModel) SshDaemonClient(com.gitblit.transport.ssh.SshDaemonClient) GitDaemonClient(com.gitblit.transport.git.GitDaemonClient)

Example 2 with GitDaemonClient

use of com.gitblit.transport.git.GitDaemonClient in project gitblit by gitblit.

the class RepositoryResolver method open.

/**
	 * Open the repository and inject the repository name into the settings.
	 */
@Override
public Repository open(final X req, final String name) throws RepositoryNotFoundException, ServiceNotEnabledException {
    Repository repo = super.open(req, name);
    // retrieve the repository name from the pack factories or the hooks.
    if (req instanceof HttpServletRequest) {
        // http/https request
        HttpServletRequest client = (HttpServletRequest) req;
        client.setAttribute("gitblitRepositoryName", name);
    } else if (req instanceof GitDaemonClient) {
        // git request
        GitDaemonClient client = (GitDaemonClient) req;
        client.setRepositoryName(name);
    } else if (req instanceof SshDaemonClient) {
        SshDaemonClient client = (SshDaemonClient) req;
        client.setRepositoryName(name);
    }
    return repo;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Repository(org.eclipse.jgit.lib.Repository) SshDaemonClient(com.gitblit.transport.ssh.SshDaemonClient) GitDaemonClient(com.gitblit.transport.git.GitDaemonClient)

Example 3 with GitDaemonClient

use of com.gitblit.transport.git.GitDaemonClient in project gitblit by gitblit.

the class GitblitUploadPackFactory method create.

@Override
public UploadPack create(X req, Repository db) throws ServiceNotEnabledException, ServiceNotAuthorizedException {
    int timeout = 0;
    if (req instanceof GitDaemonClient) {
        // git daemon request is always anonymous
        GitDaemonClient client = (GitDaemonClient) req;
        // set timeout from Git daemon
        timeout = client.getDaemon().getTimeout();
    }
    UploadPack up = new UploadPack(db);
    up.setTimeout(timeout);
    return up;
}
Also used : UploadPack(org.eclipse.jgit.transport.UploadPack) GitDaemonClient(com.gitblit.transport.git.GitDaemonClient)

Example 4 with GitDaemonClient

use of com.gitblit.transport.git.GitDaemonClient in project gitblit by gitblit.

the class GitblitReceivePackFactory method create.

@Override
public ReceivePack create(X req, Repository db) throws ServiceNotEnabledException, ServiceNotAuthorizedException {
    UserModel user = UserModel.ANONYMOUS;
    String repositoryName = "";
    String origin = "";
    String gitblitUrl = "";
    int timeout = 0;
    Transport transport = null;
    if (req instanceof HttpServletRequest) {
        // http/https request may or may not be authenticated
        HttpServletRequest client = (HttpServletRequest) req;
        repositoryName = client.getAttribute("gitblitRepositoryName").toString();
        origin = client.getRemoteHost();
        gitblitUrl = HttpUtils.getGitblitURL(client);
        // determine pushing user
        String username = client.getRemoteUser();
        if (!StringUtils.isEmpty(username)) {
            UserModel u = gitblit.getUserModel(username);
            if (u != null) {
                user = u;
            }
        }
        // determine the transport
        if ("http".equals(client.getScheme())) {
            transport = Transport.HTTP;
        } else if ("https".equals(client.getScheme())) {
            transport = Transport.HTTPS;
        }
    } else if (req instanceof GitDaemonClient) {
        // git daemon request is always anonymous
        GitDaemonClient client = (GitDaemonClient) req;
        repositoryName = client.getRepositoryName();
        origin = client.getRemoteAddress().getHostAddress();
        // set timeout from Git daemon
        timeout = client.getDaemon().getTimeout();
        transport = Transport.GIT;
    } else if (req instanceof SshDaemonClient) {
        // SSH request is always authenticated
        SshDaemonClient client = (SshDaemonClient) req;
        repositoryName = client.getRepositoryName();
        origin = client.getRemoteAddress().toString();
        user = client.getUser();
        transport = Transport.SSH;
    }
    if (!acceptPush(transport)) {
        throw new ServiceNotAuthorizedException();
    }
    boolean allowAnonymousPushes = settings.getBoolean(Keys.git.allowAnonymousPushes, false);
    if (!allowAnonymousPushes && UserModel.ANONYMOUS.equals(user)) {
        // prohibit anonymous pushes
        throw new ServiceNotEnabledException();
    }
    String url = settings.getString(Keys.web.canonicalUrl, null);
    if (StringUtils.isEmpty(url)) {
        url = gitblitUrl;
    }
    final RepositoryModel repository = gitblit.getRepositoryModel(repositoryName);
    // Determine which receive pack to use for pushes
    final GitblitReceivePack rp;
    if (gitblit.getTicketService().isAcceptingNewPatchsets(repository)) {
        rp = new PatchsetReceivePack(gitblit, db, repository, user);
    } else {
        rp = new GitblitReceivePack(gitblit, db, repository, user);
    }
    rp.setGitblitUrl(url);
    rp.setRefLogIdent(new PersonIdent(user.username, user.username + "@" + origin));
    rp.setTimeout(timeout);
    return rp;
}
Also used : SshDaemonClient(com.gitblit.transport.ssh.SshDaemonClient) RepositoryModel(com.gitblit.models.RepositoryModel) GitDaemonClient(com.gitblit.transport.git.GitDaemonClient) UserModel(com.gitblit.models.UserModel) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServiceNotEnabledException(org.eclipse.jgit.transport.resolver.ServiceNotEnabledException) PersonIdent(org.eclipse.jgit.lib.PersonIdent) Transport(com.gitblit.Constants.Transport) ServiceNotAuthorizedException(org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException)

Aggregations

GitDaemonClient (com.gitblit.transport.git.GitDaemonClient)4 SshDaemonClient (com.gitblit.transport.ssh.SshDaemonClient)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)3 RepositoryModel (com.gitblit.models.RepositoryModel)2 UserModel (com.gitblit.models.UserModel)2 Transport (com.gitblit.Constants.Transport)1 PersonIdent (org.eclipse.jgit.lib.PersonIdent)1 Repository (org.eclipse.jgit.lib.Repository)1 UploadPack (org.eclipse.jgit.transport.UploadPack)1 ServiceNotAuthorizedException (org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException)1 ServiceNotEnabledException (org.eclipse.jgit.transport.resolver.ServiceNotEnabledException)1