use of org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException in project gitiles by GerritCodeReview.
the class RepositoryFilter method doFilter.
@Override
public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {
try {
String repo = ViewFilter.trimLeadingSlash(getRegexGroup(req, 1));
try (Repository git = resolver.open(req, repo)) {
req.setAttribute(ATTRIBUTE_REPOSITORY, git);
chain.doFilter(req, res);
} catch (RepositoryNotFoundException e) {
// Drop through the rest of the chain. ViewFilter will pass this
// to HostIndexServlet which will attempt to list repositories
// or send SC_NOT_FOUND there.
chain.doFilter(req, res);
} catch (ServiceMayNotContinueException e) {
sendError(req, res, e.getStatusCode(), e.getMessage());
} finally {
req.removeAttribute(ATTRIBUTE_REPOSITORY);
}
} catch (ServiceNotEnabledException e) {
sendError(req, res, SC_FORBIDDEN);
} catch (ServiceNotAuthorizedException e) {
res.sendError(SC_UNAUTHORIZED);
}
}
use of org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException in project gitiles by GerritCodeReview.
the class RootedDocServlet method service.
@Override
public void service(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
try (Repository repo = resolver.open(req, null);
RevWalk rw = new RevWalk(repo)) {
ObjectId id = repo.resolve(BRANCH);
if (id == null) {
res.sendError(HttpServletResponse.SC_NOT_FOUND);
return;
}
RevObject obj = rw.peel(rw.parseAny(id));
if (!(obj instanceof RevCommit)) {
res.sendError(HttpServletResponse.SC_NOT_FOUND);
return;
}
req.setAttribute(ATTRIBUTE_REPOSITORY, repo);
ViewFilter.setView(req, GitilesView.rootedDoc().setHostName(req.getServerName()).setServletPath(req.getContextPath() + req.getServletPath()).setRevision(BRANCH, obj).setPathPart(req.getPathInfo()).build());
docServlet.service(req, res);
} catch (RepositoryNotFoundException | ServiceNotAuthorizedException | ServiceNotEnabledException e) {
log.error(String.format("cannot open repository for %s", req.getServerName()), e);
res.sendError(HttpServletResponse.SC_NOT_FOUND);
} finally {
ViewFilter.removeView(req);
req.removeAttribute(ATTRIBUTE_REPOSITORY);
}
}
use of org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException in project gitblit by gitblit.
the class GitblitReceivePackFactory method create.
@Override
public ReceivePack create(X req, Repository db) throws ServiceNotEnabledException, ServiceNotAuthorizedException {
UserModel user = UserModel.ANONYMOUS;
String repositoryName = "";
String origin = "";
String gitblitUrl = "";
int timeout = 0;
Transport transport = null;
if (req instanceof HttpServletRequest) {
// http/https request may or may not be authenticated
HttpServletRequest client = (HttpServletRequest) req;
repositoryName = client.getAttribute("gitblitRepositoryName").toString();
origin = client.getRemoteHost();
gitblitUrl = HttpUtils.getGitblitURL(client);
// determine pushing user
String username = client.getRemoteUser();
if (!StringUtils.isEmpty(username)) {
UserModel u = gitblit.getUserModel(username);
if (u != null) {
user = u;
}
}
// determine the transport
if ("http".equals(client.getScheme())) {
transport = Transport.HTTP;
} else if ("https".equals(client.getScheme())) {
transport = Transport.HTTPS;
}
} else if (req instanceof GitDaemonClient) {
// git daemon request is always anonymous
GitDaemonClient client = (GitDaemonClient) req;
repositoryName = client.getRepositoryName();
origin = client.getRemoteAddress().getHostAddress();
// set timeout from Git daemon
timeout = client.getDaemon().getTimeout();
transport = Transport.GIT;
} else if (req instanceof SshDaemonClient) {
// SSH request is always authenticated
SshDaemonClient client = (SshDaemonClient) req;
repositoryName = client.getRepositoryName();
origin = client.getRemoteAddress().toString();
user = client.getUser();
transport = Transport.SSH;
}
if (!acceptPush(transport)) {
throw new ServiceNotAuthorizedException();
}
boolean allowAnonymousPushes = settings.getBoolean(Keys.git.allowAnonymousPushes, false);
if (!allowAnonymousPushes && UserModel.ANONYMOUS.equals(user)) {
// prohibit anonymous pushes
throw new ServiceNotEnabledException();
}
String url = settings.getString(Keys.web.canonicalUrl, null);
if (StringUtils.isEmpty(url)) {
url = gitblitUrl;
}
final RepositoryModel repository = gitblit.getRepositoryModel(repositoryName);
// Determine which receive pack to use for pushes
final GitblitReceivePack rp;
if (gitblit.getTicketService().isAcceptingNewPatchsets(repository)) {
rp = new PatchsetReceivePack(gitblit, db, repository, user);
} else {
rp = new GitblitReceivePack(gitblit, db, repository, user);
}
rp.setGitblitUrl(url);
rp.setRefLogIdent(new PersonIdent(user.username, user.username + "@" + origin));
rp.setTimeout(timeout);
return rp;
}
use of org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException in project gitblit by gitblit.
the class GitDaemon method startClient.
private void startClient(final Socket s) {
final GitDaemonClient dc = new GitDaemonClient(this);
final SocketAddress peer = s.getRemoteSocketAddress();
if (peer instanceof InetSocketAddress)
dc.setRemoteAddress(((InetSocketAddress) peer).getAddress());
new Thread(processors, "Git-Daemon-Client " + peer.toString()) {
@Override
public void run() {
try {
dc.execute(s);
} catch (ServiceNotEnabledException e) {
// Ignored. Client cannot use this repository.
} catch (ServiceNotAuthorizedException e) {
// Ignored. Client cannot use this repository.
} catch (IOException e) {
// Ignore unexpected IO exceptions from clients
} finally {
try {
s.getInputStream().close();
} catch (IOException e) {
// Ignore close exceptions
}
try {
s.getOutputStream().close();
} catch (IOException e) {
// Ignore close exceptions
}
}
}
}.start();
}
Aggregations