Search in sources :

Example 1 with ServiceNotAuthorizedException

use of org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException in project gitiles by GerritCodeReview.

the class RepositoryFilter method doFilter.

@Override
public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {
    try {
        String repo = ViewFilter.trimLeadingSlash(getRegexGroup(req, 1));
        try (Repository git = resolver.open(req, repo)) {
            req.setAttribute(ATTRIBUTE_REPOSITORY, git);
            chain.doFilter(req, res);
        } catch (RepositoryNotFoundException e) {
            // Drop through the rest of the chain. ViewFilter will pass this
            // to HostIndexServlet which will attempt to list repositories
            // or send SC_NOT_FOUND there.
            chain.doFilter(req, res);
        } catch (ServiceMayNotContinueException e) {
            sendError(req, res, e.getStatusCode(), e.getMessage());
        } finally {
            req.removeAttribute(ATTRIBUTE_REPOSITORY);
        }
    } catch (ServiceNotEnabledException e) {
        sendError(req, res, SC_FORBIDDEN);
    } catch (ServiceNotAuthorizedException e) {
        res.sendError(SC_UNAUTHORIZED);
    }
}
Also used : Repository(org.eclipse.jgit.lib.Repository) ServiceNotEnabledException(org.eclipse.jgit.transport.resolver.ServiceNotEnabledException) RepositoryNotFoundException(org.eclipse.jgit.errors.RepositoryNotFoundException) ServiceMayNotContinueException(org.eclipse.jgit.transport.ServiceMayNotContinueException) ServiceNotAuthorizedException(org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException)

Example 2 with ServiceNotAuthorizedException

use of org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException in project gitiles by GerritCodeReview.

the class RootedDocServlet method service.

@Override
public void service(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
    try (Repository repo = resolver.open(req, null);
        RevWalk rw = new RevWalk(repo)) {
        ObjectId id = repo.resolve(BRANCH);
        if (id == null) {
            res.sendError(HttpServletResponse.SC_NOT_FOUND);
            return;
        }
        RevObject obj = rw.peel(rw.parseAny(id));
        if (!(obj instanceof RevCommit)) {
            res.sendError(HttpServletResponse.SC_NOT_FOUND);
            return;
        }
        req.setAttribute(ATTRIBUTE_REPOSITORY, repo);
        ViewFilter.setView(req, GitilesView.rootedDoc().setHostName(req.getServerName()).setServletPath(req.getContextPath() + req.getServletPath()).setRevision(BRANCH, obj).setPathPart(req.getPathInfo()).build());
        docServlet.service(req, res);
    } catch (RepositoryNotFoundException | ServiceNotAuthorizedException | ServiceNotEnabledException e) {
        log.error(String.format("cannot open repository for %s", req.getServerName()), e);
        res.sendError(HttpServletResponse.SC_NOT_FOUND);
    } finally {
        ViewFilter.removeView(req);
        req.removeAttribute(ATTRIBUTE_REPOSITORY);
    }
}
Also used : Repository(org.eclipse.jgit.lib.Repository) ServiceNotEnabledException(org.eclipse.jgit.transport.resolver.ServiceNotEnabledException) ObjectId(org.eclipse.jgit.lib.ObjectId) RevObject(org.eclipse.jgit.revwalk.RevObject) RepositoryNotFoundException(org.eclipse.jgit.errors.RepositoryNotFoundException) RevWalk(org.eclipse.jgit.revwalk.RevWalk) ServiceNotAuthorizedException(org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException) RevCommit(org.eclipse.jgit.revwalk.RevCommit)

Example 3 with ServiceNotAuthorizedException

use of org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException in project gitblit by gitblit.

the class GitblitReceivePackFactory method create.

@Override
public ReceivePack create(X req, Repository db) throws ServiceNotEnabledException, ServiceNotAuthorizedException {
    UserModel user = UserModel.ANONYMOUS;
    String repositoryName = "";
    String origin = "";
    String gitblitUrl = "";
    int timeout = 0;
    Transport transport = null;
    if (req instanceof HttpServletRequest) {
        // http/https request may or may not be authenticated
        HttpServletRequest client = (HttpServletRequest) req;
        repositoryName = client.getAttribute("gitblitRepositoryName").toString();
        origin = client.getRemoteHost();
        gitblitUrl = HttpUtils.getGitblitURL(client);
        // determine pushing user
        String username = client.getRemoteUser();
        if (!StringUtils.isEmpty(username)) {
            UserModel u = gitblit.getUserModel(username);
            if (u != null) {
                user = u;
            }
        }
        // determine the transport
        if ("http".equals(client.getScheme())) {
            transport = Transport.HTTP;
        } else if ("https".equals(client.getScheme())) {
            transport = Transport.HTTPS;
        }
    } else if (req instanceof GitDaemonClient) {
        // git daemon request is always anonymous
        GitDaemonClient client = (GitDaemonClient) req;
        repositoryName = client.getRepositoryName();
        origin = client.getRemoteAddress().getHostAddress();
        // set timeout from Git daemon
        timeout = client.getDaemon().getTimeout();
        transport = Transport.GIT;
    } else if (req instanceof SshDaemonClient) {
        // SSH request is always authenticated
        SshDaemonClient client = (SshDaemonClient) req;
        repositoryName = client.getRepositoryName();
        origin = client.getRemoteAddress().toString();
        user = client.getUser();
        transport = Transport.SSH;
    }
    if (!acceptPush(transport)) {
        throw new ServiceNotAuthorizedException();
    }
    boolean allowAnonymousPushes = settings.getBoolean(Keys.git.allowAnonymousPushes, false);
    if (!allowAnonymousPushes && UserModel.ANONYMOUS.equals(user)) {
        // prohibit anonymous pushes
        throw new ServiceNotEnabledException();
    }
    String url = settings.getString(Keys.web.canonicalUrl, null);
    if (StringUtils.isEmpty(url)) {
        url = gitblitUrl;
    }
    final RepositoryModel repository = gitblit.getRepositoryModel(repositoryName);
    // Determine which receive pack to use for pushes
    final GitblitReceivePack rp;
    if (gitblit.getTicketService().isAcceptingNewPatchsets(repository)) {
        rp = new PatchsetReceivePack(gitblit, db, repository, user);
    } else {
        rp = new GitblitReceivePack(gitblit, db, repository, user);
    }
    rp.setGitblitUrl(url);
    rp.setRefLogIdent(new PersonIdent(user.username, user.username + "@" + origin));
    rp.setTimeout(timeout);
    return rp;
}
Also used : SshDaemonClient(com.gitblit.transport.ssh.SshDaemonClient) RepositoryModel(com.gitblit.models.RepositoryModel) GitDaemonClient(com.gitblit.transport.git.GitDaemonClient) UserModel(com.gitblit.models.UserModel) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServiceNotEnabledException(org.eclipse.jgit.transport.resolver.ServiceNotEnabledException) PersonIdent(org.eclipse.jgit.lib.PersonIdent) Transport(com.gitblit.Constants.Transport) ServiceNotAuthorizedException(org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException)

Example 4 with ServiceNotAuthorizedException

use of org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException in project gitblit by gitblit.

the class GitDaemon method startClient.

private void startClient(final Socket s) {
    final GitDaemonClient dc = new GitDaemonClient(this);
    final SocketAddress peer = s.getRemoteSocketAddress();
    if (peer instanceof InetSocketAddress)
        dc.setRemoteAddress(((InetSocketAddress) peer).getAddress());
    new Thread(processors, "Git-Daemon-Client " + peer.toString()) {

        @Override
        public void run() {
            try {
                dc.execute(s);
            } catch (ServiceNotEnabledException e) {
            // Ignored. Client cannot use this repository.
            } catch (ServiceNotAuthorizedException e) {
            // Ignored. Client cannot use this repository.
            } catch (IOException e) {
            // Ignore unexpected IO exceptions from clients
            } finally {
                try {
                    s.getInputStream().close();
                } catch (IOException e) {
                // Ignore close exceptions
                }
                try {
                    s.getOutputStream().close();
                } catch (IOException e) {
                // Ignore close exceptions
                }
            }
        }
    }.start();
}
Also used : ServiceNotEnabledException(org.eclipse.jgit.transport.resolver.ServiceNotEnabledException) InetSocketAddress(java.net.InetSocketAddress) InterruptedIOException(java.io.InterruptedIOException) IOException(java.io.IOException) SocketAddress(java.net.SocketAddress) InetSocketAddress(java.net.InetSocketAddress) ServiceNotAuthorizedException(org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException)

Aggregations

ServiceNotAuthorizedException (org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException)4 ServiceNotEnabledException (org.eclipse.jgit.transport.resolver.ServiceNotEnabledException)4 RepositoryNotFoundException (org.eclipse.jgit.errors.RepositoryNotFoundException)2 Repository (org.eclipse.jgit.lib.Repository)2 Transport (com.gitblit.Constants.Transport)1 RepositoryModel (com.gitblit.models.RepositoryModel)1 UserModel (com.gitblit.models.UserModel)1 GitDaemonClient (com.gitblit.transport.git.GitDaemonClient)1 SshDaemonClient (com.gitblit.transport.ssh.SshDaemonClient)1 IOException (java.io.IOException)1 InterruptedIOException (java.io.InterruptedIOException)1 InetSocketAddress (java.net.InetSocketAddress)1 SocketAddress (java.net.SocketAddress)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 ObjectId (org.eclipse.jgit.lib.ObjectId)1 PersonIdent (org.eclipse.jgit.lib.PersonIdent)1 RevCommit (org.eclipse.jgit.revwalk.RevCommit)1 RevObject (org.eclipse.jgit.revwalk.RevObject)1 RevWalk (org.eclipse.jgit.revwalk.RevWalk)1 ServiceMayNotContinueException (org.eclipse.jgit.transport.ServiceMayNotContinueException)1