\r
import com.gitblit.Constants.RpcRequest;\r
import com.gitblit.models.RepositoryModel;\r
-import com.gitblit.models.SettingModel;\r
+import com.gitblit.models.ServerSettings;\r
import com.gitblit.models.UserModel;\r
import com.gitblit.utils.HttpUtils;\r
import com.gitblit.utils.RpcUtils;\r
logger.info(MessageFormat.format("Rpc {0} request from {1}", reqType,\r
request.getRemoteAddr()));\r
\r
+ boolean allowAdmin = GitBlit.getBoolean(Keys.web.enableRpcAdministration, false);\r
+\r
UserModel user = (UserModel) request.getUserPrincipal();\r
\r
Object result = null;\r
}\r
} else if (RpcRequest.LIST_FEDERATION_REGISTRATIONS.equals(reqType)) {\r
// return the list of federation registrations\r
- result = GitBlit.self().getFederationRegistrations();\r
+ if (allowAdmin) {\r
+ result = GitBlit.self().getFederationRegistrations();\r
+ } else {\r
+ response.sendError(notAllowedCode);\r
+ }\r
} else if (RpcRequest.LIST_FEDERATION_RESULTS.equals(reqType)) {\r
// return the list of federation result registrations\r
- if (GitBlit.canFederate()) {\r
+ if (allowAdmin && GitBlit.canFederate()) {\r
result = GitBlit.self().getFederationResultRegistrations();\r
} else {\r
response.sendError(notAllowedCode);\r
}\r
} else if (RpcRequest.LIST_FEDERATION_PROPOSALS.equals(reqType)) {\r
// return the list of federation proposals\r
- if (GitBlit.canFederate()) {\r
+ if (allowAdmin && GitBlit.canFederate()) {\r
result = GitBlit.self().getPendingFederationProposals();\r
} else {\r
response.sendError(notAllowedCode);\r
}\r
} else if (RpcRequest.LIST_FEDERATION_SETS.equals(reqType)) {\r
// return the list of federation sets\r
- if (GitBlit.canFederate()) {\r
+ if (allowAdmin && GitBlit.canFederate()) {\r
String gitblitUrl = HttpUtils.getGitblitURL(request);\r
result = GitBlit.self().getFederationSets(gitblitUrl);\r
} else {\r
}\r
} else if (RpcRequest.LIST_SETTINGS.equals(reqType)) {\r
// return the server's settings\r
- if (GitBlit.getBoolean(Keys.web.enableRpcAdministration, false)) {\r
- result = GitBlit.self().getSettingsModel();\r
+ ServerSettings settings = GitBlit.self().getSettingsModel();\r
+ if (allowAdmin) {\r
+ // return all settings\r
+ result = settings;\r
} else {\r
- response.sendError(notAllowedCode);\r
+ // return management settings only\r
+ String[] keys = { Keys.realm.minPasswordLength, Keys.realm.passwordStorage,\r
+ Keys.federation.sets };\r
+ ServerSettings managementSettings = new ServerSettings();\r
+ for (String key : keys) {\r
+ managementSettings.add(settings.get(key));\r
+ }\r
+ result = managementSettings;\r
}\r
} else if (RpcRequest.EDIT_SETTINGS.equals(reqType)) {\r
// update settings on the server\r
- if (GitBlit.getBoolean(Keys.web.enableRpcAdministration, false)) {\r
+ if (allowAdmin) {\r
Map<String, String> settings = deserialize(request, response,\r
RpcUtils.SETTINGS_TYPE);\r
GitBlit.self().updateSettings(settings);\r
}\r
} else if (RpcRequest.LIST_STATUS.equals(reqType)) {\r
// return the server's status information\r
- if (GitBlit.getBoolean(Keys.web.enableRpcAdministration, false)) {\r
+ if (allowAdmin) {\r
result = GitBlit.self().getStatus();\r
} else {\r
response.sendError(notAllowedCode);\r
projects / gitblit.git / commitdiff