Gitblit is an open-source, pure Java stack for managing, viewing, and serving [Git][git] repositories. \r
It's designed primarily as a tool for small workgroups who want to host centralized repositories.\r
\r
-You can browse a live demo [here](http://demo-gitblit.rhcloud.com) hosted on [RedHat's OpenShift][rhcloud] cloud service.\r
-\r
-**NOTE:** \r
-The demo is a bit unstable due to a bug in JBossAS7/Tomcat when running in LOW_MEMORY mode which OpenShift mandates. RedHat engineers hope to have this issue resolved soon.\r
+You can browse a live demo [here](https://demo-gitblit.rhcloud.com) hosted on [RedHat's OpenShift][rhcloud] cloud service.\r
\r
### GO: Single-Stack Solution\r
\r
\r
#### changes\r
\r
+- block pushes to a repository with a working copy (i.e. non-bare repository) (issue-49)\r
- web.datetimestampLongFormat from *EEEE, MMMM d, yyyy h:mm a z* to *EEEE, MMMM d, yyyy HH:mm Z* (issue 50)\r
\r
#### additions\r
*/\r
protected abstract String getUrlRequestAction(String url);\r
\r
+ /**\r
+ * Determine if the action may be executed on the repository.\r
+ * \r
+ * @param repository\r
+ * @param action\r
+ * @return true if the action may be performed\r
+ */\r
+ protected abstract boolean isActionAllowed(RepositoryModel repository, String action);\r
+\r
/**\r
* Determine if the repository requires authentication.\r
* \r
httpResponse.sendError(HttpServletResponse.SC_NOT_FOUND);\r
return;\r
}\r
+ \r
+ // Confirm that the action may be executed on the repository\r
+ if (!isActionAllowed(model, urlRequestType)) {\r
+ logger.info(MessageFormat.format("ARF: action {0} on {1} forbidden ({2})",\r
+ urlRequestType, model, HttpServletResponse.SC_FORBIDDEN));\r
+ httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN);\r
+ return;\r
+ }\r
\r
// Wrap the HttpServletRequest with the AccessRestrictionRequest which\r
// overrides the servlet container user principal methods.\r
return "DOWNLOAD";\r
}\r
\r
+ /**\r
+ * Determine if the action may be executed on the repository.\r
+ * \r
+ * @param repository\r
+ * @param action\r
+ * @return true if the action may be performed\r
+ */\r
+ @Override\r
+ protected boolean isActionAllowed(RepositoryModel repository, String action) {\r
+ return true;\r
+ }\r
+\r
/**\r
* Determine if the repository requires authentication.\r
* \r
model.name = repositoryName;\r
model.hasCommits = JGitUtils.hasCommits(r);\r
model.lastChange = JGitUtils.getLastChange(r, null);\r
+ model.isBare = r.isBare();\r
StoredConfig config = JGitUtils.readConfig(r);\r
if (config != null) {\r
model.description = getConfig(config, "description", "");\r
}\r
return null;\r
}\r
+ \r
+ /**\r
+ * Determine if the repository can receive pushes.\r
+ * \r
+ * @param repository\r
+ * @param action\r
+ * @return true if the action may be performed\r
+ */\r
+ @Override\r
+ protected boolean isActionAllowed(RepositoryModel repository, String action) {\r
+ if (action.equals(gitReceivePack)) {\r
+ // Push request\r
+ if (!repository.isBare) {\r
+ logger.warn("Gitblit does not allow pushes to repositories with a working copy");\r
+ return false;\r
+ }\r
+ }\r
+ return true;\r
+ }\r
\r
/**\r
* Determine if the repository requires authentication.\r
if (!GitBlit.getBoolean(Keys.git.enableGitServlet, true)) {\r
// Git Servlet disabled\r
return false;\r
- }\r
- boolean readOnly = repository.isFrozen;\r
+ } \r
+ boolean readOnly = repository.isFrozen; \r
if (readOnly || repository.accessRestriction.atLeast(AccessRestrictionType.PUSH)) {\r
boolean authorizedUser = user.canAccessRepository(repository);\r
if (action.equals(gitReceivePack)) {\r
return "VIEW";\r
}\r
\r
+ /**\r
+ * Determine if the action may be executed on the repository.\r
+ * \r
+ * @param repository\r
+ * @param action\r
+ * @return true if the action may be performed\r
+ */\r
+ @Override\r
+ protected boolean isActionAllowed(RepositoryModel repository, String action) {\r
+ return true;\r
+ }\r
+ \r
/**\r
* Determine if the repository requires authentication.\r
* \r
return "VIEW";\r
}\r
\r
+ /**\r
+ * Determine if the action may be executed on the repository.\r
+ * \r
+ * @param repository\r
+ * @param action\r
+ * @return true if the action may be performed\r
+ */\r
+ @Override\r
+ protected boolean isActionAllowed(RepositoryModel repository, String action) {\r
+ return true;\r
+ }\r
+ \r
/**\r
* Determine if the repository requires authentication.\r
* \r
public boolean skipSizeCalculation;\r
public boolean skipSummaryMetrics;\r
public String frequency;\r
+ public boolean isBare;\r
public String origin;\r
+ public String HEAD;\r
+ public List<String> availableRefs;\r
public String size;\r
public List<String> preReceiveScripts;\r
public List<String> postReceiveScripts;\r
public List<String> mailingLists;\r
- public String HEAD;\r
- public List<String> availableRefs;\r
-\r
private String displayName;\r
\r
public RepositoryModel() {\r
git.enableGitServlet = true
groovy.scriptsFolder = groovy
groovy.preReceiveScripts = blockpush
-groovy.postReceiveScripts = sendmail jenkins
+groovy.postReceiveScripts = sendmail
web.authenticateViewPages = false
web.authenticateAdminPages = true
web.allowCookieAuthentication = true
static File ticgit2Folder = new File(GitBlitSuite.REPOSITORIES, "working/ticgit2");\r
\r
static File jgitFolder = new File(GitBlitSuite.REPOSITORIES, "working/jgit");\r
+ \r
+ static File jgit2Folder = new File(GitBlitSuite.REPOSITORIES, "working/jgit2");\r
\r
String url = GitBlitSuite.url;\r
String account = GitBlitSuite.account;\r
if (jgitFolder.exists()) {\r
FileUtils.delete(jgitFolder, FileUtils.RECURSIVE);\r
}\r
+ if (jgit2Folder.exists()) {\r
+ FileUtils.delete(jgit2Folder, FileUtils.RECURSIVE);\r
+ }\r
}\r
\r
@Test\r
close(git);\r
}\r
\r
+ @Test\r
+ public void testPushToNonBareRepository() throws Exception {\r
+ CloneCommand clone = Git.cloneRepository();\r
+ clone.setURI(MessageFormat.format("{0}/git/working/jgit", url));\r
+ clone.setDirectory(jgit2Folder);\r
+ clone.setBare(false);\r
+ clone.setCloneAllBranches(true);\r
+ clone.setCredentialsProvider(new UsernamePasswordCredentialsProvider(account, password));\r
+ close(clone.call());\r
+ assertTrue(true);\r
+\r
+ Git git = Git.open(jgit2Folder);\r
+ File file = new File(jgit2Folder, "NONBARE");\r
+ OutputStreamWriter os = new OutputStreamWriter(new FileOutputStream(file, true));\r
+ BufferedWriter w = new BufferedWriter(os);\r
+ w.write("// " + new Date().toString() + "\n");\r
+ w.close();\r
+ git.add().addFilepattern(file.getName()).call();\r
+ git.commit().setMessage("test commit followed by push to non-bare repository").call();\r
+ try {\r
+ git.push().setPushAll().call();\r
+ assertTrue(false);\r
+ } catch (Exception e) {\r
+ assertTrue(e.getCause().getMessage().contains("git-receive-pack not permitted"));\r
+ }\r
+ close(git);\r
+ }\r
+ \r
private void close(Git git) {\r
// really close the repository\r
// decrement the use counter to 0\r
projects / gitblit.git / commitdiff