/** Identity to record action as within the reflog. */
private PersonIdent refLogIdent;
+ /** Filter used while advertising the refs to the client. */
+ private RefFilter refFilter;
+
/** Hook to validate the update commands before execution. */
private PreReceiveHook preReceive;
allowDeletes = cfg.allowDeletes;
allowNonFastForwards = cfg.allowNonFastForwards;
allowOfsDelta = cfg.allowOfsDelta;
+ refFilter = RefFilter.DEFAULT;
preReceive = PreReceiveHook.NULL;
postReceive = PostReceiveHook.NULL;
}
refLogIdent = pi;
}
+ /** @return the filter used while advertising the refs to the client */
+ public RefFilter getRefFilter() {
+ return refFilter;
+ }
+
+ /**
+ * Set the filter used while advertising the refs to the client.
+ * <p>
+ * Only refs allowed by this filter will be shown to the client.
+ * Clients may still attempt to create or update a reference hidden
+ * by the configured {@link RefFilter}. These attempts should be
+ * rejected by a matching {@link PreReceiveHook}.
+ *
+ * @param refFilter
+ * the filter; may be null to show all refs.
+ */
+ public void setRefFilter(final RefFilter refFilter) {
+ this.refFilter = refFilter != null ? refFilter : RefFilter.DEFAULT;
+ }
+
/** @return get the hook invoked before updates occur. */
public PreReceiveHook getPreReceiveHook() {
return preReceive;
if (biDirectionalPipe)
sendAdvertisedRefs(new PacketLineOutRefAdvertiser(pckOut));
else
- refs = db.getAllRefs();
+ refs = refFilter.filter(db.getAllRefs());
recvCommands();
if (!commands.isEmpty()) {
enableCapabilities();
adv.advertiseCapability(CAPABILITY_REPORT_STATUS);
if (allowOfsDelta)
adv.advertiseCapability(CAPABILITY_OFS_DELTA);
- refs = db.getAllRefs();
+ refs = refFilter.filter(db.getAllRefs());
final Ref head = refs.remove(Constants.HEAD);
adv.send(refs);
if (head != null && !head.isSymbolic())
--- /dev/null
+/*
+ * Copyright (C) 2010, Google Inc.
+ * and other copyright owners as documented in the project's IP log.
+ *
+ * This program and the accompanying materials are made available
+ * under the terms of the Eclipse Distribution License v1.0 which
+ * accompanies this distribution, is reproduced below, and is
+ * available at http://www.eclipse.org/org/documents/edl-v10.php
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * - Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * - Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following
+ * disclaimer in the documentation and/or other materials provided
+ * with the distribution.
+ *
+ * - Neither the name of the Eclipse Foundation, Inc. nor the
+ * names of its contributors may be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package org.eclipse.jgit.transport;
+
+import java.util.Map;
+
+import org.eclipse.jgit.lib.Ref;
+
+/**
+ * Filters the list of refs that are advertised to the client.
+ * <p>
+ * The filter is called by {@link ReceivePack} and {@link UploadPack} to ensure
+ * that the refs are filtered before they are advertised to the client.
+ * <p>
+ * This can be used by applications to control visibility of certain refs based
+ * on a custom set of rules.
+ */
+public interface RefFilter {
+ /** The default filter, allows all refs to be shown. */
+ public static final RefFilter DEFAULT = new RefFilter() {
+ public Map<String, Ref> filter (final Map<String, Ref> refs) {
+ return refs;
+ }
+ };
+
+ /**
+ * Filters a {@code Map} of refs before it is advertised to the client.
+ *
+ * @param refs
+ * the refs which this method need to consider.
+ * @return
+ * the filtered map of refs.
+ */
+ public Map<String, Ref> filter(Map<String, Ref> refs);
+}
/** The refs we advertised as existing at the start of the connection. */
private Map<String, Ref> refs;
+ /** Filter used while advertising the refs to the client. */
+ private RefFilter refFilter;
+
/** Capabilities requested by the client. */
private final Set<String> options = new HashSet<String>();
SAVE.add(ADVERTISED);
SAVE.add(WANT);
SAVE.add(PEER_HAS);
+ refFilter = RefFilter.DEFAULT;
}
- /** @return the repository this receive completes into. */
+ /** @return the repository this upload is reading from. */
public final Repository getRepository() {
return db;
}
biDirectionalPipe = twoWay;
}
+ /** @return the filter used while advertising the refs to the client */
+ public RefFilter getRefFilter() {
+ return refFilter;
+ }
+
+ /**
+ * Set the filter used while advertising the refs to the client.
+ * <p>
+ * Only refs allowed by this filter will be sent to the client. This can
+ * be used by a server to restrict the list of references the client can
+ * obtain through clone or fetch, effectively limiting the access to only
+ * certain refs.
+ *
+ * @param refFilter
+ * the filter; may be null to show all refs.
+ */
+ public void setRefFilter(final RefFilter refFilter) {
+ this.refFilter = refFilter != null ? refFilter : RefFilter.DEFAULT;
+ }
+
/**
* Execute the upload task on the socket.
*
if (biDirectionalPipe)
sendAdvertisedRefs(new PacketLineOutRefAdvertiser(pckOut));
else {
- refs = db.getAllRefs();
+ refs = refFilter.filter(db.getAllRefs());
for (Ref r : refs.values()) {
try {
walk.parseAny(r.getObjectId()).add(ADVERTISED);
adv.advertiseCapability(OPTION_THIN_PACK);
adv.advertiseCapability(OPTION_NO_PROGRESS);
adv.setDerefTags(true);
- refs = db.getAllRefs();
+ refs = refFilter.filter(db.getAllRefs());
adv.send(refs);
adv.end();
}