From 2331e7936c27e32b7d6d251b3637efc0e1184a81 Mon Sep 17 00:00:00 2001 From: James Moger Date: Fri, 14 Mar 2014 12:52:50 -0400 Subject: [PATCH] Support admin commands that respect user permissions --- .../java/com/gitblit/transport/ssh/CommandMetaData.java | 1 + .../gitblit/transport/ssh/commands/CreateRepository.java | 2 +- .../gitblit/transport/ssh/commands/DispatchCommand.java | 9 +++++++++ .../transport/ssh/commands/SetAccountCommand.java | 2 +- 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/gitblit/transport/ssh/CommandMetaData.java b/src/main/java/com/gitblit/transport/ssh/CommandMetaData.java index 2dd189c1..0d39f33f 100644 --- a/src/main/java/com/gitblit/transport/ssh/CommandMetaData.java +++ b/src/main/java/com/gitblit/transport/ssh/CommandMetaData.java @@ -28,5 +28,6 @@ import java.lang.annotation.Target; public @interface CommandMetaData { String name(); String description() default ""; +boolean admin() default false; boolean hidden() default false; } diff --git a/src/main/java/com/gitblit/transport/ssh/commands/CreateRepository.java b/src/main/java/com/gitblit/transport/ssh/commands/CreateRepository.java index f422b18b..20f69015 100644 --- a/src/main/java/com/gitblit/transport/ssh/commands/CreateRepository.java +++ b/src/main/java/com/gitblit/transport/ssh/commands/CreateRepository.java @@ -20,7 +20,7 @@ import org.kohsuke.args4j.Option; import com.gitblit.transport.ssh.CommandMetaData; -@CommandMetaData(name = "create-repository", description = "Create new GIT repository", hidden = true) +@CommandMetaData(name = "create-repository", description = "Create new GIT repository", admin = true, hidden = true) public class CreateRepository extends SshCommand { @Option(name = "--name", aliases = {"-n"}, required = true, metaVar = "NAME", usage = "name of repository to be created") diff --git a/src/main/java/com/gitblit/transport/ssh/commands/DispatchCommand.java b/src/main/java/com/gitblit/transport/ssh/commands/DispatchCommand.java index 83707f77..5c022732 100644 --- a/src/main/java/com/gitblit/transport/ssh/commands/DispatchCommand.java +++ b/src/main/java/com/gitblit/transport/ssh/commands/DispatchCommand.java @@ -93,6 +93,12 @@ public class DispatchCommand extends BaseCommand { } Command cmd = getCommand(); + if (cmd.getClass().isAnnotationPresent(CommandMetaData.class)) { + CommandMetaData meta = cmd.getClass().getAnnotation(CommandMetaData.class); + if (meta.admin() && !ctx.getClient().getUser().canAdmin()) { + throw new UnloggedFailure(1, MessageFormat.format("{0} requires admin permissions", commandName)); + } + } if (cmd instanceof BaseCommand) { BaseCommand bc = (BaseCommand) cmd; if (getName().isEmpty()) { @@ -162,6 +168,9 @@ public class DispatchCommand extends BaseCommand { final Class c = m.get(name); CommandMetaData meta = c.getAnnotation(CommandMetaData.class); if (meta != null) { + if (meta.admin() && !ctx.getClient().getUser().canAdmin()) { + continue; + } if (meta.hidden()) { continue; } diff --git a/src/main/java/com/gitblit/transport/ssh/commands/SetAccountCommand.java b/src/main/java/com/gitblit/transport/ssh/commands/SetAccountCommand.java index 0eabdce8..a22ca856 100644 --- a/src/main/java/com/gitblit/transport/ssh/commands/SetAccountCommand.java +++ b/src/main/java/com/gitblit/transport/ssh/commands/SetAccountCommand.java @@ -26,7 +26,7 @@ import com.gitblit.transport.ssh.CommandMetaData; import com.gitblit.transport.ssh.IKeyManager; /** Set a user's account settings. **/ -@CommandMetaData(name = "set-account", description = "Change an account's settings") +@CommandMetaData(name = "set-account", description = "Change an account's settings", admin = true) public class SetAccountCommand extends BaseKeyCommand { private static final String ALL = "ALL"; -- 2.39.5