From 284a7bd54e9cddb0eabcd77148ee64639010d2ee Mon Sep 17 00:00:00 2001 From: James Moger Date: Wed, 26 Oct 2011 17:11:12 -0400 Subject: [PATCH] Return management-level settings if web.enableRpcAdministration=false Require web.enableRpcAdministration=true to process federation RPCs. --- src/com/gitblit/RpcServlet.java | 35 +++++++++++++++++++++++---------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/src/com/gitblit/RpcServlet.java b/src/com/gitblit/RpcServlet.java index dd99e3f4..53628a09 100644 --- a/src/com/gitblit/RpcServlet.java +++ b/src/com/gitblit/RpcServlet.java @@ -29,7 +29,7 @@ import javax.servlet.http.HttpServletResponse; import com.gitblit.Constants.RpcRequest; import com.gitblit.models.RepositoryModel; -import com.gitblit.models.SettingModel; +import com.gitblit.models.ServerSettings; import com.gitblit.models.UserModel; import com.gitblit.utils.HttpUtils; import com.gitblit.utils.RpcUtils; @@ -64,6 +64,8 @@ public class RpcServlet extends JsonServlet { logger.info(MessageFormat.format("Rpc {0} request from {1}", reqType, request.getRemoteAddr())); + boolean allowAdmin = GitBlit.getBoolean(Keys.web.enableRpcAdministration, false); + UserModel user = (UserModel) request.getUserPrincipal(); Object result = null; @@ -158,24 +160,28 @@ public class RpcServlet extends JsonServlet { } } else if (RpcRequest.LIST_FEDERATION_REGISTRATIONS.equals(reqType)) { // return the list of federation registrations - result = GitBlit.self().getFederationRegistrations(); + if (allowAdmin) { + result = GitBlit.self().getFederationRegistrations(); + } else { + response.sendError(notAllowedCode); + } } else if (RpcRequest.LIST_FEDERATION_RESULTS.equals(reqType)) { // return the list of federation result registrations - if (GitBlit.canFederate()) { + if (allowAdmin && GitBlit.canFederate()) { result = GitBlit.self().getFederationResultRegistrations(); } else { response.sendError(notAllowedCode); } } else if (RpcRequest.LIST_FEDERATION_PROPOSALS.equals(reqType)) { // return the list of federation proposals - if (GitBlit.canFederate()) { + if (allowAdmin && GitBlit.canFederate()) { result = GitBlit.self().getPendingFederationProposals(); } else { response.sendError(notAllowedCode); } } else if (RpcRequest.LIST_FEDERATION_SETS.equals(reqType)) { // return the list of federation sets - if (GitBlit.canFederate()) { + if (allowAdmin && GitBlit.canFederate()) { String gitblitUrl = HttpUtils.getGitblitURL(request); result = GitBlit.self().getFederationSets(gitblitUrl); } else { @@ -183,14 +189,23 @@ public class RpcServlet extends JsonServlet { } } else if (RpcRequest.LIST_SETTINGS.equals(reqType)) { // return the server's settings - if (GitBlit.getBoolean(Keys.web.enableRpcAdministration, false)) { - result = GitBlit.self().getSettingsModel(); + ServerSettings settings = GitBlit.self().getSettingsModel(); + if (allowAdmin) { + // return all settings + result = settings; } else { - response.sendError(notAllowedCode); + // return management settings only + String[] keys = { Keys.realm.minPasswordLength, Keys.realm.passwordStorage, + Keys.federation.sets }; + ServerSettings managementSettings = new ServerSettings(); + for (String key : keys) { + managementSettings.add(settings.get(key)); + } + result = managementSettings; } } else if (RpcRequest.EDIT_SETTINGS.equals(reqType)) { // update settings on the server - if (GitBlit.getBoolean(Keys.web.enableRpcAdministration, false)) { + if (allowAdmin) { Map settings = deserialize(request, response, RpcUtils.SETTINGS_TYPE); GitBlit.self().updateSettings(settings); @@ -199,7 +214,7 @@ public class RpcServlet extends JsonServlet { } } else if (RpcRequest.LIST_STATUS.equals(reqType)) { // return the server's status information - if (GitBlit.getBoolean(Keys.web.enableRpcAdministration, false)) { + if (allowAdmin) { result = GitBlit.self().getStatus(); } else { response.sendError(notAllowedCode); -- 2.39.5