From 3f8cd414769b513a5b0815e0da21f19fe4b1f2d8 Mon Sep 17 00:00:00 2001 From: James Moger Date: Wed, 6 Jun 2012 16:26:46 -0400 Subject: [PATCH] Fixed anonymous clone for 'Authenticated Push' repository (issue 96) --- docs/04_releases.mkd | 1 + src/com/gitblit/AccessRestrictionFilter.java | 5 +++-- src/com/gitblit/DownloadZipFilter.java | 3 ++- src/com/gitblit/GitFilter.java | 12 ++++++++++-- src/com/gitblit/PagesFilter.java | 3 ++- src/com/gitblit/SyndicationFilter.java | 3 ++- 6 files changed, 20 insertions(+), 7 deletions(-) diff --git a/docs/04_releases.mkd b/docs/04_releases.mkd index d4e5620a..8a24acfc 100644 --- a/docs/04_releases.mkd +++ b/docs/04_releases.mkd @@ -6,6 +6,7 @@ #### fixes +- Fixed bug where a repository set as authenticated push did not have anonymous clone access (issue 96) - Fixed bug in Basic authentication if passwords had a colon (Github/peterloron) #### changes diff --git a/src/com/gitblit/AccessRestrictionFilter.java b/src/com/gitblit/AccessRestrictionFilter.java index e9b6587b..aeb6835c 100644 --- a/src/com/gitblit/AccessRestrictionFilter.java +++ b/src/com/gitblit/AccessRestrictionFilter.java @@ -74,9 +74,10 @@ public abstract class AccessRestrictionFilter extends AuthenticationFilter { * Determine if the repository requires authentication. * * @param repository + * @param action * @return true if authentication required */ - protected abstract boolean requiresAuthentication(RepositoryModel repository); + protected abstract boolean requiresAuthentication(RepositoryModel repository, String action); /** * Determine if the user can access the repository and perform the specified @@ -144,7 +145,7 @@ public abstract class AccessRestrictionFilter extends AuthenticationFilter { } // BASIC authentication challenge and response processing - if (!StringUtils.isEmpty(urlRequestType) && requiresAuthentication(model)) { + if (!StringUtils.isEmpty(urlRequestType) && requiresAuthentication(model, urlRequestType)) { if (user == null) { // challenge client to provide credentials. send 401. if (GitBlit.isDebugMode()) { diff --git a/src/com/gitblit/DownloadZipFilter.java b/src/com/gitblit/DownloadZipFilter.java index d22649b5..e515b55e 100644 --- a/src/com/gitblit/DownloadZipFilter.java +++ b/src/com/gitblit/DownloadZipFilter.java @@ -72,10 +72,11 @@ public class DownloadZipFilter extends AccessRestrictionFilter { * Determine if the repository requires authentication. * * @param repository + * @param action * @return true if authentication required */ @Override - protected boolean requiresAuthentication(RepositoryModel repository) { + protected boolean requiresAuthentication(RepositoryModel repository, String action) { return repository.accessRestriction.atLeast(AccessRestrictionType.VIEW); } diff --git a/src/com/gitblit/GitFilter.java b/src/com/gitblit/GitFilter.java index e76fd767..4ae5b6c2 100644 --- a/src/com/gitblit/GitFilter.java +++ b/src/com/gitblit/GitFilter.java @@ -105,11 +105,19 @@ public class GitFilter extends AccessRestrictionFilter { * Determine if the repository requires authentication. * * @param repository + * @param action * @return true if authentication required */ @Override - protected boolean requiresAuthentication(RepositoryModel repository) { - return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH); + protected boolean requiresAuthentication(RepositoryModel repository, String action) { + if (gitUploadPack.equals(action)) { + // send to client + return repository.accessRestriction.atLeast(AccessRestrictionType.CLONE); + } else if (gitReceivePack.equals(action)) { + // receive from client + return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH); + } + return false; } /** diff --git a/src/com/gitblit/PagesFilter.java b/src/com/gitblit/PagesFilter.java index b29bede2..c092c64d 100644 --- a/src/com/gitblit/PagesFilter.java +++ b/src/com/gitblit/PagesFilter.java @@ -92,10 +92,11 @@ public class PagesFilter extends AccessRestrictionFilter { * Determine if the repository requires authentication. * * @param repository + * @param action * @return true if authentication required */ @Override - protected boolean requiresAuthentication(RepositoryModel repository) { + protected boolean requiresAuthentication(RepositoryModel repository, String action) { return repository.accessRestriction.atLeast(AccessRestrictionType.VIEW); } diff --git a/src/com/gitblit/SyndicationFilter.java b/src/com/gitblit/SyndicationFilter.java index 7e2561b9..08265666 100644 --- a/src/com/gitblit/SyndicationFilter.java +++ b/src/com/gitblit/SyndicationFilter.java @@ -70,10 +70,11 @@ public class SyndicationFilter extends AccessRestrictionFilter { * Determine if the repository requires authentication. * * @param repository + * @param action * @return true if authentication required */ @Override - protected boolean requiresAuthentication(RepositoryModel repository) { + protected boolean requiresAuthentication(RepositoryModel repository, String action) { return repository.accessRestriction.atLeast(AccessRestrictionType.VIEW); } -- 2.39.5