From d03aff630cbcd49f02d51f08ec59ac3cf7f41d0e Mon Sep 17 00:00:00 2001 From: James Moger Date: Sun, 23 Oct 2011 10:25:39 -0400 Subject: [PATCH] Separate management from administration in rpc servlet. Added skeleton mechanism to update server settings via rpc. --- distrib/gitblit.properties | 12 +++++++-- src/com/gitblit/Constants.java | 2 +- src/com/gitblit/GitBlit.java | 28 +++++++++++++------- src/com/gitblit/RpcFilter.java | 17 ++++++------ src/com/gitblit/RpcServlet.java | 16 +++++++++++- src/com/gitblit/client/GitblitClient.java | 25 ++++++++++++++---- src/com/gitblit/client/GitblitPanel.java | 32 ++++++++++++++++------- src/com/gitblit/utils/RpcUtils.java | 26 ++++++++++++++++-- 8 files changed, 121 insertions(+), 37 deletions(-) diff --git a/distrib/gitblit.properties b/distrib/gitblit.properties index d5e45720..28a6db83 100644 --- a/distrib/gitblit.properties +++ b/distrib/gitblit.properties @@ -93,8 +93,16 @@ web.allowAdministration = true # SINCE 0.7.0 web.enableRpcServlet = true -# Allows remote clients to administer the Gitblit instance, if the authenticated -# account has administrator permissions. Requires *web.enableRpcServlet=true*. +# Allows remote clients to manage repositories and users of the Gitblit instance, +# if the authenticated account has administrator permissions. +# Requires *web.enableRpcServlet=true*. +# +# SINCE 0.7.0 +web.enableRpcManagement = false + +# Allows remote clients to control the server settings of the Gitblit instance, +# if the authenticated account has administrator permissions. +# Requires *web.enableRpcServlet=true* and *web.enableRpcManagement*. # # SINCE 0.7.0 web.enableRpcAdministration = false diff --git a/src/com/gitblit/Constants.java b/src/com/gitblit/Constants.java index 79dfaf6a..450c11fb 100644 --- a/src/com/gitblit/Constants.java +++ b/src/com/gitblit/Constants.java @@ -204,7 +204,7 @@ public class Constants { LIST_REPOSITORIES, CREATE_REPOSITORY, EDIT_REPOSITORY, DELETE_REPOSITORY, LIST_USERS, CREATE_USER, EDIT_USER, DELETE_USER, LIST_REPOSITORY_MEMBERS, SET_REPOSITORY_MEMBERS, LIST_FEDERATION_REGISTRATIONS, LIST_FEDERATION_RESULTS, - LIST_FEDERATION_PROPOSALS, LIST_FEDERATION_SETS, LIST_SETTINGS, + LIST_FEDERATION_PROPOSALS, LIST_FEDERATION_SETS, LIST_SETTINGS, EDIT_SETTINGS, LIST_STATUS; public static RpcRequest fromName(String name) { diff --git a/src/com/gitblit/GitBlit.java b/src/com/gitblit/GitBlit.java index 6f537ec6..49f93e4e 100644 --- a/src/com/gitblit/GitBlit.java +++ b/src/com/gitblit/GitBlit.java @@ -25,6 +25,7 @@ import java.lang.reflect.Field; import java.text.MessageFormat; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collection; import java.util.Collections; import java.util.HashMap; import java.util.List; @@ -67,9 +68,9 @@ import com.gitblit.models.FederationSet; import com.gitblit.models.Metric; import com.gitblit.models.ObjectCache; import com.gitblit.models.RepositoryModel; +import com.gitblit.models.ServerSettings; import com.gitblit.models.ServerStatus; import com.gitblit.models.SettingModel; -import com.gitblit.models.ServerSettings; import com.gitblit.models.UserModel; import com.gitblit.utils.ByteFormat; import com.gitblit.utils.FederationUtils; @@ -246,6 +247,17 @@ public class GitBlit implements ServletContextListener { return self().settings.getBoolean(Keys.web.debugMode, false); } + /** + * Updates the list of server settings. + * + * @param settings + * @return true if the update succeeded + */ + public boolean updateSettings(Collection settings) { + // TODO update the settings + return false; + } + public ServerStatus getStatus() { // update heap memory status serverStatus.heapAllocated = Runtime.getRuntime().totalMemory(); @@ -442,10 +454,9 @@ public class GitBlit implements ServletContextListener { throws GitBlitException { if (!username.equalsIgnoreCase(user.username)) { if (userService.getUserModel(user.username) != null) { - throw new GitBlitException( - MessageFormat - .format("Failed to rename ''{0}'' because ''{1}'' already exists.", - username, user.username)); + throw new GitBlitException(MessageFormat.format( + "Failed to rename ''{0}'' because ''{1}'' already exists.", username, + user.username)); } } if (!userService.updateUserModel(username, user)) { @@ -735,10 +746,9 @@ public class GitBlit implements ServletContextListener { repository.name += org.eclipse.jgit.lib.Constants.DOT_GIT_EXT; } if (new File(repositoriesFolder, repository.name).exists()) { - throw new GitBlitException( - MessageFormat - .format("Failed to rename ''{0}'' because ''{1}'' already exists.", - repositoryName, repository.name)); + throw new GitBlitException(MessageFormat.format( + "Failed to rename ''{0}'' because ''{1}'' already exists.", + repositoryName, repository.name)); } closeRepository(repositoryName); File folder = new File(repositoriesFolder, repositoryName); diff --git a/src/com/gitblit/RpcFilter.java b/src/com/gitblit/RpcFilter.java index 2786f2a4..551ca3c6 100644 --- a/src/com/gitblit/RpcFilter.java +++ b/src/com/gitblit/RpcFilter.java @@ -60,7 +60,7 @@ public class RpcFilter extends AuthenticationFilter { String fullUrl = getFullUrl(httpRequest); RpcRequest requestType = RpcRequest.fromName(httpRequest.getParameter("req")); if (requestType == null) { - httpResponse.sendError(HttpServletResponse.SC_NOT_IMPLEMENTED); + httpResponse.sendError(HttpServletResponse.SC_NOT_IMPLEMENTED); return; } @@ -75,22 +75,23 @@ public class RpcFilter extends AuthenticationFilter { boolean authenticateView = GitBlit.getBoolean(Keys.web.authenticateViewPages, false); boolean authenticateAdmin = GitBlit.getBoolean(Keys.web.authenticateAdminPages, true); - - // Wrap the HttpServletRequest with the RpcServletnRequest which + + // Wrap the HttpServletRequest with the RpcServletRequest which // overrides the servlet container user principal methods. AuthenticatedRequest authenticatedRequest = new AuthenticatedRequest(httpRequest); UserModel user = getUser(httpRequest); if (user != null) { authenticatedRequest.setUser(user); } - - // conditionally reject rpc administration requests - if (adminRequest && !GitBlit.getBoolean(Keys.web.enableRpcAdministration, false)) { - logger.warn(Keys.web.enableRpcAdministration + " must be set TRUE for administrative rpc requests."); + + // conditionally reject rpc management/administration requests + if (adminRequest && !GitBlit.getBoolean(Keys.web.enableRpcManagement, false)) { + logger.warn(Keys.web.enableRpcManagement + + " must be set TRUE for management/administrative rpc requests."); httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN); return; } - + // BASIC authentication challenge and response processing if ((adminRequest && authenticateAdmin) || (!adminRequest && authenticateView)) { if (user == null) { diff --git a/src/com/gitblit/RpcServlet.java b/src/com/gitblit/RpcServlet.java index ceed35e1..7cf3a598 100644 --- a/src/com/gitblit/RpcServlet.java +++ b/src/com/gitblit/RpcServlet.java @@ -29,6 +29,7 @@ import javax.servlet.http.HttpServletResponse; import com.gitblit.Constants.RpcRequest; import com.gitblit.models.RepositoryModel; +import com.gitblit.models.SettingModel; import com.gitblit.models.UserModel; import com.gitblit.utils.HttpUtils; import com.gitblit.utils.RpcUtils; @@ -182,7 +183,20 @@ public class RpcServlet extends JsonServlet { } } else if (RpcRequest.LIST_SETTINGS.equals(reqType)) { // return the server's settings - result = GitBlit.self().getSettingsModel(); + if (GitBlit.getBoolean(Keys.web.enableRpcAdministration, false)) { + result = GitBlit.self().getSettingsModel(); + } else { + response.sendError(notAllowedCode); + } + } else if (RpcRequest.EDIT_SETTINGS.equals(reqType)) { + // update settings on the server + if (GitBlit.getBoolean(Keys.web.enableRpcAdministration, false)) { + Collection settings = deserialize(request, response, + RpcUtils.SETTINGS_TYPE); + GitBlit.self().updateSettings(settings); + } else { + response.sendError(notAllowedCode); + } } else if (RpcRequest.LIST_STATUS.equals(reqType)) { // return the server's status information result = GitBlit.self().getStatus(); diff --git a/src/com/gitblit/client/GitblitClient.java b/src/com/gitblit/client/GitblitClient.java index 76a67316..66675b16 100644 --- a/src/com/gitblit/client/GitblitClient.java +++ b/src/com/gitblit/client/GitblitClient.java @@ -48,8 +48,10 @@ public class GitblitClient implements Serializable { public final String account; private final char[] password; + + private volatile boolean allowManagement; - private volatile boolean isAdmin; + private volatile boolean allowAdministration; private volatile ServerSettings settings; @@ -74,20 +76,33 @@ public class GitblitClient implements Serializable { public void login() throws IOException { refreshRepositories(); + try { + refreshUsers(); + allowManagement = true; + } catch (UnauthorizedException e) { + } catch (ForbiddenException e) { + } catch (IOException e) { + System.err.println(e.getMessage()); + } + try { settings = RpcUtils.getSettings(url, account, password); status = RpcUtils.getStatus(url, account, password); - refreshUsers(); - isAdmin = true; + allowAdministration = true; } catch (UnauthorizedException e) { } catch (ForbiddenException e) { } catch (IOException e) { System.err.println(e.getMessage()); } + } - public boolean allowAdmin() { - return isAdmin; + public boolean allowManagement() { + return allowManagement; + } + + public boolean allowAdministration() { + return allowAdministration; } public boolean isOwner(RepositoryModel model) { diff --git a/src/com/gitblit/client/GitblitPanel.java b/src/com/gitblit/client/GitblitPanel.java index 5737c15c..31de44ef 100644 --- a/src/com/gitblit/client/GitblitPanel.java +++ b/src/com/gitblit/client/GitblitPanel.java @@ -185,7 +185,8 @@ public class GitblitPanel extends JPanel implements CloseTabListener { repositoriesTable = Utils.newTable(repositoriesModel); repositoriesTable.setRowHeight(nameRenderer.getFont().getSize() + 8); repositoriesTable.setRowSorter(defaultRepositoriesSorter); - repositoriesTable.getRowSorter().toggleSortOrder(RepositoriesTableModel.Columns.Name.ordinal()); + repositoriesTable.getRowSorter().toggleSortOrder( + RepositoriesTableModel.Columns.Name.ordinal()); setRepositoryRenderer(RepositoriesTableModel.Columns.Name, nameRenderer, -1); setRepositoryRenderer(RepositoriesTableModel.Columns.Indicators, typeRenderer, 100); @@ -208,7 +209,7 @@ public class GitblitPanel extends JPanel implements CloseTabListener { RepositoryModel model = ((RepositoriesTableModel) repositoriesTable.getModel()).list .get(modelRow); editRepository.setEnabled(singleSelection - && (gitblit.allowAdmin() || gitblit.isOwner(model))); + && (gitblit.allowManagement() || gitblit.isOwner(model))); } else { editRepository.setEnabled(false); } @@ -217,7 +218,7 @@ public class GitblitPanel extends JPanel implements CloseTabListener { repositoriesTable.addMouseListener(new MouseAdapter() { public void mouseClicked(MouseEvent e) { - if (e.getClickCount() == 2 && gitblit.allowAdmin()) { + if (e.getClickCount() == 2 && gitblit.allowManagement()) { editRepository(getSelectedRepositories().get(0)); } } @@ -266,8 +267,8 @@ public class GitblitPanel extends JPanel implements CloseTabListener { return repositoriesPanel; } - private void setRepositoryRenderer(RepositoriesTableModel.Columns col, TableCellRenderer renderer, - int maxWidth) { + private void setRepositoryRenderer(RepositoriesTableModel.Columns col, + TableCellRenderer renderer, int maxWidth) { String name = repositoriesTable.getColumnName(col.ordinal()); repositoriesTable.getColumn(name).setCellRenderer(renderer); if (maxWidth > 0) { @@ -457,9 +458,8 @@ public class GitblitPanel extends JPanel implements CloseTabListener { updateRepositoriesTable(); Utils.packColumns(repositoriesTable, 2); - if (gitblit.allowAdmin()) { + if (gitblit.allowManagement()) { updateUsersTable(); - updateSettingsTable(); } else { // user does not have administrator privileges // hide admin repository buttons @@ -468,10 +468,23 @@ public class GitblitPanel extends JPanel implements CloseTabListener { delRepository.setVisible(false); while (tabs.getTabCount() > 1) { - // remove admin tabs + // remove all management/administration tabs tabs.removeTabAt(1); } } + + if (gitblit.allowAdministration()) { + updateSettingsTable(); + } else { + // remove the settings tab + String settingsTitle = Translation.get("gb.settings"); + for (int i= 0; i < tabs.getTabCount(); i++) { + if (tabs.getTitleAt(i).equals(settingsTitle)) { + tabs.removeTabAt(i); + break; + } + } + } } private void updateRepositoriesTable() { @@ -547,7 +560,8 @@ public class GitblitPanel extends JPanel implements CloseTabListener { return false; } }; - TableRowSorter sorter = new TableRowSorter(settingsModel); + TableRowSorter sorter = new TableRowSorter( + settingsModel); sorter.setRowFilter(containsFilter); settingsTable.setRowSorter(sorter); } diff --git a/src/com/gitblit/utils/RpcUtils.java b/src/com/gitblit/utils/RpcUtils.java index 2d409a0a..6572cd9d 100644 --- a/src/com/gitblit/utils/RpcUtils.java +++ b/src/com/gitblit/utils/RpcUtils.java @@ -28,8 +28,9 @@ import com.gitblit.models.FederationModel; import com.gitblit.models.FederationProposal; import com.gitblit.models.FederationSet; import com.gitblit.models.RepositoryModel; -import com.gitblit.models.ServerStatus; import com.gitblit.models.ServerSettings; +import com.gitblit.models.ServerStatus; +import com.gitblit.models.SettingModel; import com.gitblit.models.UserModel; import com.google.gson.reflect.TypeToken; @@ -44,6 +45,9 @@ public class RpcUtils { public static final Type NAMES_TYPE = new TypeToken>() { }.getType(); + public static final Type SETTINGS_TYPE = new TypeToken>() { + }.getType(); + private static final Type REPOSITORIES_TYPE = new TypeToken>() { }.getType(); @@ -344,10 +348,28 @@ public class RpcUtils { public static ServerSettings getSettings(String serverUrl, String account, char[] password) throws IOException { String url = asLink(serverUrl, RpcRequest.LIST_SETTINGS); - ServerSettings settings = JsonUtils.retrieveJson(url, ServerSettings.class, account, password); + ServerSettings settings = JsonUtils.retrieveJson(url, ServerSettings.class, account, + password); return settings; } + /** + * Update the settings on the Gitblit server. + * + * @param settings + * the settings to update + * @param serverUrl + * @param account + * @param password + * @return true if the action succeeded + * @throws IOException + */ + public static boolean updateSettings(Map settings, String serverUrl, + String account, char[] password) throws IOException { + return doAction(RpcRequest.EDIT_SETTINGS, null, settings, serverUrl, account, password); + + } + /** * Retrieves the server status object. * -- 2.39.5