diff options
| author | James Moger <james.moger@gitblit.com> | 2011-04-14 18:29:10 -0400 |
|---|---|---|
| committer | James Moger <james.moger@gitblit.com> | 2011-04-14 18:29:10 -0400 |
| commit | fc948cacef9c9b8c0a1e84cbc082ca67cd5f68d9 (patch) | |
| tree | 4287442c5d74c26c3e4826bc79d02c804cd0f8c4 | |
| parent | 94b96b5a98bef254128ccc4f5fc0e0c4376324e4 (diff) | |
| download | gitblit-fc948cacef9c9b8c0a1e84cbc082ca67cd5f68d9.tar.gz gitblit-fc948cacef9c9b8c0a1e84cbc082ca67cd5f68d9.zip | |
Authenticate the webapp against the same realm as the git servlet.
Right now the implementation is hard-coded to pass the realm into a
singleton. This won't work for a WAR distribution so I will
need to figure out how to properly authenticate the webapp using form
authentication and the git servlet using basic authentication - host
against the same realm.
| -rw-r--r-- | gitblit.properties | 19 | ||||
| -rw-r--r-- | src/com/gitblit/Constants.java | 6 | ||||
| -rw-r--r-- | src/com/gitblit/GitBlit.java | 127 | ||||
| -rw-r--r-- | src/com/gitblit/GitBlitServer.java | 47 | ||||
| -rw-r--r-- | src/com/gitblit/ILoginService.java | 10 | ||||
| -rw-r--r-- | src/com/gitblit/JettyLoginService.java | 32 | ||||
| -rw-r--r-- | src/com/gitblit/wicket/GitBlitWebApp.java | 93 | ||||
| -rw-r--r-- | src/com/gitblit/wicket/GitBlitWebSession.java | 7 | ||||
| -rw-r--r-- | src/com/gitblit/wicket/LoginPage.java | 7 | ||||
| -rw-r--r-- | src/com/gitblit/wicket/RepositoryPage.java | 3 | ||||
| -rw-r--r-- | src/com/gitblit/wicket/User.java | 27 | ||||
| -rw-r--r-- | src/com/gitblit/wicket/pages/PatchPage.java | 4 | ||||
| -rw-r--r-- | src/com/gitblit/wicket/pages/RawPage.java | 4 | ||||
| -rw-r--r-- | src/com/gitblit/wicket/pages/RepositoriesPage.java | 17 | ||||
| -rw-r--r-- | users.properties | 3 |
15 files changed, 267 insertions, 139 deletions
diff --git a/gitblit.properties b/gitblit.properties index a2e9ab66..65f44d17 100644 --- a/gitblit.properties +++ b/gitblit.properties @@ -32,22 +32,13 @@ authenticateWebUI = true # Simple user realm file to authenticate users for push/pull
realmFile = users.properties
-# User roles for push/pull git repository access
-# (* is the wildcard for any role)
-gitRoles = *
-
-# User roles for administrative features such
-# as create repository, edit repository description,
-# and set repository owner.
-# (* is the wildcard for any role)
-adminRoles = *
-
#
# Server Settings
#
-debug = true
+debugMode = true
tempFolder = temp
log4jPattern = %-5p %d{MM-dd HH:mm:ss.SSS} %-20.20c{1} %m%n
+
# Aggressive heap management will run the garbage collector on every generated
# page. This slows down page generation but improves heap consumption.
aggressiveHeapManagement = true
@@ -56,7 +47,13 @@ aggressiveHeapManagement = true # Git:Blit UI Settings
#
siteName =
+
+# If authenticateWebUI=true, users with "admin" role can create repositories,
+# create users, and edit repository metadata (owner, description, etc)
+#
+# If authenticateWebUI=false, any user can execute the aforementioned functions.
allowAdministration = true
+
repositoriesMessage = Welcome to Git:Blit!<br>A quick and easy way to host your own Git repositories.<br>Built with <a href="http://eclipse.org/jgit">JGit</a>, <a href="http://wicket.apache.org">Wicket</a>, <a href="http://code.google.com/p/google-code-prettify/">google-code-prettify</a>, <a href="http://eclipse.org/jetty">Jetty</a>, <a href="http://www.slf4j.org">SLF4J</a>, <a href="http://logging.apache.org/log4j">Log4j</a>, and <a href="http://jcommander.org">JCommander</a>.
# Use the client timezone when formatting dates.
diff --git a/src/com/gitblit/Constants.java b/src/com/gitblit/Constants.java index 052055a9..186193eb 100644 --- a/src/com/gitblit/Constants.java +++ b/src/com/gitblit/Constants.java @@ -5,6 +5,12 @@ public class Constants { public final static String NAME = "Git:Blit";
public final static String VERSION = "0.0.1";
+
+ public final static String ADMIN_ROLE = "admin";
+
+ public final static String PULL_ROLE = "pull";
+
+ public final static String PUSH_ROLE = "push";
public static String getGitBlitVersion() {
return NAME + " v" + VERSION;
diff --git a/src/com/gitblit/GitBlit.java b/src/com/gitblit/GitBlit.java new file mode 100644 index 00000000..27641432 --- /dev/null +++ b/src/com/gitblit/GitBlit.java @@ -0,0 +1,127 @@ +package com.gitblit;
+
+import java.io.File;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.wicket.Request;
+import org.apache.wicket.protocol.http.WebResponse;
+import org.apache.wicket.protocol.http.servlet.ServletWebRequest;
+import org.eclipse.jgit.errors.RepositoryNotFoundException;
+import org.eclipse.jgit.http.server.resolver.FileResolver;
+import org.eclipse.jgit.http.server.resolver.ServiceNotEnabledException;
+import org.eclipse.jgit.lib.Repository;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.gitblit.utils.JGitUtils;
+import com.gitblit.wicket.User;
+import com.gitblit.wicket.models.RepositoryModel;
+
+public class GitBlit {
+
+ private static GitBlit gitblit;
+
+ private final Logger logger = LoggerFactory.getLogger(GitBlit.class);
+
+ private final boolean debugMode;
+
+ private final FileResolver repositoryResolver;
+
+ private final File repositories;
+
+ private final boolean exportAll;
+
+ private ILoginService loginService;
+
+ public static GitBlit self() {
+ if (gitblit == null) {
+ gitblit = new GitBlit();
+ }
+ return gitblit;
+ }
+
+ private GitBlit() {
+ repositories = new File(StoredSettings.getString("repositoriesFolder", "repos"));
+ exportAll = StoredSettings.getBoolean("exportAll", true);
+ repositoryResolver = new FileResolver(repositories, exportAll);
+ debugMode = StoredSettings.getBoolean("debugMode", false);
+ }
+
+ public boolean isDebugMode() {
+ return debugMode;
+ }
+
+ public void setLoginService(ILoginService loginService) {
+ this.loginService = loginService;
+ }
+
+ public User authenticate(String username, char[] password) {
+ if (loginService == null) {
+ return null;
+ }
+ return loginService.authenticate(username, password);
+ }
+
+ public User authenticate(Cookie[] cookies) {
+ if (loginService == null) {
+ return null;
+ }
+ if (cookies != null && cookies.length > 0) {
+ for (Cookie cookie : cookies) {
+ if (cookie.getName().equals(Constants.NAME)) {
+ String value = cookie.getValue();
+ return loginService.authenticate(value.toCharArray());
+ }
+ }
+ }
+ return null;
+ }
+
+ public void setCookie(WebResponse response, User user) {
+ Cookie userCookie = new Cookie(Constants.NAME, user.getCookie());
+ userCookie.setMaxAge(Integer.MAX_VALUE);
+ userCookie.setPath("/");
+ response.addCookie(userCookie);
+ }
+
+ public List<String> getRepositoryList() {
+ return JGitUtils.getRepositoryList(repositories, exportAll, StoredSettings.getBoolean("nestedRepositories", true));
+ }
+
+ public List<RepositoryModel> getRepositories(Request request) {
+ List<String> list = getRepositoryList();
+ ServletWebRequest servletWebRequest = (ServletWebRequest) request;
+ HttpServletRequest req = servletWebRequest.getHttpServletRequest();
+
+ List<RepositoryModel> repositories = new ArrayList<RepositoryModel>();
+ for (String repo : list) {
+ Repository r = getRepository(req, repo);
+ String description = JGitUtils.getRepositoryDescription(r);
+ String owner = JGitUtils.getRepositoryOwner(r);
+ Date lastchange = JGitUtils.getLastChange(r);
+ r.close();
+ repositories.add(new RepositoryModel(repo, description, owner, lastchange));
+ }
+ return repositories;
+ }
+
+ public Repository getRepository(HttpServletRequest req, String repositoryName) {
+ Repository r = null;
+ try {
+ r = repositoryResolver.open(req, repositoryName);
+ } catch (RepositoryNotFoundException e) {
+ r = null;
+ logger.error("Failed to find repository " + repositoryName);
+ e.printStackTrace();
+ } catch (ServiceNotEnabledException e) {
+ r = null;
+ e.printStackTrace();
+ }
+ return r;
+ }
+}
diff --git a/src/com/gitblit/GitBlitServer.java b/src/com/gitblit/GitBlitServer.java index 9991a75d..4f1aeccc 100644 --- a/src/com/gitblit/GitBlitServer.java +++ b/src/com/gitblit/GitBlitServer.java @@ -21,7 +21,7 @@ import org.apache.wicket.protocol.http.WicketFilter; import org.eclipse.jetty.http.security.Constraint;
import org.eclipse.jetty.security.ConstraintMapping;
import org.eclipse.jetty.security.ConstraintSecurityHandler;
-import org.eclipse.jetty.security.HashLoginService;
+import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.security.authentication.BasicAuthenticator;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Handler;
@@ -50,11 +50,6 @@ public class GitBlitServer { private final static Logger logger = Log.getLogger(GitBlitServer.class.getSimpleName());
private final static String border_star = "***********************************************************";
- private static boolean debugMode = false;
-
- public static boolean isDebugMode() {
- return debugMode;
- }
public static void main(String[] args) {
Params params = new Params();
@@ -111,6 +106,9 @@ public class GitBlitServer { * Start Server.
*/
private static void start(Params params) {
+ // instantiate GitBlit
+ GitBlit.self();
+
PatternLayout layout = new PatternLayout(StoredSettings.getString("log4jPattern", "%-5p %d{MM-dd HH:mm:ss.SSS} %-20.20c{1} %m%n"));
org.apache.log4j.Logger rootLogger = org.apache.log4j.Logger.getRootLogger();
rootLogger.addAppender(new ConsoleAppender(layout));
@@ -123,7 +121,7 @@ public class GitBlitServer { String osversion = System.getProperty("os.version");
logger.info("Running on " + osname + " (" + osversion + ")");
- if (params.debug) {
+ if (StoredSettings.getBoolean("debugMode", false)) {
logger.warn("DEBUG Mode");
}
@@ -173,10 +171,9 @@ public class GitBlitServer { FilterHolder wicketFilter = new FilterHolder(WicketFilter.class);
wicketFilter.setInitParameter(ContextParamWebApplicationFactory.APP_CLASS_PARAM, GitBlitWebApp.class.getName());
wicketFilter.setInitParameter(WicketFilter.FILTER_MAPPING_PARAM, wicketPathSpec);
+ wicketFilter.setInitParameter(WicketFilter.IGNORE_PATHS_PARAM, "git/");
rootContext.addFilter(wicketFilter, wicketPathSpec, FilterMapping.DEFAULT);
- Handler handler;
-
// Git Servlet
ServletHolder gitServlet = null;
String gitServletPathSpec = "/git/*";
@@ -184,20 +181,25 @@ public class GitBlitServer { gitServlet = rootContext.addServlet(GitServlet.class, gitServletPathSpec);
gitServlet.setInitParameter("base-path", params.repositoriesFolder);
gitServlet.setInitParameter("export-all", params.exportAll ? "1" : "0");
- String realmUsers = params.realmFile;
-
- if (realmUsers != null && new File(realmUsers).exists() && params.authenticatePushPull) {
+ }
+
+ // Login Service
+ LoginService loginService = null;
+ String realmUsers = params.realmFile;
+ if (realmUsers != null && new File(realmUsers).exists()) {
+ logger.info("Setting up login service from " + realmUsers);
+ JettyLoginService jettyLoginService = new JettyLoginService(realmUsers);
+ GitBlit.self().setLoginService(jettyLoginService);
+ loginService = jettyLoginService;
+ }
+
+ // Determine what handler to use
+ Handler handler;
+ if (gitServlet != null) {
+ if (loginService != null && params.authenticatePushPull) {
// Authenticate Pull/Push
- List<String> list = StoredSettings.getStrings("gitRoles");
- String[] roles;
- if (list.size() == 0) {
- roles = new String[] { "*" };
- } else {
- roles = list.toArray(new String[list.size()]);
- }
+ String[] roles = new String[] { Constants.PULL_ROLE, Constants.PUSH_ROLE };
logger.info("Authentication required for git servlet pull/push access");
- logger.info("Setting up realm from " + realmUsers);
- HashLoginService loginService = new HashLoginService(Constants.NAME, realmUsers);
Constraint constraint = new Constraint();
constraint.setName("auth");
@@ -356,9 +358,6 @@ public class GitBlitServer { @Parameter(names = { "--temp" }, description = "Server temp folder")
public String temp = StoredSettings.getString("tempFolder", "temp");
- @Parameter(names = { "--debug" }, description = "Run server in DEBUG mode")
- public Boolean debug = StoredSettings.getBoolean("debug", false);
-
/*
* GIT Servlet Parameters
*/
diff --git a/src/com/gitblit/ILoginService.java b/src/com/gitblit/ILoginService.java new file mode 100644 index 00000000..ee98d8ef --- /dev/null +++ b/src/com/gitblit/ILoginService.java @@ -0,0 +1,10 @@ +package com.gitblit;
+
+import com.gitblit.wicket.User;
+
+public interface ILoginService {
+
+ User authenticate(String username, char [] password);
+
+ User authenticate(char [] cookie);
+}
diff --git a/src/com/gitblit/JettyLoginService.java b/src/com/gitblit/JettyLoginService.java new file mode 100644 index 00000000..93e9a192 --- /dev/null +++ b/src/com/gitblit/JettyLoginService.java @@ -0,0 +1,32 @@ +package com.gitblit;
+
+import org.eclipse.jetty.security.HashLoginService;
+import org.eclipse.jetty.server.UserIdentity;
+
+import com.gitblit.wicket.User;
+
+public class JettyLoginService extends HashLoginService implements ILoginService {
+
+ public JettyLoginService(String realmFile) {
+ super(Constants.NAME, realmFile);
+ }
+
+ @Override
+ public User authenticate(String username, char[] password) {
+ UserIdentity identity = login(username, new String(password));
+ if (identity == null || identity.equals(UserIdentity.UNAUTHENTICATED_IDENTITY)) {
+ return null;
+ }
+ User user = new User(username, password);
+ user.canAdmin(identity.isUserInRole(Constants.ADMIN_ROLE, null));
+ user.canClone(identity.isUserInRole(Constants.PULL_ROLE, null));
+ user.canPush(identity.isUserInRole(Constants.PUSH_ROLE, null));
+ return user;
+ }
+
+ @Override
+ public User authenticate(char [] cookie) {
+ // TODO cookie login
+ return null;
+ }
+}
diff --git a/src/com/gitblit/wicket/GitBlitWebApp.java b/src/com/gitblit/wicket/GitBlitWebApp.java index 2bd3179d..658ae67a 100644 --- a/src/com/gitblit/wicket/GitBlitWebApp.java +++ b/src/com/gitblit/wicket/GitBlitWebApp.java @@ -1,36 +1,17 @@ package com.gitblit.wicket;
-import java.io.File;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-
import org.apache.wicket.Application;
import org.apache.wicket.Page;
import org.apache.wicket.Request;
import org.apache.wicket.Response;
import org.apache.wicket.Session;
import org.apache.wicket.protocol.http.WebApplication;
-import org.apache.wicket.protocol.http.WebResponse;
import org.apache.wicket.protocol.http.request.urlcompressing.UrlCompressingWebRequestProcessor;
-import org.apache.wicket.protocol.http.servlet.ServletWebRequest;
import org.apache.wicket.request.IRequestCycleProcessor;
import org.apache.wicket.request.target.coding.MixedParamUrlCodingStrategy;
-import org.eclipse.jgit.errors.RepositoryNotFoundException;
-import org.eclipse.jgit.http.server.resolver.FileResolver;
-import org.eclipse.jgit.http.server.resolver.ServiceNotEnabledException;
-import org.eclipse.jgit.lib.Repository;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import com.gitblit.Constants;
-import com.gitblit.GitBlitServer;
+import com.gitblit.GitBlit;
import com.gitblit.StoredSettings;
-import com.gitblit.utils.JGitUtils;
-import com.gitblit.wicket.models.RepositoryModel;
import com.gitblit.wicket.pages.BlobDiffPage;
import com.gitblit.wicket.pages.BlobPage;
import com.gitblit.wicket.pages.BranchesPage;
@@ -49,14 +30,6 @@ import com.gitblit.wicket.pages.TreePage; public class GitBlitWebApp extends WebApplication {
- Logger logger = LoggerFactory.getLogger(GitBlitWebApp.class);
-
- FileResolver repositoryResolver;
-
- private File repositories;
-
- private boolean exportAll;
-
@Override
public void init() {
super.init();
@@ -92,10 +65,6 @@ public class GitBlitWebApp extends WebApplication { mount(new MixedParamUrlCodingStrategy("/ticgittkt", TicGitTicketPage.class, new String[] { "r", "h", "f" }));
mount(new MixedParamUrlCodingStrategy("/login", LoginPage.class, new String[] {}));
-
- repositories = new File(StoredSettings.getString("repositoriesFolder", "repos"));
- exportAll = StoredSettings.getBoolean("exportAll", true);
- repositoryResolver = new FileResolver(repositories, exportAll);
}
@Override
@@ -115,69 +84,11 @@ public class GitBlitWebApp extends WebApplication { @Override
public final String getConfigurationType() {
- if (GitBlitServer.isDebugMode())
+ if (GitBlit.self().isDebugMode())
return Application.DEVELOPMENT;
return Application.DEPLOYMENT;
}
- public User authenticate(String username, char [] password) {
- return new User(username, password);
- }
-
- public User authenticate(Cookie[] cookies) {
- if (cookies != null && cookies.length > 0) {
- for (Cookie cookie:cookies) {
- if (cookie.getName().equals(Constants.NAME)) {
- String value = cookie.getValue();
- }
- }
- }
- return null;
- }
-
- public void setCookie(WebResponse response, User user) {
- Cookie userCookie = new Cookie(Constants.NAME, user.getCookie());
- userCookie.setMaxAge(Integer.MAX_VALUE);
- userCookie.setPath("/");
- response.addCookie(userCookie);
- }
-
- public List<String> getRepositoryList() {
- return JGitUtils.getRepositoryList(repositories, exportAll, StoredSettings.getBoolean("nestedRepositories", true));
- }
-
- public List<RepositoryModel> getRepositories(Request request) {
- List<String> list = getRepositoryList();
- ServletWebRequest servletWebRequest = (ServletWebRequest) request;
- HttpServletRequest req = servletWebRequest.getHttpServletRequest();
-
- List<RepositoryModel> repositories = new ArrayList<RepositoryModel>();
- for (String repo : list) {
- Repository r = getRepository(req, repo);
- String description = JGitUtils.getRepositoryDescription(r);
- String owner = JGitUtils.getRepositoryOwner(r);
- Date lastchange = JGitUtils.getLastChange(r);
- r.close();
- repositories.add(new RepositoryModel(repo, description, owner, lastchange));
- }
- return repositories;
- }
-
- public Repository getRepository(HttpServletRequest req, String repositoryName) {
- Repository r = null;
- try {
- r = repositoryResolver.open(req, repositoryName);
- } catch (RepositoryNotFoundException e) {
- r = null;
- logger.error("Failed to find repository " + repositoryName);
- e.printStackTrace();
- } catch (ServiceNotEnabledException e) {
- r = null;
- e.printStackTrace();
- }
- return r;
- }
-
public String getCloneUrl(String repositoryName) {
return StoredSettings.getString("cloneUrl", "https://localhost/git/") + repositoryName;
}
diff --git a/src/com/gitblit/wicket/GitBlitWebSession.java b/src/com/gitblit/wicket/GitBlitWebSession.java index b2106e7b..34e597f0 100644 --- a/src/com/gitblit/wicket/GitBlitWebSession.java +++ b/src/com/gitblit/wicket/GitBlitWebSession.java @@ -28,6 +28,13 @@ public final class GitBlitWebSession extends WebSession { return user != null;
}
+ public boolean canAdmin() {
+ if (user == null) {
+ return false;
+ }
+ return user.canAdmin();
+ }
+
public User getUser() {
return user;
}
diff --git a/src/com/gitblit/wicket/LoginPage.java b/src/com/gitblit/wicket/LoginPage.java index 39b42852..e27adc31 100644 --- a/src/com/gitblit/wicket/LoginPage.java +++ b/src/com/gitblit/wicket/LoginPage.java @@ -18,6 +18,7 @@ import org.apache.wicket.protocol.http.WebResponse; import org.apache.wicket.protocol.http.servlet.ServletWebRequest;
import com.gitblit.Constants;
+import com.gitblit.GitBlit;
public class LoginPage extends WebPage {
@@ -58,7 +59,7 @@ public class LoginPage extends WebPage { String username = LoginPage.this.username.getObject();
char [] password = LoginPage.this.password.getObject().toCharArray();
- User user = GitBlitWebApp.get().authenticate(username, password);
+ User user = GitBlit.self().authenticate(username, password);
if (user == null)
error("Invalid username or password!");
else
@@ -72,7 +73,7 @@ public class LoginPage extends WebPage { // Grab cookie from Browser Session
Cookie[] cookies = ((WebRequest) getRequestCycle().getRequest()).getCookies();
if (cookies != null && cookies.length > 0) {
- user = GitBlitWebApp.get().authenticate(cookies);
+ user = GitBlit.self().authenticate(cookies);
}
// Login the user
@@ -85,7 +86,7 @@ public class LoginPage extends WebPage { // Set Cookie
WebResponse response = (WebResponse) getRequestCycle().getResponse();
- GitBlitWebApp.get().setCookie(response, user);
+ GitBlit.self().setCookie(response, user);
// track user object so that we do not have to continue
// re-authenticating on each request.
diff --git a/src/com/gitblit/wicket/RepositoryPage.java b/src/com/gitblit/wicket/RepositoryPage.java index 05617718..8dc485a5 100644 --- a/src/com/gitblit/wicket/RepositoryPage.java +++ b/src/com/gitblit/wicket/RepositoryPage.java @@ -12,6 +12,7 @@ import org.apache.wicket.protocol.http.servlet.ServletWebRequest; import org.eclipse.jgit.lib.Repository;
import org.eclipse.jgit.revwalk.RevCommit;
+import com.gitblit.GitBlit;
import com.gitblit.StoredSettings;
import com.gitblit.utils.JGitUtils;
import com.gitblit.wicket.pages.RepositoriesPage;
@@ -51,7 +52,7 @@ public abstract class RepositoryPage extends BasePage { HttpServletRequest req = servletWebRequest.getHttpServletRequest();
req.getServerName();
- Repository r = GitBlitWebApp.get().getRepository(req, repositoryName);
+ Repository r = GitBlit.self().getRepository(req, repositoryName);
if (r == null) {
error("Can not load repository " + repositoryName);
redirectToInterceptPage(new RepositoriesPage());
diff --git a/src/com/gitblit/wicket/User.java b/src/com/gitblit/wicket/User.java index fb49b404..c23b849c 100644 --- a/src/com/gitblit/wicket/User.java +++ b/src/com/gitblit/wicket/User.java @@ -7,12 +7,39 @@ public class User { private String username;
private char [] password;
+ private boolean canAdmin = false;
+ private boolean canClone = false;
+ private boolean canPush = false;
public User(String username, char [] password) {
this.username = username;
this.password = password;
}
+ public void canAdmin(boolean value) {
+ canAdmin = value;
+ }
+
+ public boolean canAdmin() {
+ return canAdmin;
+ }
+
+ public void canClone(boolean value) {
+ canClone = value;
+ }
+
+ public boolean canClone() {
+ return canClone;
+ }
+
+ public void canPush(boolean value) {
+ canPush = value;
+ }
+
+ public boolean canPush() {
+ return canPush;
+ }
+
public String getCookie() {
return Build.getSHA1((Constants.NAME + username + new String(password)).getBytes());
}
diff --git a/src/com/gitblit/wicket/pages/PatchPage.java b/src/com/gitblit/wicket/pages/PatchPage.java index 52790d68..c877bb6d 100644 --- a/src/com/gitblit/wicket/pages/PatchPage.java +++ b/src/com/gitblit/wicket/pages/PatchPage.java @@ -9,8 +9,8 @@ import org.apache.wicket.protocol.http.servlet.ServletWebRequest; import org.eclipse.jgit.lib.Repository;
import org.eclipse.jgit.revwalk.RevCommit;
+import com.gitblit.GitBlit;
import com.gitblit.utils.JGitUtils;
-import com.gitblit.wicket.GitBlitWebApp;
import com.gitblit.wicket.WicketUtils;
@@ -31,7 +31,7 @@ public class PatchPage extends WebPage { HttpServletRequest req = servletWebRequest.getHttpServletRequest();
req.getServerName();
- Repository r = GitBlitWebApp.get().getRepository(req, repositoryName);
+ Repository r = GitBlit.self().getRepository(req, repositoryName);
if (r == null) {
error("Can not load repository " + repositoryName);
redirectToInterceptPage(new RepositoriesPage());
diff --git a/src/com/gitblit/wicket/pages/RawPage.java b/src/com/gitblit/wicket/pages/RawPage.java index 18b91bcb..dc58b208 100644 --- a/src/com/gitblit/wicket/pages/RawPage.java +++ b/src/com/gitblit/wicket/pages/RawPage.java @@ -13,9 +13,9 @@ import org.apache.wicket.protocol.http.servlet.ServletWebRequest; import org.eclipse.jgit.lib.Repository;
import org.eclipse.jgit.revwalk.RevCommit;
+import com.gitblit.GitBlit;
import com.gitblit.StoredSettings;
import com.gitblit.utils.JGitUtils;
-import com.gitblit.wicket.GitBlitWebApp;
import com.gitblit.wicket.WicketUtils;
@@ -36,7 +36,7 @@ public class RawPage extends WebPage { HttpServletRequest req = servletWebRequest.getHttpServletRequest();
req.getServerName();
- Repository r = GitBlitWebApp.get().getRepository(req, repositoryName);
+ Repository r = GitBlit.self().getRepository(req, repositoryName);
if (r == null) {
error("Can not load repository " + repositoryName);
redirectToInterceptPage(new RepositoriesPage());
diff --git a/src/com/gitblit/wicket/pages/RepositoriesPage.java b/src/com/gitblit/wicket/pages/RepositoriesPage.java index 47d45122..3a43b0d9 100644 --- a/src/com/gitblit/wicket/pages/RepositoriesPage.java +++ b/src/com/gitblit/wicket/pages/RepositoriesPage.java @@ -17,10 +17,11 @@ import org.apache.wicket.markup.repeater.data.DataView; import org.apache.wicket.model.IModel;
import org.apache.wicket.model.Model;
+import com.gitblit.GitBlit;
import com.gitblit.StoredSettings;
import com.gitblit.utils.Utils;
import com.gitblit.wicket.BasePage;
-import com.gitblit.wicket.GitBlitWebApp;
+import com.gitblit.wicket.GitBlitWebSession;
import com.gitblit.wicket.LinkPanel;
import com.gitblit.wicket.WicketUtils;
import com.gitblit.wicket.models.RepositoryModel;
@@ -32,14 +33,22 @@ public class RepositoriesPage extends BasePage { super();
setupPage("", "");
+ boolean showAdmin = false;
+ if (StoredSettings.getBoolean("authenticateWebUI", true)) {
+ boolean allowAdmin = StoredSettings.getBoolean("allowAdministration", false);
+ showAdmin = allowAdmin && GitBlitWebSession.get().canAdmin();
+ } else {
+ showAdmin = StoredSettings.getBoolean("allowAdministration", false);
+ }
+
Fragment adminLinks = new Fragment("adminPanel", "adminLinks", this);
adminLinks.add(new BookmarkablePageLink<Void>("newRepository", RepositoriesPage.class));
- adminLinks.add(new BookmarkablePageLink<Void>("newUser", RepositoriesPage.class));
- add(adminLinks.setVisible(StoredSettings.getBoolean("allowAdministration", false)));
+ adminLinks.add(new BookmarkablePageLink<Void>("newUser", RepositoriesPage.class));
+ add(adminLinks.setVisible(showAdmin));
add(new Label("repositoriesMessage", StoredSettings.getString("repositoriesMessage", "")).setEscapeModelStrings(false));
- List<RepositoryModel> rows = GitBlitWebApp.get().getRepositories(getRequest());
+ List<RepositoryModel> rows = GitBlit.self().getRepositories(getRequest());
DataProvider dp = new DataProvider(rows);
DataView<RepositoryModel> dataView = new DataView<RepositoryModel>("repository", dp) {
private static final long serialVersionUID = 1L;
diff --git a/users.properties b/users.properties index 7f4fd746..eddad825 100644 --- a/users.properties +++ b/users.properties @@ -1 +1,2 @@ -test: test
+test: test,pull
+admin: admin,pull,push,admin
|