summaryrefslogtreecommitdiffstats
path: root/src/main/java/com/gitblit/manager
diff options
context:
space:
mode:
authorJoel Johnson <mrjoel@lixil.net>2015-06-29 17:13:19 -0600
committerJoel Johnson <mrjoel@lixil.net>2015-07-01 13:05:50 -0600
commit1590fd791c7fc4d6849479cad88956f37360bbbf (patch)
treed2f524497419f6aaec22b8a91c0cdcba2c4c0580 /src/main/java/com/gitblit/manager
parent124fd6e639b0bc43f3714134d6dead77895fd490 (diff)
downloadgitblit-1590fd791c7fc4d6849479cad88956f37360bbbf.tar.gz
gitblit-1590fd791c7fc4d6849479cad88956f37360bbbf.zip
allow advertising gitblit privileges for external URLs
commit c20191fc0931a19bec0df1ab2b56f287e5d8b7c7 enabled support for hiding internal URLs, but didn't consider that it broke the evaluation of permissions (used for tickets, etc.), and caused a NPE on repoUrl.permission when trying to view the TicketPage. With all internal mechanisms disabled, it would result in the first URL being external with unknown permissions. This adds an option to use internal permissions even for external URLs. Note that this does not grant any additional permissions, but does offer the option to have gitblit advertise the full set of what is allowed, even if the external URL imposes additional restrictions.
Diffstat (limited to 'src/main/java/com/gitblit/manager')
-rw-r--r--src/main/java/com/gitblit/manager/ServicesManager.java37
1 files changed, 28 insertions, 9 deletions
diff --git a/src/main/java/com/gitblit/manager/ServicesManager.java b/src/main/java/com/gitblit/manager/ServicesManager.java
index c911f31a..b993eb66 100644
--- a/src/main/java/com/gitblit/manager/ServicesManager.java
+++ b/src/main/java/com/gitblit/manager/ServicesManager.java
@@ -211,16 +211,35 @@ public class ServicesManager implements IServicesManager {
// add all other urls
// {0} = repository
// {1} = username
+ boolean advertisePermsForOther = settings.getBoolean(Keys.web.advertiseAccessPermissionForOtherUrls, false);
for (String url : settings.getStrings(Keys.web.otherUrls)) {
+ String externalUrl = null;
+
if (url.contains("{1}")) {
// external url requires username, only add url IF we have one
- if (!StringUtils.isEmpty(username)) {
- list.add(new RepositoryUrl(MessageFormat.format(url, repository.name, username), null));
+ if (StringUtils.isEmpty(username)) {
+ continue;
+ } else {
+ externalUrl = MessageFormat.format(url, repository.name, username);
}
} else {
- // external url does not require username
- list.add(new RepositoryUrl(MessageFormat.format(url, repository.name), null));
+ // external url does not require username, just do repo name formatting
+ externalUrl = MessageFormat.format(url, repository.name);
+ }
+
+ AccessPermission permission = null;
+ if (advertisePermsForOther) {
+ permission = user.getRepositoryPermission(repository).permission;
+ if (permission.exceeds(AccessPermission.NONE)) {
+ Transport transport = Transport.fromUrl(externalUrl);
+ if (permission.atLeast(AccessPermission.PUSH) && !acceptsPush(transport)) {
+ // downgrade the repo permission for this transport
+ // because it is not an acceptable PUSH transport
+ permission = AccessPermission.CLONE;
+ }
+ }
}
+ list.add(new RepositoryUrl(externalUrl, permission));
}
// sort transports by highest permission and then by transport security
@@ -228,13 +247,13 @@ public class ServicesManager implements IServicesManager {
@Override
public int compare(RepositoryUrl o1, RepositoryUrl o2) {
- if (!o1.isExternal() && o2.isExternal()) {
- // prefer Gitblit over external
+ if (o1.hasPermission() && !o2.hasPermission()) {
+ // prefer known permission items over unknown
return -1;
- } else if (o1.isExternal() && !o2.isExternal()) {
- // prefer Gitblit over external
+ } else if (!o1.hasPermission() && o2.hasPermission()) {
+ // prefer known permission items over unknown
return 1;
- } else if (o1.isExternal() && o2.isExternal()) {
+ } else if (!o1.hasPermission() && !o2.hasPermission()) {
// sort by Transport ordinal
return o1.transport.compareTo(o2.transport);
} else if (o1.permission.exceeds(o2.permission)) {
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-25 06:21:06 +0000