diff options
| author | mschaefers <mschaefers@scoop-gmbh.de> | 2012-12-03 09:49:23 +0100 |
|---|---|---|
| committer | mschaefers <mschaefers@scoop-gmbh.de> | 2012-12-03 09:49:23 +0100 |
| commit | ba6ae959b8e21c714c69f66254e82837d45a3ed2 (patch) | |
| tree | 3f538ad138d47b43d8f6a00e0f3c18c147bfcb90 /src | |
| parent | e2013b91626a4c693053e9859add68ff371f2298 (diff) | |
| parent | f1c3a882d12aede461e3c8ca3ebd298bdb28bc5d (diff) | |
| download | gitblit-ba6ae959b8e21c714c69f66254e82837d45a3ed2.tar.gz gitblit-ba6ae959b8e21c714c69f66254e82837d45a3ed2.zip | |
Merge branch 'master' of https://github.com/gitblit/gitblit into enhancedLdap
Conflicts:
distrib/gitblit.properties
Diffstat (limited to 'src')
23 files changed, 687 insertions, 171 deletions
diff --git a/src/com/gitblit/Constants.java b/src/com/gitblit/Constants.java index cd6b0709..4669c4c9 100644 --- a/src/com/gitblit/Constants.java +++ b/src/com/gitblit/Constants.java @@ -397,7 +397,15 @@ public class Constants { return ordinal() > s.ordinal();
}
}
-
+
+ public static enum AuthenticationType {
+ CREDENTIALS, COOKIE, CERTIFICATE;
+
+ public boolean isStandard() {
+ return ordinal() <= COOKIE.ordinal();
+ }
+ }
+
@Documented
@Retention(RetentionPolicy.RUNTIME)
public @interface Unused {
diff --git a/src/com/gitblit/DownloadZipServlet.java b/src/com/gitblit/DownloadZipServlet.java index 26559344..0feee879 100644 --- a/src/com/gitblit/DownloadZipServlet.java +++ b/src/com/gitblit/DownloadZipServlet.java @@ -29,6 +29,7 @@ import org.eclipse.jgit.revwalk.RevCommit; import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import com.gitblit.utils.CompressionUtils;
import com.gitblit.utils.JGitUtils;
import com.gitblit.utils.MarkdownUtils;
import com.gitblit.utils.StringUtils;
@@ -45,6 +46,25 @@ public class DownloadZipServlet extends HttpServlet { private static final long serialVersionUID = 1L;
private transient Logger logger = LoggerFactory.getLogger(DownloadZipServlet.class);
+
+ public static enum Format {
+ zip(".zip"), tar(".tar"), gz(".tar.gz"), xz(".tar.xz"), bzip2(".tar.bzip2");
+
+ public final String extension;
+
+ Format(String ext) {
+ this.extension = ext;
+ }
+
+ public static Format fromName(String name) {
+ for (Format format : values()) {
+ if (format.name().equalsIgnoreCase(name)) {
+ return format;
+ }
+ }
+ return zip;
+ }
+ }
public DownloadZipServlet() {
super();
@@ -57,15 +77,17 @@ public class DownloadZipServlet extends HttpServlet { * @param repository
* @param objectId
* @param path
+ * @param format
* @return an url
*/
- public static String asLink(String baseURL, String repository, String objectId, String path) {
+ public static String asLink(String baseURL, String repository, String objectId, String path, Format format) {
if (baseURL.length() > 0 && baseURL.charAt(baseURL.length() - 1) == '/') {
baseURL = baseURL.substring(0, baseURL.length() - 1);
}
return baseURL + Constants.ZIP_PATH + "?r=" + repository
+ (path == null ? "" : ("&p=" + path))
- + (objectId == null ? "" : ("&h=" + objectId));
+ + (objectId == null ? "" : ("&h=" + objectId))
+ + (format == null ? "" : ("&format=" + format.name()));
}
/**
@@ -84,16 +106,22 @@ public class DownloadZipServlet extends HttpServlet { response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
-
+
+ Format format = Format.zip;
String repository = request.getParameter("r");
String basePath = request.getParameter("p");
String objectId = request.getParameter("h");
-
+ String f = request.getParameter("format");
+ if (!StringUtils.isEmpty(f)) {
+ format = Format.fromName(f);
+ }
+
try {
String name = repository;
if (name.indexOf('/') > -1) {
name = name.substring(name.lastIndexOf('/') + 1);
}
+ name = StringUtils.stripDotGit(name);
if (!StringUtils.isEmpty(basePath)) {
name += "-" + basePath.replace('/', '_');
@@ -122,15 +150,31 @@ public class DownloadZipServlet extends HttpServlet { String contentType = "application/octet-stream";
response.setContentType(contentType + "; charset=" + response.getCharacterEncoding());
- response.setHeader("Content-Disposition", "attachment; filename=\"" + name + ".zip"
- + "\"");
+ response.setHeader("Content-Disposition", "attachment; filename=\"" + name + format.extension + "\"");
response.setDateHeader("Last-Modified", date.getTime());
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
try {
- JGitUtils.zip(r, basePath, objectId, response.getOutputStream());
+ switch (format) {
+ case zip:
+ CompressionUtils.zip(r, basePath, objectId, response.getOutputStream());
+ break;
+ case tar:
+ CompressionUtils.tar(r, basePath, objectId, response.getOutputStream());
+ break;
+ case gz:
+ CompressionUtils.gz(r, basePath, objectId, response.getOutputStream());
+ break;
+ case xz:
+ CompressionUtils.xz(r, basePath, objectId, response.getOutputStream());
+ break;
+ case bzip2:
+ CompressionUtils.bzip2(r, basePath, objectId, response.getOutputStream());
+ break;
+ }
+
response.flushBuffer();
} catch (Throwable t) {
logger.error("Failed to write attachment to client", t);
diff --git a/src/com/gitblit/GitBlit.java b/src/com/gitblit/GitBlit.java index c05a9248..69135c49 100644 --- a/src/com/gitblit/GitBlit.java +++ b/src/com/gitblit/GitBlit.java @@ -58,6 +58,7 @@ import javax.servlet.ServletContextListener; import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
+import org.apache.wicket.RequestCycle;
import org.apache.wicket.protocol.http.WebResponse;
import org.apache.wicket.resource.ContextRelativeResource;
import org.apache.wicket.util.resource.ResourceStreamNotFoundException;
@@ -75,6 +76,7 @@ import org.slf4j.LoggerFactory; import com.gitblit.Constants.AccessPermission;
import com.gitblit.Constants.AccessRestrictionType;
+import com.gitblit.Constants.AuthenticationType;
import com.gitblit.Constants.AuthorizationControl;
import com.gitblit.Constants.FederationRequest;
import com.gitblit.Constants.FederationStrategy;
@@ -107,6 +109,8 @@ import com.gitblit.utils.MetricUtils; import com.gitblit.utils.ObjectCache;
import com.gitblit.utils.StringUtils;
import com.gitblit.utils.TimeUtils;
+import com.gitblit.utils.X509Utils.X509Metadata;
+import com.gitblit.wicket.GitBlitWebSession;
import com.gitblit.wicket.WicketUtils;
/**
@@ -537,7 +541,7 @@ public class GitBlit implements ServletContextListener { * @param cookies
* @return a user object or null
*/
- public UserModel authenticate(Cookie[] cookies) {
+ protected UserModel authenticate(Cookie[] cookies) {
if (userService == null) {
return null;
}
@@ -555,21 +559,51 @@ public class GitBlit implements ServletContextListener { }
/**
- * Authenticate a user based on HTTP request paramters.
- * This method is inteded to be used as fallback when other
- * means of authentication are failing (username / password or cookies).
+ * Authenticate a user based on HTTP request parameters.
+ *
+ * Authentication by X509Certificate is tried first and then by cookie.
+ *
* @param httpRequest
* @return a user object or null
*/
public UserModel authenticate(HttpServletRequest httpRequest) {
+ // try to authenticate by certificate
boolean checkValidity = settings.getBoolean(Keys.git.enforceCertificateValidity, true);
String [] oids = getStrings(Keys.git.certificateUsernameOIDs).toArray(new String[0]);
UserModel model = HttpUtils.getUserModelFromCertificate(httpRequest, checkValidity, oids);
if (model != null) {
- UserModel user = GitBlit.self().getUserModel(model.username);
- logger.info(MessageFormat.format("{0} authenticated by client certificate from {1}",
- user.username, httpRequest.getRemoteAddr()));
- return user;
+ // grab real user model and preserve certificate serial number
+ UserModel user = getUserModel(model.username);
+ if (user != null) {
+ RequestCycle requestCycle = RequestCycle.get();
+ if (requestCycle != null) {
+ // flag the Wicket session, if this is a Wicket request
+ GitBlitWebSession session = GitBlitWebSession.get();
+ session.authenticationType = AuthenticationType.CERTIFICATE;
+ }
+ X509Metadata metadata = HttpUtils.getCertificateMetadata(httpRequest);
+ logger.info(MessageFormat.format("{0} authenticated by client certificate {1} from {2}",
+ user.username, metadata.serialNumber, httpRequest.getRemoteAddr()));
+ return user;
+ }
+ }
+
+ // try to authenticate by cookie
+ Cookie[] cookies = httpRequest.getCookies();
+ if (allowCookieAuthentication() && cookies != null && cookies.length > 0) {
+ // Grab cookie from Browser Session
+ UserModel user = authenticate(cookies);
+ if (user != null) {
+ RequestCycle requestCycle = RequestCycle.get();
+ if (requestCycle != null) {
+ // flag the Wicket session, if this is a Wicket request
+ GitBlitWebSession session = GitBlitWebSession.get();
+ session.authenticationType = AuthenticationType.COOKIE;
+ }
+ logger.info(MessageFormat.format("{0} authenticated by cookie from {1}",
+ user.username, httpRequest.getRemoteAddr()));
+ return user;
+ }
}
return null;
}
diff --git a/src/com/gitblit/authority/GitblitAuthority.java b/src/com/gitblit/authority/GitblitAuthority.java index 5ee6af59..d97a8e39 100644 --- a/src/com/gitblit/authority/GitblitAuthority.java +++ b/src/com/gitblit/authority/GitblitAuthority.java @@ -67,6 +67,7 @@ import javax.swing.JPasswordField; import javax.swing.JScrollPane;
import javax.swing.JSplitPane;
import javax.swing.JTable;
+import javax.swing.JTextArea;
import javax.swing.JTextField;
import javax.swing.RowFilter;
import javax.swing.SwingConstants;
@@ -92,6 +93,7 @@ import com.gitblit.client.HeaderPanel; import com.gitblit.client.Translation;
import com.gitblit.models.UserModel;
import com.gitblit.utils.ArrayUtils;
+import com.gitblit.utils.FileUtils;
import com.gitblit.utils.StringUtils;
import com.gitblit.utils.TimeUtils;
import com.gitblit.utils.X509Utils;
@@ -343,6 +345,7 @@ public class GitblitAuthority extends JFrame implements X509Log { X509Metadata metadata = new X509Metadata("localhost", caKeystorePassword);
setMetadataDefaults(metadata);
+ metadata.notAfter = new Date(System.currentTimeMillis() + 10*TimeUtils.ONEYEAR);
X509Utils.prepareX509Infrastructure(metadata, folder, this);
return true;
}
@@ -681,6 +684,23 @@ public class GitblitAuthority extends JFrame implements X509Log { }
});
+ JButton logButton = new JButton(new ImageIcon(getClass().getResource("/script_16x16.png")));
+ logButton.setFocusable(false);
+ logButton.setToolTipText(Translation.get("gb.log"));
+ logButton.addActionListener(new ActionListener() {
+ @Override
+ public void actionPerformed(ActionEvent e) {
+ File log = new File(folder, X509Utils.CERTS + File.separator + "log.txt");
+ if (log.exists()) {
+ String content = FileUtils.readContent(log, "\n");
+ JTextArea textarea = new JTextArea(content);
+ JScrollPane scrollPane = new JScrollPane(textarea);
+ scrollPane.setPreferredSize(new Dimension(700, 400));
+ JOptionPane.showMessageDialog(GitblitAuthority.this, scrollPane, log.getAbsolutePath(), JOptionPane.INFORMATION_MESSAGE);
+ }
+ }
+ });
+
final JTextField filterTextfield = new JTextField(15);
filterTextfield.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent e) {
@@ -697,6 +717,7 @@ public class GitblitAuthority extends JFrame implements X509Log { buttonControls.add(certificateDefaultsButton);
buttonControls.add(newSSLCertificate);
buttonControls.add(emailBundle);
+ buttonControls.add(logButton);
JPanel userControls = new JPanel(new FlowLayout(FlowLayout.RIGHT, Utils.MARGIN, Utils.MARGIN));
userControls.add(new JLabel(Translation.get("gb.filter")));
diff --git a/src/com/gitblit/build/Build.java b/src/com/gitblit/build/Build.java index 4c5fa195..e8e6b45d 100644 --- a/src/com/gitblit/build/Build.java +++ b/src/com/gitblit/build/Build.java @@ -106,6 +106,8 @@ public class Build { downloadFromApache(MavenObject.UNBOUND_ID, BuildType.RUNTIME);
downloadFromApache(MavenObject.IVY, BuildType.RUNTIME);
downloadFromApache(MavenObject.JCALENDAR, BuildType.RUNTIME);
+ downloadFromApache(MavenObject.COMMONS_COMPRESS, BuildType.RUNTIME);
+ downloadFromApache(MavenObject.XZ, BuildType.RUNTIME);
downloadFromEclipse(MavenObject.JGIT, BuildType.RUNTIME);
downloadFromEclipse(MavenObject.JGIT_HTTP, BuildType.RUNTIME);
@@ -143,7 +145,9 @@ public class Build { downloadFromApache(MavenObject.UNBOUND_ID, BuildType.COMPILETIME);
downloadFromApache(MavenObject.IVY, BuildType.COMPILETIME);
downloadFromApache(MavenObject.JCALENDAR, BuildType.COMPILETIME);
-
+ downloadFromApache(MavenObject.COMMONS_COMPRESS, BuildType.COMPILETIME);
+ downloadFromApache(MavenObject.XZ, BuildType.COMPILETIME);
+
downloadFromEclipse(MavenObject.JGIT, BuildType.COMPILETIME);
downloadFromEclipse(MavenObject.JGIT_HTTP, BuildType.COMPILETIME);
@@ -779,7 +783,19 @@ public class Build { 127000, 0, 0,
"323a672aeacb5f5f4461be3b7f7d9d3e4bda80d4",
null, "");
-
+
+ public static final MavenObject COMMONS_COMPRESS = new MavenObject(
+ "commons-compress", "org/apache/commons", "commons-compress", "1.4.1",
+ 242000, 265000, 0,
+ "b02e84a993d88568417536240e970c4b809126fd",
+ "277d39267403965a7a192474794a29bac6760a25", "");
+
+ public static final MavenObject XZ = new MavenObject(
+ "xz", "org/tukaani", "xz", "1.0",
+ 95000, 120000, 0,
+ "ecff5cb8b1189514c9d1d8d68eb77ac372e000c9",
+ "f95e32a5d2dd8da643c4419814415b9704312993", "");
+
public final String name;
public final String group;
public final String artifact;
diff --git a/src/com/gitblit/utils/CompressionUtils.java b/src/com/gitblit/utils/CompressionUtils.java new file mode 100644 index 00000000..7b0d0471 --- /dev/null +++ b/src/com/gitblit/utils/CompressionUtils.java @@ -0,0 +1,315 @@ +/*
+ * Copyright 2012 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gitblit.utils;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.text.MessageFormat;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.zip.ZipEntry;
+import java.util.zip.ZipOutputStream;
+
+import org.apache.commons.compress.archivers.tar.TarArchiveEntry;
+import org.apache.commons.compress.archivers.tar.TarArchiveOutputStream;
+import org.apache.commons.compress.compressors.CompressorException;
+import org.apache.commons.compress.compressors.CompressorStreamFactory;
+import org.apache.commons.compress.utils.IOUtils;
+import org.eclipse.jgit.lib.Constants;
+import org.eclipse.jgit.lib.FileMode;
+import org.eclipse.jgit.lib.ObjectId;
+import org.eclipse.jgit.lib.ObjectLoader;
+import org.eclipse.jgit.lib.Repository;
+import org.eclipse.jgit.revwalk.RevBlob;
+import org.eclipse.jgit.revwalk.RevCommit;
+import org.eclipse.jgit.revwalk.RevWalk;
+import org.eclipse.jgit.treewalk.TreeWalk;
+import org.eclipse.jgit.treewalk.filter.PathFilter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Collection of static methods for retrieving information from a repository.
+ *
+ * @author James Moger
+ *
+ */
+public class CompressionUtils {
+
+ static final Logger LOGGER = LoggerFactory.getLogger(CompressionUtils.class);
+
+ /**
+ * Log an error message and exception.
+ *
+ * @param t
+ * @param repository
+ * if repository is not null it MUST be the {0} parameter in the
+ * pattern.
+ * @param pattern
+ * @param objects
+ */
+ private static void error(Throwable t, Repository repository, String pattern, Object... objects) {
+ List<Object> parameters = new ArrayList<Object>();
+ if (objects != null && objects.length > 0) {
+ for (Object o : objects) {
+ parameters.add(o);
+ }
+ }
+ if (repository != null) {
+ parameters.add(0, repository.getDirectory().getAbsolutePath());
+ }
+ LOGGER.error(MessageFormat.format(pattern, parameters.toArray()), t);
+ }
+
+ /**
+ * Zips the contents of the tree at the (optionally) specified revision and
+ * the (optionally) specified basepath to the supplied outputstream.
+ *
+ * @param repository
+ * @param basePath
+ * if unspecified, entire repository is assumed.
+ * @param objectId
+ * if unspecified, HEAD is assumed.
+ * @param os
+ * @return true if repository was successfully zipped to supplied output
+ * stream
+ */
+ public static boolean zip(Repository repository, String basePath, String objectId,
+ OutputStream os) {
+ RevCommit commit = JGitUtils.getCommit(repository, objectId);
+ if (commit == null) {
+ return false;
+ }
+ boolean success = false;
+ RevWalk rw = new RevWalk(repository);
+ TreeWalk tw = new TreeWalk(repository);
+ try {
+ tw.addTree(commit.getTree());
+ ZipOutputStream zos = new ZipOutputStream(os);
+ zos.setComment("Generated by Gitblit");
+ if (!StringUtils.isEmpty(basePath)) {
+ PathFilter f = PathFilter.create(basePath);
+ tw.setFilter(f);
+ }
+ tw.setRecursive(true);
+ while (tw.next()) {
+ if (tw.getFileMode(0) == FileMode.GITLINK) {
+ continue;
+ }
+ ZipEntry entry = new ZipEntry(tw.getPathString());
+ entry.setSize(tw.getObjectReader().getObjectSize(tw.getObjectId(0),
+ Constants.OBJ_BLOB));
+ entry.setComment(commit.getName());
+ zos.putNextEntry(entry);
+
+ ObjectId entid = tw.getObjectId(0);
+ FileMode entmode = tw.getFileMode(0);
+ RevBlob blob = (RevBlob) rw.lookupAny(entid, entmode.getObjectType());
+ rw.parseBody(blob);
+
+ ObjectLoader ldr = repository.open(blob.getId(), Constants.OBJ_BLOB);
+ byte[] tmp = new byte[4096];
+ InputStream in = ldr.openStream();
+ int n;
+ while ((n = in.read(tmp)) > 0) {
+ zos.write(tmp, 0, n);
+ }
+ in.close();
+ }
+ zos.finish();
+ success = true;
+ } catch (IOException e) {
+ error(e, repository, "{0} failed to zip files from commit {1}", commit.getName());
+ } finally {
+ tw.release();
+ rw.dispose();
+ }
+ return success;
+ }
+
+ /**
+ * tar the contents of the tree at the (optionally) specified revision and
+ * the (optionally) specified basepath to the supplied outputstream.
+ *
+ * @param repository
+ * @param basePath
+ * if unspecified, entire repository is assumed.
+ * @param objectId
+ * if unspecified, HEAD is assumed.
+ * @param os
+ * @return true if repository was successfully zipped to supplied output
+ * stream
+ */
+ public static boolean tar(Repository repository, String basePath, String objectId,
+ OutputStream os) {
+ return tar(null, repository, basePath, objectId, os);
+ }
+
+ /**
+ * tar.gz the contents of the tree at the (optionally) specified revision and
+ * the (optionally) specified basepath to the supplied outputstream.
+ *
+ * @param repository
+ * @param basePath
+ * if unspecified, entire repository is assumed.
+ * @param objectId
+ * if unspecified, HEAD is assumed.
+ * @param os
+ * @return true if repository was successfully zipped to supplied output
+ * stream
+ */
+ public static boolean gz(Repository repository, String basePath, String objectId,
+ OutputStream os) {
+ return tar(CompressorStreamFactory.GZIP, repository, basePath, objectId, os);
+ }
+
+ /**
+ * tar.xz the contents of the tree at the (optionally) specified revision and
+ * the (optionally) specified basepath to the supplied outputstream.
+ *
+ * @param repository
+ * @param basePath
+ * if unspecified, entire repository is assumed.
+ * @param objectId
+ * if unspecified, HEAD is assumed.
+ * @param os
+ * @return true if repository was successfully zipped to supplied output
+ * stream
+ */
+ public static boolean xz(Repository repository, String basePath, String objectId,
+ OutputStream os) {
+ return tar(CompressorStreamFactory.XZ, repository, basePath, objectId, os);
+ }
+
+ /**
+ * tar.bzip2 the contents of the tree at the (optionally) specified revision and
+ * the (optionally) specified basepath to the supplied outputstream.
+ *
+ * @param repository
+ * @param basePath
+ * if unspecified, entire repository is assumed.
+ * @param objectId
+ * if unspecified, HEAD is assumed.
+ * @param os
+ * @return true if repository was successfully zipped to supplied output
+ * stream
+ */
+ public static boolean bzip2(Repository repository, String basePath, String objectId,
+ OutputStream os) {
+
+ return tar(CompressorStreamFactory.BZIP2, repository, basePath, objectId, os);
+ }
+
+ /**
+ * Compresses/archives the contents of the tree at the (optionally)
+ * specified revision and the (optionally) specified basepath to the
+ * supplied outputstream.
+ *
+ * @param algorithm
+ * compression algorithm for tar (optional)
+ * @param repository
+ * @param basePath
+ * if unspecified, entire repository is assumed.
+ * @param objectId
+ * if unspecified, HEAD is assumed.
+ * @param os
+ * @return true if repository was successfully zipped to supplied output
+ * stream
+ */
+ private static boolean tar(String algorithm, Repository repository, String basePath, String objectId,
+ OutputStream os) {
+ RevCommit commit = JGitUtils.getCommit(repository, objectId);
+ if (commit == null) {
+ return false;
+ }
+
+ OutputStream cos = os;
+ if (!StringUtils.isEmpty(algorithm)) {
+ try {
+ cos = new CompressorStreamFactory().createCompressorOutputStream(algorithm, os);
+ } catch (CompressorException e1) {
+ error(e1, repository, "{0} failed to open {1} stream", algorithm);
+ }
+ }
+ boolean success = false;
+ RevWalk rw = new RevWalk(repository);
+ TreeWalk tw = new TreeWalk(repository);
+ try {
+ tw.addTree(commit.getTree());
+ TarArchiveOutputStream tos = new TarArchiveOutputStream(cos);
+ tos.setAddPaxHeadersForNonAsciiNames(true);
+ tos.setLongFileMode(TarArchiveOutputStream.LONGFILE_POSIX);
+ if (!StringUtils.isEmpty(basePath)) {
+ PathFilter f = PathFilter.create(basePath);
+ tw.setFilter(f);
+ }
+ tw.setRecursive(true);
+ while (tw.next()) {
+ FileMode mode = tw.getFileMode(0);
+ if (mode == FileMode.GITLINK) {
+ continue;
+ }
+ ObjectId id = tw.getObjectId(0);
+
+ // new entry
+ TarArchiveEntry entry = new TarArchiveEntry(tw.getPathString());
+ entry.setSize(tw.getObjectReader().getObjectSize(id, Constants.OBJ_BLOB));
+
+ if (FileMode.SYMLINK.equals(mode)) {
+ // symlink
+ entry.setMode(mode.getBits());
+
+ // read the symlink target
+ ByteArrayOutputStream bs = new ByteArrayOutputStream();
+ RevBlob blob = (RevBlob) rw.lookupAny(id, mode.getObjectType());
+ rw.parseBody(blob);
+ ObjectLoader ldr = repository.open(blob.getId(), Constants.OBJ_BLOB);
+ IOUtils.copy(ldr.openStream(), bs);
+ entry.setLinkName(bs.toString("UTF-8"));
+ } else {
+ // regular file or executable file
+ entry.setMode(mode.getBits());
+ }
+ entry.setModTime(commit.getAuthorIdent().getWhen());
+
+ tos.putArchiveEntry(entry);
+
+ if (!FileMode.SYMLINK.equals(mode)) {
+ // write the blob
+ RevBlob blob = (RevBlob) rw.lookupAny(id, mode.getObjectType());
+ rw.parseBody(blob);
+ ObjectLoader ldr = repository.open(blob.getId(), Constants.OBJ_BLOB);
+ IOUtils.copy(ldr.openStream(), tos);
+ }
+
+ // close entry
+ tos.closeArchiveEntry();
+ }
+ tos.finish();
+ tos.close();
+ cos.close();
+ success = true;
+ } catch (IOException e) {
+ error(e, repository, "{0} failed to {1} stream files from commit {2}", algorithm, commit.getName());
+ } finally {
+ tw.release();
+ rw.dispose();
+ }
+ return success;
+ }
+}
diff --git a/src/com/gitblit/utils/HttpUtils.java b/src/com/gitblit/utils/HttpUtils.java index 68a35066..b40088c8 100644 --- a/src/com/gitblit/utils/HttpUtils.java +++ b/src/com/gitblit/utils/HttpUtils.java @@ -20,14 +20,13 @@ import java.security.cert.CertificateNotYetValidException; import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.Date;
-import java.util.HashMap;
-import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.LoggerFactory;
import com.gitblit.models.UserModel;
+import com.gitblit.utils.X509Utils.X509Metadata;
/**
* Collection of utility methods for http requests.
@@ -145,21 +144,11 @@ public class HttpUtils { * @return
*/
public static UserModel getUserModelFromCertificate(X509Certificate cert, String... usernameOIDs) {
- UserModel user = new UserModel(null);
- user.isAuthenticated = false;
+ X509Metadata metadata = X509Utils.getMetadata(cert);
- // manually split DN into OID components
- // this is instead of parsing with LdapName which:
- // (1) I don't trust the order of values
- // (2) it filters out values like EMAILADDRESS
- String dn = cert.getSubjectDN().getName();
- Map<String, String> oids = new HashMap<String, String>();
- for (String kvp : dn.split(",")) {
- String [] val = kvp.trim().split("=");
- String oid = val[0].toUpperCase().trim();
- String data = val[1].trim();
- oids.put(oid, data);
- }
+ UserModel user = new UserModel(metadata.commonName);
+ user.emailAddress = metadata.emailAddress;
+ user.isAuthenticated = false;
if (usernameOIDs == null || usernameOIDs.length == 0) {
// use default usename<->CN mapping
@@ -169,24 +158,23 @@ public class HttpUtils { // determine username from OID fingerprint
StringBuilder an = new StringBuilder();
for (String oid : usernameOIDs) {
- String val = getOIDValue(oid.toUpperCase(), oids);
+ String val = metadata.getOID(oid.toUpperCase(), null);
if (val != null) {
an.append(val).append(' ');
}
}
- user.username = an.toString().trim();
-
- // extract email address, if available
- user.emailAddress = getOIDValue("E", oids);
- if (user.emailAddress == null) {
- user.emailAddress = getOIDValue("EMAILADDRESS", oids);
- }
+ user.username = an.toString().trim();
return user;
}
- private static String getOIDValue(String oid, Map<String, String> oids) {
- if (oids.containsKey(oid)) {
- return oids.get(oid);
+ public static X509Metadata getCertificateMetadata(HttpServletRequest httpRequest) {
+ if (httpRequest.getAttribute("javax.servlet.request.X509Certificate") != null) {
+ X509Certificate[] certChain = (X509Certificate[]) httpRequest
+ .getAttribute("javax.servlet.request.X509Certificate");
+ if (certChain != null) {
+ X509Certificate cert = certChain[0];
+ return X509Utils.getMetadata(cert);
+ }
}
return null;
}
diff --git a/src/com/gitblit/utils/JGitUtils.java b/src/com/gitblit/utils/JGitUtils.java index bc44f00f..beaa27da 100644 --- a/src/com/gitblit/utils/JGitUtils.java +++ b/src/com/gitblit/utils/JGitUtils.java @@ -19,7 +19,6 @@ import java.io.ByteArrayOutputStream; import java.io.File;
import java.io.IOException;
import java.io.InputStream;
-import java.io.OutputStream;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
@@ -30,8 +29,6 @@ import java.util.List; import java.util.Map;
import java.util.Map.Entry;
import java.util.regex.Pattern;
-import java.util.zip.ZipEntry;
-import java.util.zip.ZipOutputStream;
import org.eclipse.jgit.api.CloneCommand;
import org.eclipse.jgit.api.FetchCommand;
@@ -1531,7 +1528,7 @@ public class JGitUtils { try {
// search for the branch in local heads
for (RefModel ref : JGitUtils.getLocalBranches(repository, false, -1)) {
- if (ref.displayName.endsWith(name)) {
+ if (ref.reference.getName().endsWith(name)) {
branch = ref;
break;
}
@@ -1540,7 +1537,7 @@ public class JGitUtils { // search for the branch in remote heads
if (branch == null) {
for (RefModel ref : JGitUtils.getRemoteBranches(repository, false, -1)) {
- if (ref.displayName.endsWith(name)) {
+ if (ref.reference.getName().endsWith(name)) {
branch = ref;
break;
}
@@ -1723,70 +1720,4 @@ public class JGitUtils { }
return success;
}
-
- /**
- * Zips the contents of the tree at the (optionally) specified revision and
- * the (optionally) specified basepath to the supplied outputstream.
- *
- * @param repository
- * @param basePath
- * if unspecified, entire repository is assumed.
- * @param objectId
- * if unspecified, HEAD is assumed.
- * @param os
- * @return true if repository was successfully zipped to supplied output
- * stream
- */
- public static boolean zip(Repository repository, String basePath, String objectId,
- OutputStream os) {
- RevCommit commit = getCommit(repository, objectId);
- if (commit == null) {
- return false;
- }
- boolean success = false;
- RevWalk rw = new RevWalk(repository);
- TreeWalk tw = new TreeWalk(repository);
- try {
- tw.addTree(commit.getTree());
- ZipOutputStream zos = new ZipOutputStream(os);
- zos.setComment("Generated by Gitblit");
- if (!StringUtils.isEmpty(basePath)) {
- PathFilter f = PathFilter.create(basePath);
- tw.setFilter(f);
- }
- tw.setRecursive(true);
- while (tw.next()) {
- if (tw.getFileMode(0) == FileMode.GITLINK) {
- continue;
- }
- ZipEntry entry = new ZipEntry(tw.getPathString());
- entry.setSize(tw.getObjectReader().getObjectSize(tw.getObjectId(0),
- Constants.OBJ_BLOB));
- entry.setComment(commit.getName());
- zos.putNextEntry(entry);
-
- ObjectId entid = tw.getObjectId(0);
- FileMode entmode = tw.getFileMode(0);
- RevBlob blob = (RevBlob) rw.lookupAny(entid, entmode.getObjectType());
- rw.parseBody(blob);
-
- ObjectLoader ldr = repository.open(blob.getId(), Constants.OBJ_BLOB);
- byte[] tmp = new byte[4096];
- InputStream in = ldr.openStream();
- int n;
- while ((n = in.read(tmp)) > 0) {
- zos.write(tmp, 0, n);
- }
- in.close();
- }
- zos.finish();
- success = true;
- } catch (IOException e) {
- error(e, repository, "{0} failed to zip files from commit {1}", commit.getName());
- } finally {
- tw.release();
- rw.dispose();
- }
- return success;
- }
}
diff --git a/src/com/gitblit/utils/X509Utils.java b/src/com/gitblit/utils/X509Utils.java index 24afb8d9..cfad9ec0 100644 --- a/src/com/gitblit/utils/X509Utils.java +++ b/src/com/gitblit/utils/X509Utils.java @@ -111,6 +111,12 @@ public class X509Utils { private static final String BC = org.bouncycastle.jce.provider.BouncyCastleProvider.PROVIDER_NAME;
+ private static final int KEY_LENGTH = 2048;
+
+ private static final String KEY_ALGORITHM = "RSA";
+
+ private static final String SIGNING_ALGORITHM = "SHA512withRSA";
+
public static final boolean unlimitedStrength;
private static final Logger logger = LoggerFactory.getLogger(X509Utils.class);
@@ -183,6 +189,9 @@ public class X509Utils { // displayname of user for README in bundle
public String userDisplayname;
+ // serialnumber of generated or read certificate
+ public String serialNumber;
+
public X509Metadata(String cn, String pwd) {
if (StringUtils.isEmpty(cn)) {
throw new RuntimeException("Common name required!");
@@ -472,8 +481,8 @@ public class X509Utils { * @throws Exception
*/
private static KeyPair newKeyPair() throws Exception {
- KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", BC);
- kpGen.initialize(2048, new SecureRandom());
+ KeyPairGenerator kpGen = KeyPairGenerator.getInstance(KEY_ALGORITHM, BC);
+ kpGen.initialize(KEY_LENGTH, new SecureRandom());
return kpGen.generateKeyPair();
}
@@ -547,7 +556,7 @@ public class X509Utils { certBuilder.addExtension(X509Extension.basicConstraints, false, new BasicConstraints(false));
certBuilder.addExtension(X509Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(caCert.getPublicKey()));
- ContentSigner caSigner = new JcaContentSignerBuilder("SHA256WithRSAEncryption")
+ ContentSigner caSigner = new JcaContentSignerBuilder(SIGNING_ALGORITHM)
.setProvider(BC).build(caPrivateKey);
X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC)
.getCertificate(certBuilder.build(caSigner));
@@ -562,6 +571,10 @@ public class X509Utils { saveKeyStore(targetStoreFile, serverStore, sslMetadata.password);
x509log.log(MessageFormat.format("New SSL certificate {0,number,0} [{1}]", cert.getSerialNumber(), cert.getSubjectDN().getName()));
+
+ // update serial number in metadata object
+ sslMetadata.serialNumber = cert.getSerialNumber().toString();
+
return cert;
} catch (Throwable t) {
throw new RuntimeException("Failed to generate SSL certificate!", t);
@@ -582,7 +595,7 @@ public class X509Utils { try {
KeyPair caPair = newKeyPair();
- ContentSigner caSigner = new JcaContentSignerBuilder("SHA1WithRSA").setProvider(BC).build(caPair.getPrivate());
+ ContentSigner caSigner = new JcaContentSignerBuilder(SIGNING_ALGORITHM).setProvider(BC).build(caPair.getPrivate());
// clone metadata
X509Metadata caMetadata = metadata.clone(CA_CN, metadata.password);
@@ -623,6 +636,9 @@ public class X509Utils { x509log.log(MessageFormat.format("New CA certificate {0,number,0} [{1}]", cert.getSerialNumber(), cert.getIssuerDN().getName()));
+ // update serial number in metadata object
+ caMetadata.serialNumber = cert.getSerialNumber().toString();
+
return cert;
} catch (Throwable t) {
throw new RuntimeException("Failed to generate Gitblit CA certificate!", t);
@@ -649,7 +665,7 @@ public class X509Utils { X509v2CRLBuilder crlBuilder = new X509v2CRLBuilder(issuerDN, new Date());
// build and sign CRL with CA private key
- ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSA").setProvider(BC).build(caPrivateKey);
+ ContentSigner signer = new JcaContentSignerBuilder(SIGNING_ALGORITHM).setProvider(BC).build(caPrivateKey);
X509CRLHolder crl = crlBuilder.build(signer);
File tmpFile = new File(caRevocationList.getParentFile(), Long.toHexString(System.currentTimeMillis()) + ".tmp");
@@ -743,6 +759,17 @@ public class X509Utils { zos.write(FileUtils.readContent(pemFile));
zos.closeEntry();
}
+
+ // include user's public certificate
+ zos.putNextEntry(new ZipEntry(clientMetadata.commonName + ".cer"));
+ zos.write(cert.getEncoded());
+ zos.closeEntry();
+
+ // include CA public certificate
+ zos.putNextEntry(new ZipEntry("ca.cer"));
+ zos.write(caCert.getEncoded());
+ zos.closeEntry();
+
if (readme != null) {
zos.putNextEntry(new ZipEntry("README.TXT"));
zos.write(readme.getBytes("UTF-8"));
@@ -799,7 +826,7 @@ public class X509Utils { certBuilder.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
}
- ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSA").setProvider(BC).build(caPrivateKey);
+ ContentSigner signer = new JcaContentSignerBuilder(SIGNING_ALGORITHM).setProvider(BC).build(caPrivateKey);
X509Certificate userCert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certBuilder.build(signer));
PKCS12BagAttributeCarrier bagAttr = (PKCS12BagAttributeCarrier)pair.getPrivate();
@@ -852,6 +879,9 @@ public class X509Utils { // save certificate after successfully creating the key stores
saveCertificate(userCert, certFile);
+ // update serial number in metadata object
+ clientMetadata.serialNumber = userCert.getSerialNumber().toString();
+
return userCert;
} catch (Throwable t) {
throw new RuntimeException("Failed to generate client certificate!", t);
@@ -1065,4 +1095,30 @@ public class X509Utils { }
return false;
}
+
+ public static X509Metadata getMetadata(X509Certificate cert) {
+ // manually split DN into OID components
+ // this is instead of parsing with LdapName which:
+ // (1) I don't trust the order of values
+ // (2) it filters out values like EMAILADDRESS
+ String dn = cert.getSubjectDN().getName();
+ Map<String, String> oids = new HashMap<String, String>();
+ for (String kvp : dn.split(",")) {
+ String [] val = kvp.trim().split("=");
+ String oid = val[0].toUpperCase().trim();
+ String data = val[1].trim();
+ oids.put(oid, data);
+ }
+
+ X509Metadata metadata = new X509Metadata(oids.get("CN"), "whocares");
+ metadata.oids.putAll(oids);
+ metadata.serialNumber = cert.getSerialNumber().toString();
+ metadata.notAfter = cert.getNotAfter();
+ metadata.notBefore = cert.getNotBefore();
+ metadata.emailAddress = metadata.getOID("E", null);
+ if (metadata.emailAddress == null) {
+ metadata.emailAddress = metadata.getOID("EMAILADDRESS", null);
+ }
+ return metadata;
+ }
}
diff --git a/src/com/gitblit/wicket/GitBlitWebSession.java b/src/com/gitblit/wicket/GitBlitWebSession.java index 015d97ad..5195a1fd 100644 --- a/src/com/gitblit/wicket/GitBlitWebSession.java +++ b/src/com/gitblit/wicket/GitBlitWebSession.java @@ -29,6 +29,7 @@ import org.apache.wicket.protocol.http.WebRequestCycle; import org.apache.wicket.protocol.http.WebSession;
import org.apache.wicket.protocol.http.request.WebClientInfo;
+import com.gitblit.Constants.AuthenticationType;
import com.gitblit.models.UserModel;
public final class GitBlitWebSession extends WebSession {
@@ -45,9 +46,12 @@ public final class GitBlitWebSession extends WebSession { private AtomicBoolean isForking;
+ public AuthenticationType authenticationType;
+
public GitBlitWebSession(Request request) {
super(request);
isForking = new AtomicBoolean();
+ authenticationType = AuthenticationType.CREDENTIALS;
}
public void invalidate() {
diff --git a/src/com/gitblit/wicket/pages/BasePage.java b/src/com/gitblit/wicket/pages/BasePage.java index 05640ad0..d1ee2710 100644 --- a/src/com/gitblit/wicket/pages/BasePage.java +++ b/src/com/gitblit/wicket/pages/BasePage.java @@ -29,7 +29,6 @@ import java.util.Set; import java.util.TimeZone;
import java.util.regex.Pattern;
-import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.wicket.Application;
@@ -131,22 +130,18 @@ public abstract class BasePage extends WebPage { }
private void login() {
- // try to authenticate by servlet request
- UserModel user = GitBlit.self().authenticate(((WebRequest) getRequestCycle().getRequest()).getHttpServletRequest());
-
- if (user == null) {
- // try to authenticate by cookie
- Cookie[] cookies = ((WebRequest) getRequestCycle().getRequest()).getCookies();
- if (GitBlit.self().allowCookieAuthentication() && cookies != null && cookies.length > 0) {
- // Grab cookie from Browser Session
- user = GitBlit.self().authenticate(cookies);
- }
+ GitBlitWebSession session = GitBlitWebSession.get();
+ if (session.isLoggedIn() && !session.isSessionInvalidated()) {
+ // already have a session
+ return;
}
+
+ // try to authenticate by servlet request
+ HttpServletRequest httpRequest = ((WebRequest) getRequestCycle().getRequest()).getHttpServletRequest();
+ UserModel user = GitBlit.self().authenticate(httpRequest);
// Login the user
if (user != null) {
- // Set the user into the session
- GitBlitWebSession session = GitBlitWebSession.get();
// issue 62: fix session fixation vulnerability
session.replaceSession();
session.setUser(user);
@@ -431,14 +426,19 @@ public abstract class BasePage extends WebPage { public UserFragment(String id, String markupId, MarkupContainer markupProvider) {
super(id, markupId, markupProvider);
- if (GitBlitWebSession.get().isLoggedIn()) {
+ GitBlitWebSession session = GitBlitWebSession.get();
+ if (session.isLoggedIn()) {
+ UserModel user = session.getUser();
+ boolean editCredentials = GitBlit.self().supportsCredentialChanges();
+ boolean standardLogin = session.authenticationType.isStandard();
+
// username, logout, and change password
- add(new Label("username", GitBlitWebSession.get().getUser().getDisplayName() + ":"));
+ add(new Label("username", user.getDisplayName() + ":"));
add(new LinkPanel("loginLink", null, markupProvider.getString("gb.logout"),
- LogoutPage.class));
- boolean editCredentials = GitBlit.self().supportsCredentialChanges();
+ LogoutPage.class).setVisible(standardLogin));
+
// quick and dirty hack for showing a separator
- add(new Label("separator", "|").setVisible(editCredentials));
+ add(new Label("separator", "|").setVisible(standardLogin && editCredentials));
add(new BookmarkablePageLink<Void>("changePasswordLink",
ChangePasswordPage.class).setVisible(editCredentials));
} else {
diff --git a/src/com/gitblit/wicket/pages/CommitPage.html b/src/com/gitblit/wicket/pages/CommitPage.html index 20e6b607..79a038c9 100644 --- a/src/com/gitblit/wicket/pages/CommitPage.html +++ b/src/com/gitblit/wicket/pages/CommitPage.html @@ -30,7 +30,7 @@ <tr class="hidden-phone"><th><wicket:message key="gb.tree">tree</wicket:message></th>
<td><span class="sha1" wicket:id="commitTree">[commit tree]</span>
<span class="link">
- <a wicket:id="treeLink"><wicket:message key="gb.tree"></wicket:message></a> | <a wicket:id="zipLink"><wicket:message key="gb.zip"></wicket:message></a>
+ <a wicket:id="treeLink"><wicket:message key="gb.tree"></wicket:message></a> | <span wicket:id="compressedLinks"></span>
</span>
</td></tr>
<tr class="hidden-phone"><th valign="top"><wicket:message key="gb.parent">parent</wicket:message></th>
diff --git a/src/com/gitblit/wicket/pages/CommitPage.java b/src/com/gitblit/wicket/pages/CommitPage.java index 7bc6b41d..b2a8112b 100644 --- a/src/com/gitblit/wicket/pages/CommitPage.java +++ b/src/com/gitblit/wicket/pages/CommitPage.java @@ -22,7 +22,6 @@ import java.util.List; import org.apache.wicket.PageParameters;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.html.link.BookmarkablePageLink;
-import org.apache.wicket.markup.html.link.ExternalLink;
import org.apache.wicket.markup.repeater.Item;
import org.apache.wicket.markup.repeater.data.DataView;
import org.apache.wicket.markup.repeater.data.ListDataProvider;
@@ -32,16 +31,15 @@ import org.eclipse.jgit.lib.Repository; import org.eclipse.jgit.revwalk.RevCommit;
import com.gitblit.Constants;
-import com.gitblit.DownloadZipServlet;
import com.gitblit.GitBlit;
-import com.gitblit.Keys;
import com.gitblit.models.GitNote;
-import com.gitblit.models.SubmoduleModel;
import com.gitblit.models.PathModel.PathChangeModel;
+import com.gitblit.models.SubmoduleModel;
import com.gitblit.utils.JGitUtils;
import com.gitblit.wicket.WicketUtils;
import com.gitblit.wicket.panels.CommitHeaderPanel;
import com.gitblit.wicket.panels.CommitLegendPanel;
+import com.gitblit.wicket.panels.CompressedDownloadsPanel;
import com.gitblit.wicket.panels.GravatarImage;
import com.gitblit.wicket.panels.LinkPanel;
import com.gitblit.wicket.panels.RefsPanel;
@@ -95,8 +93,8 @@ public class CommitPage extends RepositoryPage { newCommitParameter()));
add(new BookmarkablePageLink<Void>("treeLink", TreePage.class, newCommitParameter()));
final String baseUrl = WicketUtils.getGitblitURL(getRequest());
- add(new ExternalLink("zipLink", DownloadZipServlet.asLink(baseUrl, repositoryName,
- objectId, null)).setVisible(GitBlit.getBoolean(Keys.web.allowZipDownloads, true)));
+
+ add(new CompressedDownloadsPanel("compressedLinks", baseUrl, repositoryName, objectId, null));
// Parent Commits
ListDataProvider<String> parentsDp = new ListDataProvider<String>(parents);
diff --git a/src/com/gitblit/wicket/pages/RepositoryPage.java b/src/com/gitblit/wicket/pages/RepositoryPage.java index c90e3530..346edc3e 100644 --- a/src/com/gitblit/wicket/pages/RepositoryPage.java +++ b/src/com/gitblit/wicket/pages/RepositoryPage.java @@ -115,7 +115,7 @@ public abstract class RepositoryPage extends BasePage { boolean canAccess = user.hasBranchPermission(repositoryName,
branch.reference.getName());
if (!canAccess) {
- error(getString("gb.accessDeined"), true);
+ error(getString("gb.accessDenied"), true);
}
}
}
diff --git a/src/com/gitblit/wicket/pages/TreePage.html b/src/com/gitblit/wicket/pages/TreePage.html index 0047ff0d..b7e55ed6 100644 --- a/src/com/gitblit/wicket/pages/TreePage.html +++ b/src/com/gitblit/wicket/pages/TreePage.html @@ -9,7 +9,7 @@ <!-- blob nav links -->
<div class="page_nav2">
- <a wicket:id="historyLink"><wicket:message key="gb.history"></wicket:message></a> | <a wicket:id="headLink"><wicket:message key="gb.head"></wicket:message></a> | <a wicket:id="zipLink"><wicket:message key="gb.zip"></wicket:message></a>
+ <a wicket:id="historyLink"><wicket:message key="gb.history"></wicket:message></a> | <a wicket:id="headLink"><wicket:message key="gb.head"></wicket:message></a> | <span wicket:id="compressedLinks"></span>
</div>
<!-- commit header -->
@@ -32,14 +32,14 @@ <!-- submodule links -->
<wicket:fragment wicket:id="submoduleLinks">
<span class="link">
- <a wicket:id="view"><wicket:message key="gb.view"></wicket:message></a> | <span class="hidden-phone"><a wicket:id="tree"><wicket:message key="gb.tree"></wicket:message></a> | </span><a wicket:id="history"><wicket:message key="gb.history"></wicket:message></a> | <a wicket:id="zip"><wicket:message key="gb.zip"></wicket:message></a>
+ <a wicket:id="view"><wicket:message key="gb.view"></wicket:message></a> | <span class="hidden-phone"><a wicket:id="tree"><wicket:message key="gb.tree"></wicket:message></a> | </span><a wicket:id="history"><wicket:message key="gb.history"></wicket:message></a> | <span wicket:id="compressedLinks"></span>
</span>
</wicket:fragment>
<!-- tree links -->
<wicket:fragment wicket:id="treeLinks">
<span class="link">
- <span class="hidden-phone"><a wicket:id="tree"><wicket:message key="gb.tree"></wicket:message></a> | </span><a wicket:id="history"><wicket:message key="gb.history"></wicket:message></a> | <a wicket:id="zip"><wicket:message key="gb.zip"></wicket:message></a>
+ <span class="hidden-phone"><a wicket:id="tree"><wicket:message key="gb.tree"></wicket:message></a> | </span><a wicket:id="history"><wicket:message key="gb.history"></wicket:message></a> | <span wicket:id="compressedLinks"></span>
</span>
</wicket:fragment>
diff --git a/src/com/gitblit/wicket/pages/TreePage.java b/src/com/gitblit/wicket/pages/TreePage.java index 973634b7..345814f4 100644 --- a/src/com/gitblit/wicket/pages/TreePage.java +++ b/src/com/gitblit/wicket/pages/TreePage.java @@ -20,7 +20,6 @@ import java.util.List; import org.apache.wicket.PageParameters;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.html.link.BookmarkablePageLink;
-import org.apache.wicket.markup.html.link.ExternalLink;
import org.apache.wicket.markup.html.panel.Fragment;
import org.apache.wicket.markup.repeater.Item;
import org.apache.wicket.markup.repeater.data.DataView;
@@ -30,15 +29,13 @@ import org.eclipse.jgit.lib.FileMode; import org.eclipse.jgit.lib.Repository;
import org.eclipse.jgit.revwalk.RevCommit;
-import com.gitblit.DownloadZipServlet;
-import com.gitblit.GitBlit;
-import com.gitblit.Keys;
import com.gitblit.models.PathModel;
import com.gitblit.models.SubmoduleModel;
import com.gitblit.utils.ByteFormat;
import com.gitblit.utils.JGitUtils;
import com.gitblit.wicket.WicketUtils;
import com.gitblit.wicket.panels.CommitHeaderPanel;
+import com.gitblit.wicket.panels.CompressedDownloadsPanel;
import com.gitblit.wicket.panels.LinkPanel;
import com.gitblit.wicket.panels.PathBreadcrumbsPanel;
@@ -58,9 +55,8 @@ public class TreePage extends RepositoryPage { WicketUtils.newPathParameter(repositoryName, objectId, path)));
add(new BookmarkablePageLink<Void>("headLink", TreePage.class,
WicketUtils.newPathParameter(repositoryName, Constants.HEAD, path)));
- add(new ExternalLink("zipLink", DownloadZipServlet.asLink(getRequest()
- .getRelativePathPrefixToContextRoot(), repositoryName, objectId, path))
- .setVisible(GitBlit.getBoolean(Keys.web.allowZipDownloads, true)));
+ add(new CompressedDownloadsPanel("compressedLinks", getRequest()
+ .getRelativePathPrefixToContextRoot(), repositoryName, objectId, path));
add(new CommitHeaderPanel("commitHeader", repositoryName, commit));
@@ -114,10 +110,10 @@ public class TreePage extends RepositoryPage { entry.path)));
links.add(new BookmarkablePageLink<Void>("history", HistoryPage.class,
WicketUtils.newPathParameter(repositoryName, entry.commitId,
- entry.path)));
- links.add(new ExternalLink("zip", DownloadZipServlet.asLink(baseUrl,
- repositoryName, objectId, entry.path)).setVisible(GitBlit
- .getBoolean(Keys.web.allowZipDownloads, true)));
+ entry.path)));
+ links.add(new CompressedDownloadsPanel("compressedLinks", baseUrl,
+ repositoryName, objectId, entry.path));
+
item.add(links);
} else if (entry.isSubmodule()) {
// submodule
@@ -143,9 +139,8 @@ public class TreePage extends RepositoryPage { links.add(new BookmarkablePageLink<Void>("history", HistoryPage.class,
WicketUtils.newPathParameter(submodulePath, submoduleId,
"")).setEnabled(hasSubmodule));
- links.add(new ExternalLink("zip", DownloadZipServlet.asLink(baseUrl,
- submodulePath, submoduleId, "")).setVisible(GitBlit
- .getBoolean(Keys.web.allowZipDownloads, true)).setEnabled(hasSubmodule));
+ links.add(new CompressedDownloadsPanel("compressedLinks", baseUrl,
+ submodulePath, submoduleId, "").setEnabled(hasSubmodule));
item.add(links);
} else {
// blob link
diff --git a/src/com/gitblit/wicket/panels/BranchesPanel.java b/src/com/gitblit/wicket/panels/BranchesPanel.java index cfe9f5fe..26fedc1e 100644 --- a/src/com/gitblit/wicket/panels/BranchesPanel.java +++ b/src/com/gitblit/wicket/panels/BranchesPanel.java @@ -36,8 +36,10 @@ import com.gitblit.GitBlit; import com.gitblit.SyndicationServlet;
import com.gitblit.models.RefModel;
import com.gitblit.models.RepositoryModel;
+import com.gitblit.models.UserModel;
import com.gitblit.utils.JGitUtils;
import com.gitblit.utils.StringUtils;
+import com.gitblit.wicket.GitBlitWebSession;
import com.gitblit.wicket.WicketUtils;
import com.gitblit.wicket.pages.BranchesPage;
import com.gitblit.wicket.pages.CommitPage;
@@ -58,9 +60,24 @@ public class BranchesPanel extends BasePanel { // branches
List<RefModel> branches = new ArrayList<RefModel>();
- branches.addAll(JGitUtils.getLocalBranches(r, false, maxCount));
+ UserModel user = GitBlitWebSession.get().getUser();
+ if (user == null) {
+ user = UserModel.ANONYMOUS;
+ }
+
+ List<RefModel> localBranches = JGitUtils.getLocalBranches(r, false, -1);
+ for (RefModel refModel : localBranches) {
+ if (user.hasBranchPermission(model.name, refModel.reference.getName())) {
+ branches.add(refModel);
+ }
+ }
if (model.showRemoteBranches) {
- branches.addAll(JGitUtils.getRemoteBranches(r, false, maxCount));
+ List<RefModel> remoteBranches = JGitUtils.getRemoteBranches(r, false, -1);
+ for (RefModel refModel : remoteBranches) {
+ if (user.hasBranchPermission(model.name, refModel.reference.getName())) {
+ branches.add(refModel);
+ }
+ }
}
Collections.sort(branches);
Collections.reverse(branches);
diff --git a/src/com/gitblit/wicket/panels/CompressedDownloadsPanel.html b/src/com/gitblit/wicket/panels/CompressedDownloadsPanel.html new file mode 100644 index 00000000..7123d0a7 --- /dev/null +++ b/src/com/gitblit/wicket/panels/CompressedDownloadsPanel.html @@ -0,0 +1,12 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml"
+ xmlns:wicket="http://wicket.apache.org/dtds.data/wicket-xhtml1.3-strict.dtd"
+ xml:lang="en"
+ lang="en">
+
+<wicket:panel>
+ <span wicket:id="compressedLinks">
+ <span wicket:id="linkSep">|</span><span wicket:id="compressedLink">ref</span>
+ </span>
+</wicket:panel>
+</html>
\ No newline at end of file diff --git a/src/com/gitblit/wicket/panels/CompressedDownloadsPanel.java b/src/com/gitblit/wicket/panels/CompressedDownloadsPanel.java new file mode 100644 index 00000000..b22c7587 --- /dev/null +++ b/src/com/gitblit/wicket/panels/CompressedDownloadsPanel.java @@ -0,0 +1,77 @@ +/*
+ * Copyright 2012 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gitblit.wicket.panels;
+
+import java.util.List;
+
+import org.apache.wicket.Component;
+import org.apache.wicket.markup.html.basic.Label;
+import org.apache.wicket.markup.html.panel.Panel;
+import org.apache.wicket.markup.repeater.Item;
+import org.apache.wicket.markup.repeater.data.DataView;
+import org.apache.wicket.markup.repeater.data.ListDataProvider;
+
+import com.gitblit.DownloadZipServlet;
+import com.gitblit.DownloadZipServlet.Format;
+import com.gitblit.GitBlit;
+import com.gitblit.Keys;
+
+public class CompressedDownloadsPanel extends Panel {
+
+ private static final long serialVersionUID = 1L;
+
+ public CompressedDownloadsPanel(String id, final String baseUrl, final String repositoryName, final String objectId, final String path) {
+ super(id);
+
+ List<String> types = GitBlit.getStrings(Keys.web.compressedDownloads);
+ if (types.isEmpty()) {
+ types.add(Format.zip.name());
+ types.add(Format.gz.name());
+ }
+
+ ListDataProvider<String> refsDp = new ListDataProvider<String>(types);
+ DataView<String> refsView = new DataView<String>("compressedLinks", refsDp) {
+ private static final long serialVersionUID = 1L;
+ int counter;
+
+ @Override
+ protected void onBeforeRender() {
+ super.onBeforeRender();
+ counter = 0;
+ }
+
+ @Override
+ public void populateItem(final Item<String> item) {
+ String compressionType = item.getModelObject();
+ Format format = Format.fromName(compressionType);
+
+ String href = DownloadZipServlet.asLink(baseUrl, repositoryName,
+ objectId, path, format);
+ Component c = new LinkPanel("compressedLink", null, format.name(), href);
+ item.add(c);
+ Label lb = new Label("linkSep", "|");
+ lb.setVisible(counter > 0);
+ lb.setRenderBodyOnly(true);
+ item.add(lb.setEscapeModelStrings(false));
+ item.setRenderBodyOnly(true);
+ counter++;
+ }
+ };
+ add(refsView);
+
+ setVisible(GitBlit.getBoolean(Keys.web.allowZipDownloads, true));
+ }
+}
\ No newline at end of file diff --git a/src/com/gitblit/wicket/panels/HistoryPanel.html b/src/com/gitblit/wicket/panels/HistoryPanel.html index fed08076..811eeed1 100644 --- a/src/com/gitblit/wicket/panels/HistoryPanel.html +++ b/src/com/gitblit/wicket/panels/HistoryPanel.html @@ -20,7 +20,7 @@ <td class="icon"><img wicket:id="commitIcon" /></td>
<td class="hidden-phone author"><span wicket:id="commitAuthor">[commit author]</span></td>
<td class="message"><table class="nestedTable"><tr><td><span style="vertical-align:middle;" wicket:id="commitShortMessage">[commit short message]</span></td><td><div style="text-align:right;" wicket:id="commitRefs">[commit refs]</div></td></tr></table></td>
- <td class="hidden-phone hidden-tablet"><span class="link" wicket:id="hashLabel">[hash label]</span><span wicket:id="hashLink">[hash link]</span></td>
+ <td class="hidden-phone hidden-tablet rightAlign"><span class="link" wicket:id="hashLabel">[hash label]</span><span wicket:id="hashLink">[hash link]</span></td>
<td class="hidden-phone rightAlign">
<span wicket:id="historyLinks">[history links]</span>
</td>
diff --git a/src/com/gitblit/wicket/panels/HistoryPanel.java b/src/com/gitblit/wicket/panels/HistoryPanel.java index 152bbae6..0f586031 100644 --- a/src/com/gitblit/wicket/panels/HistoryPanel.java +++ b/src/com/gitblit/wicket/panels/HistoryPanel.java @@ -171,7 +171,7 @@ public class HistoryPanel extends BasePanel { LinkPanel commitHash = new LinkPanel("hashLink", null, entry.getName().substring(0, hashLen),
TreePage.class, WicketUtils.newObjectParameter(
repositoryName, entry.getName()));
- WicketUtils.setCssClass(commitHash, "sha1");
+ WicketUtils.setCssClass(commitHash, "shortsha1");
WicketUtils.setHtmlTooltip(commitHash, entry.getName());
item.add(commitHash);
diff --git a/src/com/gitblit/wicket/panels/LogPanel.html b/src/com/gitblit/wicket/panels/LogPanel.html index d0770a35..2b2605ac 100644 --- a/src/com/gitblit/wicket/panels/LogPanel.html +++ b/src/com/gitblit/wicket/panels/LogPanel.html @@ -16,7 +16,7 @@ <td class="hidden-phone author"><span wicket:id="commitAuthor">[commit author]</span></td>
<td class="hidden-phone icon"><img wicket:id="commitIcon" /></td>
<td class="message"><table class="nestedTable"><tr><td><span style="vertical-align:middle;" wicket:id="commitShortMessage">[commit short message]</span></td><td><div style="text-align:right;" wicket:id="commitRefs">[commit refs]</div></td></tr></table></td>
- <td class="hidden-phone hidden-tablet"><span wicket:id="hashLink">[hash link]</span></td>
+ <td class="hidden-phone hidden-tablet rightAlign"><span wicket:id="hashLink">[hash link]</span></td>
<td class="hidden-phone hidden-tablet rightAlign">
<span class="link">
<a wicket:id="diff"><wicket:message key="gb.diff"></wicket:message></a> | <a wicket:id="tree"><wicket:message key="gb.tree"></wicket:message></a>
diff --git a/src/com/gitblit/wicket/panels/LogPanel.java b/src/com/gitblit/wicket/panels/LogPanel.java index 0686dee6..05397642 100644 --- a/src/com/gitblit/wicket/panels/LogPanel.java +++ b/src/com/gitblit/wicket/panels/LogPanel.java @@ -131,7 +131,7 @@ public class LogPanel extends BasePanel { LinkPanel commitHash = new LinkPanel("hashLink", null, entry.getName().substring(0, hashLen),
CommitPage.class, WicketUtils.newObjectParameter(
repositoryName, entry.getName()));
- WicketUtils.setCssClass(commitHash, "sha1");
+ WicketUtils.setCssClass(commitHash, "shortsha1");
WicketUtils.setHtmlTooltip(commitHash, entry.getName());
item.add(commitHash);
|