diff options
| author | James Moger <james.moger@gitblit.com> | 2012-10-11 18:11:50 -0400 |
|---|---|---|
| committer | James Moger <james.moger@gitblit.com> | 2012-10-11 18:11:50 -0400 |
| commit | 15640f86032169ad9bfef17c387b94f30a61582f (patch) | |
| tree | 6f3dc7bb8248f2d239da6c6d237de90921fed114 /tests/com | |
| parent | fa89b73e63911f5b216ac8c06e39cff8e987e3ba (diff) | |
| download | gitblit-15640f86032169ad9bfef17c387b94f30a61582f.tar.gz gitblit-15640f86032169ad9bfef17c387b94f30a61582f.zip | |
Experimental committer verification
Diffstat (limited to 'tests/com')
| -rw-r--r-- | tests/com/gitblit/tests/GitBlitTest.java | 32 | ||||
| -rw-r--r-- | tests/com/gitblit/tests/GitServletTest.java | 106 |
2 files changed, 138 insertions, 0 deletions
diff --git a/tests/com/gitblit/tests/GitBlitTest.java b/tests/com/gitblit/tests/GitBlitTest.java index a188f180..1c9bbd00 100644 --- a/tests/com/gitblit/tests/GitBlitTest.java +++ b/tests/com/gitblit/tests/GitBlitTest.java @@ -68,6 +68,38 @@ public class GitBlitTest { assertNotNull(GitBlit.self().getRepositoryModel(user, repository));
assertTrue(GitBlit.self().getRepositoryModels(user).size() > 0);
}
+
+ @Test
+ public void testUserModelVerification() throws Exception {
+ UserModel user = new UserModel("james");
+ user.displayName = "James Moger";
+
+ assertTrue(user.is("James", null));
+ assertTrue(user.is("James", ""));
+ assertTrue(user.is("JaMeS", "anything"));
+
+ assertTrue(user.is("james moger", null));
+ assertTrue(user.is("james moger", ""));
+ assertTrue(user.is("james moger", "anything"));
+
+ assertFalse(user.is("joe", null));
+ assertFalse(user.is("joe", ""));
+ assertFalse(user.is("joe", "anything"));
+
+ // specify email address which results in address verification
+ user.emailAddress = "something";
+
+ assertFalse(user.is("James", null));
+ assertFalse(user.is("James", ""));
+ assertFalse(user.is("JaMeS", "anything"));
+
+ assertFalse(user.is("james moger", null));
+ assertFalse(user.is("james moger", ""));
+ assertFalse(user.is("james moger", "anything"));
+
+ assertTrue(user.is("JaMeS", user.emailAddress));
+ assertTrue(user.is("JaMeS mOgEr", user.emailAddress));
+ }
@Test
public void testAccessRestrictionTypes() throws Exception {
diff --git a/tests/com/gitblit/tests/GitServletTest.java b/tests/com/gitblit/tests/GitServletTest.java index 52dddc40..4342386e 100644 --- a/tests/com/gitblit/tests/GitServletTest.java +++ b/tests/com/gitblit/tests/GitServletTest.java @@ -249,6 +249,112 @@ public class GitServletTest { }
@Test
+ public void testCommitterVerification() throws Exception {
+ UserModel user = new UserModel("james");
+ user.password = "james";
+
+ // account only uses account name to verify
+ testCommitterVerification(user, user.username, null, true);
+ // committer email address is ignored because account does not specify email
+ testCommitterVerification(user, user.username, "something", true);
+ // completely different committer
+ testCommitterVerification(user, "joe", null, false);
+
+ // test display name verification
+ user.displayName = "James Moger";
+ testCommitterVerification(user, user.displayName, null, true);
+ testCommitterVerification(user, user.displayName, "something", true);
+ testCommitterVerification(user, "joe", null, false);
+
+ // test email address verification
+ user.emailAddress = "something";
+ testCommitterVerification(user, user.displayName, null, false);
+ testCommitterVerification(user, user.displayName, "somethingelse", false);
+ testCommitterVerification(user, user.displayName, user.emailAddress, true);
+
+ // use same email address but with different committer
+ testCommitterVerification(user, "joe", "somethingelse", false);
+ }
+
+ private void testCommitterVerification(UserModel user, String displayName, String emailAddress, boolean expectedSuccess) throws Exception {
+
+ if (GitBlit.self().getUserModel(user.username) != null) {
+ GitBlit.self().deleteUser(user.username);
+ }
+
+ CredentialsProvider cp = new UsernamePasswordCredentialsProvider(user.username, user.password);
+
+ // fork from original to a temporary bare repo
+ File verification = new File(GitBlitSuite.REPOSITORIES, "refchecks/verify-committer.git");
+ if (verification.exists()) {
+ FileUtils.delete(verification, FileUtils.RECURSIVE);
+ }
+ CloneCommand clone = Git.cloneRepository();
+ clone.setURI(MessageFormat.format("{0}/git/ticgit.git", url));
+ clone.setDirectory(verification);
+ clone.setBare(true);
+ clone.setCloneAllBranches(true);
+ clone.setCredentialsProvider(cp);
+ GitBlitSuite.close(clone.call());
+
+ // require push permissions and committer verification
+ RepositoryModel model = GitBlit.self().getRepositoryModel("refchecks/verify-committer.git");
+ model.authorizationControl = AuthorizationControl.NAMED;
+ model.accessRestriction = AccessRestrictionType.PUSH;
+ model.verifyCommitter = true;
+
+ // grant user push permission
+ user.setRepositoryPermission(model.name, AccessPermission.PUSH);
+
+ GitBlit.self().updateUserModel(user.username, user, true);
+ GitBlit.self().updateRepositoryModel(model.name, model, false);
+
+ // clone temp bare repo to working copy
+ File local = new File(GitBlitSuite.REPOSITORIES, "refchecks/verify-wc");
+ if (local.exists()) {
+ FileUtils.delete(local, FileUtils.RECURSIVE);
+ }
+ clone = Git.cloneRepository();
+ clone.setURI(MessageFormat.format("{0}/git/{1}", url, model.name));
+ clone.setDirectory(local);
+ clone.setBare(false);
+ clone.setCloneAllBranches(true);
+ clone.setCredentialsProvider(cp);
+ GitBlitSuite.close(clone.call());
+
+ Git git = Git.open(local);
+
+ // force an identity which may or may not match the account's identity
+ git.getRepository().getConfig().setString("user", null, "name", displayName);
+ git.getRepository().getConfig().setString("user", null, "email", emailAddress);
+ git.getRepository().getConfig().save();
+
+ // commit a file and push it
+ File file = new File(local, "PUSHCHK");
+ OutputStreamWriter os = new OutputStreamWriter(new FileOutputStream(file, true), Constants.CHARSET);
+ BufferedWriter w = new BufferedWriter(os);
+ w.write("// " + new Date().toString() + "\n");
+ w.close();
+ git.add().addFilepattern(file.getName()).call();
+ git.commit().setMessage("push test").call();
+ Iterable<PushResult> results = git.push().setCredentialsProvider(cp).setRemote("origin").call();
+
+ for (PushResult result : results) {
+ RemoteRefUpdate ref = result.getRemoteUpdate("refs/heads/master");
+ Status status = ref.getStatus();
+ if (expectedSuccess) {
+ assertTrue("Verification failed! User was NOT able to push commit! " + status.name(), Status.OK.equals(status));
+ } else {
+ assertTrue("Verification failed! User was able to push commit! " + status.name(), Status.REJECTED_OTHER_REASON.equals(status));
+ }
+ }
+
+ GitBlitSuite.close(git);
+ // close serving repository
+ GitBlitSuite.close(verification);
+ }
+
+ @Test
public void testBlockClone() throws Exception {
testRefChange(AccessPermission.VIEW, null, null, null);
}
|