aboutsummaryrefslogtreecommitdiffstats
path: root/org.eclipse.jgit.lfs.server/src/org/eclipse
diff options
context:
space:
mode:
authorDavid Pursehouse <david.pursehouse@gmail.com>2017-01-13 10:08:29 +0900
committerDavid Pursehouse <david.pursehouse@gmail.com>2017-01-13 10:46:15 +0900
commit7245aa031621c4c8d3fd9892ecbc9ded6f0e7283 (patch)
treebf005b54cfa4133a1e09d409de63ba2cecd6f8e9 /org.eclipse.jgit.lfs.server/src/org/eclipse
parent0e187f14843f1e1c73bfe6e80e91fdf03ae96067 (diff)
downloadjgit-7245aa031621c4c8d3fd9892ecbc9ded6f0e7283.tar.gz
jgit-7245aa031621c4c8d3fd9892ecbc9ded6f0e7283.zip
Add support for refusing LFS request due to invalid authorization
Add a new exception type that server implementations can throw when a client attempts to make an unauthorized LFS operation, which will result in HTTP 401 Unauthorized being returned to the client. An example of this is a Gerrit server that rejects a request to perform an LFS operation on a ref that is not visible to the caller. As defined in the LFS spec [1] the request may include authentication, and per RFC 2616 [2], "401 response indicates that authorization has been refused for those credentials". [1] https://github.com/git-lfs/git-lfs/blob/master/docs/api/batch.md [2] https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html Change-Id: I2aa22e2144df5fb7972df0e3285b77b08ecc63f2 Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
Diffstat (limited to 'org.eclipse.jgit.lfs.server/src/org/eclipse')
-rw-r--r--org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/LfsProtocolServlet.java4
1 files changed, 4 insertions, 0 deletions
diff --git a/org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/LfsProtocolServlet.java b/org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/LfsProtocolServlet.java
index 841074beeb..0dffb8df0b 100644
--- a/org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/LfsProtocolServlet.java
+++ b/org.eclipse.jgit.lfs.server/src/org/eclipse/jgit/lfs/server/LfsProtocolServlet.java
@@ -49,6 +49,7 @@ import static org.apache.http.HttpStatus.SC_INTERNAL_SERVER_ERROR;
import static org.apache.http.HttpStatus.SC_NOT_FOUND;
import static org.apache.http.HttpStatus.SC_OK;
import static org.apache.http.HttpStatus.SC_SERVICE_UNAVAILABLE;
+import static org.apache.http.HttpStatus.SC_UNAUTHORIZED;
import static org.apache.http.HttpStatus.SC_UNPROCESSABLE_ENTITY;
import java.io.BufferedReader;
@@ -71,6 +72,7 @@ import org.eclipse.jgit.lfs.errors.LfsInsufficientStorage;
import org.eclipse.jgit.lfs.errors.LfsRateLimitExceeded;
import org.eclipse.jgit.lfs.errors.LfsRepositoryNotFound;
import org.eclipse.jgit.lfs.errors.LfsRepositoryReadOnly;
+import org.eclipse.jgit.lfs.errors.LfsUnauthorized;
import org.eclipse.jgit.lfs.errors.LfsUnavailable;
import org.eclipse.jgit.lfs.errors.LfsValidationError;
@@ -201,6 +203,8 @@ public abstract class LfsProtocolServlet extends HttpServlet {
sendError(res, w, SC_INSUFFICIENT_STORAGE, e.getMessage());
} catch (LfsUnavailable e) {
sendError(res, w, SC_SERVICE_UNAVAILABLE, e.getMessage());
+ } catch (LfsUnauthorized e) {
+ sendError(res, w, SC_UNAUTHORIZED, e.getMessage());
} catch (LfsException e) {
sendError(res, w, SC_INTERNAL_SERVER_ERROR, e.getMessage());
} finally {