@@ -188,6 +188,15 @@ public abstract class AccessRestrictionFilter extends AuthenticationFilter { | |||
return; | |||
} | |||
// TODO: Maybe checking for clone bundle should be done somewhere else? Like other stuff? | |||
// In any way, the access to the constant from here is messed up an needs some cleaning up. | |||
if (GitFilter.CLONE_BUNDLE.equalsIgnoreCase(urlRequestType)) { | |||
logger.info(MessageFormat.format("ARF: Rejecting request for {0}, clone bundle is not implemented.", repository)); | |||
httpResponse.sendError(HttpServletResponse.SC_NOT_IMPLEMENTED, "The 'clone.bundle' command is currently not implemented. " + | |||
"Please use a normal clone command."); | |||
return; | |||
} | |||
UserModel user = getUser(httpRequest); | |||
// Load the repository model |
@@ -49,11 +49,13 @@ public class GitFilter extends AccessRestrictionFilter { | |||
static final String GIT_RECEIVE_PACK = "/git-receive-pack"; | |||
static final String GIT_UPLOAD_PACK = "/git-upload-pack"; | |||
static final String CLONE_BUNDLE = "/clone.bundle"; | |||
static final String GIT_LFS = "/info/lfs"; | |||
static final String[] SUFFIXES = {GIT_RECEIVE_PACK, GIT_UPLOAD_PACK, "/info/refs", "/HEAD", | |||
"/objects", GIT_LFS}; | |||
"/objects", GIT_LFS, CLONE_BUNDLE}; | |||
private IStoredSettings settings; | |||
@@ -127,6 +129,8 @@ public class GitFilter extends AccessRestrictionFilter { | |||
return GIT_UPLOAD_PACK; | |||
} else if (suffix.startsWith(GIT_LFS)) { | |||
return GIT_LFS; | |||
} else if (suffix.startsWith(CLONE_BUNDLE)) { | |||
return CLONE_BUNDLE; | |||
} else { | |||
return GIT_UPLOAD_PACK; | |||
} | |||
@@ -163,7 +167,11 @@ public class GitFilter extends AccessRestrictionFilter { | |||
if (GIT_LFS.equals(action)) { | |||
return false; | |||
} | |||
// Action is not implemened. | |||
if (CLONE_BUNDLE.equals(action)) { | |||
return false; | |||
} | |||
return settings.getBoolean(Keys.git.allowCreateOnPush, true); | |||
} | |||
@@ -978,8 +978,20 @@ public class GitServletTest extends GitblitUnitTest { | |||
HttpGet request = new HttpGet(testURL); | |||
HttpResponse response = client.execute(request); | |||
assertEquals(400, response.getStatusLine().getStatusCode()); | |||
} | |||
@Test | |||
public void testInvalidURLCloneBundle() throws IOException { | |||
final String testURL = GitBlitSuite.gitServletUrl + "/helloworld.git/clone.bundle"; | |||
HttpClient client = HttpClientBuilder.create().build(); | |||
HttpGet request = new HttpGet(testURL); | |||
HttpResponse response = client.execute(request); | |||
assertEquals(501, response.getStatusLine().getStatusCode()); | |||
String content = IOUtils.toString(response.getEntity().getContent(), "UTF-8"); | |||
assertNotNull(content); | |||
} | |||
} |