123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284 |
- /*
- * Copyright 2011 gitblit.com.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- package com.gitblit.servlet;
-
- import java.io.File;
- import java.text.MessageFormat;
- import java.util.ArrayList;
- import java.util.Date;
- import java.util.HashMap;
- import java.util.HashSet;
- import java.util.List;
- import java.util.Map;
- import java.util.Set;
-
- import javax.servlet.http.HttpServletResponse;
-
- import com.gitblit.Constants.FederationRequest;
- import com.gitblit.IStoredSettings;
- import com.gitblit.Keys;
- import com.gitblit.manager.IFederationManager;
- import com.gitblit.manager.IRepositoryManager;
- import com.gitblit.manager.IUserManager;
- import com.gitblit.models.FederationModel;
- import com.gitblit.models.FederationProposal;
- import com.gitblit.models.TeamModel;
- import com.gitblit.models.UserModel;
- import com.gitblit.utils.FederationUtils;
- import com.gitblit.utils.FileUtils;
- import com.gitblit.utils.HttpUtils;
- import com.gitblit.utils.StringUtils;
- import com.gitblit.utils.TimeUtils;
-
- import dagger.ObjectGraph;
-
- /**
- * Handles federation requests.
- *
- * @author James Moger
- *
- */
- public class FederationServlet extends JsonServlet {
-
- private static final long serialVersionUID = 1L;
-
- private IStoredSettings settings;
-
- private IUserManager userManager;
-
- private IRepositoryManager repositoryManager;
-
- private IFederationManager federationManager;
-
- @Override
- protected void inject(ObjectGraph dagger) {
- this.settings = dagger.get(IStoredSettings.class);
- this.userManager = dagger.get(IUserManager.class);
- this.repositoryManager = dagger.get(IRepositoryManager.class);
- this.federationManager = dagger.get(IFederationManager.class);
- }
-
- /**
- * Processes a federation request.
- *
- * @param request
- * @param response
- * @throws javax.servlet.ServletException
- * @throws java.io.IOException
- */
-
- @Override
- protected void processRequest(javax.servlet.http.HttpServletRequest request,
- javax.servlet.http.HttpServletResponse response) throws javax.servlet.ServletException,
- java.io.IOException {
-
- FederationRequest reqType = FederationRequest.fromName(request.getParameter("req"));
- logger.info(MessageFormat.format("Federation {0} request from {1}", reqType,
- request.getRemoteAddr()));
-
- if (FederationRequest.POKE.equals(reqType)) {
- // Gitblit always responds to POKE requests to verify a connection
- logger.info("Received federation POKE from " + request.getRemoteAddr());
- return;
- }
-
- if (!settings.getBoolean(Keys.git.enableGitServlet, true)) {
- logger.warn(Keys.git.enableGitServlet + " must be set TRUE for federation requests.");
- response.sendError(HttpServletResponse.SC_FORBIDDEN);
- return;
- }
-
- String uuid = settings.getString(Keys.federation.passphrase, "");
- if (StringUtils.isEmpty(uuid)) {
- logger.warn(Keys.federation.passphrase
- + " is not properly set! Federation request denied.");
- response.sendError(HttpServletResponse.SC_FORBIDDEN);
- return;
- }
-
- if (FederationRequest.PROPOSAL.equals(reqType)) {
- // Receive a gitblit federation proposal
- FederationProposal proposal = deserialize(request, response, FederationProposal.class);
- if (proposal == null) {
- return;
- }
-
- // reject proposal, if not receipt prohibited
- if (!settings.getBoolean(Keys.federation.allowProposals, false)) {
- logger.error(MessageFormat.format("Rejected {0} federation proposal from {1}",
- proposal.tokenType.name(), proposal.url));
- response.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
- return;
- }
-
- // poke the origin Gitblit instance that is proposing federation
- boolean poked = false;
- try {
- poked = FederationUtils.poke(proposal.url);
- } catch (Exception e) {
- logger.error("Failed to poke origin", e);
- }
- if (!poked) {
- logger.error(MessageFormat.format("Failed to send federation poke to {0}",
- proposal.url));
- response.setStatus(HttpServletResponse.SC_NOT_ACCEPTABLE);
- return;
- }
-
- String url = HttpUtils.getGitblitURL(request);
- federationManager.submitFederationProposal(proposal, url);
- logger.info(MessageFormat.format(
- "Submitted {0} federation proposal to pull {1} repositories from {2}",
- proposal.tokenType.name(), proposal.repositories.size(), proposal.url));
- response.setStatus(HttpServletResponse.SC_OK);
- return;
- }
-
- if (FederationRequest.STATUS.equals(reqType)) {
- // Receive a gitblit federation status acknowledgment
- String remoteId = StringUtils.decodeFromHtml(request.getParameter("url"));
- String identification = MessageFormat.format("{0} ({1})", remoteId,
- request.getRemoteAddr());
-
- // deserialize the status data
- FederationModel results = deserialize(request, response, FederationModel.class);
- if (results == null) {
- return;
- }
-
- // setup the last and netx pull dates
- results.lastPull = new Date();
- int mins = TimeUtils.convertFrequencyToMinutes(results.frequency);
- results.nextPull = new Date(System.currentTimeMillis() + (mins * 60 * 1000L));
-
- // acknowledge the receipt of status
- federationManager.acknowledgeFederationStatus(identification, results);
- logger.info(MessageFormat.format(
- "Received status of {0} federated repositories from {1}", results
- .getStatusList().size(), identification));
- response.setStatus(HttpServletResponse.SC_OK);
- return;
- }
-
- // Determine the federation tokens for this gitblit instance
- String token = request.getParameter("token");
- List<String> tokens = federationManager.getFederationTokens();
- if (!tokens.contains(token)) {
- logger.warn(MessageFormat.format(
- "Received Federation token ''{0}'' does not match the server tokens", token));
- response.sendError(HttpServletResponse.SC_FORBIDDEN);
- return;
- }
-
- Object result = null;
- if (FederationRequest.PULL_REPOSITORIES.equals(reqType)) {
- String gitblitUrl = HttpUtils.getGitblitURL(request);
- result = federationManager.getRepositories(gitblitUrl, token);
- } else {
- if (FederationRequest.PULL_SETTINGS.equals(reqType)) {
- // pull settings
- if (!federationManager.validateFederationRequest(reqType, token)) {
- // invalid token to pull users or settings
- logger.warn(MessageFormat.format(
- "Federation token from {0} not authorized to pull SETTINGS",
- request.getRemoteAddr()));
- response.sendError(HttpServletResponse.SC_FORBIDDEN);
- return;
- }
- Map<String, String> map = new HashMap<String, String>();
- List<String> keys = settings.getAllKeys(null);
- for (String key : keys) {
- map.put(key, settings.getString(key, ""));
- }
- result = map;
- } else if (FederationRequest.PULL_USERS.equals(reqType)) {
- // pull users
- if (!federationManager.validateFederationRequest(reqType, token)) {
- // invalid token to pull users or settings
- logger.warn(MessageFormat.format(
- "Federation token from {0} not authorized to pull USERS",
- request.getRemoteAddr()));
- response.sendError(HttpServletResponse.SC_FORBIDDEN);
- return;
- }
- List<String> usernames = userManager.getAllUsernames();
- List<UserModel> users = new ArrayList<UserModel>();
- for (String username : usernames) {
- UserModel user = userManager.getUserModel(username);
- if (!user.excludeFromFederation) {
- users.add(user);
- }
- }
- result = users;
- } else if (FederationRequest.PULL_TEAMS.equals(reqType)) {
- // pull teams
- if (!federationManager.validateFederationRequest(reqType, token)) {
- // invalid token to pull teams
- logger.warn(MessageFormat.format(
- "Federation token from {0} not authorized to pull TEAMS",
- request.getRemoteAddr()));
- response.sendError(HttpServletResponse.SC_FORBIDDEN);
- return;
- }
- List<String> teamnames = userManager.getAllTeamNames();
- List<TeamModel> teams = new ArrayList<TeamModel>();
- for (String teamname : teamnames) {
- TeamModel user = userManager.getTeamModel(teamname);
- teams.add(user);
- }
- result = teams;
- } else if (FederationRequest.PULL_SCRIPTS.equals(reqType)) {
- // pull scripts
- if (!federationManager.validateFederationRequest(reqType, token)) {
- // invalid token to pull script
- logger.warn(MessageFormat.format(
- "Federation token from {0} not authorized to pull SCRIPTS",
- request.getRemoteAddr()));
- response.sendError(HttpServletResponse.SC_FORBIDDEN);
- return;
- }
- Map<String, String> scripts = new HashMap<String, String>();
-
- Set<String> names = new HashSet<String>();
- names.addAll(settings.getStrings(Keys.groovy.preReceiveScripts));
- names.addAll(settings.getStrings(Keys.groovy.postReceiveScripts));
- for (TeamModel team : userManager.getAllTeams()) {
- names.addAll(team.preReceiveScripts);
- names.addAll(team.postReceiveScripts);
- }
- File scriptsFolder = repositoryManager.getHooksFolder();
- for (String name : names) {
- File file = new File(scriptsFolder, name);
- if (!file.exists() && !file.getName().endsWith(".groovy")) {
- file = new File(scriptsFolder, name + ".groovy");
- }
- if (file.exists()) {
- // read the script
- String content = FileUtils.readContent(file, "\n");
- scripts.put(name, content);
- } else {
- // missing script?!
- logger.warn(MessageFormat.format("Failed to find push script \"{0}\"", name));
- }
- }
- result = scripts;
- }
- }
-
- // send the result of the request
- serialize(response, result);
- }
- }
|