mirrors
/
gitblit
mirror of https://github.com/gitblit/gitblit.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 43 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3115 Commits
11 Branches
Tree: 9bde5212fe
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '9bde5212fe'
${ noResults }
gitblit/src/main/java/com/gitblit/servlet/GitFilter.java

GitFilter.java 11KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372 
  1. /*

  2.  * Copyright 2011 gitblit.com.

  3.  *

  4.  * Licensed under the Apache License, Version 2.0 (the "License");

  5.  * you may not use this file except in compliance with the License.

  6.  * You may obtain a copy of the License at

  7.  *

  8.  *     http://www.apache.org/licenses/LICENSE-2.0

  9.  *

  10.  * Unless required by applicable law or agreed to in writing, software

  11.  * distributed under the License is distributed on an "AS IS" BASIS,

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13.  * See the License for the specific language governing permissions and

  14.  * limitations under the License.

  15.  */

  16. package com.gitblit.servlet;

  17. 

  18. import java.text.MessageFormat;

  19. 

  20. import com.google.inject.Inject;

  21. import com.google.inject.Singleton;

  22. 

  23. import javax.servlet.http.HttpServletRequest;

  24. 

  25. import com.gitblit.Constants.AccessRestrictionType;

  26. import com.gitblit.Constants.AuthorizationControl;

  27. import com.gitblit.GitBlitException;

  28. import com.gitblit.IStoredSettings;

  29. import com.gitblit.Keys;

  30. import com.gitblit.manager.IAuthenticationManager;

  31. import com.gitblit.manager.IFederationManager;

  32. import com.gitblit.manager.IRepositoryManager;

  33. import com.gitblit.manager.IRuntimeManager;

  34. import com.gitblit.models.RepositoryModel;

  35. import com.gitblit.models.UserModel;

  36. import com.gitblit.utils.StringUtils;

  37. 

  38. /**

  39.  * The GitFilter is an AccessRestrictionFilter which ensures that Git client

  40.  * requests for push, clone, or view restricted repositories are authenticated

  41.  * and authorized.

  42.  *

  43.  * @author James Moger

  44.  *

  45.  */

  46. @Singleton

  47. public class GitFilter extends AccessRestrictionFilter {

  48. 

  49. 	static final String GIT_RECEIVE_PACK = "/git-receive-pack";

  50. 

  51. 	static final String GIT_UPLOAD_PACK = "/git-upload-pack";

  52. 

  53. 	static final String CLONE_BUNDLE = "/clone.bundle";

  54. 	

  55. 	static final String GIT_LFS = "/info/lfs";

  56. 	

  57. 	static final String[] SUFFIXES = {GIT_RECEIVE_PACK, GIT_UPLOAD_PACK, "/info/refs", "/HEAD",

  58. 			"/objects", GIT_LFS, CLONE_BUNDLE};

  59. 

  60. 	private IStoredSettings settings;

  61. 

  62. 	private IFederationManager federationManager;

  63. 

  64. 	@Inject

  65. 	public GitFilter(

  66. 			IStoredSettings settings,

  67. 			IRuntimeManager runtimeManager,

  68. 			IAuthenticationManager authenticationManager,

  69. 			IRepositoryManager repositoryManager,

  70. 			IFederationManager federationManager) {

  71. 

  72. 		super(runtimeManager, authenticationManager, repositoryManager);

  73. 

  74. 		this.settings = settings;

  75. 		this.federationManager = federationManager;

  76. 	}

  77. 

  78. 	/**

  79. 	 * Extract the repository name from the url.

  80. 	 *

  81. 	 * @param url

  82. 	 * 			Request URL with repository name in it

  83. 	 * @return repository name

  84. 	 */

  85. 	public static String getRepositoryName(String url) {

  86. 		String repository = url;

  87. 		// strip off parameters from the URL

  88. 		if (repository.contains("?")) {

  89. 			repository = repository.substring(0, repository.indexOf("?"));

  90. 		}

  91. 

  92. 		// get the repository name from the url by finding a known url suffix

  93. 		for (String urlSuffix : SUFFIXES) {

  94. 			if (repository.indexOf(urlSuffix) > -1) {

  95. 				repository = repository.substring(0, repository.indexOf(urlSuffix));

  96. 			}

  97. 		}

  98. 		return repository;

  99. 	}

  100. 

  101. 	/**

  102. 	 * Extract the repository name from the url.

  103. 	 *

  104. 	 * @param url

  105. 	 * @return repository name

  106. 	 */

  107. 	@Override

  108. 	protected String extractRepositoryName(String url) {

  109. 		return GitFilter.getRepositoryName(url);

  110. 	}

  111. 

  112. 	/**

  113. 	 * Analyze the url and returns the action of the request. Return values are:

  114. 	 * "/git-receive-pack", "/git-upload-pack" or "/info/lfs".

  115. 	 *

  116. 	 * @param serverUrl

  117. 	 * @return action of the request

  118. 	 */

  119. 	@Override

  120. 	protected String getUrlRequestAction(String suffix) {

  121. 		if (!StringUtils.isEmpty(suffix)) {

  122. 			if (suffix.startsWith(GIT_RECEIVE_PACK)) {

  123. 				return GIT_RECEIVE_PACK;

  124. 			} else if (suffix.startsWith(GIT_UPLOAD_PACK)) {

  125. 				return GIT_UPLOAD_PACK;

  126. 			} else if (suffix.contains("?service=git-receive-pack")) {

  127. 				return GIT_RECEIVE_PACK;

  128. 			} else if (suffix.contains("?service=git-upload-pack")) {

  129. 				return GIT_UPLOAD_PACK;

  130. 			} else if (suffix.startsWith(GIT_LFS)) {

  131. 				return GIT_LFS;

  132. 			} else if (suffix.startsWith(CLONE_BUNDLE)) {

  133. 				return CLONE_BUNDLE;

  134. 			} else {

  135. 				return GIT_UPLOAD_PACK;

  136. 			}

  137. 		}

  138. 		return null;

  139. 	}

  140. 

  141. 	/**

  142. 	 * Returns the user making the request, if the user has authenticated.

  143. 	 *

  144. 	 * @param httpRequest

  145. 	 * @return user

  146. 	 */

  147. 	@Override

  148. 	protected UserModel getUser(HttpServletRequest httpRequest) {

  149. 		UserModel user = authenticationManager.authenticate(httpRequest, requiresClientCertificate());

  150. 		if (user == null) {

  151. 			user = federationManager.authenticate(httpRequest);

  152. 		}

  153. 		return user;

  154. 	}

  155. 

  156. 	/**

  157. 	 * Determine if a non-existing repository can be created using this filter.

  158. 	 *

  159. 	 * @return true if the server allows repository creation on-push

  160. 	 */

  161. 	@Override

  162. 	protected boolean isCreationAllowed(String action) {

  163. 		// Unknown action, don't allow creation

  164. 		if (action == null) return false;

  165. 

  166. 		//Repository must already exist before large files can be deposited

  167. 		if (GIT_LFS.equals(action)) {

  168. 			return false;

  169. 		}

  170. 		// Action is not implemened.

  171. 		if (CLONE_BUNDLE.equals(action)) {

  172. 			return false;

  173. 		}

  174. 

  175. 		return settings.getBoolean(Keys.git.allowCreateOnPush, true);

  176. 	}

  177. 

  178. 	/**

  179. 	 * Determine if the repository can receive pushes.

  180. 	 *

  181. 	 * @param repository

  182. 	 * @param action

  183. 	 * @return true if the action may be performed

  184. 	 */

  185. 	@Override

  186. 	protected boolean isActionAllowed(RepositoryModel repository, String action, String method) {

  187. 		// the log here has been moved into ReceiveHook to provide clients with

  188. 		// error messages

  189. 		if (GIT_LFS.equals(action)) {

  190. 			if (!method.matches("GET|POST|PUT|HEAD")) {

  191. 				return false;

  192. 			}

  193. 		}

  194. 		

  195. 		return true;

  196. 	}

  197. 

  198. 	@Override

  199. 	protected boolean requiresClientCertificate() {

  200. 		return settings.getBoolean(Keys.git.requiresClientCertificate, false);

  201. 	}

  202. 

  203. 	/**

  204. 	 * Determine if the repository requires authentication.

  205. 	 *

  206. 	 * @param repository

  207. 	 * @param action

  208. 	 * @param method

  209. 	 * @return true if authentication required

  210. 	 */

  211. 	@Override

  212. 	protected boolean requiresAuthentication(RepositoryModel repository, String action, String method) {

  213. 		if (GIT_UPLOAD_PACK.equals(action)) {

  214. 			// send to client

  215. 			return repository.accessRestriction.atLeast(AccessRestrictionType.CLONE);

  216. 		} else if (GIT_RECEIVE_PACK.equals(action)) {

  217. 			// receive from client

  218. 			return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH);

  219. 		} else if (GIT_LFS.equals(action)) {

  220. 			

  221. 			if (method.matches("GET|HEAD")) {

  222. 				return repository.accessRestriction.atLeast(AccessRestrictionType.CLONE);

  223. 			} else {

  224. 				//NOTE: Treat POST as PUT as as without reading message type cannot determine 

  225. 				return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH);

  226. 			}

  227. 		}

  228. 		return false;

  229. 	}

  230. 

  231. 	/**

  232. 	 * Determine if the user can access the repository and perform the specified

  233. 	 * action.

  234. 	 *

  235. 	 * @param repository

  236. 	 * @param user

  237. 	 * @param action

  238. 	 * @return true if user may execute the action on the repository

  239. 	 */

  240. 	@Override

  241. 	protected boolean canAccess(RepositoryModel repository, UserModel user, String action) {

  242. 		if (!settings.getBoolean(Keys.git.enableGitServlet, true)) {

  243. 			// Git Servlet disabled

  244. 			return false;

  245. 		}

  246. 		if (GIT_RECEIVE_PACK.equals(action)) {

  247. 			// push permissions are enforced in the receive pack

  248. 			return true;

  249. 		} else if (GIT_UPLOAD_PACK.equals(action)) {

  250. 			// Clone request

  251. 			if (user.canClone(repository)) {

  252. 				return true;

  253. 			} else {

  254. 				// user is unauthorized to clone this repository

  255. 				logger.warn(MessageFormat.format("user {0} is not authorized to clone {1}",

  256. 						user.username, repository));

  257. 				return false;

  258. 			}

  259. 		}

  260. 		return true;

  261. 	}

  262. 

  263. 	/**

  264. 	 * An authenticated user with the CREATE role can create a repository on

  265. 	 * push.

  266. 	 *

  267. 	 * @param user

  268. 	 * @param repository

  269. 	 * @param action

  270. 	 * @return the repository model, if it is created, null otherwise

  271. 	 */

  272. 	@Override

  273. 	protected RepositoryModel createRepository(UserModel user, String repository, String action) {

  274. 		boolean isPush = !StringUtils.isEmpty(action) && GIT_RECEIVE_PACK.equals(action);

  275. 		

  276. 		if (GIT_LFS.equals(action)) {

  277. 			//Repository must already exist for any filestore actions

  278. 			return null;

  279. 		}

  280. 		

  281. 		if (isPush) {

  282. 			if (user.canCreate(repository)) {

  283. 				// user is pushing to a new repository

  284. 				// validate name

  285. 				if (repository.startsWith("../")) {

  286. 					logger.error(MessageFormat.format("Illegal relative path in repository name! {0}", repository));

  287. 					return null;

  288. 				}

  289. 				if (repository.contains("/../")) {

  290. 					logger.error(MessageFormat.format("Illegal relative path in repository name! {0}", repository));

  291. 					return null;

  292. 				}

  293. 

  294. 				// confirm valid characters in repository name

  295. 				Character c = StringUtils.findInvalidCharacter(repository);

  296. 				if (c != null) {

  297. 					logger.error(MessageFormat.format("Invalid character '{0}' in repository name {1}!", c, repository));

  298. 					return null;

  299. 				}

  300. 

  301. 				// create repository

  302. 				RepositoryModel model = new RepositoryModel();

  303. 				model.name = repository;

  304. 				model.addOwner(user.username);

  305. 				model.projectPath = StringUtils.getFirstPathElement(repository);

  306. 				if (model.isUsersPersonalRepository(user.username)) {

  307. 					// personal repository, default to private for user

  308. 					model.authorizationControl = AuthorizationControl.NAMED;

  309. 					model.accessRestriction = AccessRestrictionType.VIEW;

  310. 				} else {

  311. 					// common repository, user default server settings

  312. 					model.authorizationControl = AuthorizationControl.fromName(settings.getString(Keys.git.defaultAuthorizationControl, ""));

  313. 					model.accessRestriction = AccessRestrictionType.fromName(settings.getString(Keys.git.defaultAccessRestriction, "PUSH"));

  314. 				}

  315. 

  316. 				// create the repository

  317. 				try {

  318. 					repositoryManager.updateRepositoryModel(model.name, model, true);

  319. 					logger.info(MessageFormat.format("{0} created {1} ON-PUSH", user.username, model.name));

  320. 					return repositoryManager.getRepositoryModel(model.name);

  321. 				} catch (GitBlitException e) {

  322. 					logger.error(MessageFormat.format("{0} failed to create repository {1} ON-PUSH!", user.username, model.name), e);

  323. 				}

  324. 			} else {

  325. 				logger.warn(MessageFormat.format("{0} is not permitted to create repository {1} ON-PUSH!", user.username, repository));

  326. 			}

  327. 		}

  328. 

  329. 		// repository could not be created or action was not a push

  330. 		return null;

  331. 	}

  332. 	

  333. 	/**

  334. 	 * Git lfs action uses an alternative authentication header, 

  335. 	 * dependent on the viewing method.

  336. 	 * 

  337. 	 * @param httpRequest

  338. 	 * @param action

  339. 	 * @return

  340. 	 */

  341. 	@Override

  342. 	protected String getAuthenticationHeader(HttpServletRequest httpRequest, String action) {

  343. 

  344. 		if (GIT_LFS.equals(action)) {

  345. 			if (hasContentInRequestHeader(httpRequest, "Accept", FilestoreServlet.GIT_LFS_META_MIME)) {

  346. 				return "LFS-Authenticate";

  347. 			}

  348. 		}

  349. 		

  350. 		return super.getAuthenticationHeader(httpRequest, action);

  351. 	}

  352. 	

  353. 	/**

  354. 	 * Interrogates the request headers based on the action

  355. 	 * @param action

  356. 	 * @param request

  357. 	 * @return

  358. 	 */

  359. 	@Override

  360. 	protected boolean hasValidRequestHeader(String action,

  361. 			HttpServletRequest request) {

  362. 

  363. 		if (GIT_LFS.equals(action) && request.getMethod().equals("POST")) {

  364. 			if ( 	!hasContentInRequestHeader(request, "Accept", FilestoreServlet.GIT_LFS_META_MIME)

  365. 				 || !hasContentInRequestHeader(request, "Content-Type", FilestoreServlet.GIT_LFS_META_MIME)) {

  366. 				return false;

  367. 			}				

  368. 		}

  369. 			

  370. 		return super.hasValidRequestHeader(action, request);

  371. 	}

  372. }