String getMessage() { StringBuilder msg = new StringBuilder(); msg.append("\r\n"); msg.append(" **** Welcome to Gerrit Code Review ****\r\n"); msg.append("\r\n"); Account account = user.getAccount(); String name = account.getFullName(); if (name == null || name.isEmpty()) { name = user.getUserName(); } msg.append(" Hi "); msg.append(name); msg.append(", you have successfully connected over SSH."); msg.append("\r\n"); msg.append("\r\n"); msg.append(" Unfortunately, interactive shells are disabled.\r\n"); msg.append(" To clone a hosted Git repository, use:\r\n"); msg.append("\r\n"); if (!sshInfo.getHostKeys().isEmpty()) { String host = sshInfo.getHostKeys().get(0).getHost(); if (host.startsWith("*:")) { host = getGerritHost() + host.substring(1); } msg.append(" git clone ssh://"); msg.append(user.getUserName()); msg.append("@"); msg.append(host); msg.append("/"); msg.append("REPOSITORY_NAME.git"); msg.append("\r\n"); } msg.append("\r\n"); return msg.toString(); }
private void makeSiteConfig(SitePaths site, Config cfg, SshInfo sshInfo) throws IOException { if (!Files.exists(site.tmp_dir)) { Files.createDirectories(site.tmp_dir); } Path myconf = Files.createTempFile(site.tmp_dir, "gitweb_config", ".perl"); // To make our configuration file only readable or writable by us; // this reduces the chances of someone tampering with the file. // // TODO(dborowitz): Is there a portable way to do this with NIO? File myconfFile = myconf.toFile(); myconfFile.setWritable(false, false /* all */); myconfFile.setReadable(false, false /* all */); myconfFile.setExecutable(false, false /* all */); myconfFile.setWritable(true, true /* owner only */); myconfFile.setReadable(true, true /* owner only */); myconfFile.deleteOnExit(); _env.set("GIT_DIR", "."); _env.set("GITWEB_CONFIG", myconf.toAbsolutePath().toString()); try (PrintWriter p = new PrintWriter(Files.newBufferedWriter(myconf, UTF_8))) { p.print("# Autogenerated by Gerrit Code Review \n"); p.print("# DO NOT EDIT\n"); p.print("\n"); // We are mounted at the same level in the context as the main // UI, so we can include the same header and footer scheme. // Path hdr = site.site_header; if (Files.isRegularFile(hdr)) { p.print("$site_header = " + quoteForPerl(hdr) + ";\n"); } Path ftr = site.site_footer; if (Files.isRegularFile(ftr)) { p.print("$site_footer = " + quoteForPerl(ftr) + ";\n"); } // Top level should return to Gerrit's UI. // p.print("$home_link = $ENV{'GERRIT_CONTEXT_PATH'};\n"); p.print("$home_link_str = 'Code Review';\n"); p.print("$favicon = 'favicon.ico';\n"); p.print("$logo = 'gitweb-logo.png';\n"); p.print("$javascript = 'gitweb.js';\n"); p.print("@stylesheets = ('gitweb-default.css');\n"); Path css = site.site_css; if (Files.isRegularFile(css)) { p.print("push @stylesheets, 'gitweb-site.css';\n"); } // Try to make the title match Gerrit's normal window title // scheme of host followed by 'Code Review'. // p.print("$site_name = $home_link_str;\n"); p.print("$site_name = qq{$1 $site_name} if "); p.print("$ENV{'SERVER_NAME'} =~ m,^([^.]+(?:\\.[^.]+)?)(?:\\.|$),;\n"); // Assume by default that XSS is a problem, and try to prevent it. // p.print("$prevent_xss = 1;\n"); // Generate URLs using smart http:// // p.print("{\n"); p.print(" my $secure = $ENV{'HTTPS'} =~ /^ON$/i;\n"); p.print(" my $http_url = $secure ? 'https://' : 'http://';\n"); p.print(" $http_url .= qq{$ENV{'GERRIT_USER_NAME'}@}\n"); p.print(" unless $ENV{'GERRIT_ANONYMOUS_READ'};\n"); p.print(" $http_url .= $ENV{'SERVER_NAME'};\n"); p.print(" $http_url .= qq{:$ENV{'SERVER_PORT'}}\n"); p.print(" if (( $secure && $ENV{'SERVER_PORT'} != 443)\n"); p.print(" || (!$secure && $ENV{'SERVER_PORT'} != 80)\n"); p.print(" );\n"); p.print(" $http_url .= qq{$ENV{'GERRIT_CONTEXT_PATH'}p};\n"); p.print(" push @git_base_url_list, $http_url;\n"); p.print("}\n"); // Generate URLs using anonymous git:// // String url = cfg.getString("gerrit", null, "canonicalGitUrl"); if (url != null) { if (url.endsWith("/")) { url = url.substring(0, url.length() - 1); } p.print("if ($ENV{'GERRIT_ANONYMOUS_READ'}) {\n"); p.print(" push @git_base_url_list, "); p.print(quoteForPerl(url)); p.print(";\n"); p.print("}\n"); } // Generate URLs using authenticated ssh:// // if (sshInfo != null && !sshInfo.getHostKeys().isEmpty()) { String sshAddr = sshInfo.getHostKeys().get(0).getHost(); p.print("if ($ENV{'GERRIT_USER_NAME'}) {\n"); p.print(" push @git_base_url_list, join('', 'ssh://'"); p.print(", $ENV{'GERRIT_USER_NAME'}"); p.print(", '@'"); if (sshAddr.startsWith("*:") || "".equals(sshAddr)) { p.print(", $ENV{'SERVER_NAME'}"); } if (sshAddr.startsWith("*")) { sshAddr = sshAddr.substring(1); } p.print(", " + quoteForPerl(sshAddr)); p.print(");\n"); p.print("}\n"); } // Link back to Gerrit (when possible, to matching review record). // Supported gitweb's hash values are: // - (missing), // - HEAD, // - refs/heads/<branch>, // - refs/changes/*/<change>/*, // - <revision>. // p.print("sub add_review_link {\n"); p.print(" my $h = shift;\n"); p.print(" my $q;\n"); p.print(" if (!$h || $h eq 'HEAD') {\n"); p.print(" $q = qq{#q,project:$ENV{'GERRIT_PROJECT_NAME'}};\n"); p.print(" } elsif ($h =~ /^refs\\/heads\\/([-\\w]+)$/) {\n"); p.print(" $q = qq{#q,project:$ENV{'GERRIT_PROJECT_NAME'}"); p.print("+branch:$1};\n"); // wrapped p.print(" } elsif ($h =~ /^refs\\/changes\\/\\d{2}\\/(\\d+)\\/\\d+$/) "); p.print("{\n"); // wrapped p.print(" $q = qq{#/c/$1};\n"); p.print(" } else {\n"); p.print(" $q = qq{#/q/$h};\n"); p.print(" }\n"); p.print(" my $r = qq{$ENV{'GERRIT_CONTEXT_PATH'}$q};\n"); p.print(" push @{$feature{'actions'}{'default'}},\n"); p.print(" ('review',$r,'commitdiff');\n"); p.print("}\n"); p.print("if ($cgi->param('hb')) {\n"); p.print(" add_review_link($cgi->param('hb'));\n"); p.print("} elsif ($cgi->param('h')) {\n"); p.print(" add_review_link($cgi->param('h'));\n"); p.print("} else {\n"); p.print(" add_review_link();\n"); p.print("}\n"); // If the administrator has created a site-specific gitweb_config, // load that before we perform any final overrides. // Path sitecfg = site.site_gitweb; if (Files.isRegularFile(sitecfg)) { p.print("$GITWEB_CONFIG = " + quoteForPerl(sitecfg) + ";\n"); p.print("if (-e $GITWEB_CONFIG) {\n"); p.print(" do " + quoteForPerl(sitecfg) + ";\n"); p.print("}\n"); } Path root = repoManager.getBasePath(); p.print("$projectroot = " + quoteForPerl(root) + ";\n"); // Permit exporting only the project we were started for. // We use the name under $projectroot in case symlinks // were involved in the path. // p.print("$export_auth_hook = sub {\n"); p.print(" my $dir = shift;\n"); p.print(" my $name = $ENV{'GERRIT_PROJECT_NAME'};\n"); p.print(" my $allow = qq{$projectroot/$name.git};\n"); p.print(" return $dir eq $allow;\n"); p.print(" };\n"); // Do not allow the administrator to enable path info, its // not a URL format we currently support. // p.print("$feature{'pathinfo'}{'override'} = 0;\n"); p.print("$feature{'pathinfo'}{'default'} = [0];\n"); // We don't do forking, so don't allow it to be enabled. // p.print("$feature{'forks'}{'override'} = 0;\n"); p.print("$feature{'forks'}{'default'} = [0];\n"); } myconfFile.setReadOnly(); }