@Test
public void testBogusLoginClone() throws Exception {
// restrict repository access
RepositoryModel model = GitBlit.self().getRepositoryModel("ticgit.git");
model.accessRestriction = AccessRestrictionType.CLONE;
GitBlit.self().updateRepositoryModel(model.name, model, false);
// delete any existing working folder
boolean cloned = false;
try {
CloneCommand clone = Git.cloneRepository();
clone.setURI(MessageFormat.format("{0}/git/ticgit.git", url));
clone.setDirectory(ticgit2Folder);
clone.setBare(false);
clone.setCloneAllBranches(true);
clone.setCredentialsProvider(new UsernamePasswordCredentialsProvider("bogus", "bogus"));
close(clone.call());
cloned = true;
} catch (Exception e) {
// swallow the exception which we expect
}
// restore anonymous repository access
model.accessRestriction = AccessRestrictionType.NONE;
GitBlit.self().updateRepositoryModel(model.name, model, false);
assertFalse("Bogus login cloned a repository?!", cloned);
}
public EditRepositoryPage() {
// create constructor
super();
isCreate = true;
RepositoryModel model = new RepositoryModel();
String restriction = GitBlit.getString(Keys.git.defaultAccessRestriction, null);
model.accessRestriction = AccessRestrictionType.fromName(restriction);
String authorization = GitBlit.getString(Keys.git.defaultAuthorizationControl, null);
model.authorizationControl = AuthorizationControl.fromName(authorization);
GitBlitWebSession session = GitBlitWebSession.get();
UserModel user = session.getUser();
if (user != null && user.canCreate() && !user.canAdmin()) {
// personal create permissions, inject personal repository path
model.name = user.getPersonalPath() + "/";
model.projectPath = user.getPersonalPath();
model.addOwner(user.username);
// personal repositories are private by default
model.accessRestriction = AccessRestrictionType.VIEW;
model.authorizationControl = AuthorizationControl.NAMED;
}
setupPage(model);
setStatelessHint(false);
setOutputMarkupId(true);
}
/**
* Returns true if the repository can be posted to Slack.
*
* @param repository
* @return true if the repository can be posted to Slack
*/
public boolean shallPost(RepositoryModel repository) {
boolean postPersonalRepos =
runtimeManager.getSettings().getBoolean(Plugin.SETTING_POST_PERSONAL_REPOS, false);
if (repository.isPersonalRepository() && !postPersonalRepos) {
return false;
}
return true;
}
@Test
public void testUnauthorizedLoginClone() throws Exception {
// restrict repository access
RepositoryModel model = GitBlit.self().getRepositoryModel("ticgit.git");
model.accessRestriction = AccessRestrictionType.CLONE;
model.authorizationControl = AuthorizationControl.NAMED;
UserModel user = new UserModel("james");
user.password = "******";
GitBlit.self().updateUserModel(user.username, user, true);
GitBlit.self().updateRepositoryModel(model.name, model, false);
FileUtils.delete(ticgit2Folder, FileUtils.RECURSIVE);
// delete any existing working folder
boolean cloned = false;
try {
CloneCommand clone = Git.cloneRepository();
clone.setURI(MessageFormat.format("{0}/git/ticgit.git", url));
clone.setDirectory(ticgit2Folder);
clone.setBare(false);
clone.setCloneAllBranches(true);
clone.setCredentialsProvider(
new UsernamePasswordCredentialsProvider(user.username, user.password));
close(clone.call());
cloned = true;
} catch (Exception e) {
// swallow the exception which we expect
}
assertFalse("Unauthorized login cloned a repository?!", cloned);
FileUtils.delete(ticgit2Folder, FileUtils.RECURSIVE);
// switch to authenticated
model.authorizationControl = AuthorizationControl.AUTHENTICATED;
GitBlit.self().updateRepositoryModel(model.name, model, false);
// try clone again
cloned = false;
CloneCommand clone = Git.cloneRepository();
clone.setURI(MessageFormat.format("{0}/git/ticgit.git", url));
clone.setDirectory(ticgit2Folder);
clone.setBare(false);
clone.setCloneAllBranches(true);
clone.setCredentialsProvider(
new UsernamePasswordCredentialsProvider(user.username, user.password));
close(clone.call());
cloned = true;
assertTrue("Authenticated login could not clone!", cloned);
FileUtils.delete(ticgit2Folder, FileUtils.RECURSIVE);
// restore anonymous repository access
model.accessRestriction = AccessRestrictionType.NONE;
model.authorizationControl = AuthorizationControl.NAMED;
GitBlit.self().updateRepositoryModel(model.name, model, false);
GitBlit.self().deleteUser(user.username);
}
/**
* Unfortunately must repeat part of AuthorizaitonStrategy here because that mechanism does not
* take PageParameters into consideration, only page instantiation.
*
* <p>Repository Owners should be able to edit their repository.
*/
private void checkPermissions(RepositoryModel model) {
boolean authenticateAdmin = GitBlit.getBoolean(Keys.web.authenticateAdminPages, true);
boolean allowAdmin = GitBlit.getBoolean(Keys.web.allowAdministration, true);
GitBlitWebSession session = GitBlitWebSession.get();
UserModel user = session.getUser();
if (allowAdmin) {
if (authenticateAdmin) {
if (user == null) {
// No Login Available
error(getString("gb.errorAdminLoginRequired"), true);
}
if (isCreate) {
// Create Repository
if (!user.canCreate() && !user.canAdmin()) {
// Only administrators or permitted users may create
error(getString("gb.errorOnlyAdminMayCreateRepository"), true);
}
} else {
// Edit Repository
if (user.canAdmin()) {
// Admins can edit everything
isAdmin = true;
return;
} else {
if (!model.isOwner(user.username)) {
// User is not an Admin nor Owner
error(getString("gb.errorOnlyAdminOrOwnerMayEditRepository"), true);
}
}
}
}
} else {
// No Administration Permitted
error(getString("gb.errorAdministrationDisabled"), true);
}
}
private void setup(PageParameters params) {
setupPage("", "");
// check to see if we should display a login message
boolean authenticateView = GitBlit.getBoolean(Keys.web.authenticateViewPages, true);
if (authenticateView && !GitBlitWebSession.get().isLoggedIn()) {
String messageSource = GitBlit.getString(Keys.web.loginMessage, "gitblit");
String message = readMarkdown(messageSource, "login.mkd");
Component repositoriesMessage = new Label("repositoriesMessage", message);
add(repositoriesMessage.setEscapeModelStrings(false));
add(new Label("activity").setVisible(false));
add(new Label("repositoryTabs").setVisible(false));
return;
}
// Load the markdown welcome message
String messageSource = GitBlit.getString(Keys.web.repositoriesMessage, "gitblit");
String message = readMarkdown(messageSource, "welcome.mkd");
Component repositoriesMessage =
new Label("repositoriesMessage", message)
.setEscapeModelStrings(false)
.setVisible(message.length() > 0);
add(repositoriesMessage);
UserModel user = GitBlitWebSession.get().getUser();
if (user == null) {
user = UserModel.ANONYMOUS;
}
// parameters
int daysBack = params == null ? 0 : WicketUtils.getDaysBack(params);
if (daysBack < 1) {
daysBack = GitBlit.getInteger(Keys.web.activityDuration, 7);
}
Calendar c = Calendar.getInstance();
c.add(Calendar.DATE, -1 * daysBack);
Date minimumDate = c.getTime();
// build repo lists
List<RepositoryModel> starred = new ArrayList<RepositoryModel>();
List<RepositoryModel> owned = new ArrayList<RepositoryModel>();
List<RepositoryModel> active = new ArrayList<RepositoryModel>();
for (RepositoryModel model : getRepositoryModels()) {
if (model.isUsersPersonalRepository(user.username) || model.isOwner(user.username)) {
owned.add(model);
}
if (user.getPreferences().isStarredRepository(model.name)) {
starred.add(model);
}
if (model.isShowActivity() && model.lastChange.after(minimumDate)) {
active.add(model);
}
}
Comparator<RepositoryModel> lastUpdateSort =
new Comparator<RepositoryModel>() {
@Override
public int compare(RepositoryModel o1, RepositoryModel o2) {
return o2.lastChange.compareTo(o1.lastChange);
}
};
Collections.sort(owned, lastUpdateSort);
Collections.sort(starred, lastUpdateSort);
Collections.sort(active, lastUpdateSort);
String activityTitle;
Set<RepositoryModel> feed = new HashSet<RepositoryModel>();
feed.addAll(starred);
feed.addAll(owned);
if (feed.isEmpty()) {
// no starred or owned, go with recent activity
activityTitle = getString("gb.recentActivity");
feed.addAll(active);
} else if (starred.isEmpty()) {
// no starred, owned repos feed
activityTitle = getString("gb.owned");
} else if (owned.isEmpty()) {
// no owned, starred repos feed
activityTitle = getString("gb.starred");
} else {
// starred and owned repositories
activityTitle = getString("gb.starredAndOwned");
}
addActivity(user, feed, activityTitle, daysBack);
Fragment repositoryTabs;
if (UserModel.ANONYMOUS.equals(user)) {
repositoryTabs = new Fragment("repositoryTabs", "anonymousTabsFragment", this);
} else {
repositoryTabs = new Fragment("repositoryTabs", "authenticatedTabsFragment", this);
}
add(repositoryTabs);
// projects list
List<ProjectModel> projects = GitBlit.self().getProjectModels(getRepositoryModels(), false);
repositoryTabs.add(new FilterableProjectList("projects", projects));
// active repository list
if (active.isEmpty()) {
repositoryTabs.add(new Label("active").setVisible(false));
} else {
FilterableRepositoryList repoList = new FilterableRepositoryList("active", active);
repoList.setTitle(getString("gb.activeRepositories"), "icon-time");
repositoryTabs.add(repoList);
}
// starred repository list
if (ArrayUtils.isEmpty(starred)) {
repositoryTabs.add(new Label("starred").setVisible(false));
} else {
FilterableRepositoryList repoList = new FilterableRepositoryList("starred", starred);
repoList.setTitle(getString("gb.starredRepositories"), "icon-star");
repositoryTabs.add(repoList);
}
// owned repository list
if (ArrayUtils.isEmpty(owned)) {
repositoryTabs.add(new Label("owned").setVisible(false));
} else {
FilterableRepositoryList repoList = new FilterableRepositoryList("owned", owned);
repoList.setTitle(getString("gb.myRepositories"), "icon-user");
repoList.setAllowCreate(user.canCreate() || user.canAdmin());
repositoryTabs.add(repoList);
}
}
/**
* Mirrors a repository and, optionally, the server's users, and/or configuration settings from a
* origin Gitblit instance.
*
* @param registration
* @throws Exception
*/
private void pull(FederationModel registration) throws Exception {
Map<String, RepositoryModel> repositories = FederationUtils.getRepositories(registration, true);
String registrationFolder = registration.folder.toLowerCase().trim();
// confirm valid characters in server alias
Character c = StringUtils.findInvalidCharacter(registrationFolder);
if (c != null) {
logger.error(
MessageFormat.format(
"Illegal character ''{0}'' in folder name ''{1}'' of federation registration {2}!",
c, registrationFolder, registration.name));
return;
}
File repositoriesFolder = new File(GitBlit.getString(Keys.git.repositoriesFolder, "git"));
File registrationFolderFile = new File(repositoriesFolder, registrationFolder);
registrationFolderFile.mkdirs();
// Clone/Pull the repository
for (Map.Entry<String, RepositoryModel> entry : repositories.entrySet()) {
String cloneUrl = entry.getKey();
RepositoryModel repository = entry.getValue();
if (!repository.hasCommits) {
logger.warn(
MessageFormat.format(
"Skipping federated repository {0} from {1} @ {2}. Repository is EMPTY.",
repository.name, registration.name, registration.url));
registration.updateStatus(repository, FederationPullStatus.SKIPPED);
continue;
}
// Determine local repository name
String repositoryName;
if (StringUtils.isEmpty(registrationFolder)) {
repositoryName = repository.name;
} else {
repositoryName = registrationFolder + "/" + repository.name;
}
if (registration.bare) {
// bare repository, ensure .git suffix
if (!repositoryName.toLowerCase().endsWith(DOT_GIT_EXT)) {
repositoryName += DOT_GIT_EXT;
}
} else {
// normal repository, strip .git suffix
if (repositoryName.toLowerCase().endsWith(DOT_GIT_EXT)) {
repositoryName = repositoryName.substring(0, repositoryName.indexOf(DOT_GIT_EXT));
}
}
// confirm that the origin of any pre-existing repository matches
// the clone url
String fetchHead = null;
Repository existingRepository = GitBlit.self().getRepository(repositoryName);
if (existingRepository == null && GitBlit.self().isCollectingGarbage(repositoryName)) {
logger.warn(
MessageFormat.format(
"Skipping local repository {0}, busy collecting garbage", repositoryName));
continue;
}
if (existingRepository != null) {
StoredConfig config = existingRepository.getConfig();
config.load();
String origin = config.getString("remote", "origin", "url");
RevCommit commit =
JGitUtils.getCommit(existingRepository, org.eclipse.jgit.lib.Constants.FETCH_HEAD);
if (commit != null) {
fetchHead = commit.getName();
}
existingRepository.close();
if (!origin.startsWith(registration.url)) {
logger.warn(
MessageFormat.format(
"Skipping federated repository {0} from {1} @ {2}. Origin does not match, consider EXCLUDING.",
repository.name, registration.name, registration.url));
registration.updateStatus(repository, FederationPullStatus.SKIPPED);
continue;
}
}
// clone/pull this repository
CredentialsProvider credentials =
new UsernamePasswordCredentialsProvider(Constants.FEDERATION_USER, registration.token);
logger.info(
MessageFormat.format(
"Pulling federated repository {0} from {1} @ {2}",
repository.name, registration.name, registration.url));
CloneResult result =
JGitUtils.cloneRepository(
registrationFolderFile, repository.name, cloneUrl, registration.bare, credentials);
Repository r = GitBlit.self().getRepository(repositoryName);
RepositoryModel rm = GitBlit.self().getRepositoryModel(repositoryName);
repository.isFrozen = registration.mirror;
if (result.createdRepository) {
// default local settings
repository.federationStrategy = FederationStrategy.EXCLUDE;
repository.isFrozen = registration.mirror;
repository.showRemoteBranches = !registration.mirror;
logger.info(MessageFormat.format(" cloning {0}", repository.name));
registration.updateStatus(repository, FederationPullStatus.MIRRORED);
} else {
// fetch and update
boolean fetched = false;
RevCommit commit = JGitUtils.getCommit(r, org.eclipse.jgit.lib.Constants.FETCH_HEAD);
String newFetchHead = commit.getName();
fetched = fetchHead == null || !fetchHead.equals(newFetchHead);
if (registration.mirror) {
// mirror
if (fetched) {
// update local branches to match the remote tracking branches
for (RefModel ref : JGitUtils.getRemoteBranches(r, false, -1)) {
if (ref.displayName.startsWith("origin/")) {
String branch =
org.eclipse.jgit.lib.Constants.R_HEADS
+ ref.displayName.substring(ref.displayName.indexOf('/') + 1);
String hash = ref.getReferencedObjectId().getName();
JGitUtils.setBranchRef(r, branch, hash);
logger.info(
MessageFormat.format(
" resetting {0} of {1} to {2}", branch, repository.name, hash));
}
}
String newHead;
if (StringUtils.isEmpty(repository.HEAD)) {
newHead = newFetchHead;
} else {
newHead = repository.HEAD;
}
JGitUtils.setHEADtoRef(r, newHead);
logger.info(
MessageFormat.format(
" resetting HEAD of {0} to {1}", repository.name, newHead));
registration.updateStatus(repository, FederationPullStatus.MIRRORED);
} else {
// indicate no commits pulled
registration.updateStatus(repository, FederationPullStatus.NOCHANGE);
}
} else {
// non-mirror
if (fetched) {
// indicate commits pulled to origin/master
registration.updateStatus(repository, FederationPullStatus.PULLED);
} else {
// indicate no commits pulled
registration.updateStatus(repository, FederationPullStatus.NOCHANGE);
}
}
// preserve local settings
repository.isFrozen = rm.isFrozen;
repository.federationStrategy = rm.federationStrategy;
// merge federation sets
Set<String> federationSets = new HashSet<String>();
if (rm.federationSets != null) {
federationSets.addAll(rm.federationSets);
}
if (repository.federationSets != null) {
federationSets.addAll(repository.federationSets);
}
repository.federationSets = new ArrayList<String>(federationSets);
// merge indexed branches
Set<String> indexedBranches = new HashSet<String>();
if (rm.indexedBranches != null) {
indexedBranches.addAll(rm.indexedBranches);
}
if (repository.indexedBranches != null) {
indexedBranches.addAll(repository.indexedBranches);
}
repository.indexedBranches = new ArrayList<String>(indexedBranches);
}
// only repositories that are actually _cloned_ from the origin
// Gitblit repository are marked as federated. If the origin
// is from somewhere else, these repositories are not considered
// "federated" repositories.
repository.isFederated = cloneUrl.startsWith(registration.url);
GitBlit.self().updateConfiguration(r, repository);
r.close();
}
IUserService userService = null;
try {
// Pull USERS
// TeamModels are automatically pulled because they are contained
// within the UserModel. The UserService creates unknown teams
// and updates existing teams.
Collection<UserModel> users = FederationUtils.getUsers(registration);
if (users != null && users.size() > 0) {
File realmFile = new File(registrationFolderFile, registration.name + "_users.conf");
realmFile.delete();
userService = new ConfigUserService(realmFile);
for (UserModel user : users) {
userService.updateUserModel(user.username, user);
// merge the origin permissions and origin accounts into
// the user accounts of this Gitblit instance
if (registration.mergeAccounts) {
// reparent all repository permissions if the local
// repositories are stored within subfolders
if (!StringUtils.isEmpty(registrationFolder)) {
if (user.permissions != null) {
// pulling from >= 1.2 version
Map<String, AccessPermission> copy =
new HashMap<String, AccessPermission>(user.permissions);
user.permissions.clear();
for (Map.Entry<String, AccessPermission> entry : copy.entrySet()) {
user.setRepositoryPermission(
registrationFolder + "/" + entry.getKey(), entry.getValue());
}
} else {
// pulling from <= 1.1 version
List<String> permissions = new ArrayList<String>(user.repositories);
user.repositories.clear();
for (String permission : permissions) {
user.addRepositoryPermission(registrationFolder + "/" + permission);
}
}
}
// insert new user or update local user
UserModel localUser = GitBlit.self().getUserModel(user.username);
if (localUser == null) {
// create new local user
GitBlit.self().updateUserModel(user.username, user, true);
} else {
// update repository permissions of local user
if (user.permissions != null) {
// pulling from >= 1.2 version
Map<String, AccessPermission> copy =
new HashMap<String, AccessPermission>(user.permissions);
for (Map.Entry<String, AccessPermission> entry : copy.entrySet()) {
localUser.setRepositoryPermission(entry.getKey(), entry.getValue());
}
} else {
// pulling from <= 1.1 version
for (String repository : user.repositories) {
localUser.addRepositoryPermission(repository);
}
}
localUser.password = user.password;
localUser.canAdmin = user.canAdmin;
GitBlit.self().updateUserModel(localUser.username, localUser, false);
}
for (String teamname : GitBlit.self().getAllTeamnames()) {
TeamModel team = GitBlit.self().getTeamModel(teamname);
if (user.isTeamMember(teamname) && !team.hasUser(user.username)) {
// new team member
team.addUser(user.username);
GitBlit.self().updateTeamModel(teamname, team, false);
} else if (!user.isTeamMember(teamname) && team.hasUser(user.username)) {
// remove team member
team.removeUser(user.username);
GitBlit.self().updateTeamModel(teamname, team, false);
}
// update team repositories
TeamModel remoteTeam = user.getTeam(teamname);
if (remoteTeam != null) {
if (remoteTeam.permissions != null) {
// pulling from >= 1.2
for (Map.Entry<String, AccessPermission> entry :
remoteTeam.permissions.entrySet()) {
team.setRepositoryPermission(entry.getKey(), entry.getValue());
}
GitBlit.self().updateTeamModel(teamname, team, false);
} else if (!ArrayUtils.isEmpty(remoteTeam.repositories)) {
// pulling from <= 1.1
team.addRepositoryPermissions(remoteTeam.repositories);
GitBlit.self().updateTeamModel(teamname, team, false);
}
}
}
}
}
}
} catch (ForbiddenException e) {
// ignore forbidden exceptions
} catch (IOException e) {
logger.warn(
MessageFormat.format(
"Failed to retrieve USERS from federated gitblit ({0} @ {1})",
registration.name, registration.url),
e);
}
try {
// Pull TEAMS
// We explicitly pull these even though they are embedded in
// UserModels because it is possible to use teams to specify
// mailing lists or push scripts without specifying users.
if (userService != null) {
Collection<TeamModel> teams = FederationUtils.getTeams(registration);
if (teams != null && teams.size() > 0) {
for (TeamModel team : teams) {
userService.updateTeamModel(team);
}
}
}
} catch (ForbiddenException e) {
// ignore forbidden exceptions
} catch (IOException e) {
logger.warn(
MessageFormat.format(
"Failed to retrieve TEAMS from federated gitblit ({0} @ {1})",
registration.name, registration.url),
e);
}
try {
// Pull SETTINGS
Map<String, String> settings = FederationUtils.getSettings(registration);
if (settings != null && settings.size() > 0) {
Properties properties = new Properties();
properties.putAll(settings);
FileOutputStream os =
new FileOutputStream(
new File(
registrationFolderFile, registration.name + "_" + Constants.PROPERTIES_FILE));
properties.store(os, null);
os.close();
}
} catch (ForbiddenException e) {
// ignore forbidden exceptions
} catch (IOException e) {
logger.warn(
MessageFormat.format(
"Failed to retrieve SETTINGS from federated gitblit ({0} @ {1})",
registration.name, registration.url),
e);
}
try {
// Pull SCRIPTS
Map<String, String> scripts = FederationUtils.getScripts(registration);
if (scripts != null && scripts.size() > 0) {
for (Map.Entry<String, String> script : scripts.entrySet()) {
String scriptName = script.getKey();
if (scriptName.endsWith(".groovy")) {
scriptName = scriptName.substring(0, scriptName.indexOf(".groovy"));
}
File file =
new File(registrationFolderFile, registration.name + "_" + scriptName + ".groovy");
FileUtils.writeContent(file, script.getValue());
}
}
} catch (ForbiddenException e) {
// ignore forbidden exceptions
} catch (IOException e) {
logger.warn(
MessageFormat.format(
"Failed to retrieve SCRIPTS from federated gitblit ({0} @ {1})",
registration.name, registration.url),
e);
}
}
protected void setupPage(RepositoryModel model) {
this.repositoryModel = model;
// ensure this user can create or edit this repository
checkPermissions(repositoryModel);
List<String> indexedBranches = new ArrayList<String>();
List<String> federationSets = new ArrayList<String>();
final List<RegistrantAccessPermission> repositoryUsers =
new ArrayList<RegistrantAccessPermission>();
final List<RegistrantAccessPermission> repositoryTeams =
new ArrayList<RegistrantAccessPermission>();
List<String> preReceiveScripts = new ArrayList<String>();
List<String> postReceiveScripts = new ArrayList<String>();
GitBlitWebSession session = GitBlitWebSession.get();
final UserModel user = session.getUser() == null ? UserModel.ANONYMOUS : session.getUser();
final boolean allowEditName =
isCreate || isAdmin || repositoryModel.isUsersPersonalRepository(user.username);
if (isCreate) {
if (user.canAdmin()) {
super.setupPage(getString("gb.newRepository"), "");
} else {
super.setupPage(getString("gb.newRepository"), user.getDisplayName());
}
} else {
super.setupPage(getString("gb.edit"), repositoryModel.name);
repositoryUsers.addAll(GitBlit.self().getUserAccessPermissions(repositoryModel));
repositoryTeams.addAll(GitBlit.self().getTeamAccessPermissions(repositoryModel));
Collections.sort(repositoryUsers);
Collections.sort(repositoryTeams);
federationSets.addAll(repositoryModel.federationSets);
if (!ArrayUtils.isEmpty(repositoryModel.indexedBranches)) {
indexedBranches.addAll(repositoryModel.indexedBranches);
}
}
final String oldName = repositoryModel.name;
final RegistrantPermissionsPanel usersPalette =
new RegistrantPermissionsPanel(
"users",
RegistrantType.USER,
GitBlit.self().getAllUsernames(),
repositoryUsers,
getAccessPermissions());
final RegistrantPermissionsPanel teamsPalette =
new RegistrantPermissionsPanel(
"teams",
RegistrantType.TEAM,
GitBlit.self().getAllTeamnames(),
repositoryTeams,
getAccessPermissions());
// owners palette
List<String> owners = new ArrayList<String>(repositoryModel.owners);
List<String> persons = GitBlit.self().getAllUsernames();
final Palette<String> ownersPalette =
new Palette<String>(
"owners",
new ListModel<String>(owners),
new CollectionModel<String>(persons),
new StringChoiceRenderer(),
12,
true);
// indexed local branches palette
List<String> allLocalBranches = new ArrayList<String>();
allLocalBranches.add(Constants.DEFAULT_BRANCH);
allLocalBranches.addAll(repositoryModel.getLocalBranches());
boolean luceneEnabled = GitBlit.getBoolean(Keys.web.allowLuceneIndexing, true);
final Palette<String> indexedBranchesPalette =
new Palette<String>(
"indexedBranches",
new ListModel<String>(indexedBranches),
new CollectionModel<String>(allLocalBranches),
new StringChoiceRenderer(),
8,
false);
indexedBranchesPalette.setEnabled(luceneEnabled);
// federation sets palette
List<String> sets = GitBlit.getStrings(Keys.federation.sets);
final Palette<String> federationSetsPalette =
new Palette<String>(
"federationSets",
new ListModel<String>(federationSets),
new CollectionModel<String>(sets),
new StringChoiceRenderer(),
8,
false);
// pre-receive palette
if (!ArrayUtils.isEmpty(repositoryModel.preReceiveScripts)) {
preReceiveScripts.addAll(repositoryModel.preReceiveScripts);
}
final Palette<String> preReceivePalette =
new Palette<String>(
"preReceiveScripts",
new ListModel<String>(preReceiveScripts),
new CollectionModel<String>(GitBlit.self().getPreReceiveScriptsUnused(repositoryModel)),
new StringChoiceRenderer(),
12,
true);
// post-receive palette
if (!ArrayUtils.isEmpty(repositoryModel.postReceiveScripts)) {
postReceiveScripts.addAll(repositoryModel.postReceiveScripts);
}
final Palette<String> postReceivePalette =
new Palette<String>(
"postReceiveScripts",
new ListModel<String>(postReceiveScripts),
new CollectionModel<String>(
GitBlit.self().getPostReceiveScriptsUnused(repositoryModel)),
new StringChoiceRenderer(),
12,
true);
// custom fields
final Map<String, String> customFieldsMap = GitBlit.getMap(Keys.groovy.customFields);
List<String> customKeys = new ArrayList<String>(customFieldsMap.keySet());
final ListView<String> customFieldsListView =
new ListView<String>("customFieldsListView", customKeys) {
private static final long serialVersionUID = 1L;
@Override
protected void populateItem(ListItem<String> item) {
String key = item.getModelObject();
item.add(new Label("customFieldLabel", customFieldsMap.get(key)));
String value = "";
if (repositoryModel.customFields != null
&& repositoryModel.customFields.containsKey(key)) {
value = repositoryModel.customFields.get(key);
}
TextField<String> field =
new TextField<String>("customFieldValue", new Model<String>(value));
item.add(field);
}
};
customFieldsListView.setReuseItems(true);
CompoundPropertyModel<RepositoryModel> rModel =
new CompoundPropertyModel<RepositoryModel>(repositoryModel);
Form<RepositoryModel> form =
new Form<RepositoryModel>("editForm", rModel) {
private static final long serialVersionUID = 1L;
@Override
protected void onSubmit() {
try {
// confirm a repository name was entered
if (repositoryModel.name == null && StringUtils.isEmpty(repositoryModel.name)) {
error(getString("gb.pleaseSetRepositoryName"));
return;
}
// ensure name is trimmed
repositoryModel.name = repositoryModel.name.trim();
// automatically convert backslashes to forward slashes
repositoryModel.name = repositoryModel.name.replace('\\', '/');
// Automatically replace // with /
repositoryModel.name = repositoryModel.name.replace("//", "/");
// prohibit folder paths
if (repositoryModel.name.startsWith("/")) {
error(getString("gb.illegalLeadingSlash"));
return;
}
if (repositoryModel.name.startsWith("../")) {
error(getString("gb.illegalRelativeSlash"));
return;
}
if (repositoryModel.name.contains("/../")) {
error(getString("gb.illegalRelativeSlash"));
return;
}
if (repositoryModel.name.endsWith("/")) {
repositoryModel.name =
repositoryModel.name.substring(0, repositoryModel.name.length() - 1);
}
// confirm valid characters in repository name
Character c = StringUtils.findInvalidCharacter(repositoryModel.name);
if (c != null) {
error(MessageFormat.format(getString("gb.illegalCharacterRepositoryName"), c));
return;
}
if (user.canCreate() && !user.canAdmin() && allowEditName) {
// ensure repository name begins with the user's path
if (!repositoryModel.name.startsWith(user.getPersonalPath())) {
error(
MessageFormat.format(
getString("gb.illegalPersonalRepositoryLocation"),
user.getPersonalPath()));
return;
}
if (repositoryModel.name.equals(user.getPersonalPath())) {
// reset path prefix and show error
repositoryModel.name = user.getPersonalPath() + "/";
error(getString("gb.pleaseSetRepositoryName"));
return;
}
}
// confirm access restriction selection
if (repositoryModel.accessRestriction == null) {
error(getString("gb.selectAccessRestriction"));
return;
}
// confirm federation strategy selection
if (repositoryModel.federationStrategy == null) {
error(getString("gb.selectFederationStrategy"));
return;
}
// save federation set preferences
if (repositoryModel.federationStrategy.exceeds(FederationStrategy.EXCLUDE)) {
repositoryModel.federationSets.clear();
Iterator<String> sets = federationSetsPalette.getSelectedChoices();
while (sets.hasNext()) {
repositoryModel.federationSets.add(sets.next());
}
}
// set author metric exclusions
String ax = metricAuthorExclusions.getObject();
if (!StringUtils.isEmpty(ax)) {
Set<String> list = new HashSet<String>();
for (String exclusion : StringUtils.getStringsFromValue(ax, " ")) {
if (StringUtils.isEmpty(exclusion)) {
continue;
}
if (exclusion.indexOf(' ') > -1) {
list.add("\"" + exclusion + "\"");
} else {
list.add(exclusion);
}
}
repositoryModel.metricAuthorExclusions = new ArrayList<String>(list);
}
// set mailing lists
String ml = mailingLists.getObject();
if (!StringUtils.isEmpty(ml)) {
Set<String> list = new HashSet<String>();
for (String address : ml.split("(,|\\s)")) {
if (StringUtils.isEmpty(address)) {
continue;
}
list.add(address.toLowerCase());
}
repositoryModel.mailingLists = new ArrayList<String>(list);
}
// indexed branches
List<String> indexedBranches = new ArrayList<String>();
Iterator<String> branches = indexedBranchesPalette.getSelectedChoices();
while (branches.hasNext()) {
indexedBranches.add(branches.next());
}
repositoryModel.indexedBranches = indexedBranches;
// owners
repositoryModel.owners.clear();
Iterator<String> owners = ownersPalette.getSelectedChoices();
while (owners.hasNext()) {
repositoryModel.addOwner(owners.next());
}
// pre-receive scripts
List<String> preReceiveScripts = new ArrayList<String>();
Iterator<String> pres = preReceivePalette.getSelectedChoices();
while (pres.hasNext()) {
preReceiveScripts.add(pres.next());
}
repositoryModel.preReceiveScripts = preReceiveScripts;
// post-receive scripts
List<String> postReceiveScripts = new ArrayList<String>();
Iterator<String> post = postReceivePalette.getSelectedChoices();
while (post.hasNext()) {
postReceiveScripts.add(post.next());
}
repositoryModel.postReceiveScripts = postReceiveScripts;
// custom fields
repositoryModel.customFields = new LinkedHashMap<String, String>();
for (int i = 0; i < customFieldsListView.size(); i++) {
ListItem<String> child = (ListItem<String>) customFieldsListView.get(i);
String key = child.getModelObject();
TextField<String> field = (TextField<String>) child.get("customFieldValue");
String value = field.getValue();
repositoryModel.customFields.put(key, value);
}
// save the repository
GitBlit.self().updateRepositoryModel(oldName, repositoryModel, isCreate);
// repository access permissions
if (repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE)) {
GitBlit.self().setUserAccessPermissions(repositoryModel, repositoryUsers);
GitBlit.self().setTeamAccessPermissions(repositoryModel, repositoryTeams);
}
} catch (GitBlitException e) {
error(e.getMessage());
return;
}
setRedirect(false);
setResponsePage(RepositoriesPage.class);
}
};
// do not let the browser pre-populate these fields
form.add(new SimpleAttributeModifier("autocomplete", "off"));
// field names reflective match RepositoryModel fields
form.add(new TextField<String>("name").setEnabled(allowEditName));
form.add(new TextField<String>("description"));
form.add(ownersPalette);
form.add(
new CheckBox("allowForks").setEnabled(GitBlit.getBoolean(Keys.web.allowForking, true)));
DropDownChoice<AccessRestrictionType> accessRestriction =
new DropDownChoice<AccessRestrictionType>(
"accessRestriction",
Arrays.asList(AccessRestrictionType.values()),
new AccessRestrictionRenderer());
form.add(accessRestriction);
form.add(new CheckBox("isFrozen"));
// TODO enable origin definition
form.add(new TextField<String>("origin").setEnabled(false /* isCreate */));
// allow relinking HEAD to a branch or tag other than master on edit repository
List<String> availableRefs = new ArrayList<String>();
if (!ArrayUtils.isEmpty(repositoryModel.availableRefs)) {
availableRefs.addAll(repositoryModel.availableRefs);
}
form.add(
new DropDownChoice<String>("HEAD", availableRefs).setEnabled(availableRefs.size() > 0));
boolean gcEnabled = GitBlit.getBoolean(Keys.git.enableGarbageCollection, false);
List<Integer> gcPeriods = Arrays.asList(1, 2, 3, 4, 5, 7, 10, 14);
form.add(
new DropDownChoice<Integer>("gcPeriod", gcPeriods, new GCPeriodRenderer())
.setEnabled(gcEnabled));
form.add(new TextField<String>("gcThreshold").setEnabled(gcEnabled));
// federation strategies - remove ORIGIN choice if this repository has
// no origin.
List<FederationStrategy> federationStrategies =
new ArrayList<FederationStrategy>(Arrays.asList(FederationStrategy.values()));
if (StringUtils.isEmpty(repositoryModel.origin)) {
federationStrategies.remove(FederationStrategy.FEDERATE_ORIGIN);
}
form.add(
new DropDownChoice<FederationStrategy>(
"federationStrategy", federationStrategies, new FederationTypeRenderer()));
form.add(new CheckBox("useTickets"));
form.add(new CheckBox("useDocs"));
form.add(new CheckBox("useIncrementalPushTags"));
form.add(new CheckBox("showRemoteBranches"));
form.add(new CheckBox("showReadme"));
form.add(new CheckBox("skipSizeCalculation"));
form.add(new CheckBox("skipSummaryMetrics"));
List<Integer> maxActivityCommits = Arrays.asList(-1, 0, 25, 50, 75, 100, 150, 200, 250, 500);
form.add(
new DropDownChoice<Integer>(
"maxActivityCommits", maxActivityCommits, new MaxActivityCommitsRenderer()));
metricAuthorExclusions =
new Model<String>(
ArrayUtils.isEmpty(repositoryModel.metricAuthorExclusions)
? ""
: StringUtils.flattenStrings(repositoryModel.metricAuthorExclusions, " "));
form.add(new TextField<String>("metricAuthorExclusions", metricAuthorExclusions));
mailingLists =
new Model<String>(
ArrayUtils.isEmpty(repositoryModel.mailingLists)
? ""
: StringUtils.flattenStrings(repositoryModel.mailingLists, " "));
form.add(new TextField<String>("mailingLists", mailingLists));
form.add(indexedBranchesPalette);
List<AuthorizationControl> acList = Arrays.asList(AuthorizationControl.values());
final RadioChoice<AuthorizationControl> authorizationControl =
new RadioChoice<Constants.AuthorizationControl>(
"authorizationControl", acList, new AuthorizationControlRenderer());
form.add(authorizationControl);
final CheckBox verifyCommitter = new CheckBox("verifyCommitter");
verifyCommitter.setOutputMarkupId(true);
form.add(verifyCommitter);
form.add(usersPalette);
form.add(teamsPalette);
form.add(federationSetsPalette);
form.add(preReceivePalette);
form.add(
new BulletListPanel(
"inheritedPreReceive",
getString("gb.inherited"),
GitBlit.self().getPreReceiveScriptsInherited(repositoryModel)));
form.add(postReceivePalette);
form.add(
new BulletListPanel(
"inheritedPostReceive",
getString("gb.inherited"),
GitBlit.self().getPostReceiveScriptsInherited(repositoryModel)));
WebMarkupContainer customFieldsSection = new WebMarkupContainer("customFieldsSection");
customFieldsSection.add(customFieldsListView);
form.add(
customFieldsSection.setVisible(!GitBlit.getString(Keys.groovy.customFields, "").isEmpty()));
// initial enable/disable of permission controls
if (repositoryModel.accessRestriction.equals(AccessRestrictionType.NONE)) {
// anonymous everything, disable all controls
usersPalette.setEnabled(false);
teamsPalette.setEnabled(false);
authorizationControl.setEnabled(false);
verifyCommitter.setEnabled(false);
} else {
// authenticated something
// enable authorization controls
authorizationControl.setEnabled(true);
verifyCommitter.setEnabled(true);
boolean allowFineGrainedControls =
repositoryModel.authorizationControl.equals(AuthorizationControl.NAMED);
usersPalette.setEnabled(allowFineGrainedControls);
teamsPalette.setEnabled(allowFineGrainedControls);
}
accessRestriction.add(
new AjaxFormComponentUpdatingBehavior("onchange") {
private static final long serialVersionUID = 1L;
protected void onUpdate(AjaxRequestTarget target) {
// enable/disable permissions panel based on access restriction
boolean allowAuthorizationControl =
repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE);
authorizationControl.setEnabled(allowAuthorizationControl);
verifyCommitter.setEnabled(allowAuthorizationControl);
boolean allowFineGrainedControls =
allowAuthorizationControl
&& repositoryModel.authorizationControl.equals(AuthorizationControl.NAMED);
usersPalette.setEnabled(allowFineGrainedControls);
teamsPalette.setEnabled(allowFineGrainedControls);
if (allowFineGrainedControls) {
repositoryModel.authorizationControl = AuthorizationControl.NAMED;
}
target.addComponent(authorizationControl);
target.addComponent(verifyCommitter);
target.addComponent(usersPalette);
target.addComponent(teamsPalette);
}
});
authorizationControl.add(
new AjaxFormChoiceComponentUpdatingBehavior() {
private static final long serialVersionUID = 1L;
protected void onUpdate(AjaxRequestTarget target) {
// enable/disable permissions panel based on access restriction
boolean allowAuthorizationControl =
repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE);
authorizationControl.setEnabled(allowAuthorizationControl);
boolean allowFineGrainedControls =
allowAuthorizationControl
&& repositoryModel.authorizationControl.equals(AuthorizationControl.NAMED);
usersPalette.setEnabled(allowFineGrainedControls);
teamsPalette.setEnabled(allowFineGrainedControls);
if (allowFineGrainedControls) {
repositoryModel.authorizationControl = AuthorizationControl.NAMED;
}
target.addComponent(authorizationControl);
target.addComponent(usersPalette);
target.addComponent(teamsPalette);
}
});
form.add(new Button("save"));
Button cancel =
new Button("cancel") {
private static final long serialVersionUID = 1L;
@Override
public void onSubmit() {
setResponsePage(RepositoriesPage.class);
}
};
cancel.setDefaultFormProcessing(false);
form.add(cancel);
add(form);
}
private boolean validateFields() {
String rname = nameField.getText();
if (StringUtils.isEmpty(rname)) {
error("Please enter a repository name!");
return false;
}
// automatically convert backslashes to forward slashes
rname = rname.replace('\\', '/');
// Automatically replace // with /
rname = rname.replace("//", "/");
// prohibit folder paths
if (rname.startsWith("/")) {
error("Leading root folder references (/) are prohibited.");
return false;
}
if (rname.startsWith("../")) {
error("Relative folder references (../) are prohibited.");
return false;
}
if (rname.contains("/../")) {
error("Relative folder references (../) are prohibited.");
return false;
}
// confirm valid characters in repository name
Character c = StringUtils.findInvalidCharacter(rname);
if (c != null) {
error(MessageFormat.format("Illegal character ''{0}'' in repository name!", c));
return false;
}
// verify repository name uniqueness on create
if (isCreate) {
// force repo names to lowercase
// this means that repository name checking for rpc creation
// is case-insensitive, regardless of the Gitblit server's
// filesystem
if (repositoryNames.contains(rname.toLowerCase())) {
error(
MessageFormat.format(
"Can not create repository ''{0}'' because it already exists.", rname));
return false;
}
} else {
// check rename collision
if (!repositoryName.equalsIgnoreCase(rname)) {
if (repositoryNames.contains(rname.toLowerCase())) {
error(
MessageFormat.format(
"Failed to rename ''{0}'' because ''{1}'' already exists.",
repositoryName, rname));
return false;
}
}
}
if (accessRestriction.getSelectedItem() == null) {
error("Please select access restriction!");
return false;
}
if (federationStrategy.getSelectedItem() == null) {
error("Please select federation strategy!");
return false;
}
repository.name = rname;
repository.description = descriptionField.getText();
repository.owner =
ownerField.getSelectedItem() == null ? null : ownerField.getSelectedItem().toString();
repository.HEAD =
headRefField.getSelectedItem() == null ? null : headRefField.getSelectedItem().toString();
repository.useTickets = useTickets.isSelected();
repository.useDocs = useDocs.isSelected();
repository.showRemoteBranches = showRemoteBranches.isSelected();
repository.showReadme = showReadme.isSelected();
repository.skipSizeCalculation = skipSizeCalculation.isSelected();
repository.skipSummaryMetrics = skipSummaryMetrics.isSelected();
repository.isFrozen = isFrozen.isSelected();
String ml = mailingListsField.getText();
if (!StringUtils.isEmpty(ml)) {
Set<String> list = new HashSet<String>();
for (String address : ml.split("(,|\\s)")) {
if (StringUtils.isEmpty(address)) {
continue;
}
list.add(address.toLowerCase());
}
repository.mailingLists = new ArrayList<String>(list);
}
repository.accessRestriction = (AccessRestrictionType) accessRestriction.getSelectedItem();
repository.federationStrategy = (FederationStrategy) federationStrategy.getSelectedItem();
if (repository.federationStrategy.exceeds(FederationStrategy.EXCLUDE)) {
repository.federationSets = setsPalette.getSelections();
}
repository.indexedBranches = indexedBranchesPalette.getSelections();
repository.preReceiveScripts = preReceivePalette.getSelections();
repository.postReceiveScripts = postReceivePalette.getSelections();
// Custom Fields
repository.customFields = new LinkedHashMap<String, String>();
if (customTextfields != null) {
for (JTextField field : customTextfields) {
String key = field.getName();
String value = field.getText();
repository.customFields.put(key, value);
}
}
return true;
}
