protected IUserService createUserService(File realmFile) { IUserService service = null; if (realmFile.getName().toLowerCase().endsWith(".conf")) { // config-based realm file service = new ConfigUserService(realmFile); } assert service != null; if (!realmFile.exists()) { // Create the Administrator account for a new realm file try { realmFile.createNewFile(); } catch (IOException x) { logger.error(MessageFormat.format("COULD NOT CREATE REALM FILE {0}!", realmFile), x); } UserModel admin = new UserModel("admin"); admin.password = "******"; admin.canAdmin = true; admin.excludeFromFederation = true; service.updateUserModel(admin); } return service; }
/** * Retrieve the user object for the specified username. * * @param username * @return a user object or null */ @Override public UserModel getUserModel(String username) { Properties allUsers = read(); String userInfo = allUsers.getProperty(username.toLowerCase()); if (userInfo == null) { return null; } UserModel model = new UserModel(username.toLowerCase()); String[] userValues = userInfo.split(","); model.password = userValues[0]; for (int i = 1; i < userValues.length; i++) { String role = userValues[i]; switch (role.charAt(0)) { case '#': // Permissions if (role.equalsIgnoreCase(Constants.ADMIN_ROLE)) { model.canAdmin = true; } else if (role.equalsIgnoreCase(Constants.NOT_FEDERATED_ROLE)) { model.excludeFromFederation = true; } break; default: model.addRepository(role); } } // set the teams for the user for (TeamModel team : teams.values()) { if (team.hasUser(username)) { model.teams.add(DeepCopier.copy(team)); } } return model; }
public EditRepositoryPage() { // create constructor super(); isCreate = true; RepositoryModel model = new RepositoryModel(); String restriction = GitBlit.getString(Keys.git.defaultAccessRestriction, null); model.accessRestriction = AccessRestrictionType.fromName(restriction); String authorization = GitBlit.getString(Keys.git.defaultAuthorizationControl, null); model.authorizationControl = AuthorizationControl.fromName(authorization); GitBlitWebSession session = GitBlitWebSession.get(); UserModel user = session.getUser(); if (user != null && user.canCreate() && !user.canAdmin()) { // personal create permissions, inject personal repository path model.name = user.getPersonalPath() + "/"; model.projectPath = user.getPersonalPath(); model.addOwner(user.username); // personal repositories are private by default model.accessRestriction = AccessRestrictionType.VIEW; model.authorizationControl = AuthorizationControl.NAMED; } setupPage(model); setStatelessHint(false); setOutputMarkupId(true); }
/** * Unfortunately must repeat part of AuthorizaitonStrategy here because that mechanism does not * take PageParameters into consideration, only page instantiation. * * <p>Repository Owners should be able to edit their repository. */ private void checkPermissions(RepositoryModel model) { boolean authenticateAdmin = GitBlit.getBoolean(Keys.web.authenticateAdminPages, true); boolean allowAdmin = GitBlit.getBoolean(Keys.web.allowAdministration, true); GitBlitWebSession session = GitBlitWebSession.get(); UserModel user = session.getUser(); if (allowAdmin) { if (authenticateAdmin) { if (user == null) { // No Login Available error(getString("gb.errorAdminLoginRequired"), true); } if (isCreate) { // Create Repository if (!user.canCreate() && !user.canAdmin()) { // Only administrators or permitted users may create error(getString("gb.errorOnlyAdminMayCreateRepository"), true); } } else { // Edit Repository if (user.canAdmin()) { // Admins can edit everything isAdmin = true; return; } else { if (!model.isOwner(user.username)) { // User is not an Admin nor Owner error(getString("gb.errorOnlyAdminOrOwnerMayEditRepository"), true); } } } } } else { // No Administration Permitted error(getString("gb.errorAdministrationDisabled"), true); } }
private void setup(PageParameters params) { setupPage("", ""); // check to see if we should display a login message boolean authenticateView = GitBlit.getBoolean(Keys.web.authenticateViewPages, true); if (authenticateView && !GitBlitWebSession.get().isLoggedIn()) { String messageSource = GitBlit.getString(Keys.web.loginMessage, "gitblit"); String message = readMarkdown(messageSource, "login.mkd"); Component repositoriesMessage = new Label("repositoriesMessage", message); add(repositoriesMessage.setEscapeModelStrings(false)); add(new Label("activity").setVisible(false)); add(new Label("repositoryTabs").setVisible(false)); return; } // Load the markdown welcome message String messageSource = GitBlit.getString(Keys.web.repositoriesMessage, "gitblit"); String message = readMarkdown(messageSource, "welcome.mkd"); Component repositoriesMessage = new Label("repositoriesMessage", message) .setEscapeModelStrings(false) .setVisible(message.length() > 0); add(repositoriesMessage); UserModel user = GitBlitWebSession.get().getUser(); if (user == null) { user = UserModel.ANONYMOUS; } // parameters int daysBack = params == null ? 0 : WicketUtils.getDaysBack(params); if (daysBack < 1) { daysBack = GitBlit.getInteger(Keys.web.activityDuration, 7); } Calendar c = Calendar.getInstance(); c.add(Calendar.DATE, -1 * daysBack); Date minimumDate = c.getTime(); // build repo lists List<RepositoryModel> starred = new ArrayList<RepositoryModel>(); List<RepositoryModel> owned = new ArrayList<RepositoryModel>(); List<RepositoryModel> active = new ArrayList<RepositoryModel>(); for (RepositoryModel model : getRepositoryModels()) { if (model.isUsersPersonalRepository(user.username) || model.isOwner(user.username)) { owned.add(model); } if (user.getPreferences().isStarredRepository(model.name)) { starred.add(model); } if (model.isShowActivity() && model.lastChange.after(minimumDate)) { active.add(model); } } Comparator<RepositoryModel> lastUpdateSort = new Comparator<RepositoryModel>() { @Override public int compare(RepositoryModel o1, RepositoryModel o2) { return o2.lastChange.compareTo(o1.lastChange); } }; Collections.sort(owned, lastUpdateSort); Collections.sort(starred, lastUpdateSort); Collections.sort(active, lastUpdateSort); String activityTitle; Set<RepositoryModel> feed = new HashSet<RepositoryModel>(); feed.addAll(starred); feed.addAll(owned); if (feed.isEmpty()) { // no starred or owned, go with recent activity activityTitle = getString("gb.recentActivity"); feed.addAll(active); } else if (starred.isEmpty()) { // no starred, owned repos feed activityTitle = getString("gb.owned"); } else if (owned.isEmpty()) { // no owned, starred repos feed activityTitle = getString("gb.starred"); } else { // starred and owned repositories activityTitle = getString("gb.starredAndOwned"); } addActivity(user, feed, activityTitle, daysBack); Fragment repositoryTabs; if (UserModel.ANONYMOUS.equals(user)) { repositoryTabs = new Fragment("repositoryTabs", "anonymousTabsFragment", this); } else { repositoryTabs = new Fragment("repositoryTabs", "authenticatedTabsFragment", this); } add(repositoryTabs); // projects list List<ProjectModel> projects = GitBlit.self().getProjectModels(getRepositoryModels(), false); repositoryTabs.add(new FilterableProjectList("projects", projects)); // active repository list if (active.isEmpty()) { repositoryTabs.add(new Label("active").setVisible(false)); } else { FilterableRepositoryList repoList = new FilterableRepositoryList("active", active); repoList.setTitle(getString("gb.activeRepositories"), "icon-time"); repositoryTabs.add(repoList); } // starred repository list if (ArrayUtils.isEmpty(starred)) { repositoryTabs.add(new Label("starred").setVisible(false)); } else { FilterableRepositoryList repoList = new FilterableRepositoryList("starred", starred); repoList.setTitle(getString("gb.starredRepositories"), "icon-star"); repositoryTabs.add(repoList); } // owned repository list if (ArrayUtils.isEmpty(owned)) { repositoryTabs.add(new Label("owned").setVisible(false)); } else { FilterableRepositoryList repoList = new FilterableRepositoryList("owned", owned); repoList.setTitle(getString("gb.myRepositories"), "icon-user"); repoList.setAllowCreate(user.canCreate() || user.canAdmin()); repositoryTabs.add(repoList); } }
public boolean canAdmin() { if (user == null) { return false; } return user.canAdmin(); }
protected void setupPage(final UserModel userModel) { if (isCreate) { super.setupPage(getString("gb.newUser"), ""); } else { super.setupPage(getString("gb.edit"), userModel.username); } final Model<String> confirmPassword = new Model<String>(StringUtils.isEmpty(userModel.password) ? "" : userModel.password); CompoundPropertyModel<UserModel> model = new CompoundPropertyModel<UserModel>(userModel); // build list of projects including all repositories wildcards List<String> repos = getAccessRestrictedRepositoryList(true, userModel); List<String> userTeams = new ArrayList<String>(); for (TeamModel team : userModel.getTeams()) { userTeams.add(team.name); } Collections.sort(userTeams); final String oldName = userModel.username; final List<RegistrantAccessPermission> permissions = app().repositories().getUserAccessPermissions(userModel); final Palette<String> teams = new Palette<String>( "teams", new ListModel<String>(new ArrayList<String>(userTeams)), new CollectionModel<String>(app().users().getAllTeamNames()), new StringChoiceRenderer(), 10, false); Form<UserModel> form = new Form<UserModel>("editForm", model) { private static final long serialVersionUID = 1L; /* * (non-Javadoc) * * @see org.apache.wicket.markup.html.form.Form#onSubmit() */ @Override protected void onSubmit() { if (StringUtils.isEmpty(userModel.username)) { error(getString("gb.pleaseSetUsername")); return; } // force username to lower-case userModel.username = userModel.username.toLowerCase(); String username = userModel.username; if (isCreate) { UserModel model = app().users().getUserModel(username); if (model != null) { error(MessageFormat.format(getString("gb.usernameUnavailable"), username)); return; } } boolean rename = !StringUtils.isEmpty(oldName) && !oldName.equalsIgnoreCase(username); if (app().authentication().supportsCredentialChanges(userModel)) { if (!userModel.password.equals(confirmPassword.getObject())) { error(getString("gb.passwordsDoNotMatch")); return; } String password = userModel.password; if (!password.toUpperCase().startsWith(StringUtils.MD5_TYPE) && !password.toUpperCase().startsWith(StringUtils.COMBINED_MD5_TYPE)) { // This is a plain text password. // Check length. int minLength = app().settings().getInteger(Keys.realm.minPasswordLength, 5); if (minLength < 4) { minLength = 4; } if (password.trim().length() < minLength) { error(MessageFormat.format(getString("gb.passwordTooShort"), minLength)); return; } // change the cookie userModel.cookie = StringUtils.getSHA1(userModel.username + password); // Optionally store the password MD5 digest. String type = app().settings().getString(Keys.realm.passwordStorage, "md5"); if (type.equalsIgnoreCase("md5")) { // store MD5 digest of password userModel.password = StringUtils.MD5_TYPE + StringUtils.getMD5(userModel.password); } else if (type.equalsIgnoreCase("combined-md5")) { // store MD5 digest of username+password userModel.password = StringUtils.COMBINED_MD5_TYPE + StringUtils.getMD5(username + userModel.password); } } else if (rename && password.toUpperCase().startsWith(StringUtils.COMBINED_MD5_TYPE)) { error(getString("gb.combinedMd5Rename")); return; } } // update user permissions for (RegistrantAccessPermission repositoryPermission : permissions) { if (repositoryPermission.mutable) { userModel.setRepositoryPermission( repositoryPermission.registrant, repositoryPermission.permission); } } Iterator<String> selectedTeams = teams.getSelectedChoices(); userModel.removeAllTeams(); while (selectedTeams.hasNext()) { TeamModel team = app().users().getTeamModel(selectedTeams.next()); if (team == null) { continue; } userModel.addTeam(team); } try { if (isCreate) { app().gitblit().addUser(userModel); } else { app().gitblit().reviseUser(oldName, userModel); } } catch (GitBlitException e) { error(e.getMessage()); return; } setRedirect(false); if (isCreate) { // create another user info(MessageFormat.format(getString("gb.userCreated"), userModel.username)); setResponsePage(EditUserPage.class); } else { // back to users page setResponsePage(UsersPage.class); } } }; // do not let the browser pre-populate these fields form.add(new SimpleAttributeModifier("autocomplete", "off")); // not all user providers support manipulating username and password boolean editCredentials = app().authentication().supportsCredentialChanges(userModel); // not all user providers support manipulating display name boolean editDisplayName = app().authentication().supportsDisplayNameChanges(userModel); // not all user providers support manipulating email address boolean editEmailAddress = app().authentication().supportsEmailAddressChanges(userModel); // not all user providers support manipulating team memberships boolean editTeams = app().authentication().supportsTeamMembershipChanges(userModel); // not all user providers support manipulating the admin role boolean changeAdminRole = app().authentication().supportsRoleChanges(userModel, Role.ADMIN); // not all user providers support manipulating the create role boolean changeCreateRole = app().authentication().supportsRoleChanges(userModel, Role.CREATE); // not all user providers support manipulating the fork role boolean changeForkRole = app().authentication().supportsRoleChanges(userModel, Role.FORK); // field names reflective match UserModel fields form.add(new TextField<String>("username").setEnabled(editCredentials)); NonTrimmedPasswordTextField passwordField = new NonTrimmedPasswordTextField("password"); passwordField.setResetPassword(false); form.add(passwordField.setEnabled(editCredentials)); NonTrimmedPasswordTextField confirmPasswordField = new NonTrimmedPasswordTextField("confirmPassword", confirmPassword); confirmPasswordField.setResetPassword(false); form.add(confirmPasswordField.setEnabled(editCredentials)); form.add(new TextField<String>("displayName").setEnabled(editDisplayName)); form.add(new TextField<String>("emailAddress").setEnabled(editEmailAddress)); if (userModel.canAdmin() && !userModel.canAdmin) { // user inherits Admin permission // display a disabled-yet-checked checkbox form.add(new CheckBox("canAdmin", Model.of(true)).setEnabled(false)); } else { form.add(new CheckBox("canAdmin").setEnabled(changeAdminRole)); } if (userModel.canFork() && !userModel.canFork) { // user inherits Fork permission // display a disabled-yet-checked checkbox form.add(new CheckBox("canFork", Model.of(true)).setEnabled(false)); } else { final boolean forkingAllowed = app().settings().getBoolean(Keys.web.allowForking, true); form.add(new CheckBox("canFork").setEnabled(forkingAllowed && changeForkRole)); } if (userModel.canCreate() && !userModel.canCreate) { // user inherits Create permission // display a disabled-yet-checked checkbox form.add(new CheckBox("canCreate", Model.of(true)).setEnabled(false)); } else { form.add(new CheckBox("canCreate").setEnabled(changeCreateRole)); } form.add(new CheckBox("excludeFromFederation")); form.add(new CheckBox("disabled")); form.add( new RegistrantPermissionsPanel( "repositories", RegistrantType.REPOSITORY, repos, permissions, getAccessPermissions())); form.add(teams.setEnabled(editTeams)); form.add(new TextField<String>("organizationalUnit").setEnabled(editDisplayName)); form.add(new TextField<String>("organization").setEnabled(editDisplayName)); form.add(new TextField<String>("locality").setEnabled(editDisplayName)); form.add(new TextField<String>("stateProvince").setEnabled(editDisplayName)); form.add(new TextField<String>("countryCode").setEnabled(editDisplayName)); form.add(new Button("save")); Button cancel = new Button("cancel") { private static final long serialVersionUID = 1L; @Override public void onSubmit() { setResponsePage(UsersPage.class); } }; cancel.setDefaultFormProcessing(false); form.add(cancel); add(form); }
/** * Mirrors a repository and, optionally, the server's users, and/or configuration settings from a * origin Gitblit instance. * * @param registration * @throws Exception */ private void pull(FederationModel registration) throws Exception { Map<String, RepositoryModel> repositories = FederationUtils.getRepositories(registration, true); String registrationFolder = registration.folder.toLowerCase().trim(); // confirm valid characters in server alias Character c = StringUtils.findInvalidCharacter(registrationFolder); if (c != null) { logger.error( MessageFormat.format( "Illegal character ''{0}'' in folder name ''{1}'' of federation registration {2}!", c, registrationFolder, registration.name)); return; } File repositoriesFolder = new File(GitBlit.getString(Keys.git.repositoriesFolder, "git")); File registrationFolderFile = new File(repositoriesFolder, registrationFolder); registrationFolderFile.mkdirs(); // Clone/Pull the repository for (Map.Entry<String, RepositoryModel> entry : repositories.entrySet()) { String cloneUrl = entry.getKey(); RepositoryModel repository = entry.getValue(); if (!repository.hasCommits) { logger.warn( MessageFormat.format( "Skipping federated repository {0} from {1} @ {2}. Repository is EMPTY.", repository.name, registration.name, registration.url)); registration.updateStatus(repository, FederationPullStatus.SKIPPED); continue; } // Determine local repository name String repositoryName; if (StringUtils.isEmpty(registrationFolder)) { repositoryName = repository.name; } else { repositoryName = registrationFolder + "/" + repository.name; } if (registration.bare) { // bare repository, ensure .git suffix if (!repositoryName.toLowerCase().endsWith(DOT_GIT_EXT)) { repositoryName += DOT_GIT_EXT; } } else { // normal repository, strip .git suffix if (repositoryName.toLowerCase().endsWith(DOT_GIT_EXT)) { repositoryName = repositoryName.substring(0, repositoryName.indexOf(DOT_GIT_EXT)); } } // confirm that the origin of any pre-existing repository matches // the clone url String fetchHead = null; Repository existingRepository = GitBlit.self().getRepository(repositoryName); if (existingRepository == null && GitBlit.self().isCollectingGarbage(repositoryName)) { logger.warn( MessageFormat.format( "Skipping local repository {0}, busy collecting garbage", repositoryName)); continue; } if (existingRepository != null) { StoredConfig config = existingRepository.getConfig(); config.load(); String origin = config.getString("remote", "origin", "url"); RevCommit commit = JGitUtils.getCommit(existingRepository, org.eclipse.jgit.lib.Constants.FETCH_HEAD); if (commit != null) { fetchHead = commit.getName(); } existingRepository.close(); if (!origin.startsWith(registration.url)) { logger.warn( MessageFormat.format( "Skipping federated repository {0} from {1} @ {2}. Origin does not match, consider EXCLUDING.", repository.name, registration.name, registration.url)); registration.updateStatus(repository, FederationPullStatus.SKIPPED); continue; } } // clone/pull this repository CredentialsProvider credentials = new UsernamePasswordCredentialsProvider(Constants.FEDERATION_USER, registration.token); logger.info( MessageFormat.format( "Pulling federated repository {0} from {1} @ {2}", repository.name, registration.name, registration.url)); CloneResult result = JGitUtils.cloneRepository( registrationFolderFile, repository.name, cloneUrl, registration.bare, credentials); Repository r = GitBlit.self().getRepository(repositoryName); RepositoryModel rm = GitBlit.self().getRepositoryModel(repositoryName); repository.isFrozen = registration.mirror; if (result.createdRepository) { // default local settings repository.federationStrategy = FederationStrategy.EXCLUDE; repository.isFrozen = registration.mirror; repository.showRemoteBranches = !registration.mirror; logger.info(MessageFormat.format(" cloning {0}", repository.name)); registration.updateStatus(repository, FederationPullStatus.MIRRORED); } else { // fetch and update boolean fetched = false; RevCommit commit = JGitUtils.getCommit(r, org.eclipse.jgit.lib.Constants.FETCH_HEAD); String newFetchHead = commit.getName(); fetched = fetchHead == null || !fetchHead.equals(newFetchHead); if (registration.mirror) { // mirror if (fetched) { // update local branches to match the remote tracking branches for (RefModel ref : JGitUtils.getRemoteBranches(r, false, -1)) { if (ref.displayName.startsWith("origin/")) { String branch = org.eclipse.jgit.lib.Constants.R_HEADS + ref.displayName.substring(ref.displayName.indexOf('/') + 1); String hash = ref.getReferencedObjectId().getName(); JGitUtils.setBranchRef(r, branch, hash); logger.info( MessageFormat.format( " resetting {0} of {1} to {2}", branch, repository.name, hash)); } } String newHead; if (StringUtils.isEmpty(repository.HEAD)) { newHead = newFetchHead; } else { newHead = repository.HEAD; } JGitUtils.setHEADtoRef(r, newHead); logger.info( MessageFormat.format( " resetting HEAD of {0} to {1}", repository.name, newHead)); registration.updateStatus(repository, FederationPullStatus.MIRRORED); } else { // indicate no commits pulled registration.updateStatus(repository, FederationPullStatus.NOCHANGE); } } else { // non-mirror if (fetched) { // indicate commits pulled to origin/master registration.updateStatus(repository, FederationPullStatus.PULLED); } else { // indicate no commits pulled registration.updateStatus(repository, FederationPullStatus.NOCHANGE); } } // preserve local settings repository.isFrozen = rm.isFrozen; repository.federationStrategy = rm.federationStrategy; // merge federation sets Set<String> federationSets = new HashSet<String>(); if (rm.federationSets != null) { federationSets.addAll(rm.federationSets); } if (repository.federationSets != null) { federationSets.addAll(repository.federationSets); } repository.federationSets = new ArrayList<String>(federationSets); // merge indexed branches Set<String> indexedBranches = new HashSet<String>(); if (rm.indexedBranches != null) { indexedBranches.addAll(rm.indexedBranches); } if (repository.indexedBranches != null) { indexedBranches.addAll(repository.indexedBranches); } repository.indexedBranches = new ArrayList<String>(indexedBranches); } // only repositories that are actually _cloned_ from the origin // Gitblit repository are marked as federated. If the origin // is from somewhere else, these repositories are not considered // "federated" repositories. repository.isFederated = cloneUrl.startsWith(registration.url); GitBlit.self().updateConfiguration(r, repository); r.close(); } IUserService userService = null; try { // Pull USERS // TeamModels are automatically pulled because they are contained // within the UserModel. The UserService creates unknown teams // and updates existing teams. Collection<UserModel> users = FederationUtils.getUsers(registration); if (users != null && users.size() > 0) { File realmFile = new File(registrationFolderFile, registration.name + "_users.conf"); realmFile.delete(); userService = new ConfigUserService(realmFile); for (UserModel user : users) { userService.updateUserModel(user.username, user); // merge the origin permissions and origin accounts into // the user accounts of this Gitblit instance if (registration.mergeAccounts) { // reparent all repository permissions if the local // repositories are stored within subfolders if (!StringUtils.isEmpty(registrationFolder)) { if (user.permissions != null) { // pulling from >= 1.2 version Map<String, AccessPermission> copy = new HashMap<String, AccessPermission>(user.permissions); user.permissions.clear(); for (Map.Entry<String, AccessPermission> entry : copy.entrySet()) { user.setRepositoryPermission( registrationFolder + "/" + entry.getKey(), entry.getValue()); } } else { // pulling from <= 1.1 version List<String> permissions = new ArrayList<String>(user.repositories); user.repositories.clear(); for (String permission : permissions) { user.addRepositoryPermission(registrationFolder + "/" + permission); } } } // insert new user or update local user UserModel localUser = GitBlit.self().getUserModel(user.username); if (localUser == null) { // create new local user GitBlit.self().updateUserModel(user.username, user, true); } else { // update repository permissions of local user if (user.permissions != null) { // pulling from >= 1.2 version Map<String, AccessPermission> copy = new HashMap<String, AccessPermission>(user.permissions); for (Map.Entry<String, AccessPermission> entry : copy.entrySet()) { localUser.setRepositoryPermission(entry.getKey(), entry.getValue()); } } else { // pulling from <= 1.1 version for (String repository : user.repositories) { localUser.addRepositoryPermission(repository); } } localUser.password = user.password; localUser.canAdmin = user.canAdmin; GitBlit.self().updateUserModel(localUser.username, localUser, false); } for (String teamname : GitBlit.self().getAllTeamnames()) { TeamModel team = GitBlit.self().getTeamModel(teamname); if (user.isTeamMember(teamname) && !team.hasUser(user.username)) { // new team member team.addUser(user.username); GitBlit.self().updateTeamModel(teamname, team, false); } else if (!user.isTeamMember(teamname) && team.hasUser(user.username)) { // remove team member team.removeUser(user.username); GitBlit.self().updateTeamModel(teamname, team, false); } // update team repositories TeamModel remoteTeam = user.getTeam(teamname); if (remoteTeam != null) { if (remoteTeam.permissions != null) { // pulling from >= 1.2 for (Map.Entry<String, AccessPermission> entry : remoteTeam.permissions.entrySet()) { team.setRepositoryPermission(entry.getKey(), entry.getValue()); } GitBlit.self().updateTeamModel(teamname, team, false); } else if (!ArrayUtils.isEmpty(remoteTeam.repositories)) { // pulling from <= 1.1 team.addRepositoryPermissions(remoteTeam.repositories); GitBlit.self().updateTeamModel(teamname, team, false); } } } } } } } catch (ForbiddenException e) { // ignore forbidden exceptions } catch (IOException e) { logger.warn( MessageFormat.format( "Failed to retrieve USERS from federated gitblit ({0} @ {1})", registration.name, registration.url), e); } try { // Pull TEAMS // We explicitly pull these even though they are embedded in // UserModels because it is possible to use teams to specify // mailing lists or push scripts without specifying users. if (userService != null) { Collection<TeamModel> teams = FederationUtils.getTeams(registration); if (teams != null && teams.size() > 0) { for (TeamModel team : teams) { userService.updateTeamModel(team); } } } } catch (ForbiddenException e) { // ignore forbidden exceptions } catch (IOException e) { logger.warn( MessageFormat.format( "Failed to retrieve TEAMS from federated gitblit ({0} @ {1})", registration.name, registration.url), e); } try { // Pull SETTINGS Map<String, String> settings = FederationUtils.getSettings(registration); if (settings != null && settings.size() > 0) { Properties properties = new Properties(); properties.putAll(settings); FileOutputStream os = new FileOutputStream( new File( registrationFolderFile, registration.name + "_" + Constants.PROPERTIES_FILE)); properties.store(os, null); os.close(); } } catch (ForbiddenException e) { // ignore forbidden exceptions } catch (IOException e) { logger.warn( MessageFormat.format( "Failed to retrieve SETTINGS from federated gitblit ({0} @ {1})", registration.name, registration.url), e); } try { // Pull SCRIPTS Map<String, String> scripts = FederationUtils.getScripts(registration); if (scripts != null && scripts.size() > 0) { for (Map.Entry<String, String> script : scripts.entrySet()) { String scriptName = script.getKey(); if (scriptName.endsWith(".groovy")) { scriptName = scriptName.substring(0, scriptName.indexOf(".groovy")); } File file = new File(registrationFolderFile, registration.name + "_" + scriptName + ".groovy"); FileUtils.writeContent(file, script.getValue()); } } } catch (ForbiddenException e) { // ignore forbidden exceptions } catch (IOException e) { logger.warn( MessageFormat.format( "Failed to retrieve SCRIPTS from federated gitblit ({0} @ {1})", registration.name, registration.url), e); } }
protected void setupPage(RepositoryModel model) { this.repositoryModel = model; // ensure this user can create or edit this repository checkPermissions(repositoryModel); List<String> indexedBranches = new ArrayList<String>(); List<String> federationSets = new ArrayList<String>(); final List<RegistrantAccessPermission> repositoryUsers = new ArrayList<RegistrantAccessPermission>(); final List<RegistrantAccessPermission> repositoryTeams = new ArrayList<RegistrantAccessPermission>(); List<String> preReceiveScripts = new ArrayList<String>(); List<String> postReceiveScripts = new ArrayList<String>(); GitBlitWebSession session = GitBlitWebSession.get(); final UserModel user = session.getUser() == null ? UserModel.ANONYMOUS : session.getUser(); final boolean allowEditName = isCreate || isAdmin || repositoryModel.isUsersPersonalRepository(user.username); if (isCreate) { if (user.canAdmin()) { super.setupPage(getString("gb.newRepository"), ""); } else { super.setupPage(getString("gb.newRepository"), user.getDisplayName()); } } else { super.setupPage(getString("gb.edit"), repositoryModel.name); repositoryUsers.addAll(GitBlit.self().getUserAccessPermissions(repositoryModel)); repositoryTeams.addAll(GitBlit.self().getTeamAccessPermissions(repositoryModel)); Collections.sort(repositoryUsers); Collections.sort(repositoryTeams); federationSets.addAll(repositoryModel.federationSets); if (!ArrayUtils.isEmpty(repositoryModel.indexedBranches)) { indexedBranches.addAll(repositoryModel.indexedBranches); } } final String oldName = repositoryModel.name; final RegistrantPermissionsPanel usersPalette = new RegistrantPermissionsPanel( "users", RegistrantType.USER, GitBlit.self().getAllUsernames(), repositoryUsers, getAccessPermissions()); final RegistrantPermissionsPanel teamsPalette = new RegistrantPermissionsPanel( "teams", RegistrantType.TEAM, GitBlit.self().getAllTeamnames(), repositoryTeams, getAccessPermissions()); // owners palette List<String> owners = new ArrayList<String>(repositoryModel.owners); List<String> persons = GitBlit.self().getAllUsernames(); final Palette<String> ownersPalette = new Palette<String>( "owners", new ListModel<String>(owners), new CollectionModel<String>(persons), new StringChoiceRenderer(), 12, true); // indexed local branches palette List<String> allLocalBranches = new ArrayList<String>(); allLocalBranches.add(Constants.DEFAULT_BRANCH); allLocalBranches.addAll(repositoryModel.getLocalBranches()); boolean luceneEnabled = GitBlit.getBoolean(Keys.web.allowLuceneIndexing, true); final Palette<String> indexedBranchesPalette = new Palette<String>( "indexedBranches", new ListModel<String>(indexedBranches), new CollectionModel<String>(allLocalBranches), new StringChoiceRenderer(), 8, false); indexedBranchesPalette.setEnabled(luceneEnabled); // federation sets palette List<String> sets = GitBlit.getStrings(Keys.federation.sets); final Palette<String> federationSetsPalette = new Palette<String>( "federationSets", new ListModel<String>(federationSets), new CollectionModel<String>(sets), new StringChoiceRenderer(), 8, false); // pre-receive palette if (!ArrayUtils.isEmpty(repositoryModel.preReceiveScripts)) { preReceiveScripts.addAll(repositoryModel.preReceiveScripts); } final Palette<String> preReceivePalette = new Palette<String>( "preReceiveScripts", new ListModel<String>(preReceiveScripts), new CollectionModel<String>(GitBlit.self().getPreReceiveScriptsUnused(repositoryModel)), new StringChoiceRenderer(), 12, true); // post-receive palette if (!ArrayUtils.isEmpty(repositoryModel.postReceiveScripts)) { postReceiveScripts.addAll(repositoryModel.postReceiveScripts); } final Palette<String> postReceivePalette = new Palette<String>( "postReceiveScripts", new ListModel<String>(postReceiveScripts), new CollectionModel<String>( GitBlit.self().getPostReceiveScriptsUnused(repositoryModel)), new StringChoiceRenderer(), 12, true); // custom fields final Map<String, String> customFieldsMap = GitBlit.getMap(Keys.groovy.customFields); List<String> customKeys = new ArrayList<String>(customFieldsMap.keySet()); final ListView<String> customFieldsListView = new ListView<String>("customFieldsListView", customKeys) { private static final long serialVersionUID = 1L; @Override protected void populateItem(ListItem<String> item) { String key = item.getModelObject(); item.add(new Label("customFieldLabel", customFieldsMap.get(key))); String value = ""; if (repositoryModel.customFields != null && repositoryModel.customFields.containsKey(key)) { value = repositoryModel.customFields.get(key); } TextField<String> field = new TextField<String>("customFieldValue", new Model<String>(value)); item.add(field); } }; customFieldsListView.setReuseItems(true); CompoundPropertyModel<RepositoryModel> rModel = new CompoundPropertyModel<RepositoryModel>(repositoryModel); Form<RepositoryModel> form = new Form<RepositoryModel>("editForm", rModel) { private static final long serialVersionUID = 1L; @Override protected void onSubmit() { try { // confirm a repository name was entered if (repositoryModel.name == null && StringUtils.isEmpty(repositoryModel.name)) { error(getString("gb.pleaseSetRepositoryName")); return; } // ensure name is trimmed repositoryModel.name = repositoryModel.name.trim(); // automatically convert backslashes to forward slashes repositoryModel.name = repositoryModel.name.replace('\\', '/'); // Automatically replace // with / repositoryModel.name = repositoryModel.name.replace("//", "/"); // prohibit folder paths if (repositoryModel.name.startsWith("/")) { error(getString("gb.illegalLeadingSlash")); return; } if (repositoryModel.name.startsWith("../")) { error(getString("gb.illegalRelativeSlash")); return; } if (repositoryModel.name.contains("/../")) { error(getString("gb.illegalRelativeSlash")); return; } if (repositoryModel.name.endsWith("/")) { repositoryModel.name = repositoryModel.name.substring(0, repositoryModel.name.length() - 1); } // confirm valid characters in repository name Character c = StringUtils.findInvalidCharacter(repositoryModel.name); if (c != null) { error(MessageFormat.format(getString("gb.illegalCharacterRepositoryName"), c)); return; } if (user.canCreate() && !user.canAdmin() && allowEditName) { // ensure repository name begins with the user's path if (!repositoryModel.name.startsWith(user.getPersonalPath())) { error( MessageFormat.format( getString("gb.illegalPersonalRepositoryLocation"), user.getPersonalPath())); return; } if (repositoryModel.name.equals(user.getPersonalPath())) { // reset path prefix and show error repositoryModel.name = user.getPersonalPath() + "/"; error(getString("gb.pleaseSetRepositoryName")); return; } } // confirm access restriction selection if (repositoryModel.accessRestriction == null) { error(getString("gb.selectAccessRestriction")); return; } // confirm federation strategy selection if (repositoryModel.federationStrategy == null) { error(getString("gb.selectFederationStrategy")); return; } // save federation set preferences if (repositoryModel.federationStrategy.exceeds(FederationStrategy.EXCLUDE)) { repositoryModel.federationSets.clear(); Iterator<String> sets = federationSetsPalette.getSelectedChoices(); while (sets.hasNext()) { repositoryModel.federationSets.add(sets.next()); } } // set author metric exclusions String ax = metricAuthorExclusions.getObject(); if (!StringUtils.isEmpty(ax)) { Set<String> list = new HashSet<String>(); for (String exclusion : StringUtils.getStringsFromValue(ax, " ")) { if (StringUtils.isEmpty(exclusion)) { continue; } if (exclusion.indexOf(' ') > -1) { list.add("\"" + exclusion + "\""); } else { list.add(exclusion); } } repositoryModel.metricAuthorExclusions = new ArrayList<String>(list); } // set mailing lists String ml = mailingLists.getObject(); if (!StringUtils.isEmpty(ml)) { Set<String> list = new HashSet<String>(); for (String address : ml.split("(,|\\s)")) { if (StringUtils.isEmpty(address)) { continue; } list.add(address.toLowerCase()); } repositoryModel.mailingLists = new ArrayList<String>(list); } // indexed branches List<String> indexedBranches = new ArrayList<String>(); Iterator<String> branches = indexedBranchesPalette.getSelectedChoices(); while (branches.hasNext()) { indexedBranches.add(branches.next()); } repositoryModel.indexedBranches = indexedBranches; // owners repositoryModel.owners.clear(); Iterator<String> owners = ownersPalette.getSelectedChoices(); while (owners.hasNext()) { repositoryModel.addOwner(owners.next()); } // pre-receive scripts List<String> preReceiveScripts = new ArrayList<String>(); Iterator<String> pres = preReceivePalette.getSelectedChoices(); while (pres.hasNext()) { preReceiveScripts.add(pres.next()); } repositoryModel.preReceiveScripts = preReceiveScripts; // post-receive scripts List<String> postReceiveScripts = new ArrayList<String>(); Iterator<String> post = postReceivePalette.getSelectedChoices(); while (post.hasNext()) { postReceiveScripts.add(post.next()); } repositoryModel.postReceiveScripts = postReceiveScripts; // custom fields repositoryModel.customFields = new LinkedHashMap<String, String>(); for (int i = 0; i < customFieldsListView.size(); i++) { ListItem<String> child = (ListItem<String>) customFieldsListView.get(i); String key = child.getModelObject(); TextField<String> field = (TextField<String>) child.get("customFieldValue"); String value = field.getValue(); repositoryModel.customFields.put(key, value); } // save the repository GitBlit.self().updateRepositoryModel(oldName, repositoryModel, isCreate); // repository access permissions if (repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE)) { GitBlit.self().setUserAccessPermissions(repositoryModel, repositoryUsers); GitBlit.self().setTeamAccessPermissions(repositoryModel, repositoryTeams); } } catch (GitBlitException e) { error(e.getMessage()); return; } setRedirect(false); setResponsePage(RepositoriesPage.class); } }; // do not let the browser pre-populate these fields form.add(new SimpleAttributeModifier("autocomplete", "off")); // field names reflective match RepositoryModel fields form.add(new TextField<String>("name").setEnabled(allowEditName)); form.add(new TextField<String>("description")); form.add(ownersPalette); form.add( new CheckBox("allowForks").setEnabled(GitBlit.getBoolean(Keys.web.allowForking, true))); DropDownChoice<AccessRestrictionType> accessRestriction = new DropDownChoice<AccessRestrictionType>( "accessRestriction", Arrays.asList(AccessRestrictionType.values()), new AccessRestrictionRenderer()); form.add(accessRestriction); form.add(new CheckBox("isFrozen")); // TODO enable origin definition form.add(new TextField<String>("origin").setEnabled(false /* isCreate */)); // allow relinking HEAD to a branch or tag other than master on edit repository List<String> availableRefs = new ArrayList<String>(); if (!ArrayUtils.isEmpty(repositoryModel.availableRefs)) { availableRefs.addAll(repositoryModel.availableRefs); } form.add( new DropDownChoice<String>("HEAD", availableRefs).setEnabled(availableRefs.size() > 0)); boolean gcEnabled = GitBlit.getBoolean(Keys.git.enableGarbageCollection, false); List<Integer> gcPeriods = Arrays.asList(1, 2, 3, 4, 5, 7, 10, 14); form.add( new DropDownChoice<Integer>("gcPeriod", gcPeriods, new GCPeriodRenderer()) .setEnabled(gcEnabled)); form.add(new TextField<String>("gcThreshold").setEnabled(gcEnabled)); // federation strategies - remove ORIGIN choice if this repository has // no origin. List<FederationStrategy> federationStrategies = new ArrayList<FederationStrategy>(Arrays.asList(FederationStrategy.values())); if (StringUtils.isEmpty(repositoryModel.origin)) { federationStrategies.remove(FederationStrategy.FEDERATE_ORIGIN); } form.add( new DropDownChoice<FederationStrategy>( "federationStrategy", federationStrategies, new FederationTypeRenderer())); form.add(new CheckBox("useTickets")); form.add(new CheckBox("useDocs")); form.add(new CheckBox("useIncrementalPushTags")); form.add(new CheckBox("showRemoteBranches")); form.add(new CheckBox("showReadme")); form.add(new CheckBox("skipSizeCalculation")); form.add(new CheckBox("skipSummaryMetrics")); List<Integer> maxActivityCommits = Arrays.asList(-1, 0, 25, 50, 75, 100, 150, 200, 250, 500); form.add( new DropDownChoice<Integer>( "maxActivityCommits", maxActivityCommits, new MaxActivityCommitsRenderer())); metricAuthorExclusions = new Model<String>( ArrayUtils.isEmpty(repositoryModel.metricAuthorExclusions) ? "" : StringUtils.flattenStrings(repositoryModel.metricAuthorExclusions, " ")); form.add(new TextField<String>("metricAuthorExclusions", metricAuthorExclusions)); mailingLists = new Model<String>( ArrayUtils.isEmpty(repositoryModel.mailingLists) ? "" : StringUtils.flattenStrings(repositoryModel.mailingLists, " ")); form.add(new TextField<String>("mailingLists", mailingLists)); form.add(indexedBranchesPalette); List<AuthorizationControl> acList = Arrays.asList(AuthorizationControl.values()); final RadioChoice<AuthorizationControl> authorizationControl = new RadioChoice<Constants.AuthorizationControl>( "authorizationControl", acList, new AuthorizationControlRenderer()); form.add(authorizationControl); final CheckBox verifyCommitter = new CheckBox("verifyCommitter"); verifyCommitter.setOutputMarkupId(true); form.add(verifyCommitter); form.add(usersPalette); form.add(teamsPalette); form.add(federationSetsPalette); form.add(preReceivePalette); form.add( new BulletListPanel( "inheritedPreReceive", getString("gb.inherited"), GitBlit.self().getPreReceiveScriptsInherited(repositoryModel))); form.add(postReceivePalette); form.add( new BulletListPanel( "inheritedPostReceive", getString("gb.inherited"), GitBlit.self().getPostReceiveScriptsInherited(repositoryModel))); WebMarkupContainer customFieldsSection = new WebMarkupContainer("customFieldsSection"); customFieldsSection.add(customFieldsListView); form.add( customFieldsSection.setVisible(!GitBlit.getString(Keys.groovy.customFields, "").isEmpty())); // initial enable/disable of permission controls if (repositoryModel.accessRestriction.equals(AccessRestrictionType.NONE)) { // anonymous everything, disable all controls usersPalette.setEnabled(false); teamsPalette.setEnabled(false); authorizationControl.setEnabled(false); verifyCommitter.setEnabled(false); } else { // authenticated something // enable authorization controls authorizationControl.setEnabled(true); verifyCommitter.setEnabled(true); boolean allowFineGrainedControls = repositoryModel.authorizationControl.equals(AuthorizationControl.NAMED); usersPalette.setEnabled(allowFineGrainedControls); teamsPalette.setEnabled(allowFineGrainedControls); } accessRestriction.add( new AjaxFormComponentUpdatingBehavior("onchange") { private static final long serialVersionUID = 1L; protected void onUpdate(AjaxRequestTarget target) { // enable/disable permissions panel based on access restriction boolean allowAuthorizationControl = repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE); authorizationControl.setEnabled(allowAuthorizationControl); verifyCommitter.setEnabled(allowAuthorizationControl); boolean allowFineGrainedControls = allowAuthorizationControl && repositoryModel.authorizationControl.equals(AuthorizationControl.NAMED); usersPalette.setEnabled(allowFineGrainedControls); teamsPalette.setEnabled(allowFineGrainedControls); if (allowFineGrainedControls) { repositoryModel.authorizationControl = AuthorizationControl.NAMED; } target.addComponent(authorizationControl); target.addComponent(verifyCommitter); target.addComponent(usersPalette); target.addComponent(teamsPalette); } }); authorizationControl.add( new AjaxFormChoiceComponentUpdatingBehavior() { private static final long serialVersionUID = 1L; protected void onUpdate(AjaxRequestTarget target) { // enable/disable permissions panel based on access restriction boolean allowAuthorizationControl = repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE); authorizationControl.setEnabled(allowAuthorizationControl); boolean allowFineGrainedControls = allowAuthorizationControl && repositoryModel.authorizationControl.equals(AuthorizationControl.NAMED); usersPalette.setEnabled(allowFineGrainedControls); teamsPalette.setEnabled(allowFineGrainedControls); if (allowFineGrainedControls) { repositoryModel.authorizationControl = AuthorizationControl.NAMED; } target.addComponent(authorizationControl); target.addComponent(usersPalette); target.addComponent(teamsPalette); } }); form.add(new Button("save")); Button cancel = new Button("cancel") { private static final long serialVersionUID = 1L; @Override public void onSubmit() { setResponsePage(RepositoriesPage.class); } }; cancel.setDefaultFormProcessing(false); form.add(cancel); add(form); }