Nemcio/GitBucket
1
0
Fork 0
mirror of https://github.com/gitbucket/gitbucket.git synced 2025-11-06 13:35:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add RichRequest which extends HttpServletRequest.

Browse Source
This commit is contained in:
takezoe
2013-09-22 14:25:50 +09:00
parent a79180699e
commit 602b6c635a
6 changed files with 89 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/scala/app/FileUploadController.scala
View File

@@ -1,6 +1,7 @@
package app
import util.{FileUtil}
import util.FileUtil
import util.ControlUtil._
import org.scalatra._
import org.scalatra.servlet.{MultipartConfig, FileUploadSupport}
import org.apache.commons.io.FileUtils
@@ -18,8 +19,7 @@ class FileUploadController extends ScalatraServlet
post("/image"){
fileParams.get("file") match {
case Some(file) if(FileUtil.isImage(file.name)) => {
val fileId = generateFileId
case Some(file) if(FileUtil.isImage(file.name)) => defining(generateFileId){ fileId =>
FileUtils.writeByteArrayToFile(getTemporaryFile(fileId), file.get)
session += "upload_" + fileId -> file.name
Ok(fileId)

5
src/main/scala/app/RepositorySettingsController.scala
View File

@@ -9,6 +9,7 @@ import org.scalatra.FlashMapSupport
import service.WebHookService.WebHookPayload
import util.JGitUtil.CommitInfo
import util.ControlUtil._
import util.Implicits._
import org.eclipse.jgit.api.Git
class RepositorySettingsController extends RepositorySettingsControllerBase
@@ -181,7 +182,7 @@ trait RepositorySettingsControllerBase extends ControllerBase with FlashMapSuppo
*/
private def webHook: Constraint = new Constraint(){
override def validate(name: String, value: String): Option[String] =
defining(request.getRequestURI.split("/")){ paths =>
defining(request.paths){ paths =>
getWebHookURLs(paths(1), paths(2)).map(_.url).find(_ == value).map(_ => "URL had been registered already.")
}
}
@@ -191,7 +192,7 @@ trait RepositorySettingsControllerBase extends ControllerBase with FlashMapSuppo
*/
private def collaborator: Constraint = new Constraint(){
override def validate(name: String, value: String): Option[String] =
defining(request.getRequestURI.split("/")){ paths =>
defining(request.paths){ paths =>
getAccountByUserName(value) match {
case None => Some("User does not exist.")
case Some(x) if(x.userName == paths(1) || getCollaborators(paths(1), paths(2)).contains(x.userName))

34
src/main/scala/servlet/BasicAuthenticationFilter.scala
View File

@@ -4,6 +4,8 @@ import javax.servlet._
import javax.servlet.http._
import service.{SystemSettingsService, AccountService, RepositoryService}
import org.slf4j.LoggerFactory
import util.Implicits._
import util.ControlUtil._
/**
* Provides BASIC Authentication for [[servlet.GitRepositoryServlet]].
@@ -25,29 +27,27 @@ class BasicAuthenticationFilter extends Filter with RepositoryService with Accou
}
try {
val paths = request.getRequestURI.substring(request.getContextPath.length).split("/")
val repositoryOwner = paths(2)
val repositoryName = paths(3).replaceFirst("\\.git$", "")
getRepository(repositoryOwner, repositoryName.replaceFirst("\\.wiki", ""), "") match {
case Some(repository) => {
if(!request.getRequestURI.endsWith("/git-receive-pack") &&
defining(request.paths.toSeq){ case (repositoryOwner :: repositoryName :: _) =>
getRepository(repositoryOwner, repositoryName.replaceFirst("\\.wiki", ""), "") match {
case Some(repository) => {
if(!request.getRequestURI.endsWith("/git-receive-pack") &&
!"service=git-receive-pack".equals(request.getQueryString) && !repository.repository.isPrivate){
chain.doFilter(req, wrappedResponse)
} else {
request.getHeader("Authorization") match {
case null => requireAuth(response)
case auth => decodeAuthHeader(auth).split(":") match {
case Array(username, password) if(isWritableUser(username, password, repository)) => {
request.setAttribute("USER_NAME", username)
chain.doFilter(req, wrappedResponse)
chain.doFilter(req, wrappedResponse)
} else {
request.getHeader("Authorization") match {
case null => requireAuth(response)
case auth => decodeAuthHeader(auth).split(":") match {
case Array(username, password) if(isWritableUser(username, password, repository)) => {
request.setAttribute("USER_NAME", username)
chain.doFilter(req, wrappedResponse)
}
case _ => requireAuth(response)
}
case _ => requireAuth(response)
}
}
}
case None => response.sendError(HttpServletResponse.SC_NOT_FOUND)
}
case None => response.sendError(HttpServletResponse.SC_NOT_FOUND)
}
} catch {
case ex: Exception => {

18
src/main/scala/servlet/GitRepositoryServlet.scala
View File

@@ -11,6 +11,7 @@ import javax.servlet.ServletContext
import javax.servlet.http.HttpServletRequest
import util.{JGitUtil, Directory}
import util.ControlUtil._
import util.Implicits._
import service._
import WebHookService._
import org.eclipse.jgit.api.Git
@@ -59,16 +60,17 @@ class GitBucketReceivePackFactory extends ReceivePackFactory[HttpServletRequest]
logger.debug("requestURI: " + request.getRequestURI)
logger.debug("userName:" + userName)
val paths = request.getRequestURI.substring(request.getContextPath.length).split("/")
val owner = paths(2)
val repository = paths(3).replaceFirst("\\.git$", "")
val baseURL = request.getRequestURL.toString.replaceFirst("/git/.*", "")
defining(request.paths){ paths =>
val owner = paths(2)
val repository = paths(3).replaceFirst("\\.git$", "")
val baseURL = request.getRequestURL.toString.replaceFirst("/git/.*", "")
logger.debug("repository:" + owner + "/" + repository)
logger.debug("baseURL:" + baseURL)
logger.debug("repository:" + owner + "/" + repository)
logger.debug("baseURL:" + baseURL)
receivePack.setPostReceiveHook(new CommitLogHook(owner, repository, userName, baseURL))
receivePack
receivePack.setPostReceiveHook(new CommitLogHook(owner, repository, userName, baseURL))
receivePack
}
}
}

95
src/main/scala/util/Authenticator.scala
View File

@@ -3,6 +3,8 @@ package util
import app.ControllerBase
import service._
import RepositoryService.RepositoryInfo
import util.Implicits._
import util.ControlUtil._
/**
* Allows only oneself and administrators.
@@ -13,11 +15,12 @@ trait OneselfAuthenticator { self: ControllerBase =>
private def authenticate(action: => Any) = {
{
val paths = request.getRequestURI.substring(request.getContextPath.length).split("/")
context.loginAccount match {
case Some(x) if(x.isAdmin) => action
case Some(x) if(paths(1) == x.userName) => action
case _ => Unauthorized()
defining(request.paths){ paths =>
context.loginAccount match {
case Some(x) if(x.isAdmin) => action
case Some(x) if(paths(1) == x.userName) => action
case _ => Unauthorized()
}
}
}
}
@@ -32,14 +35,15 @@ trait OwnerAuthenticator { self: ControllerBase with RepositoryService =>
private def authenticate(action: (RepositoryInfo) => Any) = {
{
val paths = request.getRequestURI.substring(request.getContextPath.length).split("/")
getRepository(paths(1), paths(2), baseUrl).map { repository =>
context.loginAccount match {
case Some(x) if(x.isAdmin) => action(repository)
case Some(x) if(repository.owner == x.userName) => action(repository)
case _ => Unauthorized()
}
} getOrElse NotFound()
defining(request.paths){ paths =>
getRepository(paths(1), paths(2), baseUrl).map { repository =>
context.loginAccount match {
case Some(x) if(x.isAdmin) => action(repository)
case Some(x) if(repository.owner == x.userName) => action(repository)
case _ => Unauthorized()
}
} getOrElse NotFound()
}
}
}
}
@@ -87,15 +91,16 @@ trait CollaboratorsAuthenticator { self: ControllerBase with RepositoryService =
private def authenticate(action: (RepositoryInfo) => Any) = {
{
val paths = request.getRequestURI.substring(request.getContextPath.length).split("/")
getRepository(paths(1), paths(2), baseUrl).map { repository =>
context.loginAccount match {
case Some(x) if(x.isAdmin) => action(repository)
case Some(x) if(paths(1) == x.userName) => action(repository)
case Some(x) if(getCollaborators(paths(1), paths(2)).contains(x.userName)) => action(repository)
case _ => Unauthorized()
}
} getOrElse NotFound()
defining(request.paths){ paths =>
getRepository(paths(1), paths(2), baseUrl).map { repository =>
context.loginAccount match {
case Some(x) if(x.isAdmin) => action(repository)
case Some(x) if(paths(1) == x.userName) => action(repository)
case Some(x) if(getCollaborators(paths(1), paths(2)).contains(x.userName)) => action(repository)
case _ => Unauthorized()
}
} getOrElse NotFound()
}
}
}
}
@@ -109,19 +114,20 @@ trait ReferrerAuthenticator { self: ControllerBase with RepositoryService =>
private def authenticate(action: (RepositoryInfo) => Any) = {
{
val paths = request.getRequestURI.substring(request.getContextPath.length).split("/")
getRepository(paths(1), paths(2), baseUrl).map { repository =>
if(!repository.repository.isPrivate){
action(repository)
} else {
context.loginAccount match {
case Some(x) if(x.isAdmin) => action(repository)
case Some(x) if(paths(1) == x.userName) => action(repository)
case Some(x) if(getCollaborators(paths(1), paths(2)).contains(x.userName)) => action(repository)
case _ => Unauthorized()
defining(request.paths){ paths =>
getRepository(paths(1), paths(2), baseUrl).map { repository =>
if(!repository.repository.isPrivate){
action(repository)
} else {
context.loginAccount match {
case Some(x) if(x.isAdmin) => action(repository)
case Some(x) if(paths(1) == x.userName) => action(repository)
case Some(x) if(getCollaborators(paths(1), paths(2)).contains(x.userName)) => action(repository)
case _ => Unauthorized()
}
}
}
} getOrElse NotFound()
} getOrElse NotFound()
}
}
}
}
@@ -135,16 +141,17 @@ trait ReadableUsersAuthenticator { self: ControllerBase with RepositoryService =
private def authenticate(action: (RepositoryInfo) => Any) = {
{
val paths = request.getRequestURI.substring(request.getContextPath.length).split("/")
getRepository(paths(1), paths(2), baseUrl).map { repository =>
context.loginAccount match {
case Some(x) if(x.isAdmin) => action(repository)
case Some(x) if(!repository.repository.isPrivate) => action(repository)
case Some(x) if(paths(1) == x.userName) => action(repository)
case Some(x) if(getCollaborators(paths(1), paths(2)).contains(x.userName)) => action(repository)
case _ => Unauthorized()
}
} getOrElse NotFound()
defining(request.paths){ paths =>
getRepository(paths(1), paths(2), baseUrl).map { repository =>
context.loginAccount match {
case Some(x) if(x.isAdmin) => action(repository)
case Some(x) if(!repository.repository.isPrivate) => action(repository)
case Some(x) if(paths(1) == x.userName) => action(repository)
case Some(x) if(getCollaborators(paths(1), paths(2)).contains(x.userName)) => action(repository)
case _ => Unauthorized()
}
} getOrElse NotFound()
}
}
}
}

5
src/main/scala/util/Implicits.scala
View File

@@ -1,6 +1,7 @@
package util
import scala.util.matching.Regex
import javax.servlet.http.HttpServletRequest
/**
* Provides some usable implicit conversions.
@@ -42,4 +43,8 @@ object Implicits {
}
}
implicit class RichRequest(request: HttpServletRequest){
def paths: Array[String] = request.getRequestURI.substring(request.getContextPath.length).split("/")
}
}