improve git client detection at GitPermissionFilter to include jgit

2025-12-24 01:09:48 +01:00 · 2017-06-01 16:08:07 +02:00
parent ee4a19365e
commit d9486ba8ba
6 changed files with 52 additions and 52 deletions
--- a/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/repository/GitUtil.java
+++ b/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/repository/GitUtil.java
@@ -70,6 +70,7 @@ import java.util.Map;
 import java.util.concurrent.TimeUnit;
 import javax.servlet.http.HttpServletRequest;
 import sonia.scm.web.GitUserAgentProvider;
 /**
 *
@@ -77,6 +78,8 @@ import javax.servlet.http.HttpServletRequest;
 */
 public final class GitUtil
 {
  private static final GitUserAgentProvider GIT_USER_AGENT_PROVIDER = new GitUserAgentProvider();
  /** Field description */
  public static final String REF_HEAD = "HEAD";
@@ -698,7 +701,7 @@ public final class GitUtil
   */
  public static boolean isGitClient(HttpServletRequest request)
  {
-    return HttpUtil.userAgentStartsWith(request, USERAGENT_GIT);
+    return GIT_USER_AGENT_PROVIDER.parseUserAgent(request.getHeader(HttpUtil.HEADER_USERAGENT)) != null;
  }
  /**
--- a/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitPermissionFilter.java
+++ b/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitPermissionFilter.java
@@ -55,80 +55,49 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 /**
- *
+ * GitPermissionFilter decides if a git request requires write or read privileges.
 * 
 * @author Sebastian Sdorra
 */
@Singleton
 public class GitPermissionFilter extends ProviderPermissionFilter
 {
-  /** Field description */
+  private static final String PARAMETER_SERVICE = "service";
  public static final String PARAMETER_SERVICE = "service";
-  /** Field description */
+  private static final String PARAMETER_VALUE_RECEIVE = "git-receive-pack";
  public static final String PARAMETER_VALUE_RECEIVE = "git-receive-pack";
-  /** Field description */
+  private static final String URI_RECEIVE_PACK = "git-receive-pack";
  public static final String URI_RECEIVE_PACK = "git-receive-pack";
-  /** Field description */
+  private static final String URI_REF_INFO = "/info/refs";
  public static final String URI_REF_INFO = "/info/refs";
-  public static final String METHOD_LFS_UPLOAD = "PUT";
+  private static final String METHOD_LFS_UPLOAD = "PUT";
  //~--- constructors ---------------------------------------------------------
  /**
-   * Constructs ...
+   * Constructs a new instance of the GitPermissionFilter.
   *
-   * @param configuration
+   * @param configuration scm main configuration
-   * @param repositoryProvider
+   * @param repositoryProvider repository provider
   */
  @Inject
-  public GitPermissionFilter(ScmConfiguration configuration,
+  public GitPermissionFilter(ScmConfiguration configuration, RepositoryProvider repositoryProvider) {
    RepositoryProvider repositoryProvider)
  {
    super(configuration, repositoryProvider);
  }
  //~--- methods --------------------------------------------------------------
  /**
   * Method description
   *
   *
   * @param request
   * @param response
   *
   * @throws IOException
   */
  @Override
-  protected void sendNotEnoughPrivilegesError(HttpServletRequest request,
+  protected void sendNotEnoughPrivilegesError(HttpServletRequest request, HttpServletResponse response) 
-    HttpServletResponse response)
+    throws IOException {
-    throws IOException
+    if (GitUtil.isGitClient(request)) {
  {
    if (GitUtil.isGitClient(request))
    {
      GitSmartHttpTools.sendError(request, response,
        HttpServletResponse.SC_FORBIDDEN,
        ClientMessages.get(request).notEnoughPrivileges());
-    }
+    } else {
    else
    {
      super.sendNotEnoughPrivilegesError(request, response);
    }
  }
  //~--- get methods ----------------------------------------------------------
  /**
   * Method description
   *
   *
   * @param request
   *
   * @return
   */
  @Override
  protected boolean isWriteRequest(HttpServletRequest request) {
    return isReceivePackRequest(request) ||
--- a/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitUserAgentProvider.java
+++ b/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitUserAgentProvider.java
@@ -41,7 +41,7 @@ import java.util.Locale;
 import sonia.scm.plugin.ext.Extension;
 /**
- * UserAgent provider for git related clients. 
+ * UserAgent provider for git related clients.
 * @author Sebastian Sdorra <sebastian.sdorra@gmail.com>
 * @since 1.45
 */
--- a/scm-plugins/scm-git-plugin/src/test/java/sonia/scm/repository/GitUtilTest.java
+++ b/scm-plugins/scm-git-plugin/src/test/java/sonia/scm/repository/GitUtilTest.java
@@ -42,8 +42,10 @@ import static org.mockito.Mockito.*;
 import java.io.File;
 import java.io.IOException;
 import javax.servlet.http.HttpServletRequest;
 import static org.junit.Assert.*;
 import sonia.scm.util.HttpUtil;
 /**
 * Unit tests for {@link GitUtil}.
@@ -114,4 +116,22 @@ public class GitUtilTest
    return repo;
  }
  @Test
  public void testIsGitClient() {
    HttpServletRequest request = mockRequestWithUserAgent("Git/2.9.3");
    assertTrue(GitUtil.isGitClient(request));
    request = mockRequestWithUserAgent("JGit/2.9.3");
    assertTrue(GitUtil.isGitClient(request));
    request = mockRequestWithUserAgent("Mozilla/5.0 (Linux; Android 4.0.4; Galaxy Nexus Build/IMM76B) ...");
    assertFalse(GitUtil.isGitClient(request));
  }
  private HttpServletRequest mockRequestWithUserAgent(String userAgent) {
    HttpServletRequest request = mock(HttpServletRequest.class);
    when(request.getHeader(HttpUtil.HEADER_USERAGENT)).thenReturn(userAgent);    
    return request;
  }
 }
--- a/scm-plugins/scm-git-plugin/src/test/java/sonia/scm/web/GitPermissionFilterTest.java
+++ b/scm-plugins/scm-git-plugin/src/test/java/sonia/scm/web/GitPermissionFilterTest.java
@@ -17,6 +17,7 @@ import static org.mockito.Mockito.*;
 import org.mockito.runners.MockitoJUnitRunner;
 import sonia.scm.config.ScmConfiguration;
 import sonia.scm.repository.RepositoryProvider;
 import sonia.scm.util.HttpUtil;
 /**
 * Unit tests for {@link GitPermissionFilter}.
@@ -84,8 +85,17 @@ public class GitPermissionFilterTest {
  @Test
  public void testSendNotEnoughPrivilegesErrorAsGitClient() throws IOException {
    verifySendNotEnoughPrivilegesErrorAsGitClient("git/2.9.3");
  }
  @Test
  public void testSendNotEnoughPrivilegesErrorAsJGitClient() throws IOException {
    verifySendNotEnoughPrivilegesErrorAsGitClient("JGit/4.2");
  }
  private void verifySendNotEnoughPrivilegesErrorAsGitClient(String userAgent) throws IOException {
    HttpServletRequest request = mockGitReceivePackServiceRequest();
-    when(request.getHeader("User-Agent")).thenReturn("git/2.9.3");
+    when(request.getHeader(HttpUtil.HEADER_USERAGENT)).thenReturn(userAgent);
    CapturingServletOutputStream stream = new CapturingServletOutputStream();
    when(response.getOutputStream()).thenReturn(stream);
@@ -93,7 +103,7 @@ public class GitPermissionFilterTest {
    permissionFilter.sendNotEnoughPrivilegesError(request, response);
    verify(response).setStatus(HttpServletResponse.SC_OK);
-    assertThat(stream.toString(), containsString("privileges"));
+    assertThat(stream.toString(), containsString("privileges"));    
  }
  private HttpServletRequest mockGitReceivePackServiceRequest() {
--- a/scm-plugins/scm-git-plugin/src/test/java/sonia/scm/web/GitUserAgentProviderTest.java
+++ b/scm-plugins/scm-git-plugin/src/test/java/sonia/scm/web/GitUserAgentProviderTest.java
@@ -33,8 +33,6 @@ package sonia.scm.web;
 //~--- non-JDK imports --------------------------------------------------------
 import com.google.common.base.Strings;
 import org.junit.Test;
 import static org.junit.Assert.*;