AsIsFileService.java

  1. /*
  2.  * Copyright (C) 2009-2010, Google Inc. and others
  3.  *
  4.  * This program and the accompanying materials are made available under the
  5.  * terms of the Eclipse Distribution License v. 1.0 which is available at
  6.  * https://www.eclipse.org/org/documents/edl-v10.php.
  7.  *
  8.  * SPDX-License-Identifier: BSD-3-Clause
  9.  */

  11. package org.eclipse.jgit.http.server.resolver;

  13. import javax.servlet.http.HttpServletRequest;

  15. import org.eclipse.jgit.lib.Config;
  16. import org.eclipse.jgit.lib.Repository;
  17. import org.eclipse.jgit.transport.resolver.ServiceNotAuthorizedException;
  18. import org.eclipse.jgit.transport.resolver.ServiceNotEnabledException;

  20. /**
  21.  * Controls access to bare files in a repository.
  22.  * <p>
  23.  * Older HTTP clients which do not speak the smart HTTP variant of the Git
  24.  * protocol fetch from a repository by directly getting its objects and pack
  25.  * files. This class, along with the {@code http.getanyfile} per-repository
  26.  * configuration setting, can be used by
  27.  * {@link org.eclipse.jgit.http.server.GitServlet} to control whether or not
  28.  * these older clients are permitted to read these direct files.
  29.  */
  30. public class AsIsFileService {
  31.     /** Always throws {@link ServiceNotEnabledException}. */
  32.     public static final AsIsFileService DISABLED = new AsIsFileService() {
  33.         @Override
  34.         public void access(HttpServletRequest req, Repository db)
  35.                 throws ServiceNotEnabledException {
  36.             throw new ServiceNotEnabledException();
  37.         }
  38.     };

  40.     private static class ServiceConfig {
  41.         final boolean enabled;

  43.         ServiceConfig(Config cfg) {
  44.             enabled = cfg.getBoolean("http", "getanyfile", true);
  45.         }
  46.     }

  48.     /**
  49.      * Determine if {@code http.getanyfile} is enabled in the configuration.
  50.      *
  51.      * @param db
  52.      *            the repository to check.
  53.      * @return {@code false} if {@code http.getanyfile} was explicitly set to
  54.      *         {@code false} in the repository's configuration file; otherwise
  55.      *         {@code true}.
  56.      */
  57.     protected static boolean isEnabled(Repository db) {
  58.         return db.getConfig().get(ServiceConfig::new).enabled;
  59.     }

  61.     /**
  62.      * Determine if access to any bare file of the repository is allowed.
  63.      * <p>
  64.      * This method silently succeeds if the request is allowed, or fails by
  65.      * throwing a checked exception if access should be denied.
  66.      * <p>
  67.      * The default implementation of this method checks {@code http.getanyfile},
  68.      * throwing
  69.      * {@link org.eclipse.jgit.transport.resolver.ServiceNotEnabledException} if
  70.      * it was explicitly set to {@code false}, and otherwise succeeding
  71.      * silently.
  72.      *
  73.      * @param req
  74.      *            current HTTP request, in case information from the request may
  75.      *            help determine the access request.
  76.      * @param db
  77.      *            the repository the request would obtain a bare file from.
  78.      * @throws ServiceNotEnabledException
  79.      *             bare file access is not allowed on the target repository, by
  80.      *             any user, for any reason.
  81.      * @throws ServiceNotAuthorizedException
  82.      *             bare file access is not allowed for this HTTP request and
  83.      *             repository, such as due to a permission error.
  84.      */
  85.     public void access(HttpServletRequest req, Repository db)
  86.             throws ServiceNotEnabledException, ServiceNotAuthorizedException {
  87.         if (!isEnabled(db))
  88.             throw new ServiceNotEnabledException();
  89.     }
  90. }
Created with JaCoCo 0.8.7.202105040129