allow to optionnaly secure the backup endpoint

using boolean System property 'secure.backup' allows to secure the http://YOUR_GITBUCKET/database/backup endpoint. fixes #1 fixes #19
gitbucket-plugins · Feb 28, 2017 · a66623e · a66623e
1 parent 282e9b4
commit a66623e
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 1 deletion.
diff --git a/README.MD b/README.MD
@@ -66,7 +66,9 @@ sbt clean package
 
 ### 1.4.0
 
-- compatibility with gitbucket 4.10, scala 2.12
+- compatibility with gitbucket 4.10, scala 2.12 [#20](https://github.com/gitbucket-plugins/gitbucket-h2-backup-plugin/issues/20)
+- allow to secure `database/backup` endpoint [#1](https://github.com/gitbucket-plugins/gitbucket-h2-backup-plugin/issues/1),[#19](https://github.com/gitbucket-plugins/gitbucket-h2-backup-plugin/issues/19)  
+   see [Securing backup endpoint](#securing-backup-endpoint) paragraph
 
 ### 1.3.0
 
@@ -86,3 +88,15 @@ sbt clean package
 
 - introduce gitbucket-h2-backup-plugin
 - allows to backup h2 database via a live dump
+
+## Securing backup endpoint
+
+In version 1.4.0, it is possible to secure the `database/backup` endpoint:
+
+- launch gitbucket with System property _secure.backup_ set to true (for example `-Dsecure.backup=true` on the command line)
+- due to actual limitations of gibucket & plugins security, once the previous setting is activated, 
+a call to `http://YOUR_GITBUCKET/database/backup` will be temporary redirected `http://YOUR_GITBUCKET/api/v3/plugins/database/backup`. 
+You have to follow this temporary redirection.
+   - if you call the endpoint using _httpie_, use the `--follow` parameter
+- this secured endpoint route is TEMPORARY you should not call it directly. 
+If you do think that it will change in the future when gitbucket will support secured routes for plugins.  
diff --git a/src/main/scala/Plugin.scala b/src/main/scala/Plugin.scala
@@ -25,5 +25,6 @@ class Plugin extends gitbucket.core.plugin.Plugin {
   override val controllers = Seq(
     "/admin/h2backup" -> new H2BackupController()
     , "/database/backup" -> new H2BackupController()
+    , "/api/v3/plugins/database/backup" -> new H2BackupController()
   )
 }
diff --git a/src/main/scala/fr/brouillard/gitbucket/h2/controller/H2BackupController.scala b/src/main/scala/fr/brouillard/gitbucket/h2/controller/H2BackupController.scala
@@ -41,7 +41,22 @@ class H2BackupController extends ControllerBase with AdminAuthenticator {
     html.export(flash.get("info"), flash.get("dest").orElse(Some(defaultBackupFileName())));
   })
 
+  get("/api/v3/plugins/database/backup") {
+    context.loginAccount match {
+      case Some(x) if(x.isAdmin) => doExport()
+      case _ => org.scalatra.Unauthorized()
+    }
+  }
+
   get("/database/backup") {
+    if (sys.props.get("secure.backup") exists (_ equalsIgnoreCase "true"))
+      org.scalatra.TemporaryRedirect("/api/v3/plugins/database/backup?dest=" + params.getOrElse("dest", defaultBackupFileName()))
+    else {
+      doExport()
+    }
+  }
+
+  private def doExport(): Unit = {
     val filePath:String = params.getOrElse("dest", defaultBackupFileName())
     exportDatabase(new File(filePath))
     Ok("done: " + filePath)