gwvpmini/gwvpmini_gitbackend.php

   1 <?php
   2
   3 $CALL_ME_FUNCTIONS["gitcontrol"] = "gwvpmini_gitControlCallMe";
   4
   5 //$MENU_ITEMS["20repos"]["text"] = "Repo Admin";
   6 //$MENU_ITEMS["20repos"]["link"] = "$BASE_URL/admin/repos";
   7
   8 // TODO: we could actually change backend interface such that is
   9 // will respond to any url's that contain "repo.git" rather then
  10 // having to be $BASE_URL/git/repo.git
  11 function gwvpmini_gitControlCallMe()
  12 {
  13         if(isset($_REQUEST["q"])) {
  14                 $query = $_REQUEST["q"];
  15                 $qspl = explode("/", $query);
  16                 if(isset($qspl[0])) {
  17                         if($qspl[0] == "git") {
  18                                 return "gwvpmini_gitBackendInterface";
  19                         }
  20                 }
  21                 else return false;
  22         }
  23
  24         return false;
  25
  26 }
  27
  28
  29 function gwvpmini_gitBackendInterface()
  30 {
  31         // and this is where i re-code the git backend interface from scratch
  32         global $BASE_URL;
  33
  34         $repo_base = gwvpmini_getConfigVal("repodir");
  35
  36         // TODO: we need to stop passing the repo name around as "repo.git", it needs to be just "repo"
  37
  38
  39         /* bizare git problem that ignores 403's or continues on with a push despite them
  40         error_log("FLAP for ".$_SERVER["REQUEST_URI"]);
  41         if(isset($_REQUEST)) {
  42                 $dump = print_r($_REQUEST, true);
  43                 error_log("FLAP, $dump");
  44         }
  45         if(isset($_SERVER["PHP_AUTH_USER"])) {
  46                 error_log("FLAP: donut hole");
  47         }*/
  48
  49
  50
  51         $repo = "";
  52         $repoid = false;
  53         $newloc = "/";
  54         if(isset($_REQUEST["q"])) {
  55                 $query = $_REQUEST["q"];
  56                 $qspl = explode("/", $query);
  57                 // TODO do this with
  58                 $repo = preg_replace("/\.git$/", "", $qspl[1]);
  59                 $repoid = gwvpmini_GetRepoId($repo);
  60                 for($i=2; $i < count($qspl); $i++) {
  61                         $newloc .= "/".$qspl[$i];
  62                 }
  63         }
  64
  65         if($repoid == false) {
  66                 gwvpmini_fourZeroFour();
  67                 return;
  68         }
  69
  70         // we do an update server cause its weird and i cant figure out when it actually needs to happen
  71         chdir("$repo_base/$repo.git");
  72         exec("/usr/bin/git update-server-info");
  73
  74
  75         // so now we have the repo
  76         // next we determine if this is a read or a write
  77         $write = false;
  78         if(isset($_REQUEST["service"])) {
  79                 if($_REQUEST["service"] == "git-receive-pack") {
  80                         error_log("got write as receivepack in post");
  81                         $write = true;
  82                 }
  83         }
  84         if($_SERVER["REQUEST_METHOD"] == "POST") {
  85                 $write = true;
  86         }
  87
  88         //$write = true;
  89         // THIS MAY CAUSE ISSUES LATER ON but we do it cause the git client ignores our 403 when it uses git-receive-pack after an auth
  90         // no, this isnt a solution cause auth'd read attempts will come up as writes...
  91         //if(isset($_SERVER["PHP_AUTH_USER"])) {
  92                 //$write = true;
  93         //}
  94
  95         $perms = 5;
  96
  97         $write = true;
  98
  99         // if its a write, we push for authentication
 100         if($write) {
 101                 error_log("is write attempt, ask for login");
 102                 $person = gwvpmini_checkBasicAuthLogin();
 103                 if($person == false) {
 104                         error_log("person is false, push auth");
 105                         gwvpmini_AskForBasicAuth();
 106                         echo "Login";
 107                         return;
 108                 } else {
 109                         error_log("checking perms for $person against $repoid for repo $repo");
 110                         // here we pass to the git backend
 111                         error_log("perms are $perms and im allowed");
 112                         gwvpmini_callGitBackend($person["username"], $repo);
 113                 }
 114                 return;
 115         }
 116
 117
 118         // if they're less then read, we need to then check the user auth permissions
 119         if($perms < 2) {
 120                 // we ask for auth
 121                 $person = gwvpmini_checkBasicAuthLogin();
 122                 if($person == false) {
 123                         gwvpmini_AskForBasicAuth();
 124                         return;
 125                 } else {
 126                 }
 127         }
 128
 129         // if we made it this far, we a read and we have permissions to do so, just search the file from the repo
 130         if(file_exists("$repo_base/$repo.git/$newloc")) {
 131                 error_log("would ask $repo for $repo.git/$newloc from $repo_base/$repo.git/$newloc");
 132                 $fh = fopen("$repo_base/$repo.git/$newloc", "rb");
 133
 134                 error_log("pushing file");
 135                 while(!feof($fh)) {
 136                         echo fread($fh, 8192);
 137                 }
 138         } else {
 139                 //echo "would ask $repo,$actual_repo_name for $repo/$newloc from $repo_base/$repo/$newloc, NE";
 140                 gwvpmini_fourZeroFour();
 141                 return;
 142         }
 143
 144 }
 145
 146 function gwvpmini_canManageRepo($userid, $repoid)
 147 {
 148         // only the owner or an admin can do these tasks
 149         error_log("Checking repoid, $repoid against userid $userid");
 150
 151         if(gwvpmini_IsUserAdmin(null, null, $userid)) return true;
 152         if(gwvpmini_IsRepoOwner($userid, $repoid)) return true;
 153         return false;
 154 }
 155
 156 function gwvpmini_callGitBackend($username, $repo)
 157 {
 158         // this is where things become a nightmare
 159                 $fh   = fopen('php://input', "r");
 160
 161                 $repo_base = gwvpmini_getConfigVal("repodir");\r
 162
 163
 164                 $ruri = $_SERVER["REQUEST_URI"];
 165                 $strrem = "git/$repo.git";
 166                 $euri = str_replace($strrem, "", $_REQUEST["q"]);
 167                 //$euri = preg_replace("/^git\/$repo\.git/", "", $_REQUEST["q"]);
 168
 169
 170
 171                 $rmeth = $_SERVER["REQUEST_METHOD"];
 172
 173                 $qs = "";
 174                 foreach($_REQUEST as $key => $var) {
 175                         if($key != "q") {
 176                                 //error_log("adding, $var from $key");
 177                                 if($qs == "") $qs.="$key=$var";
 178                                 else $qs.="&$key=$var";
 179                         }
 180                 }
 181
 182                 //sleep(2);
 183
 184
 185
 186                 // this is where the fun, it ends.
 187                 $myoutput = "";
 188                 unset($myoutput);
 189
 190                 // this be nasty!
 191
 192                 // setup env
 193                 if(isset($procenv))     unset($procenv);
 194                 $procenv["GATEWAY_INTERFACE"] = "CGI/1.1";
 195                 $procenv["PATH_TRANSLATED"] = "/$repo_base/$repo.git/$euri";
 196                 $procenv["REQUEST_METHOD"] = "$rmeth";
 197                 $procenv["GIT_HTTP_EXPORT_ALL"] = "1";
 198                 $procenv["QUERY_STRING"] = "$qs";
 199                 $procenv["HTTP_USER_AGENT"] = "git/1.7.1";
 200                 $procenv["REMOTE_USER"] = "$username";
 201                 $procenv["REMOTE_ADDR"] = $_SERVER["REMOTE_ADDR"];
 202                 $procenv["AUTH_TYPE"] = "Basic";
 203
 204                 if(isset($_SERVER["CONTENT_TYPE"])) {
 205                         $procenv["CONTENT_TYPE"] = $_SERVER["CONTENT_TYPE"];
 206                 } else {
 207                         //$procenv["CONTENT_TYPE"] = "";
 208                 }
 209                 if(isset($_SERVER["CONTENT_LENGTH"])) {
 210                         $procenv["CONTENT_LENGTH"] = $_SERVER["CONTENT_LENGTH"];
 211                 }
 212
 213                 error_log("path trans'd is /$repo_base/$repo.git/$euri from $ruri with ".$_REQUEST["q"]." $strrem");
 214
 215
 216
 217
 218                 $pwd = "/$repo_base/";
 219
 220                 $proc = proc_open("/usr/lib/git-core/git-http-backend", array(array("pipe","rb"),array("pipe","wb"),array("file","/tmp/err", "a")), $pipes, $pwd, $procenv);
 221
 222                 $untilblank = false;
 223                 while(!$untilblank&&!feof($pipes[1])) {
 224                         $lines_t = fgets($pipes[1]);
 225                         $lines = trim($lines_t);
 226                         error_log("got line: $lines");
 227                         if($lines_t == "\r\n") {
 228                                 $untilblank = true;
 229                                 error_log("now blank");
 230                         } else header($lines);
 231                         if($lines === false) {
 232                                 error_log("got an unexpexted exit...");
 233                                 exit(0);
 234                         }
 235
 236                 }
 237
 238
 239                 $firstline = true;
 240                 $continue = true;
 241
 242                 if(!stream_set_blocking($fh,0)) {
 243                         error_log("cant set input non-blocking");
 244                 }
 245
 246                 if(!stream_set_blocking($pipes[1],0)) {
 247                         error_log("cant set pipe1 non-blocking");
 248                 }
 249
 250                 // i was going to use stream_select, but i feel this works better like this
 251                 while($continue) {
 252                         // do client
 253                         if(!feof($fh)) {
 254                                 $from_client_data = fread($fh,8192);
 255                                 if($from_client_data !== false) fwrite($pipes[0], $from_client_data);
 256                                 fflush($pipes[0]);
 257                                 //fwrite($fl, $from_client_data);
 258                                 $client_len = strlen($from_client_data);
 259                         } else {
 260                                 error_log("client end");
 261                                 $client_len = 0;
 262                         }
 263
 264                         // do cgi
 265                         // sometimes, we get a \r\n from the cgi, i do not know why she swallowed the fly,
 266                         // but i do know that the fgets for the headers above should have comsued that
 267                         if(!feof($pipes[1])) {
 268                                 $from_cgi_data_t = fread($pipes[1],8192);
 269                                 $from_cgi_data = $from_cgi_data_t;
 270
 271                                 // i dont know if this will solve it... it coudl cause some serious issues elsewhere
 272                                 // TODO: this is a hack, i need to know why the fgets above doesn consume the \r\n even tho it reads it
 273                                 // i.e. why the pointer doesnt increment over it, cause the freads above then get them again.
 274                                 if($firstline) {
 275                                         if(strlen($from_cgi_data_t)>0) {
 276                                                 // i dont get why this happens, and its very frustrating.. im not sure if its a bug in php
 277                                                 // or something the git-http-backend thing is doing..
 278                                                 // TODO: find out why this happens
 279                                                 $from_cgi_data = preg_replace("/^\r\n/", "", $from_cgi_data_t);
 280                                                 if(strlen($from_cgi_data)!=strlen($from_cgi_data_t)) {
 281                                                         error_log("MOOOKS - we did trunc");
 282                                                 } else {
 283                                                         error_log("MOOOKS - we did not trunc");
 284                                                 }
 285                                                 $firstline = false;
 286                                         }
 287                                 }
 288
 289                                 if($from_cgi_data !== false) {
 290                                         echo $from_cgi_data;
 291                                         flush();
 292                                 }
 293                                 $cgi_len = strlen($from_cgi_data);
 294                         } else {
 295                                 error_log("cgi end");
 296                                 $cgi_len = 0;
 297                         }
 298
 299                         if(feof($pipes[1])) $continue = false;
 300                         else {
 301                                 if($client_len == 0 && $cgi_len == 0) {
 302                                         usleep(200000);
 303                                         error_log("sleep tick");
 304                                 } else {
 305                                         error_log("sizes: $client_len, $cgi_len");
 306                                         if($cgi_len > 0) {
 307                                                 error_log("from cgi: \"$from_cgi_data\"");
 308                                         }
 309                                 }
 310                         }
 311
 312                 }
 313
 314
 315                 //fclose($fl);
 316                 fclose($fh);
 317                 fclose($pipes[1]);
 318                 fclose($pipes[0]);
 319 }
 320
 321
 322
 323 function gwvpmini_repoExists($name)
 324 {
 325         $repo_base = gwvpmini_getConfigVal("repodir");
 326
 327         if(file_exists("$repo_base/$name.git")) return true;
 328         else return false;
 329 }
 330
 331 // default perms:
 332 // 0 - anyone can clone/read, only owner can write
 333 // 1 - noone can clone/read, repo is visible (i.e. name), only owner can read/write repo
 334 // 2 - only owner can see anything
 335 function gwvpmini_createGitRepo($name, $ownerid, $desc)
 336 {
 337         $repo_base = gwvpmini_getConfigVal("repodir");
 338
 339         // phew, this works, but i tell you this - bundles arent quite as nice as they should be
 340         error_log("would create $repo_base/$name.git");
 341         exec("/usr/bin/git init $repo_base/$name.git --bare > /tmp/gitlog 2>&1");
 342         chdir("$repo_base/$name.git");
 343         exec("/usr/bin/git update-server-info");
 344
 345         // gwvpmini_AddRepo($reponame, $repodesc, $repoowner, $defaultperms = 0)
 346         gwvpmini_AddRepo($name, $desc, $ownerid);
 347
 348         return true;
 349 }
 350
 351
 352 ?>