From: Paul J R Date: Fri, 21 Sep 2012 00:11:24 +0000 (+1000) Subject: basic permissions work X-Git-Url: http://git.pjr.cc/?p=gwvp-mini.git;a=commitdiff_plain;h=5433c422794029259de4512640485aeb650e0c87 basic permissions work --- diff --git a/gwvpmini/gwvpmini_admin.php b/gwvpmini/gwvpmini_admin.php index e588e97..0b811eb 100644 --- a/gwvpmini/gwvpmini_admin.php +++ b/gwvpmini/gwvpmini_admin.php @@ -45,6 +45,9 @@ function gwvpmini_AdminCallMe() if($qspl[1] == "switchenable") { return "gwvpmini_SwitchEnableUser"; } + if($qspl[1] == "switchenablerepo") { + return "gwvpmini_SwitchEnableRepo"; + } } else { error_log("i got here, where next?"); return "gwvpmini_AdminMainPage"; @@ -166,13 +169,24 @@ function gwvpmini_AdminMainPageBody() $rn = $val["name"]; $ds = $val["desc"]; $ow = $val["owner"]; + $st = $val["status"]; $udet = gwvpmini_getUser(null, null, $ow); if(!$udet) { $owl = "Orphaned"; } else { $owl = $udet["username"]." (".$udet["id"].") - ".$udet["fullname"]." (".$udet["email"].") - Email Owner"; } - echo "$rn$ds$owlRemove Disable"; + + if($st == 1) { + $stat = 0; + $cstat = "Enable"; + } else { + $stat = 1; + $cstat = "Disable"; + } + + echo "$rn$ds$owlRemove $cstat"; + } echo ""; } @@ -425,4 +439,36 @@ function gwvpmini_SwitchEnableUser() header("Location: $BASE_URL/admin"); } + +function gwvpmini_SwitchEnableRepo() +{ + global $BASE_URL; + + $rid = -1; + $newst = -1; + if(isset($_REQUEST["q"])) { + $query = $_REQUEST["q"]; + $qspl = explode("/", $query); + if(isset($qspl[2])) { + $newst = $qspl[2]; + } + if(isset($qspl[3])) { + $rid = $qspl[3]; + } + } + + if($newst == 1) $stat = "disabled"; + else $stat = "enabled"; + + if($rid > 0 && ($newst == 1 || $newst == 0)) { + $details = gwvpmini_getRepo(null, null, $rid); + if($newst == 1) gwvpmini_DisableRepo($rid); + if($newst == 0) gwvpmini_EnableRepo($rid); + gwvpmini_SendMessage("info", "Repo $uname ($rid) has been $stat"); + } else { + gwvpmini_SendMessage("info", "Problem disabling repo with rid $rid"); + } + + header("Location: $BASE_URL/admin"); +} ?> \ No newline at end of file diff --git a/gwvpmini/gwvpmini_db.php b/gwvpmini/gwvpmini_db.php index 1995e7d..4e939af 100644 --- a/gwvpmini/gwvpmini_db.php +++ b/gwvpmini/gwvpmini_db.php @@ -87,14 +87,107 @@ function gwvpmini_getRepo($ownerid=null, $name=null, $id=null) $returns["id"] = $u_res["repos_id"]; $returns["name"] = $u_res["repos_name"]; $returns["desc"] = $u_res["repos_description"]; - $returns["ownerid"] = $u_res["repos_owner"]; - $returns["perms"] = $u_res["repos_readperms"]; + $returns["ownerid"] = $u_res["repos_owner"]; + $returns["status"] = $u_res["repos_status"]; } return $returns; } +// $rid = repo id +// $uid = user id (a for "anyone", r for "registered") +// $acc = 0 or 1, 0 = no access, 1 = read access, 2 = write +// first part of ths is the "base" repo permissions +// this is spec'd as b:t where t = a (anyone can read), r (only registered can read) or x (explicit read perms) +function gwvpmini_ChangeRepoPerm($rid, $uid, $acc) +{ + $conn = gwvpmini_ConnectDB(); + + $sql = "select repos_perms from repos where repos_id='$rid'"; + + $res = $conn->query($sql); + + error_log("CHANGEREPOPERMS: call with $rid, $uid, $acc"); + + $cperms_t = ""; + foreach($res as $row) { + $cperms_t = $row[0]; + } + + if($cperms_t === false) return false; + + $permsarray = array(); + if($cperms_t == "") { + $permsarray[$uid] = $acc; + } else { + $permsarray = unserialize(base64_decode($cperms_t)); + $permsarray[$uid] = $acc; + } + + // check if base is now r or a, we can drop any 1's + if($permsarray["b"] == "a" || $permsarray["b"] == "r") { + foreach($permsarray as $key => $val) { + if($val == 1) { + unset($permsarray[$key]); + } + } + } + + $encperms = base64_encode(serialize($permsarray)); + + $sql = "update repos set repos_perms='$encperms' where repos_id='$rid'"; + + $conn->query($sql); + +} + +//returns 0 for none, 1 for read, 2 for writes +function gwvpmini_GetRepoPerm($rid, $uid) +{ + $conn = gwvpmini_ConnectDB(); + + $dets = gwvpmini_getRepo(null, null, $rid); + + $sql = "select repos_perms from repos where repos_id='$rid'"; + + $res = $conn->query($sql); + + error_log("PERMCHECK: FUCK U! $sql"); + + $cperms_t = false; + if($res !== false) foreach($res as $row) { + $cperms_t = $row[0]; + } + + if($cperms_t === false) return 0; + + error_log("PERMSCHECK $rid, $uid:".print_r($dets, true)); + + if($dets === false) return 0; + + if($dets["ownerid"] == $uid) return 2; + + $permsarray = unserialize(base64_decode($cperms_t)); + + error_log("PERMSARRAY: ".print_r($permsarray,true)); + + + $perm = 0; + if($uid != "a") { + if(isset($permsarray[$uid])) { + $perm = $permsarray[$uid]; + } else if($permsarray["b"] == "a" ||$permsarray["b"] == "r") { + $perm = 1; + } + } else { + if($permsarray["b"] == "a") $perm = 1; + } + + return $perm; + +} + function gwvpmini_RemoveRepoDB($id) { $conn = gwvpmini_ConnectDB(); @@ -118,17 +211,17 @@ function gwvpmini_RemoveUser($uid) return $conn->query($sql); } -function gwvpmini_DisableUser($uid) -{ +function gwvpmini_DisableUser($uid) +{ $conn = gwvpmini_ConnectDB(); - + if($uid < 0) return; - + $sql = "update users set user_status=1 where user_id='$uid'"; - - return $conn->query($sql); + + return $conn->query($sql); } - + function gwvpmini_EnableUser($uid) { $conn = gwvpmini_ConnectDB(); @@ -140,6 +233,28 @@ function gwvpmini_EnableUser($uid) return $conn->query($sql); } +function gwvpmini_DisableRepo($rid) +{ + $conn = gwvpmini_ConnectDB(); + + if($rid < 0) return; + + $sql = "update repos set repos_status=1 where repos_id='$rid'"; + + return $conn->query($sql); +} + +function gwvpmini_EnableRepo($rid) +{ + $conn = gwvpmini_ConnectDB(); + + if($rid < 0) return; + + $sql = "update repos set repos_status=0 where repos_id='$rid'"; + + return $conn->query($sql); +} + function gwvpmini_ConnectDB() { @@ -247,7 +362,8 @@ function gwvpmini_dbCreateSQLiteStructure($dbloc) "repos_name" TEXT, "repos_description" TEXT, "repos_owner" INTEGER, - "repos_readperms" TEXT, + "repos_perms" TEXT, + "repos_status" TEXT, UNIQUE(repos_name) )'; @@ -342,7 +458,7 @@ function gwvpmini_GetRepoId($reponame) $retval = -1; if(!$res) return -1; foreach($res as $row) { - $reval = (int)$row[0]; + $retval = (int)$row[0]; } return $retval; @@ -447,13 +563,17 @@ function gwvpmini_setConfigVal($confname, $confval) return $conn->query($sql); } -function gwvpmini_AddRepo($name, $desc, $ownerid, $perms = "perms-public") +function gwvpmini_AddRepo($name, $desc, $ownerid) { error_log("addrepo in db for $name, $desc, $ownerid"); $conn = gwvpmini_ConnectDB(); + + $perms["b"] = "a"; + + $encperms = base64_encode(serialize($perms)); - $sql = "insert into repos values (null, '$name', '$desc', '$ownerid', '$perms')"; + $sql = "insert into repos values (null, '$name', '$desc', '$ownerid', '$encperms', 0)"; $conn->query($sql); } @@ -579,7 +699,7 @@ function gwvpmini_GetUsers($startat = 0, $num = 10) return $retval; } -function gwvp_findPeopleLike($search) +function gwvpmini_findPeopleLike($search) { $conn = gwvpmini_ConnectDB(); @@ -635,6 +755,7 @@ function gwvpmini_GetRepos($startat=0, $num=200) $retval[$id]["desc"] = $row["repos_description"]; $retval[$id]["owner"] = $row["repos_owner"]; $retval[$id]["id"] = $row["repos_id"]; + $retval[$id]["status"] = $row["repos_status"]; } return $retval; @@ -642,7 +763,7 @@ function gwvpmini_GetRepos($startat=0, $num=200) } -function gwvp_findReposLike($search) +function gwvpmini_findReposLike($search) { $conn = gwvpmini_ConnectDB(); @@ -669,6 +790,7 @@ function gwvp_findReposLike($search) $retval[$id]["desc"] = $row["repos_description"]; $retval[$id]["owner"] = $row["repos_owner"]; $retval[$id]["id"] = $row["repos_id"]; + $retval[$id]["status"] = $row["repos_status"]; } return $retval; diff --git a/gwvpmini/gwvpmini_gitrepo.php b/gwvpmini/gwvpmini_gitrepo.php index 2b41228..3ea498c 100644 --- a/gwvpmini/gwvpmini_gitrepo.php +++ b/gwvpmini/gwvpmini_gitrepo.php @@ -66,10 +66,17 @@ function gwvpmini_RepoMainPageBody() $desc = $repo["desc"]; echo "$name$desc"; echo ""; - $repo_base = gwvpmini_getConfigVal("repodir"); - $cmd = "git --git-dir=\"$repo_base/$name.git\" log -1 2>&1"; - error_log("CMD: $cmd"); - system("$cmd"); + error_log("CMD: $cmd"); + //system("$cmd"); + $fls = popen($cmd, "r"); + $tks = ""; + if($fls !== false) while(!feof($fls)) { + $tks .= fread($fls,1024); + } + + if($tks == "") { + echo "No Log Info Yet"; + } else echo $tks; echo ""; echo ""; } @@ -109,9 +116,18 @@ function gwvpmini_GitLogProvider() echo "$name$desc"; echo ""; $repo_base = gwvpmini_getConfigVal("repodir"); - $cmd = "git --git-dir=\"$repo_base/$name.git\" log -1 2>&1"; + $cmd = "git --git-dir=\"$repo_base/$name.git\" log -1 2> /dev/null"; error_log("CMD: $cmd"); - system("$cmd"); + //system("$cmd"); + $fls = popen($cmd, "r"); + $tks = ""; + if($fls !== false) while(!feof($fls)) { + $tks .= fread($fls,1024); + } + + if($tks == "") { + echo "No Log Info Yet"; + } else echo $tks; echo ""; echo ""; } diff --git a/gwvpmini/gwvpmini_search.php b/gwvpmini/gwvpmini_search.php index 6bcf4c1..852b5f0 100644 --- a/gwvpmini/gwvpmini_search.php +++ b/gwvpmini/gwvpmini_search.php @@ -49,8 +49,8 @@ function gwvpmini_SearchMainPageBody() $search = $_REQUEST["searchstring"]; - $reps = gwvp_findReposLike($search); - $ppls = gwvp_findPeopleLike($search); + $reps = gwvpmini_findReposLike($search); + $ppls = gwvpmini_findPeopleLike($search); diff --git a/gwvpmini/gwvpmini_view.php b/gwvpmini/gwvpmini_view.php index 36b310c..47effbe 100644 --- a/gwvpmini/gwvpmini_view.php +++ b/gwvpmini/gwvpmini_view.php @@ -20,7 +20,11 @@ function gwvpmini_RepoViewCallMe() $repo_view_call = $qspl[1]; return "gwvpmini_RepoViewPage"; } else return false; - } else return false; + } + if($qspl[0] == "updaterepobaseperms") { + return "gwvpmini_UpdateRepoBasePerms"; + } + return false; } else return false; } @@ -46,6 +50,8 @@ function gwvpmini_RepoViewPageBody() $repo_base = gwvpmini_getConfigVal("repodir"); + $owner_view = false; + if($_SERVER["SERVER_PORT"] == 443) $proto="https://"; else $proto = "http://"; $sname = $_SERVER["SERVER_NAME"]; @@ -55,12 +61,46 @@ function gwvpmini_RepoViewPageBody() $owner_name = $owner["username"]; + + if(isset($_SESSION["id"])) { + if($owner["id"] == $_SESSION["id"]) { + $owner_view = true; + } + } + + error_log("STUFF:".print_r($owner,true)); $cloneurl = "git clone $proto$sname$BASE_URL/git/$repo_view_call.git"; - echo "
"; + echo "
"; + + if($owner_view) $owner_extra = " (YOU)"; + else $owner_extra = ""; - echo "

".get_gravatar($owner["email"], 30, 'mm', 'g', true)."$repo_view_call - $owner_name

"; + echo "

".get_gravatar($owner["email"], 30, 'mm', 'g', true)."$repo_view_call - $owner_name$owner_extra

"; echo "$desc
"; + + if($owner_view) { + $bperms = gwvpmini_GetRepoPerm(gwvpmini_GetRepoId($repo_view_call), "b"); + + $anyo = ""; + $regd = ""; + $expl = ""; + if($bperms == "a") $anyo = " selected"; + if($bperms == "r") $regd = " selected"; + if($bperms == "x") $expl = " selected"; + + error_log("BPERMS: $bperms"); + + echo "
"; + echo "Base Permissions "; + echo ""; + echo ""; + echo "
"; + } //echo "command: git log --git-dir=$repo_base/$repo_view_call.git --pretty=format:\"%H\" -10"; $rs = popen("git --git-dir=$repo_base/$repo_view_call.git log --pretty=format:\"%H\" -10", "r"); $commitids = array(); @@ -83,7 +123,7 @@ function gwvpmini_RepoViewPageBody() echo ""; echo ""; foreach($commitids as $ids) { - $rs = popen("git --git-dir=$repo_base/$repo_view_call.git log --pretty=format:\"%at%n%ce%n%an%n%s\" $ids -1", "r"); + $rs = popen("git --git-dir=$repo_base/$repo_view_call.git log --pretty=format:\"%at%n%ce%n%an%n%s\" $ids -1 2> /dev/null", "r"); if($rs) { $flin1 = trim(fgets($rs)); $flin2 = trim(fgets($rs)); @@ -103,6 +143,50 @@ function gwvpmini_RepoViewPageBody() echo "No commit information available yet
"; } } - + +function gwvpmini_UpdateRepoBasePerms() +{ + global $BASE_URL, $repo_view_call; + + if(isset($_REQUEST["q"])) { + $query = $_REQUEST["q"]; + $qspl = explode("/", $query); + error_log("PLOOP:qview".print_r($qspl, true)); + } + + if(isset($qspl[1])) $repo_view_call = $qspl[1]; + else { + error_log("PLOOP: no repo name"); + header("Location: $BASE_URL/view/$repo_view_call"); + return; + } + + $newperms = $_REQUEST["base_perms"]; + + $owner = gwvpmini_GetRepoOwnerDetailsFromName($repo_view_call); + $desc = gwvpmini_GetRepoDescFromName($repo_view_call); + + $owner_name = $owner["username"]; + + $owner_view = false; + if(isset($_SESSION["id"])) { + if($owner["id"] == $_SESSION["id"]) { + $owner_view = true; + } + } + + $rid = gwvpmini_GetRepoId($repo_view_call); + + if(!$owner_view) { + gwvpmini_SendMessage("error", "failure updating permission for repo"); + error_log("PLOOP: attempt to update from non-owner"); + } else { + error_log("PLOOP: updateds: ".print_r($_REQUEST, true)); + gwvpmini_ChangeRepoPerm($rid, "b", $_REQUEST["base_perms"]); + gwvpmini_SendMessage("info", "Base permissions for repo updated"); + } + + header("Location: $BASE_URL/view/$repo_view_call"); +} ?> \ No newline at end of file
Committed ByDateCommit Log Entry