3 $CALL_ME_FUNCTIONS["gitcontrol"] = "gwvp_gitControlCallMe";
5 //$MENU_ITEMS["20repos"]["text"] = "Repo Admin";
6 //$MENU_ITEMS["20repos"]["link"] = "$BASE_URL/admin/repos";
8 function gwvp_gitControlCallMe()
10 if(isset($_REQUEST["q"])) {
11 $query = $_REQUEST["q"];
12 $qspl = explode("/", $query);
14 if($qspl[0] == "git") {
15 return "gwvp_gitBackendInterface";
25 function gwvp_repoPermissionCheck($repo, $user)
30 function gwvp_gitBackendInterface_new()
32 // and this is where i re-code the git backend interface from scratch
35 $repo_base = gwvp_getConfigVal("repodir");
39 if(isset($_REQUEST["q"])) {
40 $query = $_REQUEST["q"];
41 $qspl = explode("/", $query);
43 for($i=2; $i < count($qspl); $i++) {
44 $newloc .= "/".$qspl[$i];
52 function gwvp_gitBackendInterface()
56 $repo_base = gwvp_getConfigVal("repodir");
60 if(isset($_REQUEST["q"])) {
61 $query = $_REQUEST["q"];
62 $qspl = explode("/", $query);
64 for($i=2; $i < count($qspl); $i++) {
65 $newloc .= "/".$qspl[$i];
69 $actual_repo_name = preg_replace("/\.git$/", "", $repo);
71 $user = gwvp_checkBasicAuthLogin();
74 error_log("User is set to false, so its anonymouse");
76 error_log("user is $user");
79 // must remember that $user of false is anonymous when we code gwvp_repoPerm'sCheck()
80 if(!gwvp_repoPermissionCheck($actual_repo_name, $user)) {
81 error_log("perms check fails - start auth");
82 if(isset($_SERVER["PHP_AUTH_USER"])) {
83 error_log("have auth - push 403");
86 error_log("push auth");
87 gwvp_AskForBasicAuth();
92 // we need to quite a bit of parsing in here. The "repo" will always be /git/repo.git
93 // but if we get here from a browser, we need to forward back to a normal repo viewer
94 // the only way i can think of doing this is to check the useragent for the word "git"
98 * 1) figure out the repo its acessing
99 * 2) figure out the perms on the repo
100 * 3) determine if its a pull or a push
101 * - if its a pull, we just serve straight from the fs
102 * - if its a push, we go thru git-http-backend
103 * 4) if it requiers auth, we push to auth
106 $agent = "git-unknown";
109 // tested the user agent bit with jgit from eclipse and normal git... seems to work
110 if(isset($_SERVER["HTTP_USER_AGENT"])) {
111 $agent = $_SERVER["HTTP_USER_AGENT"];
112 error_log("in git backend with user agent $agent");
113 if(stristr($agent, "git")!==false) {
120 /* dont need this code right now
121 if($isgitagent) echo "GIT: i am a git backened interface for a repo $repo, agent $agent";
122 else echo "NOT GIT: i am a git backened interface for a repo $repo, agent $agent";
125 // now we need to rebuild the actual request or do we?
126 //$basegit = "$BASE_URL/git/something.git";
127 //$newloc = preg_replace("/^$basegit/", "", $_SERVER["REQUEST_URI"]);
128 chdir("$repo_base/$repo");
129 exec("/usr/bin/git update-server-info");
131 if($_SERVER["REQUEST_METHOD"] == "POST") {
132 gwvp_AskForBasicAuth();
133 gwvp_callGitBackend($repo);
137 if(isset($_REQUEST["service"])) {
138 if($_REQUEST["service"] == "git-receive-pack") {
139 // we are a write call - we need auth and we're going to the backend proper
140 gwvp_AskForBasicAuth();
141 gwvp_callGitBackend($repo);
147 if(file_exists("$repo_base/$repo/$newloc")) {
148 error_log("would ask $repo,$actual_repo_name for $repo/$newloc from $repo_base/$repo/$newloc");
149 $fh = fopen("$repo_base/$repo/$newloc", "rb");
151 error_log("pushing file");
153 echo fread($fh, 8192);
156 echo "would ask $repo,$actual_repo_name for $repo/$newloc from $repo_base/$repo/$newloc, NE";
157 header('HTTP/1.0 404 No Such Thing');
163 function gwvp_callGitBackend($repo)
165 // this is where things become a nightmare
166 $fh = fopen('php://input', "r");
168 $ruri = $_SERVER["REQUEST_URI"];
169 $strrem = "git/$repo";
170 $euri = str_replace($strrem, "", $_REQUEST["q"]);
171 //$euri = preg_replace("/^git\/$repo\.git/", "", $_REQUEST["q"]);
175 $rmeth = $_SERVER["REQUEST_METHOD"];
178 foreach($_REQUEST as $key => $var) {
180 //error_log("adding, $var from $key");
181 if($qs == "") $qs.="$key=$var";
182 else $qs.="&$key=$var";
190 // this is where the fun, it ends.
197 if(isset($procenv)) unset($procenv);
198 $procenv["GATEWAY_INTERFACE"] = "CGI/1.1";
199 $procenv["PATH_TRANSLATED"] = "/tmp/$repo/$euri";
200 $procenv["REQUEST_METHOD"] = "$rmeth";
201 $procenv["GIT_HTTP_EXPORT_ALL"] = "1";
202 $procenv["QUERY_STRING"] = "$qs";
203 $procenv["HTTP_USER_AGENT"] = "git/1.7.1";
204 $procenv["REMOTE_USER"] = "user";
205 $procenv["REMOTE_ADDR"] = "1.2.3.4";
206 $procenv["AUTH_TYPE"] = "Basic";
208 if(isset($_SERVER["CONTENT_TYPE"])) {
209 $procenv["CONTENT_TYPE"] = $_SERVER["CONTENT_TYPE"];
211 //$procenv["CONTENT_TYPE"] = "";
213 if(isset($_SERVER["CONTENT_LENGTH"])) {
214 $procenv["CONTENT_LENGTH"] = $_SERVER["CONTENT_LENGTH"];
217 error_log("path trans'd is /tmp/$repo/$euri from $ruri with ".$_REQUEST["q"]." $strrem");
224 $proc = proc_open("/usr/lib/git-core/git-http-backend", array(array("pipe","rb"),array("pipe","wb"),array("file","/tmp/err", "a")), $pipes, $pwd, $procenv);
227 while(!$untilblank&&!feof($pipes[1])) {
228 $lines_t = fgets($pipes[1]);
229 $lines = trim($lines_t);
230 error_log("got line: $lines");
231 if($lines_t == "\r\n") {
233 error_log("now blank");
234 } else header($lines);
235 if($lines === false) {
236 error_log("got an unexpexted exit...");
246 if(!stream_set_blocking($fh,0)) {
247 error_log("cant set input non-blocking");
250 if(!stream_set_blocking($pipes[1],0)) {
251 error_log("cant set pipe1 non-blocking");
254 // i was going to use stream_select, but i feel this works better like this
258 $from_client_data = fread($fh,8192);
259 if($from_client_data !== false) fwrite($pipes[0], $from_client_data);
261 //fwrite($fl, $from_client_data);
262 $client_len = strlen($from_client_data);
264 error_log("client end");
269 // sometimes, we get a \r\n from the cgi, i do not know why she swallowed the fly,
270 // but i do know that the fgets for the headers above should have comsued that
271 if(!feof($pipes[1])) {
272 $from_cgi_data_t = fread($pipes[1],8192);
273 $from_cgi_data = $from_cgi_data_t;
275 // i dont know if this will solve it... it coudl cause some serious issues elsewhere
276 // TODO: this is a hack, i need to know why the fgets above doesn consume the \r\n even tho it reads it
277 // i.e. why the pointer doesnt increment over it, cause the freads above then get them again.
279 if(strlen($from_cgi_data_t)>0) {
280 // i dont get why this happens, and its very frustrating.. im not sure if its a bug in php
281 // or something the git-http-backend thing is doing..
282 // TODO: find out why this happens
283 $from_cgi_data = preg_replace("/^\r\n/", "", $from_cgi_data_t);
284 if(strlen($from_cgi_data)!=strlen($from_cgi_data_t)) {
285 error_log("MOOOKS - we did trunc");
287 error_log("MOOOKS - we did not trunc");
293 if($from_cgi_data !== false) {
297 $cgi_len = strlen($from_cgi_data);
299 error_log("cgi end");
303 if(feof($pipes[1])) $continue = false;
305 if($client_len == 0 && $cgi_len == 0) {
307 error_log("sleep tick");
309 error_log("sizes: $client_len, $cgi_len");
311 error_log("from cgi: \"$from_cgi_data\"");
327 function gwvp_repoExists($name)
329 $repo_base = gwvp_getConfigVal("repodir");
331 if(file_exists("$repo_base/$name.git")) return true;
336 // 0 - anyone can clone/read, only owner can write
337 // 1 - noone can clone/read, repo is visible (i.e. name), only owner can read/write repo
338 // 2 - only owner can see anything
339 function gwvp_createGitRepo($name, $ownerid, $desc, $bundle=null, $defaultperms=0)
341 $repo_base = gwvp_getConfigVal("repodir");
343 // phew, this works, but i tell you this - bundles arent quite as nice as they should be
344 if($bundle == null) {
345 error_log("would create $repo_base/$name.git");
346 exec("/usr/bin/git init $repo_base/$name.git --bare > /tmp/gitlog 2>&1");
347 chdir("$repo_base/$name.git");
348 exec("/usr/bin/git update-server-info");
350 error_log("create via mirror on $repo_base/$name.git");
351 exec("/usr/bin/git clone --mirror $bundle $repo_base/$name.git > /tmp/gitlog 2>&1");
352 chdir("$repo_base/$name.git");
353 exec("/usr/bin/git update-server-info");
356 // gwvp_AddRepo($reponame, $repodesc, $repoowner, $defaultperms = 0)
357 gwvp_AddRepo($name, $desc, $ownerid, $defaultperms);
362 // this funciton returns one of three things, read, visible, write, none
368 function gwvp_resolvRepoPerms($userid, $repoid)
370 $ownerid = gwvp_getRepoOwner($repoid);
371 $isadmin = gwvp_IsUserAdmin(null, null, $userid);
373 if($isadmin) return 3;
375 if($userid == $ownerid) return 3;
377 // now we load the perms table and pray
378 $repoperms = gwvp_getRepoPermissions($repoid);
379 $usergroups = gwvp_getGroupsForUser(null, $userid);
382 if($repoperms != false) foreach($repoperms as $perm) {
383 // need to go thru each perm, then check it agains the user we're trying to figure
385 switch($perm["type"]) {
399 // we only var if permval is greater then current
400 if($permval > $maxperm) {
401 //error_log("going into check for $maxperm/$permval, ".$perm["ref"]);
402 if($perm["ref"] == "anon") {
404 } else if($perm["ref"] == "authed") {
408 $spl = explode(":", $perm["ref"]);
411 if($idtype == "group") {
412 // function gwvp_IsGroupMember($email, $groupname)
413 if(gwvp_IsGroupMemberById($userid, $idval)) $maxperm = $permval;
414 } else if ($idtype == "user") {
415 //error_log("checking $userid, $idval");
416 if($userid == $idval) $maxperm = $permval;
422 // thats TOTALLY going to work... -_0 we should really write a unit test for this, but thats a bit
423 // hard given the db req's so for now, we'll leave it as is
projects / gwvp.git / blob