//$MENU_ITEMS["20repos"]["link"] = "$BASE_URL/admin/repos";
$HOME_PAGE_PROVIDERS["gitlog"] = "gwvp_GitLogProvider";
+// TODO: we could actually change backend interface such that is
+// will respond to any url's that contain "repo.git" rather then
+// having to be $BASE_URL/git/repo.git
function gwvp_gitControlCallMe()
{
if(isset($_REQUEST["q"])) {
// TODO: we need to stop passing the repo name around as "repo.git", it needs to be just "repo"
+
+ /* bizare git problem that ignores 403's or continues on with a push despite them
+ error_log("FLAP for ".$_SERVER["REQUEST_URI"]);
+ if(isset($_REQUEST)) {
+ $dump = print_r($_REQUEST, true);
+ error_log("FLAP, $dump");
+ }
+ if(isset($_SERVER["PHP_AUTH_USER"])) {
+ error_log("FLAP: donut hole");
+ }*/
+
+
+
+
$repo = "";
- $repoid = -1;
+ $repoid = false;
$newloc = "/";
if(isset($_REQUEST["q"])) {
$query = $_REQUEST["q"];
$qspl = explode("/", $query);
- $repo = $qspl[1];
- $repoid = gwvp_resolvRepoPerms($repo);
+ // TODO do this with
+ $repo = preg_replace("/\.git$/", "", $qspl[1]);
+ $repoid = gwvp_GetRepoId($repo);
for($i=2; $i < count($qspl); $i++) {
$newloc .= "/".$qspl[$i];
}
}
- if($repoid == -1) {
+ if($repoid == false) {
gwvp_fourZeroFour();
return;
}
+ // we do an update server cause its weird and i cant figure out when it actually needs to happen
+ chdir("$repo_base/$repo.git");
+ exec("/usr/bin/git update-server-info");
+
+
// so now we have the repo
// next we determine if this is a read or a write
$write = false;
if(isset($_REQUEST["service"])) {
if($_REQUEST["service"] == "git-receive-pack") {
+ error_log("got write as receivepack in post");
$write = true;
}
}
if($_SERVER["REQUEST_METHOD"] == "POST") {
$write = true;
}
+ // THIS MAY CAUSE ISSUES LATER ON but we do it cause the git client ignores our 403 when it uses git-receive-pack after an auth
+ // no, this isnt a solution cause auth'd read attempts will come up as writes...
+ //if(isset($_SERVER["PHP_AUTH_USER"])) {
+ //$write = true;
+ //}
// if its a write, we push for authentication
if($write) {
+ error_log("is write attempt, ask for login");
$person = gwvp_checkBasicAuthLogin();
if($person == false) {
gwvp_AskForBasicAuth();
return;
} else {
- $perms = gwvp_resolvRepoPerms($person["id"], $repoid);
+ error_log("checking perms for $person against $repoid for repo $repo");
+ $perms = gwvp_resolvRepoPerms(gwvp_getUserId(null, $person), $repoid);
if($perms < 3) {
+ error_log("perms are $perms and im not allowed");
gwvp_fourZeroThree();
- return;
+ exit(0);
} else {
// here we pass to the git backend
+ error_log("perms are $perms and im allowed");
gwvp_callGitBackend($person["username"], $repo);
}
}
gwvp_AskForBasicAuth();
return;
} else {
- $perms = gwvp_resolvRepoPerms($person["id"], $repoid);
+ $perms = gwvp_resolvRepoPerms(gwvp_getUserId(null, $person), $repoid);
if($perms < 3) {
+ $dump = print_r($person, true);
+ error_log("in basic read, called 403 for $perms $dump");
gwvp_fourZeroThree();
return;
}
}
// if we made it this far, we a read and we have permissions to do so, just search the file from the repo
- if(file_exists("$repo_base/$repo/$newloc")) {
- error_log("would ask $repo,$actual_repo_name for $repo/$newloc from $repo_base/$repo/$newloc");
- $fh = fopen("$repo_base/$repo/$newloc", "rb");
+ if(file_exists("$repo_base/$repo.git/$newloc")) {
+ error_log("would ask $repo for $repo.git/$newloc from $repo_base/$repo.git/$newloc");
+ $fh = fopen("$repo_base/$repo.git/$newloc", "rb");
error_log("pushing file");
while(!feof($fh)) {
return false;
}
-function gwvp_callGitBackend($username, $reponame)
+function gwvp_callGitBackend($username, $repo)
{
// this is where things become a nightmare
$fh = fopen('php://input', "r");
$ruri = $_SERVER["REQUEST_URI"];
- $strrem = "git/$repo";
+ $strrem = "git/$repo.git";
$euri = str_replace($strrem, "", $_REQUEST["q"]);
//$euri = preg_replace("/^git\/$repo\.git/", "", $_REQUEST["q"]);
// setup env
if(isset($procenv)) unset($procenv);
$procenv["GATEWAY_INTERFACE"] = "CGI/1.1";
- $procenv["PATH_TRANSLATED"] = "/tmp/$repo/$euri";
+ $procenv["PATH_TRANSLATED"] = "/tmp/$repo.git/$euri";
$procenv["REQUEST_METHOD"] = "$rmeth";
$procenv["GIT_HTTP_EXPORT_ALL"] = "1";
$procenv["QUERY_STRING"] = "$qs";
$procenv["CONTENT_LENGTH"] = $_SERVER["CONTENT_LENGTH"];
}
- error_log("path trans'd is /tmp/$repo/$euri from $ruri with ".$_REQUEST["q"]." $strrem");
+ error_log("path trans'd is /tmp/$repo.git/$euri from $ruri with ".$_REQUEST["q"]." $strrem");
// 1 - visible
// 2 - read
// 3 - write
+// 4 - owner/administrator
function gwvp_resolvRepoPerms($userid, $repoid)
{
$ownerid = gwvp_getRepoOwner($repoid);
$isadmin = gwvp_IsUserAdmin(null, null, $userid);
- if($isadmin) return 3;
+ error_log("USerid is $userid, ownerid $ownerid");
+
+ if($isadmin) return 4;
- if($userid == $ownerid) return 3;
+ if($userid == $ownerid) return 4;
// now we load the perms table and pray
$repoperms = gwvp_getRepoPermissions($repoid);
projects / gwvp.git / blobdiff