X-Git-Url: http://git.pjr.cc/?p=gwvp.git;a=blobdiff_plain;f=gwvplib%2Fgwvpgitcontrol.php;h=a59a02b9605efa8e237863083551ef8cd5b38b2f;hp=18956b95d7e35d17078d84d53204807ebfc3d7ae;hb=507bc8f2818a42d751ed6e2e2fc68ee2bde94016;hpb=673b7aa46f8ccbd326113eea024320f70eb7ec10
diff --git a/gwvplib/gwvpgitcontrol.php b/gwvplib/gwvpgitcontrol.php
index 18956b9..a59a02b 100644
--- a/gwvplib/gwvpgitcontrol.php
+++ b/gwvplib/gwvpgitcontrol.php
@@ -4,6 +4,7 @@ $CALL_ME_FUNCTIONS["gitcontrol"] = "gwvp_gitControlCallMe";
//$MENU_ITEMS["20repos"]["text"] = "Repo Admin";
//$MENU_ITEMS["20repos"]["link"] = "$BASE_URL/admin/repos";
+$HOME_PAGE_PROVIDERS["gitlog"] = "gwvp_GitLogProvider";
function gwvp_gitControlCallMe()
{
@@ -22,36 +23,116 @@ function gwvp_gitControlCallMe()
}
+function gwvp_GitLogProvider()
+{
+ echo "
gitload provider loaded on homepage
";
+}
+
function gwvp_repoPermissionCheck($repo, $user)
{
return true;
}
-function gwvp_gitBackendInterface_new()
+function gwvp_gitBackendInterface()
{
// and this is where i re-code the git backend interface from scratch
- global $repo_base, $BASE_URL;
+ global $BASE_URL;
+ $repo_base = gwvp_getConfigVal("repodir");
+
+ // TODO: we need to stop passing the repo name around as "repo.git", it needs to be just "repo"
$repo = "";
+ $repoid = -1;
$newloc = "/";
if(isset($_REQUEST["q"])) {
$query = $_REQUEST["q"];
$qspl = explode("/", $query);
$repo = $qspl[1];
+ $repoid = gwvp_resolvRepoPerms($repo);
for($i=2; $i < count($qspl); $i++) {
$newloc .= "/".$qspl[$i];
}
}
+ if($repoid == -1) {
+ gwvp_fourZeroFour();
+ return;
+ }
+
+ // so now we have the repo
+ // next we determine if this is a read or a write
+ $write = false;
+ if(isset($_REQUEST["service"])) {
+ if($_REQUEST["service"] == "git-receive-pack") {
+ $write = true;
+ }
+ }
+ if($_SERVER["REQUEST_METHOD"] == "POST") {
+ $write = true;
+ }
+
+ // if its a write, we push for authentication
+ if($write) {
+ $person = gwvp_checkBasicAuthLogin();
+ if($person == false) {
+ gwvp_AskForBasicAuth();
+ return;
+ } else {
+ $perms = gwvp_resolvRepoPerms($person["id"], $repoid);
+ if($perms < 3) {
+ gwvp_fourZeroThree();
+ return;
+ } else {
+ // here we pass to the git backend
+ gwvp_callGitBackend($person["username"], $repo);
+ }
+ }
+ return;
+ }
+
+ // if not we figure out the anon permissions for a repo
+ $perms = gwvp_resolvRepoPerms(-1, $repoid);
+
+ // if they're less then read, we need to then check the user auth permissions
+ if($perms < 2) {
+ // we ask for auth
+ $person = gwvp_checkBasicAuthLogin();
+ if($person == false) {
+ gwvp_AskForBasicAuth();
+ return;
+ } else {
+ $perms = gwvp_resolvRepoPerms($person["id"], $repoid);
+ if($perms < 3) {
+ gwvp_fourZeroThree();
+ return;
+ }
+ }
+ }
+
+ // if we made it this far, we a read and we have permissions to do so, just search the file from the repo
+ if(file_exists("$repo_base/$repo/$newloc")) {
+ error_log("would ask $repo,$actual_repo_name for $repo/$newloc from $repo_base/$repo/$newloc");
+ $fh = fopen("$repo_base/$repo/$newloc", "rb");
+
+ error_log("pushing file");
+ while(!feof($fh)) {
+ echo fread($fh, 8192);
+ }
+ } else {
+ //echo "would ask $repo,$actual_repo_name for $repo/$newloc from $repo_base/$repo/$newloc, NE";
+ gwvp_fourZeroFour();
+ return;
+ }
}
-function gwvp_gitBackendInterface()
+function gwvp_gitBackendInterface_old()
{
- global $repo_base, $BASE_URL;
+ global $BASE_URL;
+ $repo_base = gwvp_getConfigVal("repodir");
$repo = "";
$newloc = "/";
@@ -157,8 +238,17 @@ function gwvp_gitBackendInterface()
}
}
+function gwvp_canManageRepo($userid, $repoid)
+{
+ // only the owner or an admin can do these tasks
+ error_log("Checking repoid, $repoid against userid $userid");
+
+ if(gwvp_IsUserAdmin(null, null, $userid)) return true;
+ if(gwvp_IsRepoOwner($userid, $repoid)) return true;
+ return false;
+}
-function gwvp_callGitBackend($repo)
+function gwvp_callGitBackend($username, $reponame)
{
// this is where things become a nightmare
$fh = fopen('php://input', "r");
@@ -199,7 +289,7 @@ function gwvp_callGitBackend($repo)
$procenv["GIT_HTTP_EXPORT_ALL"] = "1";
$procenv["QUERY_STRING"] = "$qs";
$procenv["HTTP_USER_AGENT"] = "git/1.7.1";
- $procenv["REMOTE_USER"] = "user";
+ $procenv["REMOTE_USER"] = "$username";
$procenv["REMOTE_ADDR"] = "1.2.3.4";
$procenv["AUTH_TYPE"] = "Basic";
@@ -324,7 +414,7 @@ function gwvp_callGitBackend($repo)
function gwvp_repoExists($name)
{
- global $repo_base;
+ $repo_base = gwvp_getConfigVal("repodir");
if(file_exists("$repo_base/$name.git")) return true;
else return false;
@@ -336,7 +426,7 @@ function gwvp_repoExists($name)
// 2 - only owner can see anything
function gwvp_createGitRepo($name, $ownerid, $desc, $bundle=null, $defaultperms=0)
{
- global $repo_base;
+ $repo_base = gwvp_getConfigVal("repodir");
// phew, this works, but i tell you this - bundles arent quite as nice as they should be
if($bundle == null) {
@@ -377,12 +467,49 @@ function gwvp_resolvRepoPerms($userid, $repoid)
$usergroups = gwvp_getGroupsForUser(null, $userid);
$maxperm = 0;
- foreach($repoperms as $perm) {
+ if($repoperms != false) foreach($repoperms as $perm) {
// need to go thru each perm, then check it agains the user we're trying to figure
// the perms on
+ switch($perm["type"]) {
+ case "read":
+ $permval = 2;
+ break;
+ case "visible":
+ $permval = 1;
+ break;
+ case "write":
+ $permval = 3;
+ break;
+ default:
+ $permval = 0;
+ }
-
+ // we only var if permval is greater then current
+ if($permval > $maxperm) {
+ //error_log("going into check for $maxperm/$permval, ".$perm["ref"]);
+ if($perm["ref"] == "anon") {
+ $maxperm = $permval;
+ } else if($perm["ref"] == "authed") {
+ $maxperm = $permval;
+ } else {
+ // now we do splits
+ $spl = explode(":", $perm["ref"]);
+ $idtype = $spl[0];
+ $idval = $spl[1];
+ if($idtype == "group") {
+ // function gwvp_IsGroupMember($email, $groupname)
+ if(gwvp_IsGroupMemberById($userid, $idval)) $maxperm = $permval;
+ } else if ($idtype == "user") {
+ //error_log("checking $userid, $idval");
+ if($userid == $idval) $maxperm = $permval;
+ }
+ }
+ }
}
+
+ // thats TOTALLY going to work... -_0 we should really write a unit test for this, but thats a bit
+ // hard given the db req's so for now, we'll leave it as is
+ return $maxperm;
}
?>
\ No newline at end of file