From bdb63bf22c9310fd5d2050d59eb79f8312deca2b Mon Sep 17 00:00:00 2001
From: paulr <me@pjr.cc>
Date: Tue, 8 Nov 2011 03:21:42 +1100
Subject: [PATCH] Its a nightmare in pastel! but permission management on repos now
 works quite well

---
 gwvplib/gwvpdatabase.php  |   53 ++++++++-
 gwvplib/gwvprepoadmin.php |  293 ++++++++++++++++++++++++++++++++++++++++++++-
 gwvplib/gwvpweb.php       |   22 +++-
 3 files changed, 359 insertions(+), 9 deletions(-)

diff --git a/gwvplib/gwvpdatabase.php b/gwvplib/gwvpdatabase.php
index 28d2832..82533cb 100644
--- a/gwvplib/gwvpdatabase.php
+++ b/gwvplib/gwvpdatabase.php
@@ -710,6 +710,27 @@ function gwvp_IsGroupMember($email, $groupname)
 	if($result == 1) return true;
 }
 
+function gwvp_IsGroupAdmin($groupname = null, $gid = null)
+{
+	$conn = gwvp_ConnectDB();
+	
+	if($groupname != null) {
+		$sql = "select groups_is_admin from groups where groups_name='$groupname'";
+	} else if($gid != null) {
+		$sql = "select groups_is_admin from groups where groups_id='$gid'";
+	} else return false;
+	
+	$res = $conn->query($sql);
+	
+	$return = false;
+	foreach($res as $u_res) {
+		if($u_res["groups_is_admin"] == "1") $return = true;
+	}
+	
+	return $return;
+}
+
+
 function gwvp_IsUserAdmin($email=null, $username = null, $userid = null)
 {
 	$conn = gwvp_ConnectDB();
@@ -836,6 +857,25 @@ function gwvp_ModifyGroup($groupid, $groupname = null, $group_is_admin = null, $
 	return true;
 }
 
+function gwvp_GetRepo($rid)
+{
+	$conn = gwvp_ConnectDB();
+	
+	$sql = "select * from repos where repos_id='$rid'";
+	
+	$res = $conn->query($sql);
+	
+	$return = false;
+	foreach($res as $u_res) {
+		$return["id"] = $u_res["repos_id"];
+		$return["name"] = $u_res["repos_name"];
+		$return["description"] = $u_res["repos_description"];
+		$return["owner"] = $u_res["repos_owner"];
+	}
+	
+	return $return;
+}
+
 function gwvp_GetRepoList()
 {
 	$conn = gwvp_ConnectDB();
@@ -937,7 +977,7 @@ function gwvp_getRepoPermissions($repoid)
 	$returns = false;
 	$rn = 0;
 	foreach($res as $perm) {
-		$returns[$rn]["permid"] = $perm["repoperms_id"];
+		$returns[$rn]["id"] = $perm["repoperms_id"];
 		$returns[$rn]["type"] = $perm["repoperms_type"];
 		$returns[$rn]["ref"] = $perm["repoperms_ref"];
 		$rn++;
@@ -946,10 +986,21 @@ function gwvp_getRepoPermissions($repoid)
 	return $returns;
 }
 
+function gwvp_removeRepoPermission($permid)
+{
+	$conn = gwvp_ConnectDB();
+	
+	$sql = "delete from repoperms where repoperms_id='$permid'";
+	error_log("attempting: \"$sql\"");
+	
+	return $conn->query($sql);
+}
+
 function gwvp_addRepoPermission($repoid, $permtype, $permref)
 {
 	$conn = gwvp_ConnectDB();
 	
+	error_log("PERMS: $repoid, $permtype, $permref");
 	$sql = "insert into repoperms values(null, '$repoid', '$permtype', '$permref')";
 	
 	return $conn->query($sql);
diff --git a/gwvplib/gwvprepoadmin.php b/gwvplib/gwvprepoadmin.php
index 66cb85b..6552727 100644
--- a/gwvplib/gwvprepoadmin.php
+++ b/gwvplib/gwvprepoadmin.php
@@ -22,6 +22,12 @@ function gwvp_RepoAdminCallMe()
 						case "docreate":
 							return "gwvp_DoCreateRepoPage";
 							break;
+						case "manage":
+							return "gwvp_ManageRepoPage";
+							break;
+						case "updateperms":
+							return "gwvp_UpdateRepoPerms";
+							break;
 						default:
 							return "gwvp_RepoAdminPage";
 					}					
@@ -36,6 +42,11 @@ function gwvp_RepoAdminCallMe()
 	return false;
 }
 
+function gwvp_ManageRepoPage()
+{
+	gwvp_goMainPage("gwvp_ManageRepoPageBody");
+}
+
 function gwvp_RepoAdminPage()
 {
 	gwvp_goMainPage("gwvp_RepoAdminPageBody");
@@ -46,8 +57,73 @@ function gwvp_CreateRepoPage()
 	gwvp_goMainPage("gwvp_CreateRepoPageBody");
 }
 
+function gwvp_UpdateRepoPerms()
+{
+	global $LOGIN_TYPE, $BASE_URL;
+	
+	$rid = -1;
+	if(isset($_REQUEST["q"])) {
+		$query = $_REQUEST["q"];
+		$qspl = explode("/", $query);
+		$rid = $qspl[3];
+	}
+
+	// a visible addition
+	if(isset($_REQUEST["visadd"])) {
+		foreach($_REQUEST["vismembersout"] as $mems) {
+			//gwvp_addRepoPermission($repoid, $permtype, $permref);
+			gwvp_addRepoPermission($rid, "visible", $mems);
+		}
+	}
+	
+	// a visible removal
+	if(isset($_REQUEST["visremove"])) {
+		foreach($_REQUEST["vismembersin"] as $rems) {
+			error_log("Remove permid, $rems");
+			gwvp_removeRepoPermission($rems);
+		}
+	}
+
+	// a read addition
+	if(isset($_REQUEST["readadd"])) {
+		foreach($_REQUEST["readmembersout"] as $mems) {
+			//gwvp_addRepoPermission($repoid, $permtype, $permref);
+			gwvp_addRepoPermission($rid, "read", $mems);
+		}
+	}
+	
+	// a read removal
+	if(isset($_REQUEST["readremove"])) {
+		foreach($_REQUEST["readmembersin"] as $rems) {
+			error_log("Remove permid, $rems");
+			gwvp_removeRepoPermission($rems);
+		}
+	}
+
+	// a write addition
+	if(isset($_REQUEST["writeadd"])) {
+		foreach($_REQUEST["writemembersout"] as $mems) {
+			//gwvp_addRepoPermission($repoid, $permtype, $permref);
+			gwvp_addRepoPermission($rid, "write", $mems);
+		}
+	}
+	
+	// a write removal
+	if(isset($_REQUEST["writeremove"])) {
+		foreach($_REQUEST["writemembersin"] as $rems) {
+			error_log("Remove permid, $rems");
+			gwvp_removeRepoPermission($rems);
+		}
+	}
+	
+	gwvp_SendMessage("info", "Permissions Updated");
+	header("Location: $BASE_URL/admin/repos/manage/$rid");
+	return;
+}
+
 //function gwvp_createGitRepo($name, $ownerid, $desc, $defaultperms=0, $bundle=null)
 
+
 function gwvp_DoCreateRepoPage()
 {
 	global $BASE_URL;
@@ -151,7 +227,8 @@ function gwvp_RepoAdminPageBody()
 				error_log("snafu: $mjay");
 				$reponame = $repos["name"];
 				$repodesc = $repos["description"];
-				echo "<tr><td>$reponame</td><td>$repodesc</td><td><a href=\"$BASE_URL/admin/repos/manageown\">Manage</a></td></tr>";
+				$rid = $repos["id"];
+				echo "<tr><td>$reponame</td><td>$repodesc</td><td><a href=\"$BASE_URL/admin/repos/manage/$rid\">Manage</a></td></tr>";
 			}
 			echo "</table>";
 		} else {
@@ -171,14 +248,226 @@ function gwvp_RepoAdminPageBody()
 		$rname = $u_res["name"];
 		$rdesc = $u_res["description"];
 		$rown = gwvp_getUserName($u_res["owner"]);
-		echo "<tr><td>$rname</td><td>$rdesc</td><td>$rown</td><td><a href=\"$BASE_URL/admin/repos/modify/$rid\">Details</a></td></tr>";
+		echo "<tr><td>$rname</td><td>$rdesc</td><td>$rown</td><td><a href=\"$BASE_URL/admin/repos/manage/$rid\">Details</a></td></tr>";
 	}
 	echo "</table>";
 	
 	return;
 }
 
+function gwvp_DisemableRefId($who)
+{
+	if($who == "anon") return "Everyone";
+	if($who == "authed") return "All Authenticated User";
+	
+	$epl = explode(":", $who);
+	
+	if($epl[0] == "user") {
+		$username = gwvp_getUserName($epl[1]);
+		return "User: $username";
+	} else if ($epl[0] == "group") {
+		$grdent = gwvp_getGroup($epl[1]);
+		$groupname = $grdent["name"];
+		return "Group: $groupname";
+	} else return "unknown";
+}
 
+function gwvp_ManageRepoPageBody()
+{
+	global $LOGIN_TYPE, $BASE_URL;
+	
+	$rid = -1;
+	if(isset($_REQUEST["q"])) {
+		$query = $_REQUEST["q"];
+		$qspl = explode("/", $query);
+		$rid = $qspl[3];
+	}
+	
+	$repodets = gwvp_GetRepo($rid);
+	$reponame = $repodets["name"];
+	$repodesc = $repodets["description"];
+	$repoownid = $repodets["owner"];
+	$owndby = gwvp_getUserName($repoownid);
+	$users = gwvp_getUsers();
+	$groups = gwvp_getGroups();
+	$repoperms = gwvp_getRepoPermissions($rid);
+	
+	
+	echo "<h2>Repository Management</h2>";
+	echo "<b>$owndby's</b> Repository <i>$reponame</i><br>";
+	
+	echo "<form method=\"post\" action=\"$BASE_URL/admin/repos/update/$rid\">";
+	
+	echo "<table>";
+	echo "<tr><td>Description</td><td><input type=\"text\" name=\"desc\" value=\"$repodesc\"></td></tr>";
+	echo "</table>";
+	echo "<input type=\"submit\" name=\"update\" value=\"Update\"><br>";
+	echo "</form>";
+	
+	echo "<form method=\"post\" action=\"$BASE_URL/admin/repos/updateperms/$rid\">";
+	echo "<table>";
+	echo "<tr bgcolor=\"#eeeee0\"><th>Visibility</th><th>Read/Clone</th><th>Write/Push</th></tr>";
+	echo "<tr><td bgcolor=\"#eeeeff\">";
+	
+	
+	
+	
+	// visibility section
+	$visin[0] = 0;
+	echo "<table>";
+	echo "<tr><td>Allowed</td><td></td><td>All</td></tr>";
+	echo "<tr><td>";
+	// list allowed users
+	echo "<select name=\"vismembersin[]\" size=\"20\" multiple=\"true\">";
+	foreach($repoperms as $v_perms) {
+		if($v_perms["type"] == "visible") {
+			$who = $v_perms["ref"]; // now we need to disemble ref
+			$pid = $v_perms["id"];
+			$refid = gwvp_DisemableRefId($who);
+			
+			$visin[$who] = true;
+			
+			echo "<option value=\"$pid\">$refid</option>";
+		}
+	}
+
+	echo "</select>";
+	
+	echo "</td><td>";
+	// buttons
+	echo "<input type=\"submit\" name=\"visadd\" value=\"<<\"><br>";
+	echo "<input type=\"submit\" name=\"visremove\" value=\">>\"><br>";
+	
+	echo "</td><td>";
+	// list all users/groups/specials
+	echo "<select name=\"vismembersout[]\" size=\"20\" multiple=\"true\">";
+	if(!isset($visin["anon"])) echo "<option value=\"anon\">Everyone</option>";
+	if(!isset($visin["authed"])) echo "<option value=\"authed\">All Authenticated User</option>";
+	foreach($groups as $u_groups) {
+		$gname = $u_groups["name"];
+		$gid = $u_groups["id"];
+		if(!gwvp_IsGroupAdmin(null, $gid)) if(!isset($visin["group:$gid"])) echo "<option value=\"group:$gid\">Group: $gname</option>";
+	}
+	foreach($users as $u_users) {
+		$uid = $u_users["id"];
+		$email = $u_users["email"];
+		$username = $u_users["username"];
+		$fullname = $u_users["fullname"];
+		if(!gwvp_IsUserAdmin(null, null, $uid)) if(!isset($visin["user:$uid"])) echo "<option value=\"user:$uid\">User: $username</option>";
+	}
+	echo "</select>";
+	
+	echo "</td></tr>";
+	echo "</table>";
+	// end visibility section
+	
+	
+	echo "</td><td bgcolor=\"#eeffee\">";
+	// Read/clone/pull section
+	$readin[0] = 0;
+	echo "<table>";
+	echo "<tr><td>Allowed</td><td></td><td>All</td></tr>";
+	echo "<tr><td>";
+	// list allowed users
+	echo "<select name=\"readmembersin[]\" size=\"20\" multiple=\"true\">";
+	foreach($repoperms as $v_perms) {
+		if($v_perms["type"] == "read") {
+			$who = $v_perms["ref"]; // now we need to disemble ref
+			$pid = $v_perms["id"];
+			$refid = gwvp_DisemableRefId($who);
+			
+			$readin[$who] = true;
+			
+			echo "<option value=\"$pid\">$refid</option>";
+		}
+	}
+
+	echo "</select>";
+	
+	echo "</td><td>";
+	// buttons
+	echo "<input type=\"submit\" name=\"readadd\" value=\"<<\"><br>";
+	echo "<input type=\"submit\" name=\"readremove\" value=\">>\"><br>";
+	
+	echo "</td><td>";
+	// list all users/groups/specials
+	echo "<select name=\"readmembersout[]\" size=\"20\" multiple=\"true\">";
+	if(!isset($readin["anon"])) echo "<option value=\"anon\">Everyone</option>";
+	if(!isset($readin["authed"])) echo "<option value=\"authed\">All Authenticated User</option>";
+	foreach($groups as $u_groups) {
+		$gname = $u_groups["name"];
+		$gid = $u_groups["id"];
+		if(!gwvp_IsGroupAdmin(null, $gid)) if(!isset($readin["group:$gid"])) echo "<option value=\"group:$gid\">Group: $gname</option>";
+	}
+	foreach($users as $u_users) {
+		$uid = $u_users["id"];
+		$email = $u_users["email"];
+		$username = $u_users["username"];
+		$fullname = $u_users["fullname"];
+		if(!gwvp_IsUserAdmin(null, null, $uid)) if(!isset($readin["user:$uid"])) echo "<option value=\"user:$uid\">User: $username</option>";
+	}
+	echo "</select>";
+	
+	echo "</td></tr>";
+	echo "</table>";
+	// end read/clone/pull section
+	
+	
+	echo "</td><td bgcolor=\"#ffeeee\">";
+	// write/push section
+	$writein[0] = 0;
+	echo "<table>";
+	echo "<tr><td>Allowed</td><td></td><td>All</td></tr>";
+	echo "<tr><td>";
+	// list allowed users
+	echo "<select name=\"writemembersin[]\" size=\"20\" multiple=\"true\">";
+	foreach($repoperms as $v_perms) {
+		if($v_perms["type"] == "write") {
+			$who = $v_perms["ref"]; // now we need to disemble ref
+			$pid = $v_perms["id"];
+			$refid = gwvp_DisemableRefId($who);
+			
+			$writein[$who] = true;
+			
+			echo "<option value=\"$pid\">$refid</option>";
+		}
+	}
+
+	echo "</select>";
+	
+	echo "</td><td>";
+	// buttons
+	echo "<input type=\"submit\" name=\"writeadd\" value=\"<<\"><br>";
+	echo "<input type=\"submit\" name=\"writeremove\" value=\">>\"><br>";
+	
+	echo "</td><td>";
+	// list all users/groups/specials
+	echo "<select name=\"writemembersout[]\" size=\"20\" multiple=\"true\">";
+	if(!isset($writein["anon"])) echo "<option value=\"anon\">Everyone</option>";
+	if(!isset($writein["authed"])) echo "<option value=\"authed\">All Authenticated User</option>";
+	foreach($groups as $u_groups) {
+		$gname = $u_groups["name"];
+		$gid = $u_groups["id"];
+		if(!gwvp_IsGroupAdmin(null, $gid)) if(!isset($writein["group:$gid"])) echo "<option value=\"group:$gid\">Group: $gname</option>";
+	}
+	foreach($users as $u_users) {
+		$uid = $u_users["id"];
+		$email = $u_users["email"];
+		$username = $u_users["username"];
+		$fullname = $u_users["fullname"];
+		if(!gwvp_IsUserAdmin(null, null, $uid)) if(!isset($writein["user:$uid"])) echo "<option value=\"user:$uid\">User: $username</option>";
+	}
+	echo "</select>";
+	
+	echo "</td></tr>";
+	echo "</table>";
+	// end write/push section
+	
+	echo "</td></tr>";
+	
+	echo "</table>";
+	echo "</form>";
+}
 
 
 ?>
\ No newline at end of file
diff --git a/gwvplib/gwvpweb.php b/gwvplib/gwvpweb.php
index c88e302..6f8c36c 100644
--- a/gwvplib/gwvpweb.php
+++ b/gwvplib/gwvpweb.php
@@ -155,13 +155,23 @@ function gwvp_MenuBuilder()
 	foreach($MENU_ITEMS as $key => $val) {
 		$link = $val["link"];
 		$text = $val["text"];
-		$q = "";
-		if(isset($_REQUEST["q"])) $q = $BASE_URL."/".$_REQUEST["q"];
-		else $q = $BASE_URL;
-		if($q == $link) $menucolor = " bgcolor=\"#ffdddd\"";
-		else $menucolor = "";
 		
-		error_log("checking $q against $link now $menucolor");
+		// TODO: redo this bit with stristr to find urls - special case for home
+		$menucolor = "";
+		if(isset($_REQUEST["q"])) {
+			$extlink = str_replace("$BASE_URL/", "", $link);
+			error_log("trying to do replace of $BASE_URL in $link, got $extlink for ".$_REQUEST["q"]);
+			if(stristr($_REQUEST["q"], $extlink)!==false) {
+				$menucolor = " bgcolor=\"#ffdddd\"";
+				
+			}
+		} else {
+			// special case for home
+			if($link == $BASE_URL) $menucolor = " bgcolor=\"#ffdddd\"";
+		}
+		
+		
+		
 		
 		if(isset($val["userlevel"])) {
 			if(gwvp_CheckAuthLevel($val["userlevel"])) {
-- 
1.7.0.4