* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-forge_define_config_item('default_server', 'scmgit', forge_get_config ('web_host')) ;
-forge_define_config_item('repos_path', 'scmgit', forge_get_config('chroot').'/scmrepos/git') ;
+forge_define_config_item('default_server', 'scmgit', forge_get_config ('web_host'));
+forge_define_config_item('repos_path', 'scmgit', forge_get_config('chroot').'/scmrepos/git');
+forge_define_config_item('use_ssh', 'scmgit', false);
+forge_set_config_item_bool('use_ssh', 'scmgit');
+forge_define_config_item('use_dav', 'scmgit', true);
+forge_set_config_item_bool('use_dav', 'scmgit');
+forge_define_config_item('use_ssl', 'scmgit', true);
+forge_set_config_item_bool('use_ssl', 'scmgit');
+
class GitPlugin extends SCMPlugin {
function GitPlugin() {
return;
}
- if ($project->usesPlugin($this->name)) {
+ if ($project->usesPlugin($this->name) && forge_check_perm('scm', $project->getID(), 'read')) {
$result = db_query_params('SELECT sum(commits) AS commits, sum(adds) AS adds FROM stats_cvs_group WHERE group_id=$1',
array ($project->getID())) ;
$commit_num = db_result($result,0,'commits');
$root = $params['root'];
$repodir = $root . '/users/' . $user_name . '.git' ;
- system("su - $user_name -c 'chgrp $unix_group $repodir'");
+ chgrp($repodir, $unix_group);
if ($project->enableAnonSCM()) {
chmod ($repodir, 02755);
} else {
// Create main repository
$main_repo = $root . '/' . $project_name . '.git' ;
- if (!is_file ("$main_repo/HEAD") && !is_dir("$main_repo/objects") && !is_dir("$main_repo/refs")) {
+ if (!is_dir($main_repo) || (!is_file("$main_repo/HEAD") &&
+ !is_dir("$main_repo/objects") && !is_dir("$main_repo/refs"))) {
$tmp_repo = util_mkdtemp('.git', $project_name);
if ($tmp_repo == false) {
return false;
system ("echo \"Git repository for $project_name\" > $tmp_repo/description") ;
system ("find $tmp_repo -type d | xargs chmod g+s") ;
system ("chgrp -R $unix_group $tmp_repo") ;
+ system ("chmod -R g+wX,o+rX-w $tmp_repo") ;
if ($project->enableAnonSCM()) {
system ("chmod g+wX,o+rX-w $root") ;
- system ("chmod -R g+wX,o+rX-w $tmp_repo") ;
} else {
system ("chmod g+wX,o-rwx $root") ;
- system ("chmod -R g+wX,o-rwx $tmp_repo") ;
+ system ("chmod g+wX,o-rwx $tmp_repo") ;
}
$ret = true;
+ /*
+ * $main_repo can already exist, for example if it’s
+ * not a directory or doesn’t contain a HEAD file or
+ * an objects or refs subdirectory… move it out of
+ * the way in these cases
+ */
+ system("if test -e $main_repo || test -h $main_repo; then d=\$(mktemp -d $main_repo.scmgit-moved.XXXXXXXXXX) && mv -f $main_repo \$d/; fi");
+ /* here’s still a TOCTOU but we check $ret below */
system("mv $tmp_repo $main_repo", $ret);
if ($ret != 0) {
return false;
}
+ system ("echo \"Git repository for $project_name\" > $main_repo/description") ;
+ system ("find $main_repo -type d | xargs chmod g+s");
+ if (forge_get_config('use_dav','scmgit')) {
+ $f = fopen(forge_get_config('config_path').'/httpd.conf.d/plugin-scmgit-dav.inc','a');
+ fputs($f,'Use Project '.$project_name."\n");
+ fclose($f);
+ system(forge_get_config('httpd_reload_cmd','scmgit'));
+ }
}
if (forge_get_config('use_ssh','scmgit')) {
if ($project->enableAnonSCM()) {
fwrite($config_f, "\$javascript = '". util_make_url('/plugins/scmgit/gitweb.js')."';\n");
fwrite($config_f, "\$prevent_xss = 'true';\n");
fclose($config_f);
- chmod ($fname.'.new', 0644) ;
- rename ($fname.'.new', $fname) ;
+ chmod($fname.'.new', 0644);
+ rename($fname.'.new', $fname);
- $fname = $config_dir . '/gitweb.list' ;
+ $fname = $config_dir . '/gitweb.list';
+ $f = fopen($fname.'.new', 'w');
- $f = fopen ($fname.'.new', 'w');
+ $engine = RBACEngine::getInstance();
foreach ($list as $project) {
- $repos = $this->getRepositories($rootdir . "/" . $project->getUnixName());
- foreach ($repos as $repo) {
- $reldir = substr($repo, strlen($rootdir) + 1);
- fwrite($f, $reldir . "\n");
- }
+ $repos = $this->getRepositories($rootdir . "/" . $project->getUnixName());
+ foreach ($repos as $repo) {
+ $reldir = substr($repo, strlen($rootdir) + 1);
+ fwrite($f, $reldir . "\n");
+ }
+ $users = $engine->getUsersByAllowedAction('scm',$project->getID(),'write');
+ $password_data = '';
+ foreach ($users as $user) {
+ $password_data .= $user->getUnixName().':'.$user->getUnixPasswd()."\n";
+ }
+ $faname = forge_get_config('data_path').'/gituser-authfile.'.$project->getUnixName();
+ $fa = fopen($faname.'.new', 'w');
+ fwrite($fa, $password_data);
+ fclose($fa);
+ chmod($faname.'.new', 0644);
+ rename($faname.'.new', $faname);
}
fclose($f);
chmod($fname.'.new', 0644);