search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
taskd/mail.sh: Unsubscribe instructions in email footer.
[girocco.git] / Girocco / Project.pm
blobcabd1ae2f6cac4c15b01138d26763158b0ca1de9
1 package Girocco::Project;
2
3 use strict;
4 use warnings;
5
6 BEGIN {
7 use Girocco::CGI;
8 use Girocco::User;
9 use Girocco::Util;
10 use Girocco::ProjPerm;
11 use Girocco::Config;
12 use base ('Girocco::ProjPerm::'.$Girocco::Config::permission_control); # mwahaha
13 }
14
15 our $metadata_fields = {
16 homepage => ['Homepage URL', 'hp', 'text'],
17 shortdesc => ['Short description', 'desc', 'text'],
18 README => ['README (HTML, lt 8kb)', 'README', 'textarea'],
19 };
20
21 sub _mkdir_forkees {
22 my $self = shift;
23 my @pelems = split('/', $self->{name});
24 pop @pelems; # do not create dir for the project itself
25 my $path = $self->{base_path};
26 foreach my $pelem (@pelems) {
27 $path .= "/$pelem";
28 (-d "$path") or mkdir $path or die "mkdir $path: $!";
29 chmod 0775, $path; # ok if fails (dir may already exist and be owned by someone else)
30 }
31 }
32
33 our %propmap = (
34 url => ':baseurl',
35 email => ':owner',
36 desc => 'description',
37 README => 'README.html',
38 hp => ':homepage',
39 notifymail => '%hooks.mailinglist',
40 notifyjson => '%hooks.jsonurl',
41 );
42
43 sub _property_path {
44 my $self = shift;
45 my ($name) = @_;
46 $self->{path}.'/'.$name;
47 }
48
49 sub _property_fget {
50 my $self = shift;
51 my ($name) = @_;
52 my $pname = $propmap{$name};
53 $pname or die "unknown property: $name";
54 if ($pname =~ s/^://) {
55 my $val = `git --git-dir="$self->{path}" config "gitweb.$pname"`;
56 chomp $val;
57 return $val;
58 } elsif ($pname =~ s/^%//) {
59 my $val = `git --git-dir="$self->{path}" config "$pname"`;
60 chomp $val;
61 return $val;
62 }
63
64 open P, $self->_property_path($pname) or return undef;
65 my @value = <P>;
66 close P;
67 my $value = join('', @value); chomp $value;
68 $value;
69 }
70
71 sub _property_fput {
72 my $self = shift;
73 my ($name, $value) = @_;
74 my $pname = $propmap{$name};
75 $pname or die "unknown property: $name";
76 $value ||= '';
77 if ($pname =~ s/^://) {
78 system('git', '--git-dir='.$self->{path}, 'config', "gitweb.$pname", $value);
79 } elsif ($pname =~ s/^%//) {
80 system('git', '--git-dir='.$self->{path}, 'config', $pname, $value);
81 }
82
83 my $P = lock_file($self->_property_path($pname));
84 $value ne '' and print $P "$value\n";
85 close $P;
86 unlock_file($self->_property_path($pname));
87 }
88
89 sub _properties_load {
90 my $self = shift;
91 foreach my $prop (keys %propmap) {
92 $self->{$prop} = $self->_property_fget($prop);
93 }
94 }
95
96 sub _properties_save {
97 my $self = shift;
98 foreach my $prop (keys %propmap) {
99 $self->_property_fput($prop, $self->{$prop});
100 }
101 }
102
103 sub _nofetch_path {
104 my $self = shift;
105 $self->_property_path('.nofetch');
106 }
107
108 sub _nofetch {
109 my $self = shift;
110 my ($nofetch) = @_;
111 my $np = $self->_nofetch_path;
112 if ($nofetch) {
113 open X, '>'.$np or die "nofetch failed: $!";
114 close X;
115 } else {
116 unlink $np or die "yesfetch failed: $!";
117 }
118 }
119
120 sub _clonelog_path {
121 my $self = shift;
122 $self->_property_path('.clonelog');
123 }
124
125 sub _clonefail_path {
126 my $self = shift;
127 $self->_property_path('.clone_failed');
128 }
129
130 sub _clonep_path {
131 my $self = shift;
132 $self->_property_path('.clone_in_progress');
133 }
134
135 sub _clonep {
136 my $self = shift;
137 my ($nofetch) = @_;
138 my $np = $self->_clonep_path;
139 if ($nofetch) {
140 open X, '>'.$np or die "clonep failed: $!";
141 close X;
142 } else {
143 unlink $np or die "clonef failed: $!";
144 }
145 }
146 sub _alternates_setup {
147 my $self = shift;
148 return unless $self->{name} =~ m#/#;
149 my $forkee_name = get_forkee_name($self->{name});
150 my $forkee_path = get_forkee_path($self->{name});
151 return unless -d $forkee_path;
152 mkdir $self->{path}.'/refs'; chmod 0775, $self->{path}.'/refs';
153 mkdir $self->{path}.'/objects'; chmod 0775, $self->{path}.'/objects';
154 mkdir $self->{path}.'/objects/info'; chmod 0775, $self->{path}.'/objects/info';
155
156 # We set up both alternates and http_alternates since we cannot use
157 # relative path in alternates - that doesn't work recursively.
158
159 my $filename = $self->{path}.'/objects/info/alternates';
160 open X, '>'.$filename or die "alternates failed: $!";
161 print X "$forkee_path/objects\n";
162 close X;
163 chmod 0664, $filename or warn "cannot chmod $filename: $!";
164
165 if ($Girocco::Config::httppullurl) {
166 $filename = $self->{path}.'/objects/info/http-alternates';
167 open X, '>'.$filename or die "http-alternates failed: $!";
168 my $upfork = $forkee_name;
169 do { print X "$Girocco::Config::httppullurl/$upfork.git/objects\n"; } while ($upfork =~ s#/?.+?$## and $upfork); #
170 close X;
171 chmod 0664, $filename or warn "cannot chmod $filename: $!";
172 }
173
174 # The symlink is problematic since git remote prune will traverse it.
175 #symlink "$forkee_path/refs", $self->{path}.'/refs/forkee';
176 }
177
178 sub _ctags_setup {
179 my $self = shift;
180 mkdir $self->{path}.'/ctags'; chmod 01777, $self->{path}.'/ctags';
181 }
182
183 sub _group_add {
184 my $self = shift;
185 my ($xtra) = @_;
186 $xtra .= join(',', @{$self->{users}});
187 filedb_atomic_append(jailed_file('/etc/group'),
188 join(':', $self->{name}, $self->{crypt}, '\i', $xtra));
189 }
190
191 sub _group_update {
192 my $self = shift;
193 my $xtra = join(',', @{$self->{users}});
194 filedb_atomic_edit(jailed_file('/etc/group'),
195 sub {
196 $_ = $_[0];
197 chomp;
198 if ($self->{name} eq (split /:/)[0]) {
199 # preserve readonly flag
200 s/::([^:]*)$/:$1/ and $xtra = ":$xtra";
201 return join(':', $self->{name}, $self->{crypt}, $self->{gid}, $xtra)."\n";
202 } else {
203 return "$_\n";
204 }
205 }
206 );
207 }
208
209 sub _group_remove {
210 my $self = shift;
211 filedb_atomic_edit(jailed_file('/etc/group'),
212 sub {
213 $self->{name} ne (split /:/)[0] and return $_;
214 }
215 );
216 }
217
218 sub _hook_path {
219 my $self = shift;
220 my ($name) = @_;
221 $self->{path}.'/hooks/'.$name;
222 }
223
224 sub _hook_install {
225 my $self = shift;
226 my ($name) = @_;
227 open SRC, "$Girocco::Config::basedir/$name-hook" or die "cannot open hook $name: $!";
228 open DST, '>'.$self->_hook_path($name) or die "cannot open hook $name for writing: $!";
229 while (<SRC>) { print DST $_; }
230 close DST;
231 close SRC;
232 chmod 0775, $self->_hook_path($name) or die "cannot chmod hook $name: $!";
233 }
234
235 sub _hooks_install {
236 my $self = shift;
237 foreach my $hook ('post-receive', 'update') {
238 $self->_hook_install($hook);
239 }
240 }
241
242 # private constructor, do not use
243 sub _new {
244 my $class = shift;
245 my ($name, $base_path, $path) = @_;
246 valid_name($name) or die "refusing to create project with invalid name ($name)!";
247 $path ||= "$base_path/$name.git";
248 my $proj = { name => $name, base_path => $base_path, path => $path };
249
250 bless $proj, $class;
251 }
252
253 # public constructor #0
254 # creates a virtual project not connected to disk image
255 # you can conjure() it later to disk
256 sub ghost {
257 my $class = shift;
258 my ($name, $mirror) = @_;
259 my $self = $class->_new($name, $Girocco::Config::reporoot);
260 $self->{users} = [];
261 $self->{mirror} = $mirror;
262 $self;
263 }
264
265 # public constructor #1
266 sub load {
267 my $class = shift;
268 my ($name) = @_;
269
270 open F, jailed_file("/etc/group") or die "project load failed: $!";
271 while (<F>) {
272 chomp;
273 @_ = split /:+/;
274 next unless (shift eq $name);
275
276 my $self = $class->_new($name, $Girocco::Config::reporoot);
277 (-d $self->{path}) or die "invalid path (".$self->{path}.") for project ".$self->{name};
278
279 my $ulist;
280 ($self->{crypt}, $self->{gid}, $ulist) = @_;
281 $ulist ||= '';
282 $self->{users} = [split /,/, $ulist];
283 $self->{orig_users} = [@{$self->{users}}];
284 $self->{mirror} = ! -e $self->_nofetch_path;
285 $self->{clone_in_progress} = -e $self->_clonep_path;
286 $self->{clone_logged} = -e $self->_clonelog_path;
287 $self->{clone_failed} = -e $self->_clonefail_path;
288 $self->{ccrypt} = $self->{crypt};
289
290 $self->_properties_load;
291 return $self;
292 }
293 close F;
294 undef;
295 }
296
297 # $proj may not be in sane state if this returns false!
298 sub cgi_fill {
299 my $self = shift;
300 my ($gcgi) = @_;
301 my $cgi = $gcgi->cgi;
302
303 my ($pwd, $pwd2) = ($cgi->param('pwd'), $cgi->param('pwd2'));
304 $pwd ||= ''; $pwd2 ||= ''; # in case passwords are disabled
305 if ($pwd or not $self->{crypt}) {
306 $self->{crypt} = scrypt($pwd);
307 }
308
309 if ($pwd2 and $pwd ne $pwd2) {
310 $gcgi->err("Our high-paid security consultants have determined that the admin passwords you have entered do not match each other.");
311 }
312
313 $self->{cpwd} = $cgi->param('cpwd');
314
315 if ($Girocco::Config::project_owners eq 'email') {
316 $self->{email} = $gcgi->wparam('email');
317 valid_email($self->{email})
318 or $gcgi->err("Your email sure looks weird...?");
319 }
320
321 $self->{url} = $gcgi->wparam('url');
322 if ($self->{url}) {
323 valid_repo_url($self->{url})
324 or $gcgi->err("Invalid URL. Note that only HTTP and Git protocol is supported. If the URL contains funny characters, contact me.");
325 }
326
327 $self->{desc} = $gcgi->wparam('desc');
328 length($self->{desc}) <= 1024
329 or $gcgi->err("<b>Short</b> description length &gt; 1kb!");
330
331 $self->{README} = $gcgi->wparam('README');
332 length($self->{README}) <= 8192
333 or $gcgi->err("README length &gt; 8kb!");
334
335 $self->{hp} = $gcgi->wparam('hp');
336 if ($self->{hp}) {
337 valid_web_url($self->{hp})
338 or $gcgi->err("Invalid homepage URL. Note that only HTTP protocol is supported. If the URL contains funny characters, contact me.");
339 }
340
341 # FIXME: Permit only existing users
342 $self->{users} = [grep { Girocco::User::valid_name($_) } $cgi->param('user')];
343
344 not $gcgi->err_check;
345 }
346
347 sub form_defaults {
348 my $self = shift;
349 (
350 name => $self->{name},
351 email => $self->{email},
352 url => $self->{url},
353 desc => html_esc($self->{desc}),
354 README => html_esc($self->{README}),
355 hp => $self->{hp},
356 users => $self->{users},
357 );
358 }
359
360 sub authenticate {
361 my $self = shift;
362 my ($gcgi) = @_;
363
364 $self->{ccrypt} or die "Can't authenticate against a project with no password";
365 $self->{cpwd} ||= '';
366 unless ($self->{ccrypt} eq crypt($self->{cpwd}, $self->{ccrypt})) {
367 $gcgi->err("Your admin password does not match!");
368 return 0;
369 }
370 return 1;
371 }
372
373 sub _setup {
374 my $self = shift;
375 my ($pushers) = @_;
376
377 $self->_mkdir_forkees;
378
379 mkdir($self->{path}) or die "mkdir $self->{path} failed: $!";
380 if ($Girocco::Config::owning_group) {
381 my $gid = scalar(getgrnam($Girocco::Config::owning_group));
382 chown(-1, $gid, $self->{path}) or die "chgrp $gid $self->{path} failed: $!";
383 chmod(02775, $self->{path}) or die "chmod 2775 $self->{path} failed: $!";
384 } else {
385 chmod(02777, $self->{path}) or die "chmod 2777 $self->{path} failed: $!";
386 }
387 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'init', '--bare', '--shared='.$self->shared_mode()) == 0
388 or die "git init $self->{path} failed: $?";
389 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', 'receive.denyNonFastforwards', 'false') == 0
390 or die "disabling receive.denyNonFastforwards failed: $?";
391 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', 'gc.auto', '0') == 0
392 or die "disabling gc.auto failed: $?";
393
394 # /info must have right permissions even before the fixup job,
395 # and git init didn't do it for some reason.
396 if ($Girocco::Config::owning_group) {
397 chmod(02775, $self->{path}."/info") or die "chmod 2775 $self->{path}/info failed: $!";
398 } else {
399 chmod(02777, $self->{path}."/info") or die "chmod 2777 $self->{path}/info failed: $!";
400 }
401
402 $self->_properties_save;
403 $self->_alternates_setup;
404 $self->_ctags_setup;
405 $self->_group_add($pushers);
406 $self->_hooks_install;
407 $self->perm_initialize;
408 system($Girocco::Config::basedir . '/gitweb/genindex.sh');
409 }
410
411 sub premirror {
412 my $self = shift;
413
414 $self->_setup(':');
415 $self->_clonep(1);
416 }
417
418 sub conjure {
419 my $self = shift;
420
421 $self->_setup;
422 $self->_nofetch(1);
423 }
424
425 sub clone {
426 my $self = shift;
427
428 unlink ($self->_clonefail_path()); # Ignore EEXIST error
429 unlink ($self->_clonelog_path()); # Ignore EEXIST error
430
431 use IO::Socket;
432 my $sock = IO::Socket::UNIX->new($Girocco::Config::chroot.'/etc/taskd.socket') or die "cannot connect to taskd.socket: $!";
433 $sock->print("clone ".$self->{name}."\n");
434 # Just ignore reply, we are going to succeed anyway and the I/O
435 # would apparently get quite hairy.
436 $sock->flush();
437 sleep 2; # *cough*
438 $sock->close();
439 }
440
441 sub update {
442 my $self = shift;
443
444 $self->_properties_save;
445 $self->_group_update;
446
447 my @users_add = grep { $a = $_; not scalar grep { $a eq $_ } $self->{orig_users} } $self->{users};
448 my @users_del = grep { $a = $_; not scalar grep { $a eq $_ } $self->{users} } $self->{orig_users};
449 $self->perm_user_add($_, Girocco::User::resolve_uid($_)) foreach (@users_add);
450 $self->perm_user_del($_, Girocco::User::resolve_uid($_)) foreach (@users_del);
451
452 1;
453 }
454
455 sub update_password {
456 my $self = shift;
457 my ($pwd) = @_;
458
459 $self->{crypt} = scrypt($pwd);
460 $self->_group_update;
461 }
462
463 # You can explicitly do this just on a ghost() repository too.
464 sub delete {
465 my $self = shift;
466
467 if (-d $self->{path}) {
468 system('rm', '-rf', $self->{path}) == 0
469 or die "rm -rf $self->{path} failed: $?";
470 }
471 $self->_group_remove;
472 }
473
474 sub has_forks {
475 my $self = shift;
476
477 return glob($Girocco::Config::reporoot.'/'.$self->{name}.'/*');
478 }
479
480
481 ### static methods
482
483 sub get_forkee_name {
484 $_ = $_[0];
485 (m#^(.*)/.*?$#)[0]; #
486 }
487 sub get_forkee_path {
488 my $forkee = $Girocco::Config::reporoot.'/'.get_forkee_name($_[0]).'.git';
489 -d $forkee ? $forkee : '';
490 }
491
492 sub valid_name {
493 $_ = $_[0];
494 (not m#/# or -d get_forkee_path($_)) # will also catch ^/
495 and (not m#\./#)
496 and (not m#/$#)
497 and m#^[a-zA-Z0-9+./_-]+$#;
498 }
499
500 sub does_exist {
501 my ($name) = @_;
502 valid_name($name) or die "tried to query for project with invalid name $name!";
503 (-d $Girocco::Config::reporoot."/$name.git");
504 }
505
506
507 1;
The repo.or.cz duct tape "Girocco"