search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Project.pm: add read-only lastactivity field
[girocco.git] / Girocco / Project.pm
blob45b88353a8aca9159363efb41bf103858262b338
1 package Girocco::Project;
2
3 use strict;
4 use warnings;
5
6 BEGIN {
7 use Girocco::CGI;
8 use Girocco::User;
9 use Girocco::Util;
10 use Girocco::ProjPerm;
11 use Girocco::Config;
12 use base ('Girocco::ProjPerm::'.$Girocco::Config::permission_control); # mwahaha
13 }
14
15 BEGIN {
16 eval {
17 require Digest::SHA;
18 Digest::SHA->import(
19 qw(sha1_hex)
20 );1} ||
21 eval {
22 require Digest::SHA1;
23 Digest::SHA1->import(
24 qw(sha1_hex)
25 );1} ||
26 eval {
27 require Digest::SHA::PurePerl;
28 Digest::SHA::PurePerl->import(
29 qw(sha1_hex)
30 );1} ||
31 die "One of Digest::SHA or Digest::SHA1 or Digest::SHA::PurePerl "
32 . "must be available\n";
33 }
34
35 our $metadata_fields = {
36 homepage => ['Homepage URL', 'hp', 'text'],
37 shortdesc => ['Short description', 'desc', 'text'],
38 README => ['README (HTML, lt 8kb)', 'README', 'textarea'],
39 notifymail => ['Commit notify - mail to', 'notifymail', 'text'],
40 notifyjson => ['Commit notify - <a href="http://help.github.com/post-receive-hooks/">POST JSON</a> at', 'notifyjson', 'text'],
41 notifycia => ['Commit notify - <a href="http://cia.vc/doc/">CIA project</a> name', 'notifycia', 'text'],
42 };
43
44 sub _mkdir_forkees {
45 my $self = shift;
46 my @pelems = split('/', $self->{name});
47 pop @pelems; # do not create dir for the project itself
48 my $path = $self->{base_path};
49 foreach my $pelem (@pelems) {
50 $path .= "/$pelem";
51 (-d "$path") or mkdir $path or die "mkdir $path: $!";
52 chmod 02775, $path; # ok if fails (dir may already exist and be owned by someone else)
53 }
54 }
55
56 our %propmap = (
57 url => ':baseurl',
58 email => ':owner',
59 desc => 'description',
60 README => 'README.html',
61 hp => ':homepage',
62 notifymail => '%hooks.mailinglist',
63 notifytag => '%hooks.announcelist',
64 notifyjson => '%hooks.jsonurl',
65 notifycia => '%hooks.cianame',
66 );
67
68 our %propmapro = (
69 lastchange => ':lastchange',
70 lastactivity => 'info/lastactivity',
71 );
72
73 sub _update_index {
74 system($Girocco::Config::basedir . '/gitweb/genindex.sh');
75 }
76
77 sub _property_path {
78 my $self = shift;
79 my ($name) = @_;
80 $self->{path}.'/'.$name;
81 }
82
83 sub _property_fget {
84 my $self = shift;
85 my ($name) = @_;
86 my $pname = $propmap{$name};
87 $pname = $propmapro{$name} unless $pname;
88 $pname or die "unknown property: $name";
89 if ($pname =~ s/^://) {
90 my $val = `git --git-dir="$self->{path}" config "gitweb.$pname"`;
91 chomp $val;
92 return $val;
93 } elsif ($pname =~ s/^%//) {
94 my $val = `git --git-dir="$self->{path}" config "$pname"`;
95 chomp $val;
96 return $val;
97 }
98
99 open P, '<', $self->_property_path($pname) or return undef;
100 my @value = <P>;
101 close P;
102 my $value = join('', @value); chomp $value;
103 $value;
104 }
105
106 sub _property_fput {
107 my $self = shift;
108 my ($name, $value) = @_;
109 my $pname = $propmap{$name};
110 $pname or die "unknown property: $name";
111 $value ||= '';
112 if ($pname =~ s/^://) {
113 system('git', '--git-dir='.$self->{path}, 'config', "gitweb.$pname", $value);
114 return;
115 } elsif ($pname =~ s/^%//) {
116 system('git', '--git-dir='.$self->{path}, 'config', $pname, $value);
117 return;
118 }
119
120 my $P = lock_file($self->_property_path($pname));
121 $value ne '' and print $P "$value\n";
122 close $P;
123 unlock_file($self->_property_path($pname));
124 }
125
126 sub _properties_load {
127 my $self = shift;
128 foreach my $prop (keys %propmap) {
129 $self->{$prop} = $self->_property_fget($prop);
130 }
131 foreach my $prop (keys %propmapro) {
132 $self->{$prop} = $self->_property_fget($prop);
133 }
134 my $val = `git --git-dir="$self->{path}" config --bool "gitweb.statusupdates" 2>/dev/null`;
135 chomp $val;
136 $val = ($val eq 'false') ? 0 : 1;
137 $self->{statusupdates} = $val;
138 delete $self->{auth};
139 $val = `git --git-dir="$self->{path}" config "gitweb.delauth"`;
140 chomp $val;
141 if ($val =~ /^# DELAUTH ([0-9a-f]+) (\d+)/) {
142 my $expire = $2;
143 $self->{auth} = $1 unless (time >= $expire);
144 }
145 }
146
147 sub _properties_save {
148 my $self = shift;
149 foreach my $prop (keys %propmap) {
150 $self->_property_fput($prop, $self->{$prop});
151 }
152 $self->{statusupdates} = 1
153 unless defined($self->{statusupdates}) && $self->{statusupdates} =~ /^\d+$/;
154 system('git', '--git-dir='.$self->{path}, 'config', '--bool',
155 "gitweb.statusupdates", $self->{statusupdates});
156 }
157
158 sub _nofetch_path {
159 my $self = shift;
160 $self->_property_path('.nofetch');
161 }
162
163 sub _nofetch {
164 my $self = shift;
165 my ($nofetch) = @_;
166 my $nf = $self->_nofetch_path;
167 if ($nofetch) {
168 open X, '>', $nf or die "nofetch failed: $!";
169 close X;
170 } else {
171 unlink $nf or die "yesfetch failed: $!";
172 }
173 }
174
175 sub _clonelog_path {
176 my $self = shift;
177 $self->_property_path('.clonelog');
178 }
179
180 sub _clonefail_path {
181 my $self = shift;
182 $self->_property_path('.clone_failed');
183 }
184
185 sub _clonep_path {
186 my $self = shift;
187 $self->_property_path('.clone_in_progress');
188 }
189
190 sub _clonep {
191 my $self = shift;
192 my ($nofetch) = @_;
193 my $np = $self->_clonep_path;
194 if ($nofetch) {
195 open X, '>', $np or die "clonep failed: $!";
196 close X;
197 } else {
198 unlink $np or die "clonef failed: $!";
199 }
200 }
201 sub _alternates_setup {
202 my $self = shift;
203 return unless $self->{name} =~ m#/#;
204 my $forkee_name = get_forkee_name($self->{name});
205 my $forkee_path = get_forkee_path($self->{name});
206 return unless -d $forkee_path;
207 mkdir $self->{path}.'/refs'; chmod 02775, $self->{path}.'/refs';
208 mkdir $self->{path}.'/objects'; chmod 02775, $self->{path}.'/objects';
209 mkdir $self->{path}.'/objects/info'; chmod 02775, $self->{path}.'/objects/info';
210
211 # We set up both alternates and http_alternates since we cannot use
212 # relative path in alternates - that doesn't work recursively.
213
214 my $filename = $self->{path}.'/objects/info/alternates';
215 open X, '>', $filename or die "alternates failed: $!";
216 print X "$forkee_path/objects\n";
217 close X;
218 chmod 0664, $filename or warn "cannot chmod $filename: $!";
219
220 if ($Girocco::Config::httppullurl) {
221 $filename = $self->{path}.'/objects/info/http-alternates';
222 open X, '>', $filename or die "http-alternates failed: $!";
223 my $upfork = $forkee_name;
224 do { print X "$Girocco::Config::httppullurl/$upfork.git/objects\n"; } while ($upfork =~ s#/?.+?$## and $upfork); #
225 close X;
226 chmod 0664, $filename or warn "cannot chmod $filename: $!";
227 }
228
229 # The symlink is problematic since git remote prune will traverse it.
230 #symlink "$forkee_path/refs", $self->{path}.'/refs/forkee';
231
232 # copy refs from parent project
233 # ownership information is changed by a root cronjob
234 system("cp -pR $forkee_path/refs $self->{path}/");
235 # initialize HEAD, hacky version
236 system("cp $forkee_path/HEAD $self->{path}/HEAD");
237 }
238
239 sub _ctags_setup {
240 my $self = shift;
241 my $perms = $Girocco::Config::permission_control eq 'Hooks' ? 02777 : 02775;
242 mkdir $self->{path}.'/ctags'; chmod $perms, $self->{path}.'/ctags';
243 }
244
245 sub _group_add {
246 my $self = shift;
247 my ($xtra) = @_;
248 $xtra .= join(',', @{$self->{users}});
249 filedb_atomic_append(jailed_file('/etc/group'),
250 join(':', $self->{name}, $self->{crypt}, '\i', $xtra));
251 }
252
253 sub _group_update {
254 my $self = shift;
255 my $xtra = join(',', @{$self->{users}});
256 filedb_atomic_edit(jailed_file('/etc/group'),
257 sub {
258 $_ = $_[0];
259 chomp;
260 if ($self->{name} eq (split /:/)[0]) {
261 # preserve readonly flag
262 s/::([^:]*)$/:$1/ and $xtra = ":$xtra";
263 return join(':', $self->{name}, $self->{crypt}, $self->{gid}, $xtra)."\n";
264 } else {
265 return "$_\n";
266 }
267 }
268 );
269 }
270
271 sub _group_remove {
272 my $self = shift;
273 filedb_atomic_edit(jailed_file('/etc/group'),
274 sub {
275 $self->{name} ne (split /:/)[0] and return $_;
276 }
277 );
278 }
279
280 sub _hook_path {
281 my $self = shift;
282 my ($name) = @_;
283 $self->{path}.'/hooks/'.$name;
284 }
285
286 sub _hook_install {
287 my $self = shift;
288 my ($name) = @_;
289 open SRC, '<', "$Girocco::Config::basedir/hooks/$name" or die "cannot open hook $name: $!";
290 open DST, '>', $self->_hook_path($name) or die "cannot open hook $name for writing: $!";
291 while (<SRC>) { print DST $_; }
292 close DST;
293 close SRC;
294 chmod 0775, $self->_hook_path($name) or die "cannot chmod hook $name: $!";
295 }
296
297 sub _hooks_install {
298 my $self = shift;
299 foreach my $hook ('post-receive', 'update', 'post-update') {
300 $self->_hook_install($hook);
301 }
302 }
303
304 # private constructor, do not use
305 sub _new {
306 my $class = shift;
307 my ($name, $base_path, $path) = @_;
308 valid_name($name) or die "refusing to create project with invalid name ($name)!";
309 $path ||= "$base_path/$name.git";
310 my $proj = { name => $name, base_path => $base_path, path => $path };
311
312 bless $proj, $class;
313 }
314
315 # public constructor #0
316 # creates a virtual project not connected to disk image
317 # you can conjure() it later to disk
318 sub ghost {
319 my $class = shift;
320 my ($name, $mirror) = @_;
321 my $self = $class->_new($name, $Girocco::Config::reporoot);
322 $self->{users} = [];
323 $self->{mirror} = $mirror;
324 $self->{email} = $self->{orig_email} = '';
325 $self;
326 }
327
328 # public constructor #1
329 sub load {
330 my $class = shift;
331 my $name = shift || '';
332
333 open F, '<', jailed_file("/etc/group") or die "project load failed: $!";
334 while (<F>) {
335 chomp;
336 @_ = split /:+/;
337 next unless (shift eq $name);
338
339 my $self = $class->_new($name, $Girocco::Config::reporoot);
340 (-d $self->{path}) or die "invalid path (".$self->{path}.") for project ".$self->{name};
341
342 my $ulist;
343 ($self->{crypt}, $self->{gid}, $ulist) = @_;
344 $ulist ||= '';
345 $self->{users} = [split /,/, $ulist];
346 $self->{HEAD} = $self->get_HEAD;
347 $self->{orig_HEAD} = $self->{HEAD};
348 $self->{orig_users} = [@{$self->{users}}];
349 $self->{mirror} = ! -e $self->_nofetch_path;
350 $self->{clone_in_progress} = -e $self->_clonep_path;
351 $self->{clone_logged} = -e $self->_clonelog_path;
352 $self->{clone_failed} = -e $self->_clonefail_path;
353 $self->{ccrypt} = $self->{crypt};
354
355 $self->_properties_load;
356 $self->{orig_email} = $self->{email};
357 return $self;
358 }
359 close F;
360 undef;
361 }
362
363 # $proj may not be in sane state if this returns false!
364 sub cgi_fill {
365 my $self = shift;
366 my ($gcgi) = @_;
367 my $cgi = $gcgi->cgi;
368
369 my ($pwd, $pwd2) = ($cgi->param('pwd'), $cgi->param('pwd2'));
370 $pwd ||= ''; $pwd2 ||= ''; # in case passwords are disabled
371 if ($pwd or not $self->{crypt}) {
372 $self->{crypt} = scrypt($pwd);
373 }
374
375 if ($pwd2 and $pwd ne $pwd2) {
376 $gcgi->err("Our high-paid security consultants have determined that the admin passwords you have entered do not match each other.");
377 }
378
379 $self->{cpwd} = $cgi->param('cpwd');
380
381 if ($Girocco::Config::project_owners eq 'email') {
382 $self->{email} = $gcgi->wparam('email');
383 valid_email($self->{email})
384 or $gcgi->err("Your email sure looks weird...?");
385 }
386
387 $self->{url} = $gcgi->wparam('url');
388 if ($self->{url}) {
389 valid_repo_url($self->{url})
390 or $gcgi->err("Invalid URL. Note that only HTTP and Git protocol is supported. If the URL contains funny characters, contact me.");
391 }
392
393 $self->{desc} = $gcgi->wparam('desc');
394 length($self->{desc}) <= 1024
395 or $gcgi->err("<b>Short</b> description length &gt; 1kb!");
396
397 $self->{README} = $gcgi->wparam('README');
398 length($self->{README}) <= 8192
399 or $gcgi->err("README length &gt; 8kb!");
400
401 $self->{hp} = $gcgi->wparam('hp');
402 if ($self->{hp}) {
403 valid_web_url($self->{hp})
404 or $gcgi->err("Invalid homepage URL. Note that only HTTP protocol is supported. If the URL contains funny characters, contact me.");
405 }
406
407 $self->{users} = [grep { Girocco::User::valid_name($_) && Girocco::User::does_exist($_) } $cgi->param('user')];
408
409 $self->{HEAD} = $cgi->param('HEAD') if $cgi->param('HEAD');
410
411 # schedule deletion of tags (will be committed by update() after auth)
412 $self->{tags_to_delete} = [$cgi->param('tags')];
413
414 $self->{notifymail} = $gcgi->wparam('notifymail');
415 if ($self->{notifymail}) {
416 (valid_email_multi($self->{notifymail}) and length($self->{notifymail}) <= 512)
417 or $gcgi->err("Invalid notify e-mail address. Use mail,mail to specify multiple addresses; total length must not exceed 512 characters, however.");
418 }
419
420 $self->{notifyjson} = $gcgi->wparam('notifyjson');
421 if ($self->{notifyjson}) {
422 valid_web_url($self->{notifyjson})
423 or $gcgi->err("Invalid JSON notify URL. Note that only HTTP protocol is supported. If the URL contains funny characters, contact me.");
424 }
425
426 $self->{notifycia} = $gcgi->wparam('notifycia');
427 if ($self->{notifycia}) {
428 $self->{notifycia} =~ /^[a-zA-Z0-9._-]+$/
429 or $gcgi->err("Overly suspicious CIA notify project name. If it is actually valid, contact me.");
430 }
431
432 if ($cgi->param('setstatusupdates')) {
433 my $val = $gcgi->wparam('statusupdates') || '0';
434 $self->{statusupdates} = $val ? 1 : 0;
435 }
436
437 not $gcgi->err_check;
438 }
439
440 sub form_defaults {
441 my $self = shift;
442 (
443 name => $self->{name},
444 email => $self->{email},
445 url => $self->{url},
446 desc => html_esc($self->{desc}),
447 README => html_esc($self->{README}),
448 hp => $self->{hp},
449 users => $self->{users},
450 notifymail => html_esc($self->{notifymail}),
451 notifyjson => html_esc($self->{notifyjson}),
452 notifycia => html_esc($self->{notifycia}),
453 );
454 }
455
456 sub authenticate {
457 my $self = shift;
458 my ($gcgi) = @_;
459
460 $self->{ccrypt} or die "Can't authenticate against a project with no password";
461 $self->{cpwd} ||= '';
462 unless ($self->{ccrypt} eq crypt($self->{cpwd}, $self->{ccrypt})) {
463 $gcgi->err("Your admin password does not match!");
464 return 0;
465 }
466 return 1;
467 }
468
469 sub _setup {
470 my $self = shift;
471 my ($pushers) = @_;
472
473 $self->_mkdir_forkees;
474
475 mkdir($self->{path}) or die "mkdir $self->{path} failed: $!";
476 if ($Girocco::Config::owning_group) {
477 my $gid = scalar(getgrnam($Girocco::Config::owning_group));
478 chown(-1, $gid, $self->{path}) or die "chgrp $gid $self->{path} failed: $!";
479 chmod(02775, $self->{path}) or die "chmod 02775 $self->{path} failed: $!";
480 } else {
481 chmod(02777, $self->{path}) or die "chmod 02777 $self->{path} failed: $!";
482 }
483 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'init', '--bare', '--shared='.$self->shared_mode()) == 0
484 or die "git init $self->{path} failed: $?";
485 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', 'receive.denyNonFastforwards', 'false') == 0
486 or die "disabling receive.denyNonFastforwards failed: $?";
487 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', 'gc.auto', '0') == 0
488 or die "disabling gc.auto failed: $?";
489
490 # /info must have right permissions,
491 # and git init didn't do it for some reason.
492 if ($Girocco::Config::owning_group) {
493 chmod(02775, $self->{path}."/info") or die "chmod 02775 $self->{path}/info failed: $!";
494 } else {
495 chmod(02777, $self->{path}."/info") or die "chmod 02777 $self->{path}/info failed: $!";
496 }
497
498 $self->_properties_save;
499 $self->_alternates_setup;
500 $self->_ctags_setup;
501 $self->_group_remove;
502 $self->_group_add($pushers);
503 $self->_hooks_install;
504 #$self->perm_initialize;
505 $self->_update_index;
506 }
507
508 sub premirror {
509 my $self = shift;
510
511 $self->_setup(':');
512 $self->_clonep(1);
513 $self->perm_initialize;
514 }
515
516 sub conjure {
517 my $self = shift;
518
519 $self->_setup;
520 $self->_nofetch(1);
521 if ($Girocco::Config::mob && $Girocco::Config::mob eq "mob") {
522 system("$Girocco::Config::basedir/bin/create-personal-mob-area", $self->{name}) == 0
523 or die "create-personal-mob-area $self->{name} failed";
524 }
525 $self->perm_initialize;
526 }
527
528 sub clone {
529 my $self = shift;
530
531 unlink ($self->_clonefail_path()); # Ignore EEXIST error
532 unlink ($self->_clonelog_path()); # Ignore EEXIST error
533
534 use IO::Socket;
535 my $sock = IO::Socket::UNIX->new($Girocco::Config::chroot.'/etc/taskd.socket') or die "cannot connect to taskd.socket: $!";
536 $sock->print("clone ".$self->{name}."\n");
537 # Just ignore reply, we are going to succeed anyway and the I/O
538 # would apparently get quite hairy.
539 $sock->flush();
540 sleep 2; # *cough*
541 $sock->close();
542 }
543
544 sub update {
545 my $self = shift;
546
547 $self->_properties_save;
548 $self->_group_update;
549
550 if (exists($self->{tags_to_delete})) {
551 $self->delete_ctag($_) foreach(@{$self->{tags_to_delete}});
552 }
553
554 $self->set_HEAD($self->{HEAD}) unless $self->{orig_HEAD} eq $self->{HEAD};
555
556 my @users_add = grep { $a = $_; not scalar grep { $a eq $_ } $self->{orig_users} } $self->{users};
557 my @users_del = grep { $a = $_; not scalar grep { $a eq $_ } $self->{users} } $self->{orig_users};
558 $self->perm_user_add($_, Girocco::User::resolve_uid($_)) foreach (@users_add);
559 $self->perm_user_del($_, Girocco::User::resolve_uid($_)) foreach (@users_del);
560
561 $self->_update_index if $self->{email} ne $self->{orig_email};
562 $self->{orig_email} = $self->{email};
563
564 1;
565 }
566
567 sub update_password {
568 my $self = shift;
569 my ($pwd) = @_;
570
571 $self->{crypt} = scrypt($pwd);
572 $self->_group_update;
573 }
574
575 # You can explicitly do this just on a ghost() repository too.
576 sub delete {
577 my $self = shift;
578
579 if (-d $self->{path}) {
580 system('rm', '-rf', $self->{path}) == 0
581 or die "rm -rf $self->{path} failed: $?";
582 }
583 # attempt to clean up any empty fork directories by removing them
584 my @pelems = split('/', $self->{name});
585 while (@pelems > 1) {
586 pop @pelems;
587 # okay to fail
588 rmdir join('/', $Girocco::Config::reporoot, @pelems) or last;
589 }
590 $self->_group_remove;
591 $self->_update_index;
592 }
593
594 sub _contains_files {
595 my $dir = shift;
596 (-d $dir) or return 0;
597 opendir(my $dh, $dir) or die "opendir $dir failed: $!";
598 while (my $entry = readdir($dh)) {
599 next if $entry eq '' || $entry eq '.' || $entry eq '..';
600 closedir($dh), return 1
601 if -f "$dir/$entry" ||
602 -d "$dir/$entry" && _contains_files("$dir/$entry");
603 }
604 closedir($dh);
605 return 0;
606 }
607
608 sub has_forks {
609 my $self = shift;
610
611 return _contains_files($Girocco::Config::reporoot.'/'.$self->{name});
612 }
613
614 sub is_empty {
615 # A project is considered empty if the git repository does not
616 # have any refs. This means packed-refs does not exist or is
617 # empty or only has lines starting with '#' AND there are no
618 # files in the refs subdirectory hierarchy (no matter how deep).
619
620 my $self = shift;
621
622 (-d $self->{path}) or return 0;
623 if (-e $self->{path}.'/packed-refs') {
624 open(my $pr, '<', $self->{path}.'/packed-refs')
625 or die "open $self->{path}./packed-refs failed: $!";
626 my $foundref = 0;
627 while (my $ref = <$pr>) {
628 next if $ref =~ /^#/;
629 $foundref = 1;
630 last;
631 }
632 close($pr);
633 return 0 if $foundref;
634 }
635 (-d $self->{path}.'/refs') or return 1;
636 return !_contains_files($self->{path}.'/refs');
637 }
638
639 sub delete_ctag {
640 my $self = shift;
641 my ($ctag) = @_;
642
643 # sanity check, disallow filenames starting with . .. or /
644 unlink($self->{path}.'/ctags/'.$ctag) if($ctag !~ m|^(\.\.?)/|);
645 }
646
647 sub get_ctag_names {
648 my $self = shift;
649 my @ctags = ();
650 opendir(my $dh, $self->{path}.'/ctags')
651 or return @ctags;
652 @ctags = grep { -f "$self->{path}/ctags/$_" } readdir($dh);
653 closedir($dh);
654 return @ctags;
655 }
656
657 sub get_heads {
658 my $self = shift;
659 my $fh;
660 open($fh, '-|', "$Girocco::Config::git_bin --git-dir=$self->{path} show-ref --heads") or die "could not get list of heads";
661 my @res;
662 while (<$fh>) {
663 chomp;
664 next if !m#^[0-9a-f]{40}\s+refs/heads/(.+)$ #x;
665 push @res, $1;
666 }
667 close $fh;
668 @res;
669 }
670
671 sub get_HEAD {
672 my $self = shift;
673 my $HEAD = `$Girocco::Config::git_bin --git-dir=$self->{path} symbolic-ref HEAD`;
674 chomp $HEAD;
675 die "could not get HEAD" if ($HEAD !~ m{^refs/heads/(.+)$});
676 return $1;
677 }
678
679 sub set_HEAD {
680 my $self = shift;
681 my $newHEAD = shift;
682 # Cursory checks only -- if you want to break your HEAD, be my guest
683 if ($newHEAD =~ /^\/|['<>]|\.\.|\/$/) {
684 die "grossly invalid new HEAD: $newHEAD";
685 }
686 system($Girocco::Config::git_bin, "--git-dir=$self->{path}", 'symbolic-ref', 'HEAD', "refs/heads/$newHEAD");
687 die "could not set HEAD" if ($? >> 8);
688 ! -d "$self->{path}/mob" || $Girocco::Config::mob ne 'mob'
689 or system('cp', '-p', '-f', "$self->{path}/HEAD", "$self->{path}/mob/HEAD") == 0;
690 }
691
692 sub gen_auth {
693 my $self = shift;
694
695 {
696 no warnings;
697 $self->{auth} = sha1_hex(time . $$ . rand() . join(':',%$self));
698 }
699 my $expire = time + 24 * 3600;
700 my $propval = "# DELAUTH $self->{auth} $expire";
701 system('git', '--git-dir='.$self->{path}, 'config', 'gitweb.delauth', $propval);
702 $self->{auth};
703 }
704
705 sub del_auth {
706 my $self = shift;
707
708 delete $self->{auth};
709 system('git', '--git-dir='.$self->{path}, 'config', '--unset', 'gitweb.delauth');
710 }
711
712 sub remove_user {
713 my $self = shift;
714 my ($username) = @_;
715
716 my $before_count = @{$self->{users}};
717 $self->{users} = [grep { $_ ne $username } @{$self->{users}}];
718 return @{$self->{users}} != $before_count;
719 }
720
721 ### static methods
722
723 sub get_forkee_name {
724 local $_ = $_[0];
725 (m#^(.*)/.*?$#)[0]; #
726 }
727
728 sub get_forkee_path {
729 no warnings; # avoid silly 'unsuccessful stat on filename with \n' warning
730 my $forkee = $Girocco::Config::reporoot.'/'.get_forkee_name($_[0]).'.git';
731 -d $forkee ? $forkee : '';
732 }
733
734 sub valid_name {
735 no warnings; # avoid silly 'unsuccessful stat on filename with \n' warning
736 local $_ = $_[0];
737 (not m#/# or -d get_forkee_path($_)) # will also catch ^/
738 and (not m#\./#)
739 and (not m#/$#)
740 and m#^[a-zA-Z0-9+./_-]+$#;
741 }
742
743 sub does_exist {
744 no warnings; # avoid silly 'unsuccessful stat on filename with \n' warning
745 my ($name) = @_;
746 valid_name($name) or die "tried to query for project with invalid name $name!";
747 (-d $Girocco::Config::reporoot."/$name.git");
748 }
749
750 sub get_full_list {
751 my $class = shift;
752 my @projects;
753
754 open F, '<', jailed_file("/etc/group") or die "getting project list failed: $!";
755 while (<F>) {
756 chomp;
757 @_ = split /:+/;
758 next if ($_[2] < 65536);
759
760 push @projects, $_[0];
761 }
762 close F;
763 @projects;
764 }
765
766
767 1;
The repo.or.cz duct tape "Girocco"