search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
delproj: update code to handle more than one auth type
[girocco.git] / Girocco / Project.pm
blob4ed13efbee52c8ec846a1049310774a6c614a1e7
1 package Girocco::Project;
2
3 use strict;
4 use warnings;
5
6 BEGIN {
7 use Girocco::CGI;
8 use Girocco::User;
9 use Girocco::Util;
10 use Girocco::HashUtil;
11 use Girocco::ProjPerm;
12 use Girocco::Config;
13 use base ('Girocco::ProjPerm::'.$Girocco::Config::permission_control); # mwahaha
14 }
15
16 BEGIN {
17 eval {
18 require Digest::SHA;
19 Digest::SHA->import(
20 qw(sha1_hex)
21 );1} ||
22 eval {
23 require Digest::SHA1;
24 Digest::SHA1->import(
25 qw(sha1_hex)
26 );1} ||
27 eval {
28 require Digest::SHA::PurePerl;
29 Digest::SHA::PurePerl->import(
30 qw(sha1_hex)
31 );1} ||
32 die "One of Digest::SHA or Digest::SHA1 or Digest::SHA::PurePerl "
33 . "must be available\n";
34 }
35
36 our $metadata_fields = {
37 homepage => ['Homepage URL', 'hp', 'text'],
38 shortdesc => ['Short description', 'desc', 'text'],
39 README => ['README (HTML, lt 8kb)', 'README', 'textarea'],
40 notifymail => ['Commit notify - mail to', 'notifymail', 'text'],
41 notifyjson => ['Commit notify - <a href="http://help.github.com/post-receive-hooks/">POST JSON</a> at', 'notifyjson', 'text'],
42 notifycia => ['Commit notify - <a href="http://cia.vc/doc/">CIA project</a> name', 'notifycia', 'text'],
43 };
44
45 sub _mkdir_forkees {
46 my $self = shift;
47 my @pelems = split('/', $self->{name});
48 pop @pelems; # do not create dir for the project itself
49 my $path = $self->{base_path};
50 foreach my $pelem (@pelems) {
51 $path .= "/$pelem";
52 (-d "$path") or mkdir $path or die "mkdir $path: $!";
53 chmod 02775, $path; # ok if fails (dir may already exist and be owned by someone else)
54 }
55 }
56
57 our %propmap = (
58 url => ':baseurl',
59 email => ':owner',
60 desc => 'description',
61 README => 'README.html',
62 hp => ':homepage',
63 notifymail => '%hooks.mailinglist',
64 notifytag => '%hooks.announcelist',
65 notifyjson => '%hooks.jsonurl',
66 notifycia => '%hooks.cianame',
67 );
68
69 our %propmapro = (
70 lastchange => ':lastchange',
71 lastactivity => 'info/lastactivity',
72 );
73
74 sub _update_index {
75 system($Girocco::Config::basedir . '/gitweb/genindex.sh');
76 }
77
78 sub _property_path {
79 my $self = shift;
80 my ($name) = @_;
81 $self->{path}.'/'.$name;
82 }
83
84 sub _property_fget {
85 my $self = shift;
86 my ($name) = @_;
87 my $pname = $propmap{$name};
88 $pname = $propmapro{$name} unless $pname;
89 $pname or die "unknown property: $name";
90 if ($pname =~ s/^://) {
91 my $val = `"$Girocco::Config::git_bin" --git-dir="$self->{path}" config "gitweb.$pname"`;
92 chomp $val;
93 return $val;
94 } elsif ($pname =~ s/^%//) {
95 my $val = `"$Girocco::Config::git_bin" --git-dir="$self->{path}" config "$pname"`;
96 chomp $val;
97 return $val;
98 }
99
100 open P, '<', $self->_property_path($pname) or return undef;
101 my @value = <P>;
102 close P;
103 my $value = join('', @value); chomp $value;
104 $value;
105 }
106
107 sub _property_fput {
108 my $self = shift;
109 my ($name, $value) = @_;
110 my $pname = $propmap{$name};
111 $pname or die "unknown property: $name";
112 $value ||= '';
113 if ($pname =~ s/^://) {
114 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', "gitweb.$pname", $value);
115 return;
116 } elsif ($pname =~ s/^%//) {
117 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', $pname, $value);
118 return;
119 }
120
121 my $P = lock_file($self->_property_path($pname));
122 $value ne '' and print $P "$value\n";
123 close $P;
124 unlock_file($self->_property_path($pname));
125 }
126
127 sub _properties_load {
128 my $self = shift;
129 foreach my $prop (keys %propmap) {
130 $self->{$prop} = $self->_property_fget($prop);
131 }
132 foreach my $prop (keys %propmapro) {
133 $self->{$prop} = $self->_property_fget($prop);
134 }
135 my $val = `"$Girocco::Config::git_bin" --git-dir="$self->{path}" config --bool "gitweb.statusupdates" 2>/dev/null`;
136 chomp $val;
137 $val = ($val eq 'false') ? 0 : 1;
138 $self->{statusupdates} = $val;
139 delete $self->{auth};
140 $val = `"$Girocco::Config::git_bin" --git-dir="$self->{path}" config "gitweb.repoauth"`;
141 chomp $val;
142 if ($val =~ /^# ([A-Z]+)AUTH ([0-9a-f]+) (\d+)/) {
143 my $expire = $3;
144 if (time < $expire) {
145 $self->{authtype} = $1;
146 $self->{auth} = $2;
147 }
148 }
149 }
150
151 sub _properties_save {
152 my $self = shift;
153 foreach my $prop (keys %propmap) {
154 $self->_property_fput($prop, $self->{$prop});
155 }
156 $self->{statusupdates} = 1
157 unless defined($self->{statusupdates}) && $self->{statusupdates} =~ /^\d+$/;
158 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', '--bool',
159 "gitweb.statusupdates", $self->{statusupdates});
160 }
161
162 sub _nofetch_path {
163 my $self = shift;
164 $self->_property_path('.nofetch');
165 }
166
167 sub _nofetch {
168 my $self = shift;
169 my ($nofetch) = @_;
170 my $nf = $self->_nofetch_path;
171 if ($nofetch) {
172 open X, '>', $nf or die "nofetch failed: $!";
173 close X;
174 } else {
175 unlink $nf or die "yesfetch failed: $!";
176 }
177 }
178
179 sub _clonelog_path {
180 my $self = shift;
181 $self->_property_path('.clonelog');
182 }
183
184 sub _clonefail_path {
185 my $self = shift;
186 $self->_property_path('.clone_failed');
187 }
188
189 sub _clonep_path {
190 my $self = shift;
191 $self->_property_path('.clone_in_progress');
192 }
193
194 sub _clonep {
195 my $self = shift;
196 my ($nofetch) = @_;
197 my $np = $self->_clonep_path;
198 if ($nofetch) {
199 open X, '>', $np or die "clonep failed: $!";
200 close X;
201 } else {
202 unlink $np or die "clonef failed: $!";
203 }
204 }
205 sub _alternates_setup {
206 my $self = shift;
207 return unless $self->{name} =~ m#/#;
208 my $forkee_name = get_forkee_name($self->{name});
209 my $forkee_path = get_forkee_path($self->{name});
210 return unless -d $forkee_path;
211 mkdir $self->{path}.'/refs'; chmod 02775, $self->{path}.'/refs';
212 mkdir $self->{path}.'/objects'; chmod 02775, $self->{path}.'/objects';
213 mkdir $self->{path}.'/objects/info'; chmod 02775, $self->{path}.'/objects/info';
214
215 # We set up both alternates and http_alternates since we cannot use
216 # relative path in alternates - that doesn't work recursively.
217
218 my $filename = $self->{path}.'/objects/info/alternates';
219 open X, '>', $filename or die "alternates failed: $!";
220 print X "$forkee_path/objects\n";
221 close X;
222 chmod 0664, $filename or warn "cannot chmod $filename: $!";
223
224 if ($Girocco::Config::httppullurl) {
225 $filename = $self->{path}.'/objects/info/http-alternates';
226 open X, '>', $filename or die "http-alternates failed: $!";
227 my $upfork = $forkee_name;
228 do { print X "$Girocco::Config::httppullurl/$upfork.git/objects\n"; } while ($upfork =~ s#/?.+?$## and $upfork); #
229 close X;
230 chmod 0664, $filename or warn "cannot chmod $filename: $!";
231 }
232
233 # The symlink is problematic since git remote prune will traverse it.
234 #symlink "$forkee_path/refs", $self->{path}.'/refs/forkee';
235
236 # copy refs from parent project
237 # ownership information is changed by a root cronjob
238 system("cp -pR $forkee_path/refs $self->{path}/");
239 # initialize HEAD, hacky version
240 system("cp $forkee_path/HEAD $self->{path}/HEAD");
241 }
242
243 sub _ctags_setup {
244 my $self = shift;
245 my $perms = $Girocco::Config::permission_control eq 'Hooks' ? 02777 : 02775;
246 mkdir $self->{path}.'/ctags'; chmod $perms, $self->{path}.'/ctags';
247 }
248
249 sub _group_add {
250 my $self = shift;
251 my ($xtra) = @_;
252 $xtra .= join(',', @{$self->{users}});
253 filedb_atomic_append(jailed_file('/etc/group'),
254 join(':', $self->{name}, $self->{crypt}, '\i', $xtra));
255 }
256
257 sub _group_update {
258 my $self = shift;
259 my $xtra = join(',', @{$self->{users}});
260 filedb_atomic_edit(jailed_file('/etc/group'),
261 sub {
262 $_ = $_[0];
263 chomp;
264 if ($self->{name} eq (split /:/)[0]) {
265 # preserve readonly flag
266 s/::([^:]*)$/:$1/ and $xtra = ":$xtra";
267 return join(':', $self->{name}, $self->{crypt}, $self->{gid}, $xtra)."\n";
268 } else {
269 return "$_\n";
270 }
271 }
272 );
273 }
274
275 sub _group_remove {
276 my $self = shift;
277 filedb_atomic_edit(jailed_file('/etc/group'),
278 sub {
279 $self->{name} ne (split /:/)[0] and return $_;
280 }
281 );
282 }
283
284 sub _hook_path {
285 my $self = shift;
286 my ($name) = @_;
287 $self->{path}.'/hooks/'.$name;
288 }
289
290 sub _hook_install {
291 my $self = shift;
292 my ($name) = @_;
293 open SRC, '<', "$Girocco::Config::basedir/hooks/$name" or die "cannot open hook $name: $!";
294 open DST, '>', $self->_hook_path($name) or die "cannot open hook $name for writing: $!";
295 while (<SRC>) { print DST $_; }
296 close DST;
297 close SRC;
298 chmod 0775, $self->_hook_path($name) or die "cannot chmod hook $name: $!";
299 }
300
301 sub _hooks_install {
302 my $self = shift;
303 foreach my $hook ('post-receive', 'update', 'post-update') {
304 $self->_hook_install($hook);
305 }
306 }
307
308 # private constructor, do not use
309 sub _new {
310 my $class = shift;
311 my ($name, $base_path, $path) = @_;
312 does_exist($name,1) || valid_name($name) or die "refusing to create project with invalid name ($name)!";
313 $path ||= "$base_path/$name.git";
314 my $proj = { name => $name, base_path => $base_path, path => $path };
315
316 bless $proj, $class;
317 }
318
319 # public constructor #0
320 # creates a virtual project not connected to disk image
321 # you can conjure() it later to disk
322 sub ghost {
323 my $class = shift;
324 my ($name, $mirror) = @_;
325 my $self = $class->_new($name, $Girocco::Config::reporoot);
326 $self->{users} = [];
327 $self->{mirror} = $mirror;
328 $self->{email} = $self->{orig_email} = '';
329 $self;
330 }
331
332 # public constructor #1
333 sub load {
334 my $class = shift;
335 my $name = shift || '';
336
337 open F, '<', jailed_file("/etc/group") or die "project load failed: $!";
338 while (<F>) {
339 chomp;
340 @_ = split /:+/;
341 next unless (shift eq $name);
342
343 my $self = $class->_new($name, $Girocco::Config::reporoot);
344 (-d $self->{path}) or die "invalid path (".$self->{path}.") for project ".$self->{name};
345
346 my $ulist;
347 ($self->{crypt}, $self->{gid}, $ulist) = @_;
348 $ulist ||= '';
349 $self->{users} = [split /,/, $ulist];
350 $self->{HEAD} = $self->get_HEAD;
351 $self->{orig_HEAD} = $self->{HEAD};
352 $self->{orig_users} = [@{$self->{users}}];
353 $self->{mirror} = ! -e $self->_nofetch_path;
354 $self->{clone_in_progress} = -e $self->_clonep_path;
355 $self->{clone_logged} = -e $self->_clonelog_path;
356 $self->{clone_failed} = -e $self->_clonefail_path;
357 $self->{ccrypt} = $self->{crypt};
358
359 $self->_properties_load;
360 $self->{orig_email} = $self->{email};
361 return $self;
362 }
363 close F;
364 undef;
365 }
366
367 # $proj may not be in sane state if this returns false!
368 sub cgi_fill {
369 my $self = shift;
370 my ($gcgi) = @_;
371 my $cgi = $gcgi->cgi;
372
373 my ($pwd, $pwd2) = ($cgi->param('pwd'), $cgi->param('pwd2'));
374 $pwd ||= ''; $pwd2 ||= ''; # in case passwords are disabled
375 if ($pwd or not $self->{crypt}) {
376 $self->{crypt} = scrypt_sha1($pwd);
377 }
378
379 if ($pwd2 and $pwd ne $pwd2) {
380 $gcgi->err("Our high-paid security consultants have determined that the admin passwords you have entered do not match each other.");
381 }
382
383 $self->{cpwd} = $cgi->param('cpwd');
384
385 if ($Girocco::Config::project_owners eq 'email') {
386 $self->{email} = $gcgi->wparam('email');
387 valid_email($self->{email})
388 or $gcgi->err("Your email sure looks weird...?");
389 }
390
391 $self->{url} = $gcgi->wparam('url');
392 if ($self->{url}) {
393 valid_repo_url($self->{url})
394 or $gcgi->err("Invalid URL. Note that only HTTP and Git protocol is supported. If the URL contains funny characters, contact me.");
395 }
396
397 $self->{desc} = $gcgi->wparam('desc');
398 length($self->{desc}) <= 1024
399 or $gcgi->err("<b>Short</b> description length &gt; 1kb!");
400
401 $self->{README} = $gcgi->wparam('README');
402 length($self->{README}) <= 8192
403 or $gcgi->err("README length &gt; 8kb!");
404
405 $self->{hp} = $gcgi->wparam('hp');
406 if ($self->{hp}) {
407 valid_web_url($self->{hp})
408 or $gcgi->err("Invalid homepage URL. Note that only HTTP protocol is supported. If the URL contains funny characters, contact me.");
409 }
410
411 $self->{users} = [grep { Girocco::User::valid_name($_) && Girocco::User::does_exist($_) } $cgi->param('user')];
412
413 $self->{HEAD} = $cgi->param('HEAD') if $cgi->param('HEAD');
414
415 # schedule deletion of tags (will be committed by update() after auth)
416 $self->{tags_to_delete} = [$cgi->param('tags')];
417
418 $self->{notifymail} = $gcgi->wparam('notifymail');
419 if ($self->{notifymail}) {
420 (valid_email_multi($self->{notifymail}) and length($self->{notifymail}) <= 512)
421 or $gcgi->err("Invalid notify e-mail address. Use mail,mail to specify multiple addresses; total length must not exceed 512 characters, however.");
422 }
423
424 $self->{notifyjson} = $gcgi->wparam('notifyjson');
425 if ($self->{notifyjson}) {
426 valid_web_url($self->{notifyjson})
427 or $gcgi->err("Invalid JSON notify URL. Note that only HTTP protocol is supported. If the URL contains funny characters, contact me.");
428 }
429
430 $self->{notifycia} = $gcgi->wparam('notifycia');
431 if ($self->{notifycia}) {
432 $self->{notifycia} =~ /^[a-zA-Z0-9._-]+$/
433 or $gcgi->err("Overly suspicious CIA notify project name. If it is actually valid, contact me.");
434 }
435
436 if ($cgi->param('setstatusupdates')) {
437 my $val = $gcgi->wparam('statusupdates') || '0';
438 $self->{statusupdates} = $val ? 1 : 0;
439 }
440
441 not $gcgi->err_check;
442 }
443
444 sub form_defaults {
445 my $self = shift;
446 (
447 name => $self->{name},
448 email => $self->{email},
449 url => $self->{url},
450 desc => html_esc($self->{desc}),
451 README => html_esc($self->{README}),
452 hp => $self->{hp},
453 users => $self->{users},
454 notifymail => html_esc($self->{notifymail}),
455 notifyjson => html_esc($self->{notifyjson}),
456 notifycia => html_esc($self->{notifycia}),
457 );
458 }
459
460 # return true if $enc_passwd is a match for $plain_passwd
461 my $_check_passwd_match = sub {
462 my $enc_passwd = shift || '';
463 my $plain_passwd = shift || '';
464 # $enc_passwd may be crypt or crypt_sha1
465 if ($enc_passwd =~ m(^\$sha1\$(\d+)\$([./0-9A-Za-z]{1,64})\$[./0-9A-Za-z]{28}$)) {
466 # It's using sha1-crypt
467 return $enc_passwd eq crypt_sha1($plain_passwd, $2, -(0+$1));
468 } else {
469 # It's using crypt
470 return $enc_passwd eq crypt($plain_passwd, $enc_passwd);
471 }
472 };
473
474 sub authenticate {
475 my $self = shift;
476 my ($gcgi) = @_;
477
478 $self->{ccrypt} or die "Can't authenticate against a project with no password";
479 $self->{cpwd} ||= '';
480 unless ($_check_passwd_match->($self->{ccrypt}, $self->{cpwd})) {
481 $gcgi->err("Your admin password does not match!");
482 return 0;
483 }
484 return 1;
485 }
486
487 sub _setup {
488 my $self = shift;
489 my ($pushers) = @_;
490
491 $self->_mkdir_forkees;
492
493 mkdir($self->{path}) or die "mkdir $self->{path} failed: $!";
494 if ($Girocco::Config::owning_group) {
495 my $gid = scalar(getgrnam($Girocco::Config::owning_group));
496 chown(-1, $gid, $self->{path}) or die "chgrp $gid $self->{path} failed: $!";
497 chmod(02775, $self->{path}) or die "chmod 02775 $self->{path} failed: $!";
498 } else {
499 chmod(02777, $self->{path}) or die "chmod 02777 $self->{path} failed: $!";
500 }
501 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'init', '--bare', '--shared='.$self->shared_mode()) == 0
502 or die "git init $self->{path} failed: $?";
503 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', 'receive.denyNonFastforwards', 'false') == 0
504 or die "disabling receive.denyNonFastforwards failed: $?";
505 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', 'gc.auto', '0') == 0
506 or die "disabling gc.auto failed: $?";
507
508 # /info must have right permissions,
509 # and git init didn't do it for some reason.
510 if ($Girocco::Config::owning_group) {
511 chmod(02775, $self->{path}."/info") or die "chmod 02775 $self->{path}/info failed: $!";
512 } else {
513 chmod(02777, $self->{path}."/info") or die "chmod 02777 $self->{path}/info failed: $!";
514 }
515
516 $self->_properties_save;
517 $self->_alternates_setup;
518 $self->_ctags_setup;
519 $self->_group_remove;
520 $self->_group_add($pushers);
521 $self->_hooks_install;
522 #$self->perm_initialize;
523 $self->_update_index;
524 }
525
526 sub premirror {
527 my $self = shift;
528
529 $self->_setup(':');
530 $self->_clonep(1);
531 $self->perm_initialize;
532 }
533
534 sub conjure {
535 my $self = shift;
536
537 $self->_setup;
538 $self->_nofetch(1);
539 if ($Girocco::Config::mob && $Girocco::Config::mob eq "mob") {
540 system("$Girocco::Config::basedir/bin/create-personal-mob-area", $self->{name}) == 0
541 or die "create-personal-mob-area $self->{name} failed";
542 }
543 $self->perm_initialize;
544 }
545
546 sub clone {
547 my $self = shift;
548
549 unlink ($self->_clonefail_path()); # Ignore EEXIST error
550 unlink ($self->_clonelog_path()); # Ignore EEXIST error
551
552 use IO::Socket;
553 my $sock = IO::Socket::UNIX->new($Girocco::Config::chroot.'/etc/taskd.socket') or die "cannot connect to taskd.socket: $!";
554 $sock->print("clone ".$self->{name}."\n");
555 # Just ignore reply, we are going to succeed anyway and the I/O
556 # would apparently get quite hairy.
557 $sock->flush();
558 sleep 2; # *cough*
559 $sock->close();
560 }
561
562 sub update {
563 my $self = shift;
564
565 $self->_properties_save;
566 $self->_group_update;
567
568 if (exists($self->{tags_to_delete})) {
569 $self->delete_ctag($_) foreach(@{$self->{tags_to_delete}});
570 }
571
572 $self->set_HEAD($self->{HEAD}) unless $self->{orig_HEAD} eq $self->{HEAD};
573
574 my @users_add = grep { $a = $_; not scalar grep { $a eq $_ } $self->{orig_users} } $self->{users};
575 my @users_del = grep { $a = $_; not scalar grep { $a eq $_ } $self->{users} } $self->{orig_users};
576 $self->perm_user_add($_, Girocco::User::resolve_uid($_)) foreach (@users_add);
577 $self->perm_user_del($_, Girocco::User::resolve_uid($_)) foreach (@users_del);
578
579 $self->_update_index if $self->{email} ne $self->{orig_email};
580 $self->{orig_email} = $self->{email};
581
582 1;
583 }
584
585 sub update_password {
586 my $self = shift;
587 my ($pwd) = @_;
588
589 $self->{crypt} = scrypt_sha1($pwd);
590 $self->_group_update;
591 }
592
593 # You can explicitly do this just on a ghost() repository too.
594 sub delete {
595 my $self = shift;
596
597 if (-d $self->{path}) {
598 system('rm', '-rf', $self->{path}) == 0
599 or die "rm -rf $self->{path} failed: $?";
600 }
601 # attempt to clean up any empty fork directories by removing them
602 my @pelems = split('/', $self->{name});
603 while (@pelems > 1) {
604 pop @pelems;
605 # okay to fail
606 rmdir join('/', $Girocco::Config::reporoot, @pelems) or last;
607 }
608 $self->_group_remove;
609 $self->_update_index;
610 }
611
612 sub _contains_files {
613 my $dir = shift;
614 (-d $dir) or return 0;
615 opendir(my $dh, $dir) or die "opendir $dir failed: $!";
616 while (my $entry = readdir($dh)) {
617 next if $entry eq '' || $entry eq '.' || $entry eq '..';
618 closedir($dh), return 1
619 if -f "$dir/$entry" ||
620 -d "$dir/$entry" && _contains_files("$dir/$entry");
621 }
622 closedir($dh);
623 return 0;
624 }
625
626 sub has_forks {
627 my $self = shift;
628
629 return _contains_files($Girocco::Config::reporoot.'/'.$self->{name});
630 }
631
632 sub is_empty {
633 # A project is considered empty if the git repository does not
634 # have any refs. This means packed-refs does not exist or is
635 # empty or only has lines starting with '#' AND there are no
636 # files in the refs subdirectory hierarchy (no matter how deep).
637
638 my $self = shift;
639
640 (-d $self->{path}) or return 0;
641 if (-e $self->{path}.'/packed-refs') {
642 open(my $pr, '<', $self->{path}.'/packed-refs')
643 or die "open $self->{path}./packed-refs failed: $!";
644 my $foundref = 0;
645 while (my $ref = <$pr>) {
646 next if $ref =~ /^#/;
647 $foundref = 1;
648 last;
649 }
650 close($pr);
651 return 0 if $foundref;
652 }
653 (-d $self->{path}.'/refs') or return 1;
654 return !_contains_files($self->{path}.'/refs');
655 }
656
657 sub delete_ctag {
658 my $self = shift;
659 my ($ctag) = @_;
660
661 # sanity check, disallow filenames starting with . .. or /
662 unlink($self->{path}.'/ctags/'.$ctag) if($ctag !~ m|^(\.\.?)/|);
663 }
664
665 sub get_ctag_names {
666 my $self = shift;
667 my @ctags = ();
668 opendir(my $dh, $self->{path}.'/ctags')
669 or return @ctags;
670 @ctags = grep { -f "$self->{path}/ctags/$_" } readdir($dh);
671 closedir($dh);
672 return @ctags;
673 }
674
675 sub get_heads {
676 my $self = shift;
677 my $fh;
678 open($fh, '-|', "$Girocco::Config::git_bin --git-dir=$self->{path} show-ref --heads") or die "could not get list of heads";
679 my @res;
680 while (<$fh>) {
681 chomp;
682 next if !m#^[0-9a-f]{40}\s+refs/heads/(.+)$ #x;
683 push @res, $1;
684 }
685 close $fh;
686 @res;
687 }
688
689 sub get_HEAD {
690 my $self = shift;
691 my $HEAD = `$Girocco::Config::git_bin --git-dir=$self->{path} symbolic-ref HEAD`;
692 chomp $HEAD;
693 die "could not get HEAD" if ($HEAD !~ m{^refs/heads/(.+)$});
694 return $1;
695 }
696
697 sub set_HEAD {
698 my $self = shift;
699 my $newHEAD = shift;
700 # Cursory checks only -- if you want to break your HEAD, be my guest
701 if ($newHEAD =~ /^\/|['<>]|\.\.|\/$/) {
702 die "grossly invalid new HEAD: $newHEAD";
703 }
704 system($Girocco::Config::git_bin, "--git-dir=$self->{path}", 'symbolic-ref', 'HEAD', "refs/heads/$newHEAD");
705 die "could not set HEAD" if ($? >> 8);
706 ! -d "$self->{path}/mob" || $Girocco::Config::mob ne 'mob'
707 or system('cp', '-p', '-f', "$self->{path}/HEAD", "$self->{path}/mob/HEAD") == 0;
708 }
709
710 sub gen_auth {
711 my $self = shift;
712 my ($type) = @_;
713 $type = 'REPO' unless $type && $type =~ /^[A-Z]+$/;
714
715 $self->{authtype} = $type;
716 {
717 no warnings;
718 $self->{auth} = sha1_hex(time . $$ . rand() . join(':',%$self));
719 }
720 my $expire = time + 24 * 3600;
721 my $propval = "# ${type}AUTH $self->{auth} $expire";
722 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', 'gitweb.repoauth', $propval);
723 $self->{auth};
724 }
725
726 sub del_auth {
727 my $self = shift;
728
729 delete $self->{auth};
730 delete $self->{authtype};
731 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', '--unset', 'gitweb.repoauth');
732 }
733
734 sub remove_user {
735 my $self = shift;
736 my ($username) = @_;
737
738 my $before_count = @{$self->{users}};
739 $self->{users} = [grep { $_ ne $username } @{$self->{users}}];
740 return @{$self->{users}} != $before_count;
741 }
742
743 ### static methods
744
745 sub get_forkee_name {
746 local $_ = $_[0];
747 (m#^(.*)/.*?$#)[0]; #
748 }
749
750 sub get_forkee_path {
751 no warnings; # avoid silly 'unsuccessful stat on filename with \n' warning
752 my $forkee = $Girocco::Config::reporoot.'/'.get_forkee_name($_[0]).'.git';
753 -d $forkee ? $forkee : '';
754 }
755
756 sub _valid_name_characters {
757 local $_ = $_[0];
758 (not m#^/#)
759 and (not m#//#)
760 and (not m#\./#)
761 and (not m#/$#)
762 and m#^[a-zA-Z0-9+./_-]+$#;
763 }
764
765 sub valid_name {
766 no warnings; # avoid silly 'unsuccessful stat on filename with \n' warning
767 local $_ = $_[0];
768 _valid_name_characters($_)
769 and ((not m#/#) or -d get_forkee_path($_)); # will also catch ^/
770 }
771
772 # It's possible that some forks have been kept but the forkee is gone.
773 # In this case the standard valid_name check is too strict.
774 sub does_exist {
775 no warnings; # avoid silly 'unsuccessful stat on filename with \n' warning
776 my ($name, $nodie) = @_;
777 my $okay = (
778 _valid_name_characters($name)
779 and ((not $name =~ m#/#)
780 or -d get_forkee_path($name)
781 or -d $Girocco::Config::reporoot.'/'.get_forkee_name($name)));
782 (!$okay && $nodie) and return undef;
783 !$okay and die "tried to query for project with invalid name $name!";
784 (-d $Girocco::Config::reporoot."/$name.git");
785 }
786
787 sub get_full_list {
788 my $class = shift;
789 my @projects;
790
791 open F, '<', jailed_file("/etc/group") or die "getting project list failed: $!";
792 while (<F>) {
793 chomp;
794 @_ = split /:+/;
795 next if ($_[2] < 65536);
796
797 push @projects, $_[0];
798 }
799 close F;
800 @projects;
801 }
802
803
804 1;
The repo.or.cz duct tape "Girocco"