1 package Girocco
::Project
;
10 use Girocco
::ProjPerm
;
12 use base
('Girocco::ProjPerm::'.$Girocco::Config
::permission_control
); # mwahaha
17 my @pelems = split('/', $self->{name
});
18 pop @pelems; # do not create dir for the project itself
19 my $path = $self->{base_path
};
20 foreach my $pelem (@pelems) {
22 (-d
"$path") or mkdir $path or die "mkdir $path: $!";
23 chmod 0775, $path; # ok if fails (dir may already exist and be owned by someone else)
30 desc
=> 'description',
31 README
=> 'README.html',
38 $self->{path
}.'/'.$name;
44 $propmap{$name} or die "unknown property: $name";
45 open P
, $self->_property_path($propmap{$name}) or return undef;
48 my $value = join('', @value); chomp $value;
54 my ($name, $value) = @_;
55 $propmap{$name} or die "unknown property: $name";
58 my $P = lock_file
($self->_property_path($propmap{$name}));
59 $value ne '' and print $P "$value\n";
61 unlock_file
($self->_property_path($propmap{$name}));
64 sub _properties_load
{
66 foreach my $prop (keys %propmap) {
67 $self->{$prop} = $self->_property_fget($prop);
71 sub _properties_save
{
73 foreach my $prop (keys %propmap) {
74 $self->_property_fput($prop, $self->{$prop});
80 $self->_property_path('.nofetch');
86 my $np = $self->_nofetch_path;
88 open X
, '>'.$np or die "nofetch failed: $!";
91 unlink $np or die "yesfetch failed: $!";
95 sub _alternates_setup
{
97 return unless $self->{name
} =~ m
#/#;
98 my $forkee_name = get_forkee_name
($self->{name
});
99 my $forkee_path = get_forkee_path
($self->{name
});
100 return unless -d
$forkee_path;
101 mkdir $self->{path
}.'/refs'; chmod 0775, $self->{path
}.'/refs';
102 mkdir $self->{path
}.'/objects'; chmod 0775, $self->{path
}.'/objects';
103 mkdir $self->{path
}.'/objects/info'; chmod 0775, $self->{path
}.'/objects/info';
105 # We set up both alternates and http_alternates since we cannot use
106 # relative path in alternates - that doesn't work recursively.
108 my $filename = $self->{path
}.'/objects/info/alternates';
109 open X
, '>'.$filename or die "alternates failed: $!";
110 print X
"$forkee_path/objects\n";
112 chmod 0664, $filename or warn "cannot chmod $filename: $!";
114 if ($Girocco::Config
::httppullurl
) {
115 $filename = $self->{path
}.'/objects/info/http-alternates';
116 open X
, '>'.$filename or die "http-alternates failed: $!";
117 my $upfork = $forkee_name;
118 do { print X
"$Girocco::Config::httppullurl/$upfork.git/objects\n"; } while ($upfork =~ s
#/?.+?$## and $upfork); #
120 chmod 0664, $filename or warn "cannot chmod $filename: $!";
123 symlink "$forkee_path/refs", $self->{path
}.'/refs/forkee';
128 mkdir $self->{path
}.'/ctags'; chmod 01777, $self->{path
}.'/ctags';
134 $xtra .= join(',', @
{$self->{users
}});
135 filedb_atomic_append
(jailed_file
('/etc/group'),
136 join(':', $self->{name
}, $self->{crypt}, '\i', $xtra));
141 my $xtra = join(',', @
{$self->{users
}});
142 filedb_atomic_edit
(jailed_file
('/etc/group'),
146 if ($self->{name
} eq (split /:/)[0]) {
147 # preserve readonly flag
148 s/::([^:]*)$/:$1/ and $xtra = ":$xtra";
149 return join(':', $self->{name
}, $self->{crypt}, $self->{gid
}, $xtra)."\n";
159 filedb_atomic_edit
(jailed_file
('/etc/group'),
161 $self->{name
} ne (split /:/)[0] and return $_;
169 $self->{path
}.'/hooks/'.$name;
175 open SRC
, "$Girocco::Config::basedir/$name-hook" or die "cannot open hook $name: $!";
176 open DST
, '>'.$self->_hook_path($name) or die "cannot open hook $name for writing: $!";
177 while (<SRC
>) { print DST
$_; }
180 chmod 0775, $self->_hook_path($name) or die "cannot chmod hook $name: $!";
185 foreach my $hook ('update') {
186 $self->_hook_install($hook);
190 # private constructor, do not use
193 my ($name, $base_path, $path) = @_;
194 valid_name
($name) or die "refusing to create project with invalid name ($name)!";
195 $path ||= "$base_path/$name.git";
196 my $proj = { name
=> $name, base_path
=> $base_path, path
=> $path };
201 # public constructor #0
202 # creates a virtual project not connected to disk image
203 # you can conjure() it later to disk
206 my ($name, $mirror) = @_;
207 my $self = $class->_new($name, $Girocco::Config
::reporoot
);
209 $self->{mirror
} = $mirror;
213 # public constructor #1
218 open F
, jailed_file
("/etc/group") or die "project load failed: $!";
222 next unless (shift eq $name);
224 my $self = $class->_new($name, $Girocco::Config
::reporoot
);
225 (-d
$self->{path
}) or die "invalid path (".$self->{path
}.") for project ".$self->{name
};
228 ($self->{crypt}, $self->{gid
}, $ulist) = @_;
230 $self->{users
} = [split /,/, $ulist];
231 $self->{orig_users
} = [@
{$self->{users
}}];
232 $self->{mirror
} = ! -e
$self->_nofetch_path;
233 $self->{ccrypt
} = $self->{crypt};
235 $self->_properties_load;
242 # $proj may not be in sane state if this returns false!
246 my $cgi = $gcgi->cgi;
248 my $pwd = $cgi->param('pwd');
249 if ($pwd ne '' or not $self->{crypt}) {
250 $self->{crypt} = scrypt
($pwd);
253 if ($cgi->param('pwd2') and $pwd ne $cgi->param('pwd2')) {
254 $gcgi->err("Our high-paid security consultants have determined that the admin passwords you have entered do not match each other.");
257 $self->{cpwd
} = $cgi->param('cpwd');
259 $self->{email
} = $gcgi->wparam('email');
260 valid_email
($self->{email
})
261 or $gcgi->err("Your email sure looks weird...?");
263 $self->{url
} = $gcgi->wparam('url');
265 valid_repo_url
($self->{url
})
266 or $gcgi->err("Invalid URL. Note that only HTTP and Git protocol is supported. If the URL contains funny characters, contact me.");
269 $self->{desc
} = $gcgi->wparam('desc');
270 length($self->{desc
}) <= 1024
271 or $gcgi->err("<b>Short</b> description length > 1kb!");
273 $self->{README
} = $gcgi->wparam('README');
274 length($self->{README
}) <= 8192
275 or $gcgi->err("README length > 8kb!");
277 $self->{hp
} = $gcgi->wparam('hp');
279 valid_web_url
($self->{hp
})
280 or $gcgi->err("Invalid homepage URL. Note that only HTTP protocol is supported. If the URL contains funny characters, contact me.");
283 # FIXME: Permit only existing users
284 $self->{users
} = [grep { Girocco
::User
::valid_name
($_) } $cgi->param('user')];
286 not $gcgi->err_check;
292 name
=> $self->{name
},
293 email
=> $self->{email
},
295 desc
=> html_esc
($self->{desc
}),
296 README
=> html_esc
($self->{README
}),
298 users
=> $self->{users
},
306 $self->{ccrypt
} or die "Can't authenticate against a project with no password";
307 $self->{cpwd
} or $gcgi->err("No password entered.");
308 unless ($self->{ccrypt
} eq crypt($self->{cpwd
}, $self->{ccrypt
})) {
309 $gcgi->err("Your admin password does not match!");
319 $self->_mkdir_forkees;
321 mkdir($self->{path
}) or die "mkdir $self->{path} failed: $!";
322 my $gid = scalar(getgrnam($Girocco::Config
::owning_group
));
323 chown(-1, $gid, $self->{path
}) or die "chgrp $gid $self->{path} failed: $!";
324 chmod(02775, $self->{path
}) or die "chmod 2775 $self->{path} failed: $!";
325 system($Girocco::Config
::git_bin
, '--git-dir='.$self->{path
}, 'init', '--bare', '--shared='.$self->shared_mode()) == 0
326 or die "git init $self->{path} failed: $?";
327 system($Girocco::Config
::git_bin
, '--git-dir='.$self->{path
}, 'config', 'receive.denyNonFastforwards', 'false') == 0
328 or die "disabling receive.denyNonFastforwards failed: $?";
330 $self->_properties_save;
331 $self->_alternates_setup;
333 $self->_group_add($pushers);
334 $self->_hooks_install;
335 $self->perm_initialize;
355 my $sock = IO
::Socket
::UNIX
->new('/tmp/girocco.cloned') or die "cannot connect to girocco.cloned: $!";
356 $sock->print($self->{name
}.".git\n");
357 # Just ignore reply, we are going to succeed anyway and the I/O
358 # would apparently get quite hairy.
367 $self->_properties_save;
368 $self->_group_update;
370 my @users_add = grep { $a = $_; not scalar grep { $a eq $_ } $self->{orig_users
} } $self->{users
};
371 my @users_del = grep { $a = $_; not scalar grep { $a eq $_ } $self->{users
} } $self->{orig_users
};
372 $self->perm_user_add($_, Girocco
::User
::resolve_uid
($_)) foreach (@users_add);
373 $self->perm_user_del($_, Girocco
::User
::resolve_uid
($_)) foreach (@users_del);
376 sub update_password
{
380 $self->{crypt} = scrypt
($pwd);
381 $self->_group_update;
384 # You can explicitly do this just on a ghost() repository too.
388 if (-d
$self->{path
}) {
389 system('rm', '-rf', $self->{path
}) == 0
390 or die "rm -rf $self->{path} failed: $?";
392 $self->_group_remove;
398 return glob($Girocco::Config
::reporoot
.'/'.$self->{name
}.'/*');
404 sub get_forkee_name
{
406 (m
#^(.*)/.*?$#)[0]; #
408 sub get_forkee_path
{
409 my $forkee = $Girocco::Config
::reporoot
.'/'.get_forkee_name
($_[0]).'.git';
410 -d
$forkee ?
$forkee : '';
415 (not m
#/# or -d get_forkee_path($_)) # will also catch ^/
418 and m
#^[a-zA-Z0-9+./_-]+$#;
423 valid_name
($name) or die "tried to query for project with invalid name $name!";
428 valid_name
($name) or die "tried to query for project with invalid name $name!";
429 (-d
$Girocco::Config
::reporoot
."/$name.git");