search:
summary | log | graphiclog1 | graphiclog2 | refs | edit | fork

e4e63062bbf826d767e2074870d96f58ed51cd0f
[girocco.git] / Girocco / Project.pm
blobe4e63062bbf826d767e2074870d96f58ed51cd0f
1 package Girocco::Project;
2
3 use strict;
4 use warnings;
5
6 BEGIN {
7 use Girocco::CGI;
8 use Girocco::User;
9 use Girocco::Util;
10 use Girocco::ProjPerm;
11 use Girocco::Config;
12 use base ('Girocco::ProjPerm::'.$Girocco::Config::permission_control); # mwahaha
13 }
14
15 BEGIN {
16 eval {
17 require Digest::SHA;
18 Digest::SHA->import(
19 qw(sha1_hex)
20 );1} ||
21 eval {
22 require Digest::SHA1;
23 Digest::SHA1->import(
24 qw(sha1_hex)
25 );1} ||
26 eval {
27 require Digest::SHA::PurePerl;
28 Digest::SHA::PurePerl->import(
29 qw(sha1_hex)
30 );1} ||
31 die "One of Digest::SHA or Digest::SHA1 or Digest::SHA::PurePerl "
32 . "must be available\n";
33 }
34
35 our $metadata_fields = {
36 homepage => ['Homepage URL', 'hp', 'text'],
37 shortdesc => ['Short description', 'desc', 'text'],
38 README => ['README (HTML, lt 8kb)', 'README', 'textarea'],
39 notifymail => ['Commit notify - mail to', 'notifymail', 'text'],
40 notifyjson => ['Commit notify - <a href="http://help.github.com/post-receive-hooks/">POST JSON</a> at', 'notifyjson', 'text'],
41 notifycia => ['Commit notify - <a href="http://cia.vc/doc/">CIA project</a> name', 'notifycia', 'text'],
42 };
43
44 sub _mkdir_forkees {
45 my $self = shift;
46 my @pelems = split('/', $self->{name});
47 pop @pelems; # do not create dir for the project itself
48 my $path = $self->{base_path};
49 foreach my $pelem (@pelems) {
50 $path .= "/$pelem";
51 (-d "$path") or mkdir $path or die "mkdir $path: $!";
52 chmod 02775, $path; # ok if fails (dir may already exist and be owned by someone else)
53 }
54 }
55
56 our %propmap = (
57 url => ':baseurl',
58 email => ':owner',
59 desc => 'description',
60 README => 'README.html',
61 hp => ':homepage',
62 notifymail => '%hooks.mailinglist',
63 notifytag => '%hooks.announcelist',
64 notifyjson => '%hooks.jsonurl',
65 notifycia => '%hooks.cianame',
66 );
67
68 our %propmapro = (
69 lastchange => ':lastchange',
70 );
71
72 sub _update_index {
73 system($Girocco::Config::basedir . '/gitweb/genindex.sh');
74 }
75
76 sub _property_path {
77 my $self = shift;
78 my ($name) = @_;
79 $self->{path}.'/'.$name;
80 }
81
82 sub _property_fget {
83 my $self = shift;
84 my ($name) = @_;
85 my $pname = $propmap{$name};
86 $pname = $propmapro{$name} unless $pname;
87 $pname or die "unknown property: $name";
88 if ($pname =~ s/^://) {
89 my $val = `git --git-dir="$self->{path}" config "gitweb.$pname"`;
90 chomp $val;
91 return $val;
92 } elsif ($pname =~ s/^%//) {
93 my $val = `git --git-dir="$self->{path}" config "$pname"`;
94 chomp $val;
95 return $val;
96 }
97
98 open P, '<', $self->_property_path($pname) or return undef;
99 my @value = <P>;
100 close P;
101 my $value = join('', @value); chomp $value;
102 $value;
103 }
104
105 sub _property_fput {
106 my $self = shift;
107 my ($name, $value) = @_;
108 my $pname = $propmap{$name};
109 $pname or die "unknown property: $name";
110 $value ||= '';
111 if ($pname =~ s/^://) {
112 system('git', '--git-dir='.$self->{path}, 'config', "gitweb.$pname", $value);
113 return;
114 } elsif ($pname =~ s/^%//) {
115 system('git', '--git-dir='.$self->{path}, 'config', $pname, $value);
116 return;
117 }
118
119 my $P = lock_file($self->_property_path($pname));
120 $value ne '' and print $P "$value\n";
121 close $P;
122 unlock_file($self->_property_path($pname));
123 }
124
125 sub _properties_load {
126 my $self = shift;
127 foreach my $prop (keys %propmap) {
128 $self->{$prop} = $self->_property_fget($prop);
129 }
130 foreach my $prop (keys %propmapro) {
131 $self->{$prop} = $self->_property_fget($prop);
132 }
133 my $val = `git --git-dir="$self->{path}" config --bool "gitweb.statusupdates" 2>/dev/null`;
134 chomp $val;
135 $val = ($val eq 'false') ? 0 : 1;
136 $self->{statusupdates} = $val;
137 delete $self->{auth};
138 $val = `git --git-dir="$self->{path}" config "gitweb.delauth"`;
139 chomp $val;
140 if ($val =~ /^# DELAUTH ([0-9a-f]+) (\d+)/) {
141 my $expire = $2;
142 $self->{auth} = $1 unless (time >= $expire);
143 }
144 }
145
146 sub _properties_save {
147 my $self = shift;
148 foreach my $prop (keys %propmap) {
149 $self->_property_fput($prop, $self->{$prop});
150 }
151 $self->{statusupdates} = 1
152 unless defined($self->{statusupdates}) && $self->{statusupdates} =~ /^\d+$/;
153 system('git', '--git-dir='.$self->{path}, 'config', '--bool',
154 "gitweb.statusupdates", $self->{statusupdates});
155 }
156
157 sub _nofetch_path {
158 my $self = shift;
159 $self->_property_path('.nofetch');
160 }
161
162 sub _nofetch {
163 my $self = shift;
164 my ($nofetch) = @_;
165 my $nf = $self->_nofetch_path;
166 if ($nofetch) {
167 open X, '>', $nf or die "nofetch failed: $!";
168 close X;
169 } else {
170 unlink $nf or die "yesfetch failed: $!";
171 }
172 }
173
174 sub _clonelog_path {
175 my $self = shift;
176 $self->_property_path('.clonelog');
177 }
178
179 sub _clonefail_path {
180 my $self = shift;
181 $self->_property_path('.clone_failed');
182 }
183
184 sub _clonep_path {
185 my $self = shift;
186 $self->_property_path('.clone_in_progress');
187 }
188
189 sub _clonep {
190 my $self = shift;
191 my ($nofetch) = @_;
192 my $np = $self->_clonep_path;
193 if ($nofetch) {
194 open X, '>', $np or die "clonep failed: $!";
195 close X;
196 } else {
197 unlink $np or die "clonef failed: $!";
198 }
199 }
200 sub _alternates_setup {
201 my $self = shift;
202 return unless $self->{name} =~ m#/#;
203 my $forkee_name = get_forkee_name($self->{name});
204 my $forkee_path = get_forkee_path($self->{name});
205 return unless -d $forkee_path;
206 mkdir $self->{path}.'/refs'; chmod 02775, $self->{path}.'/refs';
207 mkdir $self->{path}.'/objects'; chmod 02775, $self->{path}.'/objects';
208 mkdir $self->{path}.'/objects/info'; chmod 02775, $self->{path}.'/objects/info';
209
210 # We set up both alternates and http_alternates since we cannot use
211 # relative path in alternates - that doesn't work recursively.
212
213 my $filename = $self->{path}.'/objects/info/alternates';
214 open X, '>', $filename or die "alternates failed: $!";
215 print X "$forkee_path/objects\n";
216 close X;
217 chmod 0664, $filename or warn "cannot chmod $filename: $!";
218
219 if ($Girocco::Config::httppullurl) {
220 $filename = $self->{path}.'/objects/info/http-alternates';
221 open X, '>', $filename or die "http-alternates failed: $!";
222 my $upfork = $forkee_name;
223 do { print X "$Girocco::Config::httppullurl/$upfork.git/objects\n"; } while ($upfork =~ s#/?.+?$## and $upfork); #
224 close X;
225 chmod 0664, $filename or warn "cannot chmod $filename: $!";
226 }
227
228 # The symlink is problematic since git remote prune will traverse it.
229 #symlink "$forkee_path/refs", $self->{path}.'/refs/forkee';
230
231 # copy refs from parent project
232 # ownership information is changed by a root cronjob
233 system("cp -pR $forkee_path/refs $self->{path}/");
234 # initialize HEAD, hacky version
235 system("cp $forkee_path/HEAD $self->{path}/HEAD");
236 }
237
238 sub _ctags_setup {
239 my $self = shift;
240 mkdir $self->{path}.'/ctags'; chmod 01777, $self->{path}.'/ctags';
241 }
242
243 sub _group_add {
244 my $self = shift;
245 my ($xtra) = @_;
246 $xtra .= join(',', @{$self->{users}});
247 filedb_atomic_append(jailed_file('/etc/group'),
248 join(':', $self->{name}, $self->{crypt}, '\i', $xtra));
249 }
250
251 sub _group_update {
252 my $self = shift;
253 my $xtra = join(',', @{$self->{users}});
254 filedb_atomic_edit(jailed_file('/etc/group'),
255 sub {
256 $_ = $_[0];
257 chomp;
258 if ($self->{name} eq (split /:/)[0]) {
259 # preserve readonly flag
260 s/::([^:]*)$/:$1/ and $xtra = ":$xtra";
261 return join(':', $self->{name}, $self->{crypt}, $self->{gid}, $xtra)."\n";
262 } else {
263 return "$_\n";
264 }
265 }
266 );
267 }
268
269 sub _group_remove {
270 my $self = shift;
271 filedb_atomic_edit(jailed_file('/etc/group'),
272 sub {
273 $self->{name} ne (split /:/)[0] and return $_;
274 }
275 );
276 }
277
278 sub _hook_path {
279 my $self = shift;
280 my ($name) = @_;
281 $self->{path}.'/hooks/'.$name;
282 }
283
284 sub _hook_install {
285 my $self = shift;
286 my ($name) = @_;
287 open SRC, '<', "$Girocco::Config::basedir/hooks/$name" or die "cannot open hook $name: $!";
288 open DST, '>', $self->_hook_path($name) or die "cannot open hook $name for writing: $!";
289 while (<SRC>) { print DST $_; }
290 close DST;
291 close SRC;
292 chmod 0775, $self->_hook_path($name) or die "cannot chmod hook $name: $!";
293 }
294
295 sub _hooks_install {
296 my $self = shift;
297 foreach my $hook ('post-receive', 'update', 'post-update') {
298 $self->_hook_install($hook);
299 }
300 }
301
302 # private constructor, do not use
303 sub _new {
304 my $class = shift;
305 my ($name, $base_path, $path) = @_;
306 valid_name($name) or die "refusing to create project with invalid name ($name)!";
307 $path ||= "$base_path/$name.git";
308 my $proj = { name => $name, base_path => $base_path, path => $path };
309
310 bless $proj, $class;
311 }
312
313 # public constructor #0
314 # creates a virtual project not connected to disk image
315 # you can conjure() it later to disk
316 sub ghost {
317 my $class = shift;
318 my ($name, $mirror) = @_;
319 my $self = $class->_new($name, $Girocco::Config::reporoot);
320 $self->{users} = [];
321 $self->{mirror} = $mirror;
322 $self->{email} = $self->{orig_email} = '';
323 $self;
324 }
325
326 # public constructor #1
327 sub load {
328 my $class = shift;
329 my $name = shift || '';
330
331 open F, '<', jailed_file("/etc/group") or die "project load failed: $!";
332 while (<F>) {
333 chomp;
334 @_ = split /:+/;
335 next unless (shift eq $name);
336
337 my $self = $class->_new($name, $Girocco::Config::reporoot);
338 (-d $self->{path}) or die "invalid path (".$self->{path}.") for project ".$self->{name};
339
340 my $ulist;
341 ($self->{crypt}, $self->{gid}, $ulist) = @_;
342 $ulist ||= '';
343 $self->{users} = [split /,/, $ulist];
344 $self->{HEAD} = $self->get_HEAD;
345 $self->{orig_HEAD} = $self->{HEAD};
346 $self->{orig_users} = [@{$self->{users}}];
347 $self->{mirror} = ! -e $self->_nofetch_path;
348 $self->{clone_in_progress} = -e $self->_clonep_path;
349 $self->{clone_logged} = -e $self->_clonelog_path;
350 $self->{clone_failed} = -e $self->_clonefail_path;
351 $self->{ccrypt} = $self->{crypt};
352
353 $self->_properties_load;
354 $self->{orig_email} = $self->{email};
355 return $self;
356 }
357 close F;
358 undef;
359 }
360
361 # $proj may not be in sane state if this returns false!
362 sub cgi_fill {
363 my $self = shift;
364 my ($gcgi) = @_;
365 my $cgi = $gcgi->cgi;
366
367 my ($pwd, $pwd2) = ($cgi->param('pwd'), $cgi->param('pwd2'));
368 $pwd ||= ''; $pwd2 ||= ''; # in case passwords are disabled
369 if ($pwd or not $self->{crypt}) {
370 $self->{crypt} = scrypt($pwd);
371 }
372
373 if ($pwd2 and $pwd ne $pwd2) {
374 $gcgi->err("Our high-paid security consultants have determined that the admin passwords you have entered do not match each other.");
375 }
376
377 $self->{cpwd} = $cgi->param('cpwd');
378
379 if ($Girocco::Config::project_owners eq 'email') {
380 $self->{email} = $gcgi->wparam('email');
381 valid_email($self->{email})
382 or $gcgi->err("Your email sure looks weird...?");
383 }
384
385 $self->{url} = $gcgi->wparam('url');
386 if ($self->{url}) {
387 valid_repo_url($self->{url})
388 or $gcgi->err("Invalid URL. Note that only HTTP and Git protocol is supported. If the URL contains funny characters, contact me.");
389 }
390
391 $self->{desc} = $gcgi->wparam('desc');
392 length($self->{desc}) <= 1024
393 or $gcgi->err("<b>Short</b> description length &gt; 1kb!");
394
395 $self->{README} = $gcgi->wparam('README');
396 length($self->{README}) <= 8192
397 or $gcgi->err("README length &gt; 8kb!");
398
399 $self->{hp} = $gcgi->wparam('hp');
400 if ($self->{hp}) {
401 valid_web_url($self->{hp})
402 or $gcgi->err("Invalid homepage URL. Note that only HTTP protocol is supported. If the URL contains funny characters, contact me.");
403 }
404
405 $self->{users} = [grep { Girocco::User::valid_name($_) && Girocco::User::does_exist($_) } $cgi->param('user')];
406
407 $self->{HEAD} = $cgi->param('HEAD') if $cgi->param('HEAD');
408
409 # schedule deletion of tags (will be committed by update() after auth)
410 $self->{tags_to_delete} = [$cgi->param('tags')];
411
412 $self->{notifymail} = $gcgi->wparam('notifymail');
413 if ($self->{notifymail}) {
414 (valid_email_multi($self->{notifymail}) and length($self->{notifymail}) <= 512)
415 or $gcgi->err("Invalid notify e-mail address. Use mail,mail to specify multiple addresses; total length must not exceed 512 characters, however.");
416 }
417
418 $self->{notifyjson} = $gcgi->wparam('notifyjson');
419 if ($self->{notifyjson}) {
420 valid_web_url($self->{notifyjson})
421 or $gcgi->err("Invalid JSON notify URL. Note that only HTTP protocol is supported. If the URL contains funny characters, contact me.");
422 }
423
424 $self->{notifycia} = $gcgi->wparam('notifycia');
425 if ($self->{notifycia}) {
426 $self->{notifycia} =~ /^[a-zA-Z0-9._-]+$/
427 or $gcgi->err("Overly suspicious CIA notify project name. If it is actually valid, contact me.");
428 }
429
430 if ($cgi->param('setstatusupdates')) {
431 my $val = $gcgi->wparam('statusupdates') || '0';
432 $self->{statusupdates} = $val ? 1 : 0;
433 }
434
435 not $gcgi->err_check;
436 }
437
438 sub form_defaults {
439 my $self = shift;
440 (
441 name => $self->{name},
442 email => $self->{email},
443 url => $self->{url},
444 desc => html_esc($self->{desc}),
445 README => html_esc($self->{README}),
446 hp => $self->{hp},
447 users => $self->{users},
448 notifymail => html_esc($self->{notifymail}),
449 notifyjson => html_esc($self->{notifyjson}),
450 notifycia => html_esc($self->{notifycia}),
451 );
452 }
453
454 sub authenticate {
455 my $self = shift;
456 my ($gcgi) = @_;
457
458 $self->{ccrypt} or die "Can't authenticate against a project with no password";
459 $self->{cpwd} ||= '';
460 unless ($self->{ccrypt} eq crypt($self->{cpwd}, $self->{ccrypt})) {
461 $gcgi->err("Your admin password does not match!");
462 return 0;
463 }
464 return 1;
465 }
466
467 sub _setup {
468 my $self = shift;
469 my ($pushers) = @_;
470
471 $self->_mkdir_forkees;
472
473 mkdir($self->{path}) or die "mkdir $self->{path} failed: $!";
474 if ($Girocco::Config::owning_group) {
475 my $gid = scalar(getgrnam($Girocco::Config::owning_group));
476 chown(-1, $gid, $self->{path}) or die "chgrp $gid $self->{path} failed: $!";
477 chmod(02775, $self->{path}) or die "chmod 2775 $self->{path} failed: $!";
478 } else {
479 chmod(02777, $self->{path}) or die "chmod 2777 $self->{path} failed: $!";
480 }
481 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'init', '--bare', '--shared='.$self->shared_mode()) == 0
482 or die "git init $self->{path} failed: $?";
483 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', 'receive.denyNonFastforwards', 'false') == 0
484 or die "disabling receive.denyNonFastforwards failed: $?";
485 system($Girocco::Config::git_bin, '--git-dir='.$self->{path}, 'config', 'gc.auto', '0') == 0
486 or die "disabling gc.auto failed: $?";
487
488 # /info must have right permissions,
489 # and git init didn't do it for some reason.
490 if ($Girocco::Config::owning_group) {
491 chmod(02775, $self->{path}."/info") or die "chmod 2775 $self->{path}/info failed: $!";
492 } else {
493 chmod(02777, $self->{path}."/info") or die "chmod 2777 $self->{path}/info failed: $!";
494 }
495
496 $self->_properties_save;
497 $self->_alternates_setup;
498 $self->_ctags_setup;
499 $self->_group_remove;
500 $self->_group_add($pushers);
501 $self->_hooks_install;
502 #$self->perm_initialize;
503 $self->_update_index;
504 }
505
506 sub premirror {
507 my $self = shift;
508
509 $self->_setup(':');
510 $self->_clonep(1);
511 $self->perm_initialize;
512 }
513
514 sub conjure {
515 my $self = shift;
516
517 $self->_setup;
518 $self->_nofetch(1);
519 $self->perm_initialize;
520 }
521
522 sub clone {
523 my $self = shift;
524
525 unlink ($self->_clonefail_path()); # Ignore EEXIST error
526 unlink ($self->_clonelog_path()); # Ignore EEXIST error
527
528 use IO::Socket;
529 my $sock = IO::Socket::UNIX->new($Girocco::Config::chroot.'/etc/taskd.socket') or die "cannot connect to taskd.socket: $!";
530 $sock->print("clone ".$self->{name}."\n");
531 # Just ignore reply, we are going to succeed anyway and the I/O
532 # would apparently get quite hairy.
533 $sock->flush();
534 sleep 2; # *cough*
535 $sock->close();
536 }
537
538 sub update {
539 my $self = shift;
540
541 $self->_properties_save;
542 $self->_group_update;
543
544 if (exists($self->{tags_to_delete})) {
545 $self->delete_ctag($_) foreach(@{$self->{tags_to_delete}});
546 }
547
548 $self->set_HEAD($self->{HEAD}) unless $self->{orig_HEAD} eq $self->{HEAD};
549
550 my @users_add = grep { $a = $_; not scalar grep { $a eq $_ } $self->{orig_users} } $self->{users};
551 my @users_del = grep { $a = $_; not scalar grep { $a eq $_ } $self->{users} } $self->{orig_users};
552 $self->perm_user_add($_, Girocco::User::resolve_uid($_)) foreach (@users_add);
553 $self->perm_user_del($_, Girocco::User::resolve_uid($_)) foreach (@users_del);
554
555 $self->_update_index if $self->{email} ne $self->{orig_email};
556 $self->{orig_email} = $self->{email};
557
558 1;
559 }
560
561 sub update_password {
562 my $self = shift;
563 my ($pwd) = @_;
564
565 $self->{crypt} = scrypt($pwd);
566 $self->_group_update;
567 }
568
569 # You can explicitly do this just on a ghost() repository too.
570 sub delete {
571 my $self = shift;
572
573 if (-d $self->{path}) {
574 system('rm', '-rf', $self->{path}) == 0
575 or die "rm -rf $self->{path} failed: $?";
576 }
577 # attempt to clean up any empty fork directories by removing them
578 my @pelems = split('/', $self->{name});
579 while (@pelems > 1) {
580 pop @pelems;
581 # okay to fail
582 rmdir join('/', $Girocco::Config::reporoot, @pelems) or last;
583 }
584 $self->_group_remove;
585 $self->_update_index;
586 }
587
588 sub _contains_files {
589 my $dir = shift;
590 (-d $dir) or return 0;
591 opendir(my $dh, $dir) or die "opendir $dir failed: $!";
592 while (my $entry = readdir($dh)) {
593 next if $entry eq '' || $entry eq '.' || $entry eq '..';
594 closedir($dh), return 1
595 if -f "$dir/$entry" ||
596 -d "$dir/$entry" && _contains_files("$dir/$entry");
597 }
598 closedir($dh);
599 return 0;
600 }
601
602 sub has_forks {
603 my $self = shift;
604
605 return _contains_files($Girocco::Config::reporoot.'/'.$self->{name});
606 }
607
608 sub is_empty {
609 # A project is considered empty if the git repository does not
610 # have any refs. This means packed-refs does not exist or is
611 # empty or only has lines starting with '#' AND there are no
612 # files in the refs subdirectory hierarchy (no matter how deep).
613
614 my $self = shift;
615
616 (-d $self->{path}) or return 0;
617 if (-e $self->{path}.'/packed-refs') {
618 open(my $pr, '<', $self->{path}.'/packed-refs')
619 or die "open $self->{path}./packed-refs failed: $!";
620 my $foundref = 0;
621 while (my $ref = <$pr>) {
622 next if $ref =~ /^#/;
623 $foundref = 1;
624 last;
625 }
626 close($pr);
627 return 0 if $foundref;
628 }
629 (-d $self->{path}.'/refs') or return 1;
630 return !_contains_files($self->{path}.'/refs');
631 }
632
633 sub delete_ctag {
634 my $self = shift;
635 my ($ctag) = @_;
636
637 # sanity check, disallow filenames starting with . .. or /
638 unlink($self->{path}.'/ctags/'.$ctag) if($ctag !~ m|^(\.\.?)/|);
639 }
640
641 sub get_ctag_names {
642 my $self = shift;
643 my @ctags = ();
644 opendir(my $dh, $self->{path}.'/ctags')
645 or return @ctags;
646 @ctags = grep { -f "$self->{path}/ctags/$_" } readdir($dh);
647 closedir($dh);
648 return @ctags;
649 }
650
651 sub get_heads {
652 my $self = shift;
653 my $fh;
654 open($fh, '-|', "$Girocco::Config::git_bin --git-dir=$self->{path} show-ref --heads") or die "could not get list of heads";
655 my @res;
656 while (<$fh>) {
657 chomp;
658 next if !m#^[0-9a-f]{40}\s+refs/heads/(.+)$ #x;
659 push @res, $1;
660 }
661 close $fh;
662 @res;
663 }
664
665 sub get_HEAD {
666 my $self = shift;
667 my $HEAD = `$Girocco::Config::git_bin --git-dir=$self->{path} symbolic-ref HEAD`;
668 chomp $HEAD;
669 die "could not get HEAD" if ($HEAD !~ m{^refs/heads/(.+)$});
670 return $1;
671 }
672
673 sub set_HEAD {
674 my $self = shift;
675 my $newHEAD = shift;
676 # Cursory checks only -- if you want to break your HEAD, be my guest
677 if ($newHEAD =~ /^\/|['<>]|\.\.|\/$/) {
678 die "grossly invalid new HEAD: $newHEAD";
679 }
680 system($Girocco::Config::git_bin, "--git-dir=$self->{path}", 'symbolic-ref', 'HEAD', "refs/heads/$newHEAD");
681 die "could not set HEAD" if ($? >> 8);
682 }
683
684 sub gen_auth {
685 my $self = shift;
686
687 $self->{auth} = sha1_hex(time . $$ . rand() . join(':',%$self));
688 my $expire = time + 24 * 3600;
689 my $propval = "# DELAUTH $self->{auth} $expire";
690 system('git', '--git-dir='.$self->{path}, 'config', 'gitweb.delauth', $propval);
691 $self->{auth};
692 }
693
694 sub del_auth {
695 my $self = shift;
696
697 delete $self->{auth};
698 system('git', '--git-dir='.$self->{path}, 'config', '--unset', 'gitweb.delauth');
699 }
700
701 sub remove_user {
702 my $self = shift;
703 my ($username) = @_;
704
705 my $before_count = @{$self->{users}};
706 $self->{users} = [grep { $_ ne $username } @{$self->{users}}];
707 return @{$self->{users}} != $before_count;
708 }
709
710 ### static methods
711
712 sub get_forkee_name {
713 local $_ = $_[0];
714 (m#^(.*)/.*?$#)[0]; #
715 }
716 sub get_forkee_path {
717 my $forkee = $Girocco::Config::reporoot.'/'.get_forkee_name($_[0]).'.git';
718 -d $forkee ? $forkee : '';
719 }
720
721 sub valid_name {
722 local $_ = $_[0];
723 (not m#/# or -d get_forkee_path($_)) # will also catch ^/
724 and (not m#\./#)
725 and (not m#/$#)
726 and m#^[a-zA-Z0-9+./_-]+$#;
727 }
728
729 sub does_exist {
730 my ($name) = @_;
731 valid_name($name) or die "tried to query for project with invalid name $name!";
732 (-d $Girocco::Config::reporoot."/$name.git");
733 }
734
735 sub get_full_list {
736 my $class = shift;
737 my @projects;
738
739 open F, '<', jailed_file("/etc/group") or die "getting project list failed: $!";
740 while (<F>) {
741 chomp;
742 @_ = split /:+/;
743 next if ($_[2] < 65536);
744
745 push @projects, $_[0];
746 }
747 close F;
748 @projects;
749 }
750
751
752 1;
The repo.or.cz duct tape "Girocco"