search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
install.sh: update Git version check security warnings
[girocco.git] / cgi / regproj.cgi
blobce04226c2906130faf1114aeab44b4b950ebbcd2
1 #!/usr/bin/perl
2 # (c) Petr Baudis <pasky@suse.cz>
3 # GPLv2
4
5 use strict;
6 use warnings;
7
8 use lib ".";
9 use Girocco::CGI;
10 use Girocco::Config;
11 use Girocco::Project;
12 use Girocco::Util;
13
14 my $gcgi = Girocco::CGI->new('Project Registration');
15 my $cgi = $gcgi->cgi;
16
17 my $name = $cgi->param('name');
18 defined($name) or $name = '';
19
20 my $fork = $cgi->param('fork');
21 if (defined($fork)) {
22 $fork =~ s/\.git$//;
23 $name = "$fork/$name";
24 }
25 my $escname = $name;
26 $escname =~ s/[+]/%2B/g;
27 my $mirror_mode_set = 1;
28 if ($Girocco::Config::mirror && $Girocco::Config::push) {
29 $mirror_mode_set = 0 unless ($Girocco::Config::initial_regproj_mode||'') eq 'mirror';
30 }
31 my %values = (
32 desc => '',
33 email => '',
34 hp => '',
35 mirror => $mirror_mode_set,
36 notifymail => '',
37 notifytag => '',
38 notifyjson => '',
39 notifycia => '',
40 README => '',
41 source => 'Anywhere',
42 url => '',
43 Anywhere_url => '',
44 GitHub_i0 => '',
45 GitHub_i1 => '',
46 Gitorious_i0 => '',
47 Gitorious_i1 => '',
48 );
49 $values{'mirror'} = 0 unless $Girocco::Config::mirror;
50 $values{'mirror'} = 0 if $Girocco::Config::push && $name =~ m#/#;
51 if (@{[$name =~ m#/#g]} > 5) {
52 $gcgi->err("Unable to create a fork more than five levels deep, please fork the parent project instead.");
53 exit;
54 }
55 my $y0 = $cgi->param('y0') || '';
56 if ($cgi->param('mode') && $y0 eq 'Register' && $cgi->request_method eq 'POST') {
57 # submitted, let's see
58 # FIXME: racy, do a lock
59 my $validname = 1;
60 if (Girocco::Project::valid_name($name)) {
61 Girocco::Project::does_exist($name,1)
62 and $gcgi->err("Project with the name '$name' already exists.");
63 } else {
64 $validname = 0;
65 if ($name =~ /^(.*)\.git$/i && Girocco::Project::valid_name($1)) {
66 $gcgi->err("Project name should not end with <tt>.git</tt> - I'll add that automagically.");
67 } else {
68 my $htmlname = html_esc($name);
69 $gcgi->err(
70 "Invalid project name \"$htmlname\" ".
71 "(contains bad characters or is a reserved project name). ".
72 "See <a href=\"@{[url_path($Girocco::Config::htmlurl)]}/names.html\">names</a>.");
73 }
74 }
75
76 my $check = $cgi->param('mail');
77 $check =~ tr/ \t/ /s; $check =~ s/^ //; $check =~ s/ $//;
78 if ($check !~ /^(?:(?:(?:the )?sun)|(?:sol))$/i) {
79 $gcgi->err("Sorry, invalid captcha check.");
80 }
81
82 foreach my $key (keys(%values)) {
83 $values{$key} = html_esc($cgi->param($key));
84 }
85 my $mirror = ($cgi->param('mode')||'') eq 'mirror';
86 $values{'mirror'} = $Girocco::Config::mirror && $mirror ? 1 : 0;
87
88 if ($mirror and $Girocco::Config::mirror_sources and not $cgi->param('url')) {
89 my $src = $cgi->param('source'); $src ||= '';
90 my $source; $src and $source = (grep { $_->{label} eq $src } @$Girocco::Config::mirror_sources)[0];
91 $source or $gcgi->err("Invalid or no mirror source $src specified");
92
93 my $n = $source->{label};
94 my $u = $source->{url};
95 if ($source->{inputs}) {
96 for my $i (0..$#{$source->{inputs}}) {
97 my $v = $cgi->param($n.'_i'.$i);
98 unless ($v) {
99 $gcgi->err("Source specifier '".$source->{inputs}->[$i]->{label}."' not filled.");
100 next;
101 }
102 my $ii = $i + 1;
103 $u =~ s/%$ii/$v/g;
104 }
105 } else {
106 $u = $cgi->param($n.'_url');
107 $u or $gcgi->err("Source URL not specified");
108 }
109 $cgi->param('url', $u);
110 }
111
112 my $proj = Girocco::Project->ghost($name, $mirror) if $validname;
113 if ($validname && $proj->cgi_fill($gcgi)) {
114 if ($mirror) {
115 unless ($Girocco::Config::mirror) {
116 $gcgi->err("Mirroring mode is not enabled at this site.");
117 exit;
118 }
119 $proj->premirror;
120 $proj->clone;
121 print "<p>Please <a href=\"@{[url_path($Girocco::Config::webadmurl)]}/mirrorproj.cgi?name=$escname\">pass onwards</a>.</p>\n";
122 print "<script language=\"javascript\">document.location='@{[url_path($Girocco::Config::webadmurl)]}/mirrorproj.cgi?name=$escname'</script>\n";
123
124 } else {
125 unless ($Girocco::Config::push) {
126 $gcgi->err("Push mode is not enabled at this site.");
127 exit;
128 }
129 $proj->conjure;
130 print <<EOT;
131 <p>Project <a href="@{[url_path($Girocco::Config::gitweburl)]}/$name.git">$name</a> successfully set up.</p>
132 EOT
133 my @pushurls = ();
134 push(@pushurls, "<tt>$Girocco::Config::pushurl/$name.git</tt>") if $Girocco::Config::pushurl;
135 push(@pushurls, "<tt>$Girocco::Config::httpspushurl/$name.git</tt> " .
136 "<sup><a href=\"@{[url_path($Girocco::Config::htmlurl)]}/httpspush.html\">(learn more)</a></sup>")
137 if $Girocco::Config::httpspushurl;
138 print "<p>The push URL(s) for the project: " . join(", ", @pushurls) . "</p>" if @pushurls;
139 my @pullurls = ();
140 push(@pullurls, $Girocco::Config::gitpullurl) if $Girocco::Config::gitpullurl;
141 push(@pullurls, $Girocco::Config::httppullurl) if $Girocco::Config::httppullurl;
142 print "<p>The read-only URL(s) for the project: <tt>" .
143 join("/$name.git</tt>, <tt>", @pullurls) .
144 "/$name.git</tt></p>" if @pullurls;
145 my $regnotice = '';
146 if ($Girocco::Config::manage_users) {
147 $regnotice = <<EOT;
148 Everyone who wants to push must <a href="@{[url_path($Girocco::Config::webadmurl)]}/reguser.cgi">register oneself as a user</a> first.
149 (One user can have push access to multiple projects and multiple users can have push access to one project.)
150 EOT
151 }
152 my $pushy = $Girocco::Config::pushurl || $Girocco::Config::httpspushurl;
153 my $pushyhint = '';
154 $pushyhint = " # <span style='font-family:sans-serif'><sup style='position:fixed'>" .
155 "<a href=\"@{[url_path($Girocco::Config::htmlurl)]}/httpspush.html\">(learn more)</a></sup>" .
156 "</span>" if $pushy =~ /^https:/i;
157 print <<EOT;
158 <p>You can <a href="@{[url_path($Girocco::Config::webadmurl)]}/editproj.cgi?name=$escname">assign users</a> now
159 - don't forget to assign yourself as a user as well if you want to push!
160 $regnotice
161 </p>
162 <p>Note that you cannot clone an empty repository since it contains no branches; you need to make the first push from an existing repository.
163 To import a new project, the procedure is roughly as follows:
164 <pre>
165 \$ git init
166 \$ git add
167 \$ git commit
168 \$ git remote add origin $pushy/$name.git$pushyhint
169 \$ git push --all origin
170 </pre>
171 </p>
172 <p>Enjoy yourself, and have a lot of fun!</p>
173 EOT
174 }
175 exit;
176 }
177 }
178
179 my $mirror_mode = {
180 name => 'mirror',
181 desc => 'our dedicated git monkeys will check another repository at a given URL every hour and mirror any new updates',
182 pwpurp => 'mirroring URL'
183 };
184 my $push_mode = {
185 name => 'push',
186 desc => 'registered users with appropriate permissions will be able to push to the repository',
187 pwpurp => 'list of users allowed to push'
188 };
189
190 my $me = $Girocco::Config::mirror ? $mirror_mode : undef;
191 my $pe = $Girocco::Config::push ? $push_mode : undef;
192 if ($me and $pe) {
193 print <<EOT;
194 <p>At this site, you can host a project in one of two modes: $me->{name} mode and $pe->{name} mode.
195 In the <b>$me->{name} mode</b>, $me->{desc}.
196 In the <b>$pe->{name} mode</b>, $pe->{desc}.
197 You currently cannot switch freely between those two modes;
198 if you want to switch from mirroring to push mode or vice versa just delete and recreate
199 the project.</p>
200 EOT
201 } else {
202 my $mode = $me ? $me : $pe;
203 print "<p>This site will host your project in a <b>$mode->{name} mode</b>: $mode->{desc}.</p>\n";
204 }
205
206 my @pwpurp = ();
207 push @pwpurp, $me->{pwpurp} if $me;
208 push @pwpurp, $pe->{pwpurp} if $pe;
209 my $pwpurp = join(', ', @pwpurp);
210
211 if ($Girocco::Config::project_passwords) {
212 print <<EOT;
213 <p>You will need the admin password to adjust the project settings later
214 ($pwpurp, project description, ...).</p>
215 EOT
216 }
217
218 unless ($name =~ m#/#) {
219 print <<EOT;
220 <p>Note that if your project is a <strong>fork of an existing project</strong>
221 (this does not mean anything socially bad), please instead go to the project's
222 gitweb page and click the 'fork' link in the top bar. This way, all of us
223 will save bandwidth and more importantly, your project will be properly categorized.</p>
224 EOT
225 $me and print <<EOT;
226 <p>If your project is a fork but the existing project is not registered here yet, please
227 consider registering it first; you do not have to be involved in the project
228 in order to register it here as a mirror.</p>
229 EOT
230 } else {
231 my $xname = $name; $xname =~ s#/$#.git#; #
232 my ($pushnote1, $pushnote2);
233 if ($pe) {
234 $pushnote1 = " and you will need to push only the data <em>you</em> created, not the whole project";
235 $pushnote2 = <<EOT;
236 (That will be done automagically, you do not need to specify any extra arguments during the push.)
237 EOT
238 }
239 print <<EOT;
240 <p>Great, your project will be created as a subproject of the '$xname' project.
241 This means that it will be properly categorized$pushnote1.$pushnote2</p>
242 EOT
243 }
244
245 my $modechooser;
246 my $mirrorentry = '';
247 if ($me) {
248 $mirrorentry = '<tr id="mirror_url"><td class="formlabel" style="vertical-align:middle">Mirror source:</td><td>';
249 if (!$Girocco::Config::mirror_sources) {
250 $mirrorentry .= "<input type='text' name='url' value=%values{'url'}/>";
251 } else {
252 $mirrorentry .= "<table>"."\n";
253 foreach my $source (@$Girocco::Config::mirror_sources) {
254 my $n = $source->{label};
255 $mirrorentry .= '<tr><td class="formlabel">';
256 $mirrorentry .= '<p><input type="radio" class="mirror_sources" name="source" value="'.$n.'"'.
257 ($n eq $values{'source'} ? ' checked="checked"' : '').' />';
258 $mirrorentry .= $n;
259 $mirrorentry .= '</p></td><td>';
260 if ($source->{desc}) {
261 $mirrorentry .= '<p>';
262 $source->{link} and $mirrorentry .= '<a href="'.$source->{link}.'">';
263 $mirrorentry .= $source->{desc};
264 $source->{link} and $mirrorentry .= '</a>';
265 $mirrorentry .= '</p>';
266 }
267 if (!$source->{inputs}) {
268 $mirrorentry .= '<p>URL: <input type="text" name="'.$n.'_url" '.
269 'value="'.$values{$n.'_url'}.
270 '" onchange="set_mirror_source('."'".$n."'".')" /></p>';
271 } else {
272 $mirrorentry .= '<p>';
273 my $i = 0;
274 foreach my $input (@{$source->{inputs}}) {
275 $mirrorentry .= $input->{label};
276 my ($l, $v) = ($n.'_i'.$i, '');
277 if ($cgi->param($l)) {
278 $v = ' value="'.html_esc($cgi->param($l)).'"';
279 }
280 $mirrorentry .= ' <input type="text" name="'.$l.'"'.$v.
281 ' onchange="set_mirror_source('."'".$n."'".')" />';
282 $mirrorentry .= $input->{suffix} if $input->{suffix};
283 $mirrorentry .= '&#160; &#160;';
284 } continue { $i++; }
285 $mirrorentry .= '</p>';
286 }
287 $mirrorentry .= '</td></tr>'."\n";
288 }
289 $mirrorentry .= "</table>";
290 }
291 $mirrorentry .= '</td></tr>';
292 }
293 if ($me and $pe) {
294 $modechooser = <<EOT;
295 <tr><td class="formlabel" style="vertical-align:middle">Hosting mode:</td><td><p>
296 <input type="radio" name="mode" value="mirror" id="mirror_radio"@{[$values{'mirror'}?' checked="checked"':'']} />Mirror mode<br />
297 <input type="radio" name="mode" value="push" id="push_radio"@{[$values{'mirror'}?'':' checked="checked"']} />Push mode
298 </p></td></tr>
299 EOT
300 } else {
301 $modechooser = '<input type="hidden" name="mode" value="'.($me ? $me->{name} : $pe->{name}).'" />';
302 }
303
304 my $forkentry = '';
305 if ($name =~ m#/#) {
306 $name =~ s#^(.*)/##;
307 $forkentry = '<input type="hidden" name="fork" value="'.$1.'" /><span class="formdata" style="padding-left:0.5ex">' .
308 html_esc($1) . '/</span>';
309 }
310 $name = html_esc($name);
311
312 print <<EOT;
313 $Girocco::Config::legalese
314 <form method="post" action="@{[url_path($Girocco::Config::webadmurl)]}/regproj.cgi">
315 <table class="form">
316 <tr><td class="formlabel">Project name:</td>
317 <td>$forkentry<input type="text" name="name" value="$name" /><span class="formdata" style="padding-left:0">.git</span></td></tr>
318 EOT
319 if ($Girocco::Config::project_passwords) {
320 print <<EOT;
321 <tr><td class="formlabel">Admin password (twice):</td><td><input type="password" name="pwd" /><br /><input type="password" name="pwd2" /></td></tr>
322 EOT
323 }
324 if ($Girocco::Config::project_owners eq 'email') {
325 print <<EOT;
326 <tr><td class="formlabel">E-mail contact:</td><td><input type="text" name="email" value="@{[$values{'email'}]}" /></td></tr>
327 EOT
328 }
329 print $modechooser;
330 print $mirrorentry;
331
332 $gcgi->print_form_fields($Girocco::Project::metadata_fields, \%values, @Girocco::Config::project_fields);
333
334 print <<EOT;
335 EOT
336
337 print <<EOT;
338 <tr><td class="formlabel" style="line-height:inherit">Anti-captcha &#x2013; please<br />enter name of our nearest star:</td>
339 <td style="vertical-align:middle"><input type="text" name="mail" /></td></tr>
340 <tr><td class="formlabel"></td><td><input type="submit" name="y0" value="Register" /></td></tr>
341 </table>
342 </form>
343 EOT
The repo.or.cz duct tape "Girocco"