search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Typo fix
[girocco/mytab.git] / cgi / Git / RepoCGI.pm
bloba6c25ea3349a0f4ff713bc62cd18ff9d797c4b4f
1 package Git::RepoCGI;
2
3 use strict;
4 use warnings;
5
6
7 ### Administrativa
8
9 BEGIN {
10 our $VERSION = '0.1';
11 our @ISA = qw(Exporter);
12 our @EXPORT = qw(scrypt html_esc jailed_file
13 lock_file unlock_file
14 filedb_atomic_append filedb_atomic_edit
15 proj_get_forkee_name proj_get_forkee_path
16 valid_proj_name valid_user_name valid_email valid_repo_url valid_web_url);
17
18 use CGI qw(:standard :escapeHTML -nosticky);
19 use CGI::Util qw(unescape);
20 use CGI::Carp qw(fatalsToBrowser);
21 }
22
23
24 ### RepoCGI object
25
26 sub new {
27 my $class = shift;
28 my ($heading) = @_;
29 my $repo = {};
30
31 $repo->{cgi} = CGI->new;
32
33 print $repo->{cgi}->header(-type=>'text/html', -charset => 'utf-8');
34
35 print <<EOT;
36 <?xml version="1.0" encoding="utf-8"?>
37 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
38 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
39
40 <head>
41 <title>repo.or.cz :: $heading</title>
42 <link rel="stylesheet" type="text/css" href="/gitweb.css"/>
43 <link rel="shortcut icon" href="/git-favicon.png" type="image/png"/>
44 </head>
45
46 <body>
47
48 <div class="page_header">
49 <a href="http://git.or.cz/" title="Git homepage"><img src="/git-logo.png" width="72" height="27" alt="git" style="float:right; border-width:0px;"/></a>
50 <a href="/">repo.or.cz</a> / administration / $heading
51 </div>
52
53 EOT
54
55 bless $repo, $class;
56 }
57
58 sub DESTROY {
59 my $self = shift;
60 my $cgi = $self->cgi;
61 my $cginame = $cgi->url(-absolute => 1);
62 $cginame =~ s#^/m/##;
63 if ($cginame =~ /^[a-zA-Z0-9_.\/-]+\.cgi$/) {
64 print <<EOT;
65 <div align="right">
66 <a href="http://repo.or.cz/w/repo.git?a=blob;f=cgi/$cginame">(view source)</a>
67 </div>
68 EOT
69 }
70 print <<EOT;
71 </body>
72 </html>
73 EOT
74 }
75
76 sub cgi {
77 my $self = shift;
78 $self->{cgi};
79 }
80
81 sub err {
82 my $self = shift;
83 print "<p style=\"text-color: red\">@_</p>\n";
84 $self->{err}++;
85 }
86
87 sub err_check {
88 my $self = shift;
89 my $err = $self->{err};
90 $err and print "<p>Operation aborted due to $err errors.</p>\n";
91 $err;
92 }
93
94 sub wparam {
95 my $self = shift;
96 my ($param) = @_;
97 my $val = $self->{cgi}->param($param);
98 $val =~ s/^\s*(.*?)\s*$/$1/;
99 $val;
100 }
101
102
103 ### Random utility functions
104
105 sub scrypt {
106 my ($pwd) = @_;
107 crypt($pwd, join ('', ('.', '/', 2..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]));
108 }
109
110 sub html_esc {
111 my ($str) = @_;
112 $str =~ s/&/&amp;/g;
113 $str =~ s/</&lt;/g; $str =~ s/>/&gt;/g;
114 $str =~ s/"/&quot;/g;
115 $str;
116 }
117
118 sub jailed_file {
119 my ($filename) = @_;
120 "/home/repo/j/$filename";
121 }
122
123 sub lock_file {
124 my ($path) = @_;
125
126 $path .= '.lock';
127
128 use Errno qw(EEXIST);
129 use Fcntl qw(O_WRONLY O_CREAT O_EXCL);
130 use IO::Handle;
131 my $handle = new IO::Handle;
132
133 unless (sysopen($handle, $path, O_WRONLY|O_CREAT|O_EXCL)) {
134 my $cnt = 0;
135 while (not sysopen($handle, $path, O_WRONLY|O_CREAT|O_EXCL)) {
136 ($! == EEXIST) or die "$path open failed: $!";
137 ($cnt++ < 16) or die "$path open failed: cannot open lockfile";
138 sleep(1);
139 }
140 }
141 # XXX: filedb-specific
142 chmod 0664, $path or die "$path g+w failed: $!";
143
144 $handle;
145 }
146
147 sub unlock_file {
148 my ($path) = @_;
149
150 rename "$path.lock", $path or die "$path unlock failed: $!";
151 }
152
153 sub filedb_atomic_append {
154 my ($file, $line) = @_;
155 my $id = 65536;
156
157 open my $src, $file or die "$file open for reading failed: $!";
158 my $dst = lock_file($file);
159
160 while (<$src>) {
161 my $aid = (split /:/)[2];
162 $id = $aid + 1 if ($aid >= $id);
163
164 print $dst $_ or die "$file(l) write failed: $!";
165 }
166
167 $line =~ s/\\i/$id/g;
168 print $dst "$line\n" or die "$file(l) write failed: $!";
169
170 close $dst or die "$file(l) close failed: $!";
171 close $src;
172
173 unlock_file($file);
174
175 $id;
176 }
177
178 sub filedb_atomic_edit {
179 my ($file, $fn) = @_;
180
181 open my $src, $file or die "$file open for reading failed: $!";
182 my $dst = lock_file($file);
183
184 while (<$src>) {
185 print $dst $fn->($_) or die "$file(l) write failed: $!";
186 }
187
188 close $dst or die "$file(l) close failed: $!";
189 close $src;
190
191 unlock_file($file);
192 }
193
194 sub proj_get_forkee_name {
195 $_ = $_[0];
196 (m#^(.*)/.*?$#)[0];
197 }
198 sub proj_get_forkee_path {
199 my $forkee = '/srv/git/'.proj_get_forkee_name($_[0]).'.git';
200 -d $forkee ? $forkee : '';
201 }
202 sub valid_proj_name {
203 $_ = $_[0];
204 (not m#/# or -d proj_get_forkee_path($_)) # will also catch ^/
205 and (not m#\./#)
206 and m#^[a-zA-Z0-9+./_-]+$#;
207 }
208 sub valid_user_name {
209 $_ = $_[0];
210 /^[a-zA-Z0-9+._-]+$/;
211 }
212 sub valid_email {
213 $_ = $_[0];
214 /^[a-zA-Z0-9+._-]+@[a-zA-Z0-9-.]+$/;
215 }
216 sub valid_web_url {
217 $_ = $_[0];
218 /^http:\/\/[a-zA-Z0-9-.]+(\/[_\%a-zA-Z0-9.\/~-]*)?(#[a-zA-Z0-9._-]+)?$/;
219 }
220 sub valid_repo_url {
221 $_ = $_[0];
222 /^http:\/\/[a-zA-Z0-9-.]+(\/[_\%a-zA-Z0-9.\/~-]*)?$/ or
223 /^git:\/\/[a-zA-Z0-9-.]+(\/[_\%a-zA-Z0-9.\/~-]*)?$/;
224 }
225
226
227 ### Project object
228
229 package Git::RepoCGI::Project;
230
231 BEGIN { use Git::RepoCGI; }
232
233 sub _mkdir_forkees {
234 my $self = shift;
235 my @pelems = split('/', $self->{name});
236 pop @pelems; # do not create dir for the project itself
237 my $path = "/srv/git";
238 foreach my $pelem (@pelems) {
239 (-d "$path/$pelem" ) or mkdir "$path/$pelem" or die "mkdir $path/$pelem: $!";
240 $path .= "/$pelem";
241 }
242 }
243
244 our %propmap = (
245 url => 'base_url',
246 email => 'owner',
247 desc => 'description',
248 README => 'README.html',
249 hp => 'homepage',
250 );
251
252 sub _property_path {
253 my $self = shift;
254 my ($name) = @_;
255 $self->{path}.'/'.$name;
256 }
257
258 sub _property_fget {
259 my $self = shift;
260 my ($name) = @_;
261 my $value;
262 $propmap{$name} or die "unknown property: $name";
263 open P, $self->_property_path($propmap{$name}) or return undef;
264 chomp($value = <P>);
265 close P;
266 $value;
267 }
268
269 sub _property_fput {
270 my $self = shift;
271 my ($name, $value) = @_;
272 $propmap{$name} or die "unknown property: $name";
273
274 my $P = lock_file($self->_property_path($propmap{$name}));
275 $value ne '' and print $P "$value\n";
276 close $P;
277 unlock_file($self->_property_path($propmap{$name}));
278 }
279
280 sub _properties_load {
281 my $self = shift;
282 foreach my $prop (keys %propmap) {
283 $self->{$prop} = $self->_property_fget($prop);
284 }
285 }
286
287 sub _properties_save {
288 my $self = shift;
289 foreach my $prop (keys %propmap) {
290 $self->_property_fput($prop, $self->{$prop});
291 }
292 }
293
294 sub _nofetch_path {
295 my $self = shift;
296 $self->_property_path('.nofetch');
297 }
298
299 sub _nofetch {
300 my $self = shift;
301 my ($nofetch) = @_;
302 my $np = $self->_nofetch_path;
303 if ($nofetch) {
304 open X, '>'.$np or die "nofetch failed: $!";
305 close X;
306 } else {
307 unlink $np or die "yesfetch failed: $!";
308 }
309 }
310
311 sub _alternates_setup {
312 my $self = shift;
313 return unless $self->{name} =~ m#/#;
314 my $forkee_name = proj_get_forkee_name($self->{name});
315 my $forkee_path = proj_get_forkee_path($self->{name});
316 return unless -d $forkee_path;
317 open X, '>'.$self->{path}.'/objects/info/alternates' or die "alternates failed: $!";
318 # We use relative URL here so that http-fetch groks it automagically.
319 $forkee_name =~ s#^.*/##; # Only the last element of the path matters, again.
320 print X "../../$forkee_name.git/objects\n";
321 close X;
322 }
323
324 sub _group_add {
325 my $self = shift;
326 my ($xtra) = @_;
327 $xtra .= join(',', @{$self->{users}});
328 filedb_atomic_append(jailed_file('/etc/group'),
329 join(':', $self->{name}, $self->{crypt}, '\i', $xtra));
330 }
331
332 sub _group_update {
333 my $self = shift;
334 my $xtra = join(',', @{$self->{users}});
335 filedb_atomic_edit(jailed_file('/etc/group'),
336 sub {
337 $_ = $_[0];
338 chomp;
339 if ($self->{name} eq (split /:/)[0]) {
340 # preserve readonly flag
341 s/::([^:]*)$/:$1/ and $xtra = ":$xtra";
342 return join(':', $self->{name}, $self->{crypt}, $self->{gid}, $xtra)."\n";
343 } else {
344 return "$_\n";
345 }
346 }
347 );
348 }
349
350 sub _group_remove {
351 my $self = shift;
352 filedb_atomic_edit(jailed_file('/etc/group'),
353 sub {
354 $self->{name} ne (split /:/)[0] and return $_;
355 }
356 );
357 }
358
359 sub _hook_path {
360 my $self = shift;
361 my ($name) = @_;
362 $self->{path}.'/hooks/'.$name;
363 }
364
365 sub _hook_install {
366 my $self = shift;
367 my ($name) = @_;
368 open SRC, "/home/repo/repomgr/$name-hook" or die "cannot open hook $name: $!";
369 open DST, '>'.$self->_hook_path($name) or die "cannot open hook $name for writing: $!";
370 while (<SRC>) { print DST $_; }
371 close DST;
372 close SRC;
373 chmod 0775, $self->_hook_path($name) or die "cannot chmod hook $name: $!";
374 }
375
376 sub _hooks_install {
377 my $self = shift;
378 foreach my $hook ('update') {
379 $self->_hook_install($hook);
380 }
381 }
382
383 # private constructor, do not use
384 sub _new {
385 my $class = shift;
386 my ($name, $path) = @_;
387 valid_proj_name($name) or die "refusing to create project with invalid name ($name)!";
388 my $proj = { name => $name, path => $path };
389
390 bless $proj, $class;
391 }
392
393 # public constructor #0
394 # creates a virtual project not connected to disk image
395 # you can conjure() it later to disk
396 sub ghost {
397 my $class = shift;
398 my ($name, $mirror) = @_;
399 my $self = $class->_new($name, $mirror ? "/home/repo/repodata/to-clone/$name" : "/srv/git/$name.git");
400 $self->{users} = [];
401 $self->{mirror} = $mirror;
402 $self;
403 }
404
405 # public constructor #1
406 sub load {
407 my $class = shift;
408 my ($name) = @_;
409
410 open F, jailed_file("/etc/group") or die "project load failed: $!";
411 while (<F>) {
412 chomp;
413 @_ = split /:+/;
414 next unless (shift eq $name);
415
416 my $self = $class->_new($name, "/srv/git/$name.git");
417 (-d $self->{path}) or die "invalid path (".$self->{path}.") for project ".$self->{name};
418
419 my $ulist;
420 ($self->{crypt}, $self->{gid}, $ulist) = @_;
421 $ulist ||= '';
422 $self->{users} = [split /,/, $ulist];
423 $self->{mirror} = ! -e $self->_nofetch_path;
424
425 $self->_properties_load;
426 return $self;
427 }
428 close F;
429 undef;
430 }
431
432 # $proj may not be in sane state if this returns false!
433 sub cgi_fill {
434 my $self = shift;
435 my ($repo) = @_;
436 my $cgi = $repo->cgi;
437
438 my $pwd = $cgi->param('pwd');
439 if ($pwd ne '' or not $self->{crypt}) {
440 $self->{crypt} = scrypt($pwd);
441 }
442
443 $self->{email} = $repo->wparam('email');
444 valid_email($self->{email})
445 or $repo->err("Your email sure looks weird...?");
446
447 $self->{url} = $repo->wparam('url');
448 if ($self->{url}) {
449 valid_repo_url($self->{url})
450 or $repo->err("Invalid URL. Note that only HTTP and Git protocol is supported. If the URL contains funny characters, contact me.");
451 }
452
453 $self->{desc} = $repo->wparam('desc');
454 length($self->{desc}) <= 1024
455 or $repo->err("<b>Short</b> description length > 1kb!");
456
457 $self->{README} = $repo->wparam('README');
458 length($self->{README}) <= 8192
459 or $repo->err("README length > 8kb!");
460
461 $self->{hp} = $repo->wparam('hp');
462 if ($self->{hp}) {
463 valid_web_url($self->{hp})
464 or $repo->err("Invalid homepage URL. Note that only HTTP protocol is supported. If the URL contains funny characters, contact me.");
465 }
466
467 # FIXME: Permit only existing users
468 $self->{users} = [grep { valid_user_name($_) } $cgi->param('user')];
469
470 not $repo->err_check;
471 }
472
473 sub form_defaults {
474 my $self = shift;
475 (
476 name => $self->{name},
477 email => $self->{email},
478 url => $self->{url},
479 desc => html_esc($self->{desc}),
480 README => html_esc($self->{README}),
481 hp => $self->{hp},
482 users => $self->{users},
483 );
484 }
485
486 sub premirror {
487 my $self = shift;
488
489 $self->_mkdir_forkees;
490 mkdir $self->{path} or die "mkdir failed: $!";
491 chmod 0775, $self->{path} or die "chmod failed: $!";
492 $self->_properties_save;
493 $self->_alternates_setup;
494 $self->_group_add(':');
495 }
496
497 sub conjure {
498 my $self = shift;
499
500 $self->_mkdir_forkees;
501 system('cg-admin-setuprepo', '-g', 'repo', $self->{path}) == 0
502 or die "cg-admin-setuprepo failed: $?";
503 $self->_nofetch(1);
504 $self->_properties_save;
505 $self->_alternates_setup;
506 $self->_group_add;
507 $self->_hooks_install;
508 }
509
510 sub update {
511 my $self = shift;
512
513 $self->_properties_save;
514 $self->_group_update;
515 }
516
517 # You can explicitly do this just on a ghost() repository too.
518 sub delete {
519 my $self = shift;
520
521 if (-d $self->{path}) {
522 system('rm', '-r', $self->{path}) == 0
523 or die "rm -r failed: $?";
524 }
525 $self->_group_remove;
526 }
527
528 # static method
529 sub does_exist {
530 my ($name) = @_;
531 valid_proj_name($name) or die "tried to query for project with invalid name $name!";
532 (available($name)
533 or -d "/home/repo/repodata/cloning/$name"
534 or -d "/home/repo/repodata/to-clone/$name");
535 }
536 sub available {
537 my ($name) = @_;
538 valid_proj_name($name) or die "tried to query for project with invalid name $name!";
539 (-d "/srv/git/$name.git");
540 }
541
542
543 ### User object
544
545 package Git::RepoCGI::User;
546
547 BEGIN { use Git::RepoCGI; }
548
549 sub _passwd_add {
550 my $self = shift;
551 filedb_atomic_append(jailed_file('/etc/passwd'),
552 join(':', $self->{name}, 'x', '\i', 65534, $self->{email}, '/', '/bin/git-shell'));
553 }
554
555 sub _sshkey_path {
556 my $self = shift;
557 '/etc/sshkeys/'.$self->{name};
558 }
559
560 sub _sshkey_save {
561 my $self = shift;
562 open F, ">".jailed_file($self->_sshkey_path) or die "sshkey failed: $!";
563 print F $self->{keys}."\n";
564 close F;
565 chmod 0664, jailed_file($self->_sshkey_path);
566 }
567
568 # private constructor, do not use
569 sub _new {
570 my $class = shift;
571 my ($name) = @_;
572 valid_user_name($name) or die "refusing to create user with invalid name ($name)!";
573 my $proj = { name => $name };
574
575 bless $proj, $class;
576 }
577
578 # public constructor #0
579 # creates a virtual user not connected to disk record
580 # you can conjure() it later to disk
581 sub ghost {
582 my $class = shift;
583 my ($name) = @_;
584 my $self = $class->_new($name);
585 $self;
586 }
587
588 # $user may not be in sane state if this returns false!
589 sub cgi_fill {
590 my $self = shift;
591 my ($repo) = @_;
592 my $cgi = $repo->cgi;
593
594 $self->{name} = $repo->wparam('name');
595 valid_user_name($self->{name})
596 or $repo->err("Name contains invalid characters.");
597
598 $self->{email} = $repo->wparam('email');
599 valid_email($self->{email})
600 or $repo->err("Your email sure looks weird...?");
601
602 $self->{keys} = $cgi->param('keys');
603 length($self->{keys}) <= 4096
604 or $repo->err("The list of keys is more than 4kb. Do you really need that much?");
605
606 not $repo->err_check;
607 }
608
609 sub conjure {
610 my $self = shift;
611
612 $self->_passwd_add;
613 $self->_sshkey_save;
614 }
615
616 # static method
617 sub does_exist {
618 my ($name) = @_;
619 valid_user_name($name) or die "tried to query for user with invalid name $name!";
620 (-e jailed_file("/etc/sshkeys/$name"));
621 }
622 sub available {
623 does_exist(@_);
624 }
625
626
627 1;