Feature #3079 » Reposman_Redmine_0.8.2.patch
| app/apis/sys_api.rb (working copy) | ||
|---|---|---|
| 20 | 20 |
member :identifier, :string |
| 21 | 21 |
member :name, :string |
| 22 | 22 |
member :is_public, :bool |
| 23 |
member :public_repo, :bool |
|
| 23 | 24 |
member :repository, Repository |
| 24 | 25 |
end |
| 25 | 26 | |
| app/controllers/projects_controller.rb (working copy) | ||
|---|---|---|
| 70 | 70 |
@project.identifier = Project.next_identifier if Setting.sequential_project_identifiers? |
| 71 | 71 |
@project.trackers = Tracker.all |
| 72 | 72 |
@project.is_public = Setting.default_projects_public? |
| 73 |
@project.public_repo = Setting.default_projects_public? |
|
| 73 | 74 |
@project.enabled_module_names = Redmine::AccessControl.available_project_modules |
| 74 | 75 |
else |
| 75 | 76 |
@project.enabled_module_names = params[:enabled_modules] |
| app/views/projects/_form.rhtml (working copy) | ||
|---|---|---|
| 15 | 15 |
<% end %></p> |
| 16 | 16 |
<p><%= f.text_field :homepage, :size => 60 %></p> |
| 17 | 17 |
<p><%= f.check_box :is_public %></p> |
| 18 |
<p><%= f.check_box :create_repo, :disabled => !Setting.sys_api_enabled? %></p> |
|
| 19 |
<p><%= f.check_box :public_repo, :disabled => !Setting.sys_api_enabled? %></p> |
|
| 18 | 20 |
<%= wikitoolbar_for 'project_description' %> |
| 19 | 21 | |
| 20 | 22 |
<% @project.custom_field_values.each do |value| %> |
| extra/svn/Redmine.pm (working copy) | ||
|---|---|---|
| 206 | 206 |
my $project_id = get_project_identifier($r); |
| 207 | 207 | |
| 208 | 208 |
$r->set_handlers(PerlAuthenHandler => [\&OK]) |
| 209 |
if is_public_project($project_id, $r);
|
|
| 209 |
if (is_public_project($project_id, $r) && public_repository($project_id, $r));
|
|
| 210 | 210 | |
| 211 | 211 |
return OK |
| 212 | 212 |
} |
| ... | ... | |
| 217 | 217 |
my ($res, $redmine_pass) = $r->get_basic_auth_pw(); |
| 218 | 218 |
return $res unless $res == OK; |
| 219 | 219 |
|
| 220 |
if (is_member($r->user, $redmine_pass, $r)) {
|
|
| 220 |
if (is_member($r->user, $redmine_pass, $r) && can_browse($r->user, $redmine_pass, $r)) {
|
|
| 221 | 221 |
return OK; |
| 222 | 222 |
} else {
|
| 223 | 223 |
$r->note_auth_failure(); |
| ... | ... | |
| 257 | 257 |
# return 1 if (stat($repos_path))[2] & 00007; |
| 258 | 258 |
# } |
| 259 | 259 | |
| 260 |
sub public_repository {
|
|
| 261 |
my $project_id = shift; |
|
| 262 |
my $r = shift; |
|
| 263 | ||
| 264 |
my $dbh = connect_database($r); |
|
| 265 |
my $sth = $dbh->prepare( |
|
| 266 |
"SELECT * FROM projects WHERE projects.identifier=? and projects.public_repo=true;" |
|
| 267 |
); |
|
| 268 | ||
| 269 |
$sth->execute($project_id); |
|
| 270 |
my $ret = $sth->fetchrow_array ? 1 : 0; |
|
| 271 |
$sth->finish(); |
|
| 272 |
$dbh->disconnect(); |
|
| 273 | ||
| 274 |
$ret; |
|
| 275 |
} |
|
| 276 | ||
| 260 | 277 |
sub is_member {
|
| 261 | 278 |
my $redmine_user = shift; |
| 262 | 279 |
my $redmine_pass = shift; |
| ... | ... | |
| 325 | 342 |
$ret; |
| 326 | 343 |
} |
| 327 | 344 | |
| 345 |
sub can_browse {
|
|
| 346 |
my $redmine_user = shift; |
|
| 347 |
my $redmine_pass = shift; |
|
| 348 |
my $r = shift; |
|
| 349 | ||
| 350 |
my $dbh = connect_database($r); |
|
| 351 |
my $project_id = get_project_identifier($r); |
|
| 352 | ||
| 353 |
my $pass_digest = Digest::SHA1::sha1_hex($redmine_pass); |
|
| 354 | ||
| 355 |
my $cfg = Apache2::Module::get_config(__PACKAGE__, $r->server, $r->per_dir_config); |
|
| 356 |
my $usrprojpass; |
|
| 357 |
if ($cfg->{RedmineCacheCredsMax}) {
|
|
| 358 |
$usrprojpass = $cfg->{RedmineCacheCreds}->get($redmine_user.":".$project_id);
|
|
| 359 |
return 1 if (defined $usrprojpass and ($usrprojpass eq $pass_digest)); |
|
| 360 |
} |
|
| 361 |
my $query = $cfg->{RedmineQuery};
|
|
| 362 |
my $sth = $dbh->prepare($query); |
|
| 363 |
$sth->execute($redmine_user, $project_id); |
|
| 364 | ||
| 365 |
my $ret; |
|
| 366 |
while (my ($hashed_password, $auth_source_id, $permissions) = $sth->fetchrow_array) {
|
|
| 367 | ||
| 368 |
unless ($auth_source_id) {
|
|
| 369 |
my $method = $r->method; |
|
| 370 |
if ($hashed_password eq $pass_digest && $permissions =~ /:browse_repository/) {
|
|
| 371 |
$ret = 1; |
|
| 372 |
last; |
|
| 373 |
} |
|
| 374 |
} elsif ($CanUseLDAPAuth) {
|
|
| 375 |
my $sthldap = $dbh->prepare( |
|
| 376 |
"SELECT host,port,tls,account,account_password,base_dn,attr_login from auth_sources WHERE id = ?;" |
|
| 377 |
); |
|
| 378 |
$sthldap->execute($auth_source_id); |
|
| 379 |
while (my @rowldap = $sthldap->fetchrow_array) {
|
|
| 380 |
my $ldap = Authen::Simple::LDAP->new( |
|
| 381 |
host => ($rowldap[2] == 1 || $rowldap[2] eq "t") ? "ldaps://$rowldap[0]" : $rowldap[0], |
|
| 382 |
port => $rowldap[1], |
|
| 383 |
basedn => $rowldap[5], |
|
| 384 |
binddn => $rowldap[3] ? $rowldap[3] : "", |
|
| 385 |
bindpw => $rowldap[4] ? $rowldap[4] : "", |
|
| 386 |
filter => "(".$rowldap[6]."=%s)"
|
|
| 387 |
); |
|
| 388 |
$ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass)); |
|
| 389 |
} |
|
| 390 |
$sthldap->finish(); |
|
| 391 |
} |
|
| 392 |
} |
|
| 393 |
$sth->finish(); |
|
| 394 |
$dbh->disconnect(); |
|
| 395 | ||
| 396 |
if ($cfg->{RedmineCacheCredsMax} and $ret) {
|
|
| 397 |
if (defined $usrprojpass) {
|
|
| 398 |
$cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id, $pass_digest);
|
|
| 399 |
} else {
|
|
| 400 |
if ($cfg->{RedmineCacheCredsCount} < $cfg->{RedmineCacheCredsMax}) {
|
|
| 401 |
$cfg->{RedmineCacheCreds}->set($redmine_user.":".$project_id, $pass_digest);
|
|
| 402 |
$cfg->{RedmineCacheCredsCount}++;
|
|
| 403 |
} else {
|
|
| 404 |
$cfg->{RedmineCacheCreds}->clear();
|
|
| 405 |
$cfg->{RedmineCacheCredsCount} = 0;
|
|
| 406 |
} |
|
| 407 |
} |
|
| 408 |
} |
|
| 409 | ||
| 410 |
$ret; |
|
| 411 |
} |
|
| 412 | ||
| 328 | 413 |
sub get_project_identifier {
|
| 329 | 414 |
my $r = shift; |
| 330 | 415 |
|
| extra/svn/reposman.rb (working copy) | ||
|---|---|---|
| 190 | 190 |
yield if block_given? |
| 191 | 191 |
else |
| 192 | 192 |
uid, gid = Etc.getpwnam($svn_owner).uid, ($use_groupid ? Etc.getgrnam(project.identifier).gid : 0) |
| 193 |
right = project.is_public ? 0775 : 0770
|
|
| 193 |
right = project.public_repo ? 0775 : 0770
|
|
| 194 | 194 |
yield if block_given? |
| 195 | 195 |
Find.find(repos_path) do |f| |
| 196 | 196 |
File.chmod right, f |
| ... | ... | |
| 228 | 228 |
# rights before leaving |
| 229 | 229 |
other_read = other_read_right?(repos_path) |
| 230 | 230 |
owner = owner_name(repos_path) |
| 231 |
next if project.is_public == other_read and owner == $svn_owner
|
|
| 231 |
next if project.public_repo == other_read and owner == $svn_owner
|
|
| 232 | 232 | |
| 233 | 233 |
if $test |
| 234 | 234 |
log("\tchange mode on #{repos_path}")
|
| ... | ... | |
| 252 | 252 |
next |
| 253 | 253 |
end |
| 254 | 254 | |
| 255 |
project.is_public ? File.umask(0002) : File.umask(0007)
|
|
| 255 |
project.public_repo ? File.umask(0002) : File.umask(0007)
|
|
| 256 | 256 | |
| 257 | 257 |
if $test |
| 258 | 258 |
log("\tcreate repository #{repos_path}")
|
| lang/en.yml (working copy) | ||
|---|---|---|
| 139 | 139 |
field_role: Role |
| 140 | 140 |
field_homepage: Homepage |
| 141 | 141 |
field_is_public: Public |
| 142 |
field_create_repo: Create Repository |
|
| 143 |
field_public_repo: Public Repository |
|
| 142 | 144 |
field_parent: Subproject of |
| 143 | 145 |
field_is_in_chlog: Issues displayed in changelog |
| 144 | 146 |
field_is_in_roadmap: Issues displayed in roadmap |
