Feature #13038
closed
Base path for filesystem repository adapter
0%
Description
It would be very helpful to have a field in administrative settings for a custom root when using file system repositories. Preventing access to '/' for every project's manager would be quite a challenge, so limiting that risk to admin users goes a long way.
I don't have the skills to offer an example patch, but it seems as simple as:
- Adding a value to the settings table
- Adding a form field to the administrative repository settings page that writes to that value
- Updating /lib/redmine/scm/adapters/filesystem_adapter.rb to include that value when it defines @url
Correct me if I'm wrong about the scope of work.
And thanks!
Related issues
Updated by Toshi MARUYAMA almost 12 years ago
- Category changed from Administration to SCM
Updated by Anonymous over 11 years ago
I believe I was able to do this pretty well on my own, and I think it's safe and general-purpose enough that it should be made part of basic Redmine functionality. Here's what I did:
1. Add to settings table a value filesystem_base_path.
2. /config/settings.yml needs to describe this value, so somewhere along the way make sure it includes:
filesystem_base_path: default: ''
3. /locales/ needs a string to use as a label. In my case, I updated en.yml by finding where the 'setting_' entries all were and adding:
setting_filesystem_base_path: Filesystem base path
4. /app/views/settings/_repositories.html.erb is the Administrative settings panel for repositories, and a good place to add a field for users to set this value. Wherever you'd like, add the field (I just duplicated the repository_log_display_limit field):
<p><%= setting_text_field :filesystem_base_path, :size => 6 %></p>
5. /lib/redmine/scm/adapters/filesystem_adapter.rb is where the magic happens. Toward the very beginning, you'll find a line that reads:
@url = with_trailling_slash(url)
There may be better places or better code for this step, but I modified this line to read:
@url = with_trailling_slash(Setting.filesystem_base_path) + with_trailling_slash(url)
This concatenates the base path value and the individual repository's location, and makes sure there's a slash at the end of your base path before doing so.
And unless I missed one of my steps, that should do it. You now have a setting restricted to administrators to set a global base path for file system repositories.
This is an under-used and under-appreciated module, but can be ridiculously powerful. A great example would be anyone using a newer version of the DMSF plugin with WebDAV enabled: have your Redmine server mount itself at the WebDAV root (http://redmine/dmsf/webdav) using admin credentials and set that mount point as your base path. Now from any project, add a file system repository and simply use the project identifier as the repository path, gaining access to many separate DMSFs from one project point and give the finger to duplication.
Updated by Go MAEDA about 10 years ago
- Related to Defect #18291: Path property security issue when adding filesystem repository added
Updated by Jean-Philippe Lang about 10 years ago
- Status changed from New to Closed
- Resolution set to Duplicate
Closing as a dup of #1415 which is addressed for 3.0 by adding configuration settings to limit valid repository path.
Updated by Jean-Philippe Lang about 10 years ago
- Related to Feature #1415: Let system administrator limit repositories valid sources added
Updated by Jean-Philippe Lang about 10 years ago
- Related to deleted (Defect #18291: Path property security issue when adding filesystem repository)