| File README changed (mode: 100644) (index ebe4e09..3bc6337) |
| 19 |
19 |
. Edit /etc/rocketgit/config.php |
. Edit /etc/rocketgit/config.php |
| 20 |
20 |
. Edit /etc/httpd/conf.d/rocketgit.conf |
. Edit /etc/httpd/conf.d/rocketgit.conf |
| 21 |
21 |
|
|
| 22 |
|
. Install and configure Apache |
|
| 23 |
|
# yum install httpd |
|
|
22 |
|
. Configure Apache |
| 24 |
23 |
# systemctl enable httpd.service |
# systemctl enable httpd.service |
| 25 |
24 |
# systemctl start httpd.service |
# systemctl start httpd.service |
| 26 |
25 |
|
|
| 27 |
|
. Install and activate xinetd (for git:// access) |
|
| 28 |
|
# yum install xinetd |
|
|
26 |
|
. Activate xinetd (for git:// access) |
| 29 |
27 |
# systemctl enable xinetd.service |
# systemctl enable xinetd.service |
| 30 |
28 |
# systemctl start xinetd.service |
# systemctl start xinetd.service |
| 31 |
29 |
|
|
| 32 |
|
. Install and configure PostgreSQL server |
|
| 33 |
|
# yum install postgresql-server |
|
|
30 |
|
. Configure PostgreSQL server |
| 34 |
31 |
# systemctl enable postgresql.service |
# systemctl enable postgresql.service |
| 35 |
32 |
# service postgresql initdb (TAKE CARE! YOU MAY DESTROY ALL YOUR DATA!) |
# service postgresql initdb (TAKE CARE! YOU MAY DESTROY ALL YOUR DATA!) |
| 36 |
33 |
# systemctl start postgresql.service |
# systemctl start postgresql.service |
| 37 |
34 |
|
|
| 38 |
|
. Create a rocketgit user and database |
|
|
35 |
|
. Create a PostgreSQL user and database |
| 39 |
36 |
# su - postgres |
# su - postgres |
| 40 |
37 |
$ createuser -d -R -S rocketgit |
$ createuser -d -R -S rocketgit |
| 41 |
38 |
$ createdb -O rocketgit rocketgit |
$ createdb -O rocketgit rocketgit |
| 42 |
39 |
|
|
| 43 |
|
. Set correct rights in pg_ident.conf/pg_hba.conf and restart: |
|
| 44 |
|
Add the following lines in pg_ident.conf: |
|
| 45 |
|
rg apache rocketgit |
|
| 46 |
|
rg rocketgit rocketgit |
|
| 47 |
|
rg root rocketgit |
|
| 48 |
|
|
|
| 49 |
|
Add the following line, before wildcard matches, in pg_hba.conf: |
|
| 50 |
|
local rocketgit rocketgit ident map=rg |
|
|
40 |
|
. Allow access to PostgreSQL and restart: |
|
41 |
|
Add the following lines, before wildcard matches, in pg_hba.conf: |
|
42 |
|
local rocketgit rocketgit 127.0.0.1 trust |
|
43 |
|
local rocketgit rocketgit ::1 trust |
| 51 |
44 |
|
|
| 52 |
45 |
systemctl reload postgresql.service |
systemctl reload postgresql.service |
| 53 |
46 |
|
|
|
47 |
|
Notes: |
|
48 |
|
- Check also the config file and set correctly rg_sql string. |
|
49 |
|
- If the web server and the db are not on the same host, you need to |
|
50 |
|
replace 127.0.0.1/::1 with your "safe network". You may want to use |
|
51 |
|
md5 for authentication. Also, you may want to change 'listen_addresses' |
|
52 |
|
to '*'. |
|
53 |
|
|
| 54 |
54 |
. Run instalation script |
. Run instalation script |
| 55 |
55 |
# php /usr/share/rocketgit/admin/init.php |
# php /usr/share/rocketgit/admin/init.php |
| 56 |
56 |
|
|
| |
| 60 |
60 |
# setsebool -P httpd_can_sendmail on |
# setsebool -P httpd_can_sendmail on |
| 61 |
61 |
|
|
| 62 |
62 |
. Edit firewall to permit port ssh, git, http and https |
. Edit firewall to permit port ssh, git, http and https |
|
63 |
|
In /etc/sysconfig/iptables (IPv4) or ip6tables (IPv6), add something |
|
64 |
|
like this: |
|
65 |
|
-A INPUT -m tcp -p tcp --dport ssh -j ACCEPT |
|
66 |
|
-A INPUT -m tcp -p tcp --dport git -j ACCEPT |
|
67 |
|
-A INPUT -m tcp -p tcp --dport http -j ACCEPT |
|
68 |
|
-A INPUT -m tcp -p tcp --dport https -j ACCEPT |
| 63 |
69 |
|
|
| 64 |
70 |
|
|
| 65 |
71 |
== Thanks == |
== Thanks == |
| 66 |
72 |
. Special thanks to my family that supported me in this project. |
. Special thanks to my family that supported me in this project. |
| 67 |
73 |
. Special thanks to my brother that contributed brain and time to this project. |
. Special thanks to my brother that contributed brain and time to this project. |
| 68 |
|
. Special thanks to git people for the best tool to manage sources. |
|
|
74 |
|
. Special thanks to git people for the best tool to manage the sources. |
| 69 |
75 |
. Special thanks to a lot of people that came with suggestions. |
. Special thanks to a lot of people that came with suggestions. |
| 70 |
76 |
. Special thanks to gitosys, Gitorious and other projects from where I learned |
. Special thanks to gitosys, Gitorious and other projects from where I learned |
| 71 |
77 |
things. |
things. |
| File TODO changed (mode: 100644) (index 071cc16..92d81dc) |
| 1 |
1 |
== BEFORE FIRST RELEASE! == |
== BEFORE FIRST RELEASE! == |
| 2 |
|
[ ] array2string but transform \n into \\n (same for \r). Only rg_log may use \n. |
|
|
2 |
|
[ ] Fix rg_user_edit everywhere! |
| 3 |
3 |
[ ] Fix PostgreSQL auth because httpd is in private tmp so we need TCP! |
[ ] Fix PostgreSQL auth because httpd is in private tmp so we need TCP! |
| 4 |
4 |
[ ] Cannot lock the schema upgrade because both web and cron try to own the lock! |
[ ] Cannot lock the schema upgrade because both web and cron try to own the lock! |
| 5 |
5 |
Let only cron/q/remote to do it, in web just wait (or give error) |
Let only cron/q/remote to do it, in web just wait (or give error) |
| 6 |
6 |
(or auto retry). |
(or auto retry). |
| 7 |
|
[ ] Make available the merge requests. |
|
|
7 |
|
[ ] See diff for merge requests. |
| 8 |
8 |
[ ] Add possibility to reject merge requests, to apply, to delete etc. |
[ ] Add possibility to reject merge requests, to apply, to delete etc. |
| 9 |
9 |
[ ] JUNK1/JUNK2: http://rg.embedromix.ro:8000/user/catab/rocketgit/commit/afd1df2..f919c9b |
[ ] JUNK1/JUNK2: http://rg.embedromix.ro:8000/user/catab/rocketgit/commit/afd1df2..f919c9b |
| 10 |
10 |
[ ] Confirmation e-mail comes from rg1. |
[ ] Confirmation e-mail comes from rg1. |
| |
| 13 |
13 |
[ ] "log" does not list last entries! More exactly, seems the owner does not update repo! |
[ ] "log" does not list last entries! More exactly, seems the owner does not update repo! |
| 14 |
14 |
[ ] @@branch@@ is not defined for merge requests. Should it? Probably yes, to filter them. |
[ ] @@branch@@ is not defined for merge requests. Should it? Probably yes, to filter them. |
| 15 |
15 |
[ ] Create a repo and click on it; seems we get error (gabi)! |
[ ] Create a repo and click on it; seems we get error (gabi)! |
| 16 |
|
[ ] Check if we have a way to disable merge requests per project. |
|
| 17 |
16 |
[ ] Add real name to user info. |
[ ] Add real name to user info. |
| 18 |
17 |
[ ] Add permission to add bug tracker to a project. |
[ ] Add permission to add bug tracker to a project. |
| 19 |
18 |
[ ] Remove all @@DUMP@@s from templates. |
[ ] Remove all @@DUMP@@s from templates. |
| 20 |
|
[ ] Seems we are double html escape the body of a bug. |
|
| 21 |
19 |
[ ] We are escaping when we insert in database _and_ when we output on screen! |
[ ] We are escaping when we insert in database _and_ when we output on screen! |
| 22 |
20 |
What should we do? |
What should we do? |
| 23 |
|
[ ] Bug number is not race free allocated! |
|
|
21 |
|
[ ] Do we need to escape some chars in console (ssh rocketgit@host repo X)? |
| 24 |
22 |
[ ] |
[ ] |
| 25 |
23 |
|
|
| 26 |
24 |
|
|
| 27 |
25 |
== Medium == |
== Medium == |
|
26 |
|
[ ] We can pass in authorized_keys aslo the key id. Maybe for usage? |
|
27 |
|
[ ] Migrate to a single function to deal with a request so we can do better |
|
28 |
|
unit testing. |
|
29 |
|
[ ] We should have a 'policy' table where we have something like: |
|
30 |
|
ID max_speed max_users max_disk_space |
|
31 |
|
and every user is associated with such a policy, based on payments etc. |
|
32 |
|
Example: user X paid some money, and we assign it to level 2 |
|
33 |
|
Level 2 has 4 users, max 100MiB disk space, 1Mbit/s speed. |
|
34 |
|
He creates a repo and assigns 2 users to it. |
|
35 |
|
[ ] Notifications when disk space is low. |
|
36 |
|
[ ] Check webSSO for authentification. |
|
37 |
|
[ ] Check http://gitlist.org/ |
| 28 |
38 |
[ ] use do {} while(0) to respect profiling! |
[ ] use do {} while(0) to respect profiling! |
| 29 |
39 |
[ ] If we do ssh without any command, be nice and show how to clone, |
[ ] If we do ssh without any command, be nice and show how to clone, |
| 30 |
|
show projects, rights etc. CHeck ssh.inc.php. |
|
|
40 |
|
show projects, rights etc. Check ssh.inc.php. |
| 31 |
41 |
[ ] Enforce Signoff-by lines per project (a new permission) |
[ ] Enforce Signoff-by lines per project (a new permission) |
| 32 |
42 |
= reject commits without signoff! |
= reject commits without signoff! |
| 33 |
43 |
Maybe, do it generic, allow a text field to enumerate what should be in a commit! |
Maybe, do it generic, allow a text field to enumerate what should be in a commit! |
| File admin/init.php changed (mode: 100644) (index c8c889b..da9d26f) |
| ... |
... |
if ($r !== TRUE) { |
| 28 |
28 |
} |
} |
| 29 |
29 |
|
|
| 30 |
30 |
// creating admin user |
// creating admin user |
| 31 |
|
$uid = 0; |
|
| 32 |
|
$username = "admin"; |
|
| 33 |
|
$email = $rg_admin_email; |
|
| 34 |
|
$is_admin = 1; |
|
| 35 |
|
$disk_quota_mb = 0; |
|
| 36 |
|
$rights = rg_rights_all("user"); |
|
| 37 |
|
$session_time = 3600; |
|
| 38 |
|
$confirm_token = ""; |
|
|
31 |
|
$_u = array(); |
|
32 |
|
$_u['uid'] = 0; |
|
33 |
|
$_u['username'] = "admin"; |
|
34 |
|
$_u['realname'] = "Master admin"; |
|
35 |
|
$_u['email'] = $_u['rg_admin_email; |
|
36 |
|
$_u['is_admin'] = 1; |
|
37 |
|
$_u['disk_quota_mb'] = 0; |
|
38 |
|
$_u['rights'] = rg_rights_all("user"); |
|
39 |
|
$_u['session_time'] = 3600; |
|
40 |
|
$_u['confirm_token'] = ""; |
| 39 |
41 |
while (1) { |
while (1) { |
| 40 |
|
$username0 = readline("User [$username]: "); |
|
|
42 |
|
$username0 = readline("User [" . $_u['username'] . "]: "); |
| 41 |
43 |
if (!empty($username0)) |
if (!empty($username0)) |
| 42 |
|
$username = $username0; |
|
| 43 |
|
$email0 = readline("E-mail [$email]: "); |
|
|
44 |
|
$_u['username'] = $username0; |
|
45 |
|
$email0 = readline("E-mail [" . $_u['email'] . "]: "); |
| 44 |
46 |
if (!empty($email0)) |
if (!empty($email0)) |
| 45 |
|
$email = $email0; |
|
|
47 |
|
$_u['email'] = $email0; |
|
48 |
|
|
| 46 |
49 |
while (1) { |
while (1) { |
| 47 |
|
$pass = readline("Password: "); |
|
| 48 |
|
$pass2 = readline("Password (confirmation): "); |
|
| 49 |
|
if (strcmp($pass, $pass2) != 0) { |
|
|
50 |
|
$_u['pass'] = readline("Password: "); |
|
51 |
|
$_u['pass2'] = readline("Password (confirmation): "); |
|
52 |
|
if (strcmp($_u['pass'], $_u['pass2']) != 0) { |
| 50 |
53 |
echo "Passwords mismatch!\n"; |
echo "Passwords mismatch!\n"; |
| 51 |
54 |
continue; |
continue; |
| 52 |
55 |
} |
} |
| 53 |
56 |
break; |
break; |
| 54 |
57 |
} |
} |
| 55 |
58 |
|
|
| 56 |
|
$r = rg_user_info($db, $uid, $username, "" /* email */); |
|
|
59 |
|
$r = rg_user_info($db, $_u['uid'], $_u['username'], "" /* email */); |
| 57 |
60 |
if ($r['ok'] != 1) { |
if ($r['ok'] != 1) { |
| 58 |
|
echo "Error looking up user $username (" . rg_user_error() . ")!\n"; |
|
|
61 |
|
echo "Error looking up user " . $_u['username'] |
|
62 |
|
. " (" . rg_user_error() . ")!\n"; |
| 59 |
63 |
exit(1); |
exit(1); |
| 60 |
64 |
} |
} |
| 61 |
65 |
if ($r['exists'] == 1) { |
if ($r['exists'] == 1) { |
| 62 |
|
echo "User $username already exists. Try another one!\n"; |
|
|
66 |
|
echo "User " . $_u['username'] . " already exists." |
|
67 |
|
. " Try another one!\n"; |
| 63 |
68 |
continue; |
continue; |
| 64 |
69 |
} |
} |
| 65 |
70 |
|
|
| 66 |
|
$r = rg_user_edit($db, $uid, $username, $email, $pass, $is_admin, |
|
| 67 |
|
$disk_quota_mb, $rights, $session_time, $confirm_token); |
|
|
71 |
|
$r = rg_user_edit($d $_u); |
| 68 |
72 |
if ($r !== TRUE) { |
if ($r !== TRUE) { |
| 69 |
73 |
echo "Cannot create user (" . rg_user_error() . ")!\n"; |
echo "Cannot create user (" . rg_user_error() . ")!\n"; |
| 70 |
74 |
continue; |
continue; |
| File inc/git.inc.php changed (mode: 100644) (index bc4d1b2..39035b7) |
| ... |
... |
function rg_git_log($max, $from, $to, $also_patch) |
| 614 |
614 |
|
|
| 615 |
615 |
/* |
/* |
| 616 |
616 |
* Outputs the result of replacing variables in a template with real variables |
* Outputs the result of replacing variables in a template with real variables |
|
617 |
|
* @log = TODO (output of rg_git_log?) |
| 617 |
618 |
*/ |
*/ |
| 618 |
619 |
function rg_git_log_template($log, $dir, $more) |
function rg_git_log_template($log, $dir, $more) |
| 619 |
620 |
{ |
{ |
| 620 |
621 |
$t = array(); |
$t = array(); |
| 621 |
622 |
|
|
| 622 |
|
if ((is_array($log) && (count($log) > 0))) { |
|
|
623 |
|
if ((is_array($log) && !empty($log))) { |
| 623 |
624 |
foreach ($log as $index => $info) { |
foreach ($log as $index => $info) { |
| 624 |
625 |
$v = array(); |
$v = array(); |
| 625 |
626 |
foreach ($info['vars'] as $var => $value) |
foreach ($info['vars'] as $var => $value) |
| |
| ... |
... |
function rg_git_update_branch($a) |
| 939 |
940 |
if (!empty($a['namespace'])) { |
if (!empty($a['namespace'])) { |
| 940 |
941 |
// Update the main namespace |
// Update the main namespace |
| 941 |
942 |
$r = rg_git_update_ref($a['refname'], $a['old_rev'], |
$r = rg_git_update_ref($a['refname'], $a['old_rev'], |
| 942 |
|
$a['new_rev'], "reason"); |
|
|
943 |
|
$a['new_rev'], "push"); |
| 943 |
944 |
if ($r !== TRUE) { |
if ($r !== TRUE) { |
| 944 |
945 |
rg_git_fatal($a['refname'] . "\nCannot update ref (" |
rg_git_fatal($a['refname'] . "\nCannot update ref (" |
| 945 |
946 |
. rg_git_error() . ")"); |
. rg_git_error() . ")"); |
| File inc/repo.inc.php changed (mode: 100644) (index d38bac8..75c889f) |
| ... |
... |
function rg_repo_info($db, $rr) |
| 110 |
110 |
|
|
| 111 |
111 |
rg_log("repo_info: rr: " . rg_array2string($rr)); |
rg_log("repo_info: rr: " . rg_array2string($rr)); |
| 112 |
112 |
|
|
|
113 |
|
$uid = isset($rr['uid']) ? $rr['uid'] : 0; |
| 113 |
114 |
$repo_id = isset($rr['repo_id']) ? $rr['repo_id'] : 0; |
$repo_id = isset($rr['repo_id']) ? $rr['repo_id'] : 0; |
| 114 |
115 |
$user = isset($rr['user']) ? $rr['user'] : ""; |
$user = isset($rr['user']) ? $rr['user'] : ""; |
| 115 |
116 |
$repo = isset($rr['repo']) ? $rr['repo'] : ""; |
$repo = isset($rr['repo']) ? $rr['repo'] : ""; |
| |
| ... |
... |
function rg_repo_info($db, $rr) |
| 119 |
120 |
|
|
| 120 |
121 |
$rg_repo_info_cache[$key] = $ret; |
$rg_repo_info_cache[$key] = $ret; |
| 121 |
122 |
|
|
| 122 |
|
if ($repo_id > 0) { |
|
| 123 |
|
$add = " repo_id = $repo_id"; |
|
| 124 |
|
} else if (!empty($user) && !empty($repo)) { |
|
|
123 |
|
if (($uid == 0) && (!empty($user))) { |
| 125 |
124 |
$ui = rg_user_info($db, 0, $user, ""); |
$ui = rg_user_info($db, 0, $user, ""); |
| 126 |
125 |
if ($ui['ok'] != 1) { |
if ($ui['ok'] != 1) { |
| 127 |
126 |
rg_repo_set_error("invalid repo path (user)"); |
rg_repo_set_error("invalid repo path (user)"); |
| 128 |
127 |
return $ret; |
return $ret; |
| 129 |
128 |
} |
} |
|
129 |
|
|
|
130 |
|
$uid = $ui['uid']; |
|
131 |
|
} |
|
132 |
|
|
|
133 |
|
if ($repo_id > 0) { |
|
134 |
|
$add = " repo_id = $repo_id"; |
|
135 |
|
} else if (($uid > 0) && !empty($repo)) { |
| 130 |
136 |
$e_repo = rg_sql_escape($db, $repo); |
$e_repo = rg_sql_escape($db, $repo); |
| 131 |
|
$add = " uid = " . $ui['uid'] . " AND name = '$e_repo'"; |
|
|
137 |
|
$add = " uid = " . $uid . " AND name = '$e_repo'"; |
| 132 |
138 |
} else { |
} else { |
| 133 |
139 |
rg_repo_set_error("no repo_id or user/repo specified!"); |
rg_repo_set_error("no repo_id or user/repo specified!"); |
| 134 |
140 |
return $ret; |
return $ret; |
| |
| ... |
... |
function rg_repo_rights_get($db, $ri, $uid, $flags) |
| 552 |
558 |
*/ |
*/ |
| 553 |
559 |
function rg_repo_rights_set($db, $ri, $uid, $rights) |
function rg_repo_rights_set($db, $ri, $uid, $rights) |
| 554 |
560 |
{ |
{ |
|
561 |
|
if (!isset($ri['repo_id'])) { |
|
562 |
|
rg_internal_error("repo_id is not defined!"); |
|
563 |
|
return FALSE; |
|
564 |
|
} |
|
565 |
|
|
| 555 |
566 |
rg_log("rg_repo_rights_set: repo_id=" . $ri['repo_id'] |
rg_log("rg_repo_rights_set: repo_id=" . $ri['repo_id'] |
| 556 |
567 |
. ", uid=$uid, rights=$rights..."); |
. ", uid=$uid, rights=$rights..."); |
| 557 |
568 |
|
|
| File inc/ssh.inc.php changed (mode: 100644) (index d8f19c5..a56e41d) |
| ... |
... |
function rg_ssh_status($db, $uid) |
| 13 |
13 |
|
|
| 14 |
14 |
echo "Here will be the status.\n"; |
echo "Here will be the status.\n"; |
| 15 |
15 |
|
|
|
16 |
|
// also details about payments: warn if disk space is low etc. |
|
17 |
|
|
| 16 |
18 |
exit(0); |
exit(0); |
| 17 |
19 |
} |
} |
| 18 |
20 |
|
|
| |
| ... |
... |
function rg_ssh_repos($db, $uid) |
| 25 |
27 |
$sql = "SELECT * FROM repos" |
$sql = "SELECT * FROM repos" |
| 26 |
28 |
. " WHERE uid = $uid" |
. " WHERE uid = $uid" |
| 27 |
29 |
. " AND deleted = 0" |
. " AND deleted = 0" |
| 28 |
|
. " ORDER BY name"; |
|
|
30 |
|
. " ORDER BY name, itime"; |
| 29 |
31 |
$pad = " "; |
$pad = " "; |
| 30 |
32 |
$res = rg_sql_query($db, $sql); |
$res = rg_sql_query($db, $sql); |
| 31 |
33 |
while (($row = rg_sql_fetch_array($res))) { |
while (($row = rg_sql_fetch_array($res))) { |
| 32 |
|
echo "\t" . substr(substr($row['name'], 0, 32) . $pad, 0, 32) |
|
|
34 |
|
echo substr(substr($row['name'], 0, 40) . $pad, 0, 32) |
| 33 |
35 |
. "\t" . gmdate("Y-m-d", $row['itime']) |
. "\t" . gmdate("Y-m-d", $row['itime']) |
| 34 |
36 |
. "\t" . rg_1024($row['disk_used_mb']) . "/" . rg_1024($row['disk_quota_mb']) |
. "\t" . rg_1024($row['disk_used_mb']) . "/" . rg_1024($row['disk_quota_mb']) |
| 35 |
37 |
. "\n"; |
. "\n"; |
| |
| ... |
... |
function rg_ssh_repos($db, $uid) |
| 40 |
42 |
exit(0); |
exit(0); |
| 41 |
43 |
} |
} |
| 42 |
44 |
|
|
|
45 |
|
function rg_ssh_repo($db, $uid, $paras) |
|
46 |
|
{ |
|
47 |
|
rg_log("ssh_repo: " . rg_array2string($paras)); |
|
48 |
|
|
|
49 |
|
$repo_name = trim($paras[0]); |
|
50 |
|
|
|
51 |
|
$rr = array("uid" => $uid, "repo" => $repo_name); |
|
52 |
|
$ri = rg_repo_info($db, $rr); |
|
53 |
|
if ($ri === FALSE) { |
|
54 |
|
echo "Unknown repo!\n"; |
|
55 |
|
exit(0); |
|
56 |
|
} |
|
57 |
|
|
|
58 |
|
echo "Repo: " . $ri['name'] . "\n"; |
|
59 |
|
echo "Creation time: " . gmdate("Y-m-d", $ri['itime']) . " UTC\n"; |
|
60 |
|
echo "Disk used: " . rg_1024($ri['disk_used_mb']) . " MiB\n"; |
|
61 |
|
echo "Disk quota: " . rg_1024($ri['disk_quota_mb']) . " MiB\n"; |
|
62 |
|
$rights = implode(", ", rg_rights_text("repo", $ri['default_rights'])); |
|
63 |
|
echo "Default rights: " . $rights . "\n"; |
|
64 |
|
echo "Description: " . $ri['description'] . "\n"; |
|
65 |
|
|
|
66 |
|
if ($ri['master'] > 0) { |
|
67 |
|
$rr = array("repo_id" => $ri['master']); |
|
68 |
|
$mri = rg_repo_info($db, $rr); |
|
69 |
|
if ($mri !== FALSE) { |
|
70 |
|
echo "Master: " . $mri['name'] . "\n"; |
|
71 |
|
} |
|
72 |
|
} |
|
73 |
|
|
|
74 |
|
exit(0); |
|
75 |
|
} |
|
76 |
|
|
| 43 |
77 |
function rg_ssh_dispatch($db, $uid, $cmd) |
function rg_ssh_dispatch($db, $uid, $cmd) |
| 44 |
78 |
{ |
{ |
| 45 |
|
$cmd = explode(" ", $cmd, 2); |
|
|
79 |
|
$paras = explode(" ", $cmd); |
|
80 |
|
$cmd = array_shift($paras); |
| 46 |
81 |
|
|
| 47 |
|
switch ($cmd[0]) { |
|
|
82 |
|
switch ($cmd) { |
| 48 |
83 |
case 'status': rg_ssh_status($db, $uid); break; |
case 'status': rg_ssh_status($db, $uid); break; |
| 49 |
84 |
case 'repos': rg_ssh_repos($db, $uid); break; |
case 'repos': rg_ssh_repos($db, $uid); break; |
|
85 |
|
case 'repo': rg_ssh_repo($db, $uid, $paras); break; |
| 50 |
86 |
case '': |
case '': |
| 51 |
87 |
echo "\nWelcome to RocketGit!\n\n"; |
echo "\nWelcome to RocketGit!\n\n"; |
| 52 |
88 |
echo "Available commmands: status, repos.\n"; |
echo "Available commmands: status, repos.\n"; |
| File inc/user.inc.php changed (mode: 100644) (index 560c59b..797fcd0) |
| ... |
... |
function rg_user_ok($user) |
| 110 |
110 |
* Add a user |
* Add a user |
| 111 |
111 |
* If uid > 0 - edit, else, add |
* If uid > 0 - edit, else, add |
| 112 |
112 |
*/ |
*/ |
| 113 |
|
function rg_user_edit($db, $uid, $user, $email, $pass, $is_admin, |
|
| 114 |
|
$disk_quota_mb, $rights, $session_time, $confirm_token) |
|
|
113 |
|
function rg_user_edit($db, $d) |
| 115 |
114 |
{ |
{ |
| 116 |
|
global $rg_user_info_cache; |
|
|
115 |
|
global $rg_user_info_cache; // TODO: what we do with this? |
| 117 |
116 |
|
|
| 118 |
|
rg_log("user_edit: uid=$uid, user=$user email=$email" |
|
| 119 |
|
. " pass=$pass is_admin=$is_admin" |
|
| 120 |
|
. " disk_quota_mb=$disk_quota_mb rights=$rights" |
|
| 121 |
|
. " session_time=$session_time, confirm_token=$confirm_token..."); |
|
|
117 |
|
rg_log("user_edit: data: " . rg_array2string($d)); |
| 122 |
118 |
|
|
| 123 |
|
if (rg_user_ok($user) !== TRUE) |
|
|
119 |
|
if (rg_user_ok($d['username']) !== TRUE) |
| 124 |
120 |
return FALSE; |
return FALSE; |
| 125 |
121 |
|
|
| 126 |
122 |
$now = time(); |
$now = time(); |
| 127 |
|
$e_user = rg_sql_escape($db, $user); |
|
|
123 |
|
$e_username = rg_sql_escape($db, $d['username']); |
|
124 |
|
$e_realname = rg_sql_escape($db, $d['realname']); |
| 128 |
125 |
$e_salt = rg_id(40); |
$e_salt = rg_id(40); |
| 129 |
|
$e_pass = rg_user_pass($e_salt, $pass); |
|
| 130 |
|
$e_email = rg_sql_escape($db, $email); |
|
| 131 |
|
$e_rights = rg_sql_escape($db, $rights); |
|
| 132 |
|
|
|
| 133 |
|
if (empty($confirm_token)) { |
|
|
126 |
|
$e_pass = rg_user_pass($e_salt, $d['pass']); |
|
127 |
|
$e_email = rg_sql_escape($db, $d['email']); |
|
128 |
|
$e_rights = rg_sql_escape($db, $d['rights']); |
|
129 |
|
$e_is_admin = $d['is_admin']; |
|
130 |
|
$e_disk_quota_mb = $d['disk_quota_mb']; |
|
131 |
|
$e_session_time = $d['session_time']; |
|
132 |
|
$e_confirm_token = $d['confirm_token']; |
|
133 |
|
|
|
134 |
|
if (empty($d['confirm_token'])) { |
| 134 |
135 |
// no need to confirm account |
// no need to confirm account |
| 135 |
|
$confirmed = $now; |
|
|
136 |
|
$e_confirmed = $now; |
| 136 |
137 |
} else { |
} else { |
| 137 |
|
$confirmed = 0; |
|
|
138 |
|
$e_confirmed = 0; |
| 138 |
139 |
} |
} |
| 139 |
140 |
|
|
| 140 |
|
if ($uid == 0) { // add |
|
| 141 |
|
if (rg_user_pass_ok($pass) !== TRUE) |
|
|
141 |
|
if ($d['uid'] == 0) { // add |
|
142 |
|
if (rg_user_pass_ok($d['pass']) !== TRUE) |
| 142 |
143 |
return FALSE; |
return FALSE; |
| 143 |
144 |
|
|
| 144 |
|
$sql = "INSERT INTO users (username, salt, pass, email, itime" |
|
|
145 |
|
$sql = "INSERT INTO users (username, realname, salt, pass" |
|
146 |
|
. ", email, itime" |
| 145 |
147 |
. ", is_admin, disk_quota_mb, rights, session_time" |
. ", is_admin, disk_quota_mb, rights, session_time" |
| 146 |
148 |
. ", confirmed, confirm_token)" |
. ", confirmed, confirm_token)" |
| 147 |
|
. " VALUES ('$e_user', '$e_salt', '$e_pass'" |
|
| 148 |
|
. ", '$e_email', $now, $is_admin, $disk_quota_mb" |
|
| 149 |
|
. ", '$e_rights', $session_time" |
|
| 150 |
|
. ", $confirmed, '$confirm_token')"; |
|
|
149 |
|
. " VALUES ('$e_username', '$e_realname', '$e_salt', '$e_pass'" |
|
150 |
|
. ", '$e_email', $now, $e_is_admin, $e_disk_quota_mb" |
|
151 |
|
. ", '$e_rights', $e_session_time" |
|
152 |
|
. ", $e_confirmed, '$e_confirm_token')"; |
| 151 |
153 |
} else { // edit |
} else { // edit |
| 152 |
154 |
$salt_pass_add = ""; |
$salt_pass_add = ""; |
| 153 |
|
if (!empty($pass)) |
|
|
155 |
|
if (!empty($d['pass'])) |
| 154 |
156 |
$salt_pass_add = ", pass = '$e_pass', salt = '$e_salt'"; |
$salt_pass_add = ", pass = '$e_pass', salt = '$e_salt'"; |
| 155 |
157 |
|
|
| 156 |
|
$sql = "UPDATE users SET username = '$e_user'" |
|
|
158 |
|
$sql = "UPDATE users" |
|
159 |
|
. " SET username = '$e_username'" |
|
160 |
|
. ", realname = '$e_realname'" |
| 157 |
161 |
. $salt_pass_add |
. $salt_pass_add |
| 158 |
162 |
. ", email = '$e_email'" |
. ", email = '$e_email'" |
| 159 |
|
. ", is_admin = $is_admin" |
|
| 160 |
|
. ", disk_quota_mb = $disk_quota_mb" |
|
|
163 |
|
. ", is_admin = $e_is_admin" |
|
164 |
|
. ", disk_quota_mb = $e_disk_quota_mb" |
| 161 |
165 |
. ", rights = '$e_rights'" |
. ", rights = '$e_rights'" |
| 162 |
|
. ", session_time = $session_time" |
|
| 163 |
|
. " WHERE uid = $uid"; |
|
|
166 |
|
. ", session_time = $e_session_time" |
|
167 |
|
. " WHERE uid = " . $d['uid']; |
| 164 |
168 |
} |
} |
| 165 |
169 |
|
|
| 166 |
170 |
$res = rg_sql_query($db, $sql); |
$res = rg_sql_query($db, $sql); |
| |
| ... |
... |
function rg_user_list($db, $url) |
| 516 |
520 |
|
|
| 517 |
521 |
$ret .= "<table>\n"; |
$ret .= "<table>\n"; |
| 518 |
522 |
$ret .= "<tr>\n"; |
$ret .= "<tr>\n"; |
|
523 |
|
$ret .= " <th>User name</th>\n"; |
| 519 |
524 |
$ret .= " <th>Name</th>\n"; |
$ret .= " <th>Name</th>\n"; |
| 520 |
525 |
$ret .= " <th>E-mail</th>\n"; |
$ret .= " <th>E-mail</th>\n"; |
| 521 |
526 |
$ret .= " <th>Admin?</th>\n"; |
$ret .= " <th>Admin?</th>\n"; |
| |
| ... |
... |
function rg_user_list($db, $url) |
| 531 |
536 |
while (($row = rg_sql_fetch_array($res))) { |
while (($row = rg_sql_fetch_array($res))) { |
| 532 |
537 |
$ret .= "<tr>\n"; |
$ret .= "<tr>\n"; |
| 533 |
538 |
$ret .= " <td>" . $row['username'] . "</td>\n"; |
$ret .= " <td>" . $row['username'] . "</td>\n"; |
|
539 |
|
$ret .= " <td>" . $row['realname'] . "</td>\n"; |
| 534 |
540 |
$ret .= " <td>" . $row['email'] . "</td>\n"; |
$ret .= " <td>" . $row['email'] . "</td>\n"; |
| 535 |
541 |
$ret .= " <td>" . ($row['is_admin'] == 1 ? "Yes" : "No") . "</td>\n"; |
$ret .= " <td>" . ($row['is_admin'] == 1 ? "Yes" : "No") . "</td>\n"; |
| 536 |
542 |
$ret .= " <td>" . gmdate("Y-m-d", $row['itime']) . "</td>\n"; |
$ret .= " <td>" . gmdate("Y-m-d", $row['itime']) . "</td>\n"; |
| File inc/user/create.php changed (mode: 100644) (index fa281d1..060f44f) |
| ... |
... |
$show_form = 1; |
| 14 |
14 |
|
|
| 15 |
15 |
if ($doit == 1) { |
if ($doit == 1) { |
| 16 |
16 |
$xuser = rg_var_str("xuser"); |
$xuser = rg_var_str("xuser"); |
|
17 |
|
$realname = rg_var_str("realname"); |
| 17 |
18 |
$email = rg_var_str("email"); |
$email = rg_var_str("email"); |
| 18 |
19 |
$xpass = rg_var_str("xpass"); |
$xpass = rg_var_str("xpass"); |
| 19 |
20 |
$xpass2 = rg_var_str("xpass2"); |
$xpass2 = rg_var_str("xpass2"); |
| |
| ... |
... |
if ($doit == 1) { |
| 36 |
37 |
break; |
break; |
| 37 |
38 |
} |
} |
| 38 |
39 |
|
|
| 39 |
|
$is_admin = 0; |
|
| 40 |
|
$disk_quota_mb = 100; |
|
| 41 |
|
$rights = "C"; |
|
| 42 |
|
$confirm_token = rg_id(40); |
|
| 43 |
|
if (!rg_user_edit($db, $uid, $xuser, $email, $xpass, $is_admin, |
|
| 44 |
|
$disk_quota_mb, $rights, $session_time, $confirm_token)) { |
|
|
40 |
|
$_u = array(); |
|
41 |
|
$_u['uid'] = $uid; |
|
42 |
|
$_u['username'] = $xuser; |
|
43 |
|
$_u['realname'] = $realname; |
|
44 |
|
$_u['email'] = $email; |
|
45 |
|
$_u['pass'] = $xpass; |
|
46 |
|
$_u['is_admin'] = 0; |
|
47 |
|
$_u['disk_quota_mb'] = 100; |
|
48 |
|
$_u['rights'] = "C"; |
|
49 |
|
$_u['session_time'] = $session_time; |
|
50 |
|
$_u['confirm_token'] = rg_id(40); |
|
51 |
|
if (!rg_user_edit($db, $_u)) { |
| 45 |
52 |
$errmsg[] = "Cannot add user (" . rg_user_error() . ")."; |
$errmsg[] = "Cannot add user (" . rg_user_error() . ")."; |
| 46 |
53 |
break; |
break; |
| 47 |
54 |
} |
} |
| File inc/user/info/info.php changed (mode: 100644) (index da357a8..29f7706) |
| ... |
... |
if ($doit == 1) { |
| 12 |
12 |
} |
} |
| 13 |
13 |
|
|
| 14 |
14 |
$xuser = rg_var_str("xuser"); |
$xuser = rg_var_str("xuser"); |
|
15 |
|
$realname = rg_var_str("realname"); |
| 15 |
16 |
$email = rg_var_str("email"); |
$email = rg_var_str("email"); |
| 16 |
17 |
$is_admin = $rg_ui['is_admin']; // TODO: doesn't seems too elegant |
$is_admin = $rg_ui['is_admin']; // TODO: doesn't seems too elegant |
| 17 |
18 |
$disk_quota_mb = $rg_ui['disk_quota_mb']; |
$disk_quota_mb = $rg_ui['disk_quota_mb']; |
| |
| ... |
... |
if ($doit == 1) { |
| 20 |
21 |
|
|
| 21 |
22 |
while (1) { |
while (1) { |
| 22 |
23 |
$xpass = ""; |
$xpass = ""; |
| 23 |
|
if (!rg_user_edit($db, $rg_ui['uid'], $xuser, $email, $xpass, |
|
| 24 |
|
$is_admin, $disk_quota_mb, $rights, $session_time, "")) { |
|
|
24 |
|
if (!rg_user_edit($db, $rg_ui['uid'], $xuser, $realname, $email, |
|
25 |
|
$xpass, $is_admin, $disk_quota_mb, $rights, |
|
26 |
|
$session_time, "")) { |
| 25 |
27 |
$errmsg[] = "Cannot change info (" . rg_user_error() . ")."; |
$errmsg[] = "Cannot change info (" . rg_user_error() . ")."; |
| 26 |
28 |
break; |
break; |
| 27 |
29 |
} |
} |
| |
| ... |
... |
if ($doit == 1) { |
| 31 |
33 |
} |
} |
| 32 |
34 |
} else { |
} else { |
| 33 |
35 |
$xuser = $rg_ui['username']; |
$xuser = $rg_ui['username']; |
|
36 |
|
$realname = $rg_ui['realname']; |
| 34 |
37 |
$email = $rg_ui['email']; |
$email = $rg_ui['email']; |
| 35 |
38 |
$is_admin = $rg_ui['is_admin']; |
$is_admin = $rg_ui['is_admin']; |
| 36 |
39 |
$disk_quota_mb = $rg_ui['disk_quota_mb']; |
$disk_quota_mb = $rg_ui['disk_quota_mb']; |
| File inc/user/repo-page.php changed (mode: 100644) (index c5d647d..67824df) |
| ... |
... |
if (strcmp($subop, "admin") == 0) { |
| 159 |
159 |
$_repo_body .= rg_template("repo/bug/main.html", $_more); |
$_repo_body .= rg_template("repo/bug/main.html", $_more); |
| 160 |
160 |
} else if (strcmp($subop, "stats") == 0) { |
} else if (strcmp($subop, "stats") == 0) { |
| 161 |
161 |
$_repo_body .= rg_template("repo/stats.html", $_more); |
$_repo_body .= rg_template("repo/stats.html", $_more); |
| 162 |
|
} else if (strcmp($subop, "mrs") == 0) { |
|
| 163 |
|
$_repo_body .= rg_template("repo/mrs.html", $_more); |
|
| 164 |
|
|
|
| 165 |
|
$r = rg_mr_load($db, $ri['repo_id'], 20); |
|
| 166 |
|
if ($r === FALSE) { |
|
| 167 |
|
$_repo_body .= "Error getting merge request list (" |
|
| 168 |
|
. rg_mr_error() . ")."; |
|
| 169 |
|
} else { |
|
| 170 |
|
$_repo_body .= rg_template_table("repo/mr/list", $r, $_more); |
|
| 171 |
|
} |
|
| 172 |
162 |
} else if (strcmp($subop, "mr") == 0) { |
} else if (strcmp($subop, "mr") == 0) { |
| 173 |
|
// TODO: this should be under /mrs path (above)! |
|
| 174 |
|
$mr = preg_replace('/[^0-9a-zA-Z_]/', '', $paras[0]); |
|
| 175 |
|
$r = rg_mr_load_one($db, $ri['repo_id'], $mr); |
|
| 176 |
|
if ($r === FALSE) { |
|
| 177 |
|
$_repo_body .= "Error getting merge request (" . rg_mr_error() . ")."; |
|
|
163 |
|
if (empty($paras[0])) { |
|
164 |
|
$_repo_body .= rg_template("repo/mrs.html", $_more); |
|
165 |
|
|
|
166 |
|
$r = rg_mr_load($db, $ri['repo_id'], 20); |
|
167 |
|
if ($r === FALSE) { |
|
168 |
|
$_repo_body .= "Error getting merge request list (" |
|
169 |
|
. rg_mr_error() . ")."; |
|
170 |
|
} else { |
|
171 |
|
$_repo_body .= rg_template_table("repo/mr/list", $r, $_more); |
|
172 |
|
} |
| 178 |
173 |
} else { |
} else { |
| 179 |
|
$_repo_body .= rg_template("repo/mr/page.html", $r, $_more); |
|
|
174 |
|
$mr = preg_replace('/[^0-9a-zA-Z_]/', '', $paras[0]); |
|
175 |
|
do { |
|
176 |
|
$mri = rg_mr_load_one($db, $ri['repo_id'], $mr); |
|
177 |
|
if ($mri === FALSE) { |
|
178 |
|
$_repo_body .= "Error getting merge request (" . rg_mr_error() . ")."; |
|
179 |
|
break; |
|
180 |
|
} |
|
181 |
|
|
|
182 |
|
$_log = rg_git_log(0, $mri['old_rev'], $mri['new_rev'], TRUE); |
|
183 |
|
if ($_log === FALSE) { |
|
184 |
|
$_repo_body .= "Error generating patch (" . rg_git_error() . ")."; |
|
185 |
|
break; |
|
186 |
|
} |
|
187 |
|
|
|
188 |
|
$mri['HTML:diff'] = rg_git_log_template($_log, "repo/log", $_more); |
|
189 |
|
$_repo_body .= rg_template("repo/mr/page.html", $mri, $_more); |
|
190 |
|
} while (0); |
| 180 |
191 |
} |
} |
| 181 |
192 |
} |
} |
| 182 |
193 |
|
|
| File tests/repo.php changed (mode: 100644) (index 85cb97c..1aa07b4) |
| ... |
... |
if ($r !== TRUE) { |
| 92 |
92 |
exit(1); |
exit(1); |
| 93 |
93 |
} |
} |
| 94 |
94 |
|
|
|
95 |
|
$uid = time(); |
|
96 |
|
rg_log("Inserting a fake user"); |
|
97 |
|
$sql = "INSERT INTO users (uid, username, realname, salt, pass, email, itime, suspended" |
|
98 |
|
. ", rights)" |
|
99 |
|
. " VALUES ($uid, 'user-$uid', 'realname-$uid', '', '', '', $uid, 0" |
|
100 |
|
. ", '')"; |
|
101 |
|
$res = rg_sql_query($db, $sql); |
|
102 |
|
if ($res === FALSE) { |
|
103 |
|
rg_log("Cannot insert a user (" . rg_sql_error() . ")!"); |
|
104 |
|
exit(1); |
|
105 |
|
} |
|
106 |
|
|
| 95 |
107 |
$repo_id = time(); |
$repo_id = time(); |
| 96 |
108 |
$repo_name = "repo-" . $repo_id; |
$repo_name = "repo-" . $repo_id; |
| 97 |
109 |
rg_log("Inserting a fake repo"); |
rg_log("Inserting a fake repo"); |
| 98 |
110 |
$sql = "INSERT INTO repos (repo_id, name, uid, itime" |
$sql = "INSERT INTO repos (repo_id, name, uid, itime" |
| 99 |
111 |
. ", disk_quota_mb, max_commit_size" |
. ", disk_quota_mb, max_commit_size" |
| 100 |
112 |
. ", master, description, git_dir_done, default_rights)" |
. ", master, description, git_dir_done, default_rights)" |
| 101 |
|
. " VALUES ($repo_id, '$repo_name', 1, 0, 0, 0, 0, 'bla bla desc', 1, 'F')"; |
|
|
113 |
|
. " VALUES ($repo_id, '$repo_name', $uid, 0, 0, 0, 0, 'bla bla desc', 1, 'F')"; |
| 102 |
114 |
$res = rg_sql_query($db, $sql); |
$res = rg_sql_query($db, $sql); |
| 103 |
115 |
if ($res === FALSE) { |
if ($res === FALSE) { |
| 104 |
116 |
rg_log("Cannot insert a repo (" . rg_sql_error() . ")!"); |
rg_log("Cannot insert a repo (" . rg_sql_error() . ")!"); |
| |
| ... |
... |
if ($res === FALSE) { |
| 108 |
120 |
rg_log("test giving rights"); |
rg_log("test giving rights"); |
| 109 |
121 |
$rr = array("repo_id" => $repo_id); |
$rr = array("repo_id" => $repo_id); |
| 110 |
122 |
$ri = rg_repo_info($db, $rr); |
$ri = rg_repo_info($db, $rr); |
| 111 |
|
$uid = 10; |
|
| 112 |
|
$v = rg_repo_rights_set($db, $ri, $uid, "P"); |
|
|
123 |
|
if ($ri['exists'] != 1) { |
|
124 |
|
rg_log("ri: " . print_r($ri, TRUE)); |
|
125 |
|
rg_log("Cannot lookup repo_id $repo_id!"); |
|
126 |
|
exit(1); |
|
127 |
|
} |
|
128 |
|
$tuid = 10; |
|
129 |
|
$v = rg_repo_rights_set($db, $ri, $tuid, "P"); |
| 113 |
130 |
if ($v === FALSE) { |
if ($v === FALSE) { |
| 114 |
131 |
rg_log("Cannot give rights (1)!"); |
rg_log("Cannot give rights (1)!"); |
| 115 |
132 |
exit(1); |
exit(1); |
| 116 |
133 |
} |
} |
| 117 |
134 |
|
|
| 118 |
135 |
rg_log("owner gets all rights"); |
rg_log("owner gets all rights"); |
| 119 |
|
$uid = 1; |
|
| 120 |
136 |
$e = rg_rights_all("repo"); |
$e = rg_rights_all("repo"); |
| 121 |
137 |
$r = rg_repo_rights_get($db, $ri, $uid, 0); |
$r = rg_repo_rights_get($db, $ri, $uid, 0); |
| 122 |
138 |
$c = $r['rights']; |
$c = $r['rights']; |
| |
| ... |
... |
if (strcmp($c, $e) != 0) { |
| 126 |
142 |
} |
} |
| 127 |
143 |
|
|
| 128 |
144 |
rg_log("non-owner gets correct rights: F gets from default rights."); |
rg_log("non-owner gets correct rights: F gets from default rights."); |
| 129 |
|
$uid = 12; |
|
| 130 |
|
$r = rg_repo_rights_set($db, $ri, $uid, "P"); |
|
|
145 |
|
$xuid = 12; |
|
146 |
|
$r = rg_repo_rights_set($db, $ri, $xuid, "P"); |
| 131 |
147 |
if ($r !== TRUE) { |
if ($r !== TRUE) { |
| 132 |
148 |
rg_log("Cannot set rights (" . rg_repo_error() . ")!"); |
rg_log("Cannot set rights (" . rg_repo_error() . ")!"); |
| 133 |
149 |
exit(1); |
exit(1); |
| 134 |
150 |
} |
} |
| 135 |
151 |
$e = "FP"; |
$e = "FP"; |
| 136 |
|
$r = rg_repo_rights_get($db, $ri, $uid, 0); |
|
|
152 |
|
$r = rg_repo_rights_get($db, $ri, $xuid, 0); |
| 137 |
153 |
$c = $r['rights']; |
$c = $r['rights']; |
| 138 |
154 |
if (strcmp($c, $e) != 0) { |
if (strcmp($c, $e) != 0) { |
| 139 |
155 |
rg_log("Non-owner did not get correct rights: c=$c e=$e."); |
rg_log("Non-owner did not get correct rights: c=$c e=$e."); |
| |
| ... |
... |
if (strcmp($c, $e) != 0) { |
| 141 |
157 |
} |
} |
| 142 |
158 |
|
|
| 143 |
159 |
rg_log("owner can set separate rights for him"); |
rg_log("owner can set separate rights for him"); |
| 144 |
|
$uid = 1; |
|
| 145 |
160 |
$v = rg_repo_rights_set($db, $ri, $uid, "A"); |
$v = rg_repo_rights_set($db, $ri, $uid, "A"); |
| 146 |
161 |
if ($v === FALSE) { |
if ($v === FALSE) { |
| 147 |
162 |
rg_log("Owner cannot set separate rights for him!"); |
rg_log("Owner cannot set separate rights for him!"); |
| File tests/user.php changed (mode: 100644) (index 5312402..35f73b7) |
| ... |
... |
$rg_session_time = 3600; |
| 16 |
16 |
$rg_user_allow = '/^[A-Za-z0-9_.-]*$/'; |
$rg_user_allow = '/^[A-Za-z0-9_.-]*$/'; |
| 17 |
17 |
$rg_admin_email = "admin@localhost"; |
$rg_admin_email = "admin@localhost"; |
| 18 |
18 |
$rg_admin_name = "RocketGit Admin"; |
$rg_admin_name = "RocketGit Admin"; |
|
19 |
|
$_SERVER['HTTP_HOST'] = "fake.tld"; |
| 19 |
20 |
|
|
| 20 |
21 |
|
|
| 21 |
22 |
$db = rg_sql_open("dbname=trg"); |
$db = rg_sql_open("dbname=trg"); |
| |
| ... |
... |
if ($r !== TRUE) { |
| 30 |
31 |
exit(1); |
exit(1); |
| 31 |
32 |
} |
} |
| 32 |
33 |
|
|
|
34 |
|
// Clean userA |
|
35 |
|
$sql = "DELETE FROM users WHERE username = 'userA'"; |
|
36 |
|
$res = rg_sql_query($db, $sql); |
|
37 |
|
rg_sql_free_result($res); |
|
38 |
|
|
| 33 |
39 |
// add user |
// add user |
| 34 |
|
$r = rg_user_edit($db, 0, "userA", "rg@localhost", "pass1", 1, 100, "C", 3600, ""); |
|
|
40 |
|
$_u['uid'] = 0; |
|
41 |
|
$_u['realname'] = "userA real name"; |
|
42 |
|
$_u['username'] = "userA"; |
|
43 |
|
$_u['email'] = "rg@localhost"; |
|
44 |
|
$_u['pass'] = "pass1"; |
|
45 |
|
$_u['is_admin'] = 1; |
|
46 |
|
$_u['disk_quota_mb'] = 100; |
|
47 |
|
$_u['rights'] = "C"; |
|
48 |
|
$_u['session_time'] = 3600; |
|
49 |
|
$_u['confirm_token'] = ""; |
|
50 |
|
$r = rg_user_edit($db, $_u); |
| 35 |
51 |
if ($r !== TRUE) { |
if ($r !== TRUE) { |
| 36 |
52 |
echo "Cannot add user (" . rg_user_error() . ")!\n"; |
echo "Cannot add user (" . rg_user_error() . ")!\n"; |
| 37 |
53 |
exit(1); |
exit(1); |
| 38 |
54 |
} |
} |
| 39 |
55 |
$uid = rg_sql_last_id($db); |
$uid = rg_sql_last_id($db); |
| 40 |
56 |
|
|
| 41 |
|
$v = rg_user_forgot_pass_mail($db, "rg@localhost"); |
|
|
57 |
|
$v = rg_user_forgot_pass_mail_prepare($db, "rg@localhost"); |
| 42 |
58 |
if (empty($v['token'])) { |
if (empty($v['token'])) { |
| 43 |
|
echo "Error: " . rg_user_error() . "!\n"; |
|
|
59 |
|
print_r($v); |
|
60 |
|
echo "Error(rg_user_forgot_pass_mail): " . rg_user_error() . "!\n"; |
| 44 |
61 |
exit(1); |
exit(1); |
| 45 |
62 |
} |
} |
| 46 |
63 |
|
|
| |
| ... |
... |
if ($_ui['exists'] != 1) { |
| 49 |
66 |
echo "Seems that user with $uid does not exists!\n"; |
echo "Seems that user with $uid does not exists!\n"; |
| 50 |
67 |
exit(1); |
exit(1); |
| 51 |
68 |
} |
} |
| 52 |
|
$salt = $_ui['salt']; |
|
| 53 |
69 |
$pass = $_ui['pass']; |
$pass = $_ui['pass']; |
| 54 |
70 |
|
|
| 55 |
71 |
// edit user - empty pass |
// edit user - empty pass |
| 56 |
|
$r = rg_user_edit($db, $uid, "userA", "rg@localhost", "", 1, 100, "C", 3600, ""); |
|
|
72 |
|
$_u['uid'] = $uid; |
|
73 |
|
$_u['pass'] = ""; |
|
74 |
|
$r = rg_user_edit($db, $_u); |
| 57 |
75 |
if ($r !== TRUE) { |
if ($r !== TRUE) { |
| 58 |
76 |
echo "Cannot edit user with empty pass (" . rg_user_error() . ")!\n"; |
echo "Cannot edit user with empty pass (" . rg_user_error() . ")!\n"; |
| 59 |
77 |
exit(1); |
exit(1); |
| |
| ... |
... |
if ($_ui['exists'] != 1) { |
| 64 |
82 |
echo "Seems that user with $uid does not exists!\n"; |
echo "Seems that user with $uid does not exists!\n"; |
| 65 |
83 |
exit(1); |
exit(1); |
| 66 |
84 |
} |
} |
| 67 |
|
if (strcmp($salt, $_ui['salt']) != 0) { |
|
| 68 |
|
echo "Salt was changed $salt -> " . $_ui['salt'] . "!\n"; |
|
| 69 |
|
exit(1); |
|
| 70 |
|
} |
|
| 71 |
85 |
if (strcmp($pass, $_ui['pass']) != 0) { |
if (strcmp($pass, $_ui['pass']) != 0) { |
| 72 |
86 |
echo "Password was changed!\n"; |
echo "Password was changed!\n"; |
| 73 |
87 |
exit(1); |
exit(1); |
| 74 |
88 |
} |
} |
| 75 |
89 |
|
|
| 76 |
90 |
// edit user - no empty pass |
// edit user - no empty pass |
| 77 |
|
$r = rg_user_edit($db, $uid, "userA", "rg@localhost", "pass2", 1, 100, "C", 3600, ""); |
|
|
91 |
|
$_u['pass'] = "pass2"; |
|
92 |
|
$r = rg_user_edit($db, $_u); |
| 78 |
93 |
if ($r !== TRUE) { |
if ($r !== TRUE) { |
| 79 |
94 |
echo "Cannot edit user with not empty pass (" . rg_user_error() . ")!\n"; |
echo "Cannot edit user with not empty pass (" . rg_user_error() . ")!\n"; |
| 80 |
95 |
exit(1); |
exit(1); |
| 81 |
96 |
} |
} |
| 82 |
97 |
// the pass should be changed here |
// the pass should be changed here |
|
98 |
|
$salt = $_ui['salt']; |
| 83 |
99 |
$_ui = rg_user_info($db, $uid, "", ""); |
$_ui = rg_user_info($db, $uid, "", ""); |
| 84 |
100 |
if ($_ui['exists'] != 1) { |
if ($_ui['exists'] != 1) { |
| 85 |
101 |
echo "Seems that user with $uid does not exists!\n"; |
echo "Seems that user with $uid does not exists!\n"; |
| |
| ... |
... |
if (empty($r['token'])) { |
| 108 |
124 |
exit(1); |
exit(1); |
| 109 |
125 |
} |
} |
| 110 |
126 |
|
|
| 111 |
|
$r = rg_user_forgot_pass_uid($db, $token); |
|
|
127 |
|
$r = rg_user_forgot_pass_uid($db, $r['token']); |
| 112 |
128 |
if ($r['ok'] != 1) { |
if ($r['ok'] != 1) { |
| 113 |
129 |
echo "Cannot find uid based on token (" . rg_user_error() . ")!\n"; |
echo "Cannot find uid based on token (" . rg_user_error() . ")!\n"; |
| 114 |
130 |
exit(1); |
exit(1); |