File TODO changed (mode: 100644) (index e242427..02bb8c1) |
3 |
3 |
[ ] Test and fix update.php script. |
[ ] Test and fix update.php script. |
4 |
4 |
[ ] Check if rewinds are working as expected. |
[ ] Check if rewinds are working as expected. |
5 |
5 |
[ ] Fix the "edit repo" page! |
[ ] Fix the "edit repo" page! |
6 |
|
[ ] With FMH (Fetch + Anonymous push + merge commits) rights, seems that we insert a merge request, |
|
7 |
|
but create branch is rejected in next hook! |
|
8 |
6 |
[ ] 'cop' variable is not good - I do not remember what it means! |
[ ] 'cop' variable is not good - I do not remember what it means! |
9 |
7 |
[ ] CSRF token is not used in admin page for an ordinary user! |
[ ] CSRF token is not used in admin page for an ordinary user! |
10 |
8 |
[ ] Update db structure at any function call (after an upgrade). (Deny any operation till schema update is done.) |
[ ] Update db structure at any function call (after an upgrade). (Deny any operation till schema update is done.) |
File inc/git.inc.php changed (mode: 100644) (index c6dff79..199c01e) |
... |
... |
function rg_git_update_branch($a) |
826 |
826 |
|
|
827 |
827 |
rg_log("git_update_branch: " . rg_array2string($a)); |
rg_log("git_update_branch: " . rg_array2string($a)); |
828 |
828 |
|
|
|
829 |
|
// If we have anonymous push rights, we should add also create branch |
|
830 |
|
if (rg_rights_allow($a['rights'], "H") === TRUE) |
|
831 |
|
$a['rights'] .= "C"; |
|
832 |
|
|
829 |
833 |
if (strcmp($a['new_rev'], $rg_git_zero) == 0) { // delete |
if (strcmp($a['new_rev'], $rg_git_zero) == 0) { // delete |
830 |
834 |
if (!rg_rights_allow($a['rights'], "D")) |
if (!rg_rights_allow($a['rights'], "D")) |
831 |
835 |
rg_git_fatal($a['refname'] . "\nNo rights to delete" |
rg_git_fatal($a['refname'] . "\nNo rights to delete" |
|
... |
... |
function rg_git_update_branch($a) |
880 |
884 |
} |
} |
881 |
885 |
|
|
882 |
886 |
// anonymous push - create a merge request |
// anonymous push - create a merge request |
883 |
|
// TODO: here, we may fail to update the reference; |
|
|
887 |
|
// TODO: git may fail to update the reference after this hook; |
884 |
888 |
// the mr code should check if the update was done. |
// the mr code should check if the update was done. |
885 |
889 |
$r = rg_mr_queue_add($a['repo_id'], $a['namespace'], |
$r = rg_mr_queue_add($a['repo_id'], $a['namespace'], |
886 |
890 |
$a['old_rev'], $a['new_rev'], $a['refname'], $a['ip']); |
$a['old_rev'], $a['new_rev'], $a['refname'], $a['ip']); |
|
... |
... |
function rg_git_update_branch($a) |
891 |
895 |
} else { |
} else { |
892 |
896 |
rg_log("We are allowed to push."); |
rg_log("We are allowed to push."); |
893 |
897 |
|
|
|
898 |
|
// If we do not have a namespace, we let git to update the ref. |
|
899 |
|
// Not clear when we do not have a namespace. |
894 |
900 |
if (!empty($a['namespace'])) { |
if (!empty($a['namespace'])) { |
895 |
901 |
// Update the main namespace |
// Update the main namespace |
896 |
902 |
$r = rg_git_update_ref($a['refname'], $a['old_rev'], |
$r = rg_git_update_ref($a['refname'], $a['old_rev'], |
File inc/rights.inc.php changed (mode: 100644) (index 4f7c6bf..3946e64) |
... |
... |
function rg_rights_checkboxes($type, $passed_rights) |
92 |
92 |
if (strstr($passed_rights, $right)) |
if (strstr($passed_rights, $right)) |
93 |
93 |
$add = " checked=\"checked\""; |
$add = " checked=\"checked\""; |
94 |
94 |
$ret .= "<input type=\"checkbox\" name=\"rights[$right]\"" |
$ret .= "<input type=\"checkbox\" name=\"rights[$right]\"" |
95 |
|
. $add . " />$info\n"; |
|
|
95 |
|
. $add . " />$info<br />\n"; |
96 |
96 |
} |
} |
97 |
97 |
|
|
98 |
98 |
return $ret; |
return $ret; |
File scripts/remote.php changed (mode: 100644) (index 1a3532a..4978f5f) |
... |
... |
if ($push == 1) { |
179 |
179 |
|
|
180 |
180 |
// Prepare refs to not receive: |
// Prepare refs to not receive: |
181 |
181 |
// "No refs in common and none specified; doing nothing. |
// "No refs in common and none specified; doing nothing. |
182 |
|
// Perhaps you should specify a branch such as 'master'. |
|
183 |
|
// No refs in common and none specified; doing nothing. |
|
184 |
|
// Perhaps you should specify a branch such as 'master'. |
|
|
182 |
|
// Perhaps you should specify a branch such as 'master'." |
185 |
183 |
$dst = $repo_path . "/refs/namespaces/" . $namespace . "/refs/heads"; |
$dst = $repo_path . "/refs/namespaces/" . $namespace . "/refs/heads"; |
186 |
184 |
$ret = @mkdir($dst, 0755, TRUE); |
$ret = @mkdir($dst, 0755, TRUE); |
187 |
185 |
if ($ret === FALSE) |
if ($ret === FALSE) |
File tests/hook_update_anon.sh changed (mode: 100755) (index 8bd7a49..f2a299c) |
... |
... |
git add a |
29 |
29 |
git commit -m "b" a |
git commit -m "b" a |
30 |
30 |
|
|
31 |
31 |
echo "=== Testing anon push without rights..." |
echo "=== Testing anon push without rights..." |
32 |
|
export ROCKETGIT_REPO_RIGHTS="C" |
|
|
32 |
|
export ROCKETGIT_REPO_RIGHTS="" |
33 |
33 |
git push origin master |
git push origin master |
34 |
34 |
if [ "${?}" = "0" ]; then |
if [ "${?}" = "0" ]; then |
35 |
35 |
echo "Should not work!" |
echo "Should not work!" |
|
... |
... |
fi |
38 |
38 |
|
|
39 |
39 |
set -e |
set -e |
40 |
40 |
echo "=== Testing anon push with rights..." |
echo "=== Testing anon push with rights..." |
41 |
|
export ROCKETGIT_REPO_RIGHTS="CH" |
|
|
41 |
|
export ROCKETGIT_REPO_RIGHTS="H" |
42 |
42 |
git push origin master |
git push origin master |
43 |
43 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
44 |
44 |
echo "Should work!" |
echo "Should work!" |
File tests/hook_update_anon_nm.sh copied from file tests/hook_update_anon.sh (similarity 61%) (mode: 100755) (index 8bd7a49..fd706f1) |
1 |
1 |
#!/bin/bash |
#!/bin/bash |
2 |
2 |
|
|
3 |
|
# Test anonymous push |
|
|
3 |
|
# Test anonymous push with a custom branch |
4 |
4 |
|
|
5 |
5 |
C=`pwd` |
C=`pwd` |
|
6 |
|
P="hook_update_anon_nm" |
6 |
7 |
|
|
7 |
|
rm -rf hook_update_anon_*.git |
|
8 |
|
mkdir hook_update_anon_dest.git |
|
|
8 |
|
rm -rf ${P}_*.git |
|
9 |
|
mkdir ${P}_dest.git |
9 |
10 |
( |
( |
10 |
|
cd hook_update_anon_dest.git |
|
|
11 |
|
cd ${P}_dest.git |
11 |
12 |
git init --bare |
git init --bare |
12 |
13 |
) |
) |
13 |
|
cp ../hooks/* hook_update_anon_dest.git/hooks/ |
|
|
14 |
|
cp ../hooks/* ${P}_dest.git/hooks/ |
14 |
15 |
|
|
15 |
|
git clone hook_update_anon_dest.git hook_update_anon_src.git |
|
|
16 |
|
git clone ${P}_dest.git ${P}_src.git |
16 |
17 |
|
|
17 |
|
cd hook_update_anon_src.git |
|
|
18 |
|
cd ${P}_src.git |
18 |
19 |
|
|
19 |
|
export ROCKETGIT_REPO_ID=2000000000 |
|
|
20 |
|
export ROCKETGIT_REPO_ID=2000000001 |
20 |
21 |
export ROCKETGIT_IP="IP" |
export ROCKETGIT_IP="IP" |
21 |
22 |
export GIT_NAMESPACE="abcdefgh" # we have to set it manually |
export GIT_NAMESPACE="abcdefgh" # we have to set it manually |
22 |
23 |
export ROCKETGIT_MR_QUEUE="${C}/mr_queue" |
export ROCKETGIT_MR_QUEUE="${C}/mr_queue" |
|
... |
... |
echo "bbb" > a |
28 |
29 |
git add a |
git add a |
29 |
30 |
git commit -m "b" a |
git commit -m "b" a |
30 |
31 |
|
|
|
32 |
|
echo "*** Creating a branch..." |
|
33 |
|
export ROCKETGIT_REPO_RIGHTS="CP" |
|
34 |
|
git checkout -b branch1 |
|
35 |
|
git push origin branch1 |
|
36 |
|
|
31 |
37 |
echo "=== Testing anon push without rights..." |
echo "=== Testing anon push without rights..." |
32 |
|
export ROCKETGIT_REPO_RIGHTS="C" |
|
|
38 |
|
export ROCKETGIT_REPO_RIGHTS="" |
33 |
39 |
git push origin master |
git push origin master |
34 |
40 |
if [ "${?}" = "0" ]; then |
if [ "${?}" = "0" ]; then |
35 |
41 |
echo "Should not work!" |
echo "Should not work!" |
|
... |
... |
fi |
38 |
44 |
|
|
39 |
45 |
set -e |
set -e |
40 |
46 |
echo "=== Testing anon push with rights..." |
echo "=== Testing anon push with rights..." |
41 |
|
export ROCKETGIT_REPO_RIGHTS="CH" |
|
|
47 |
|
export ROCKETGIT_REPO_RIGHTS="H" |
42 |
48 |
git push origin master |
git push origin master |
43 |
49 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
44 |
50 |
echo "Should work!" |
echo "Should work!" |
45 |
51 |
exit 1 |
exit 1 |
46 |
52 |
fi |
fi |
47 |
53 |
# Test if the namespace was updated instead of main namespace |
# Test if the namespace was updated instead of main namespace |
48 |
|
diff ../hook_update_anon_dest.git/refs/namespaces/${GIT_NAMESPACE}/refs/heads/master \ |
|
|
54 |
|
diff ../${P}_dest.git/refs/namespaces/${GIT_NAMESPACE}/refs/heads/master \ |
49 |
55 |
.git/refs/heads/master |
.git/refs/heads/master |
50 |
56 |
if [ "${?}" != "0" ]; then |
if [ "${?}" != "0" ]; then |
51 |
57 |
echo "We did not update the namespace!" |
echo "We did not update the namespace!" |
52 |
58 |
exit 1 |
exit 1 |
53 |
59 |
fi |
fi |
54 |
|
if [ -r ../hook_update_anon_dest.git/refs/heads/master ]; then |
|
|
60 |
|
if [ -r ../${P}_dest.git/refs/heads/master ]; then |
55 |
61 |
echo "Seems we updated also main namespace!" |
echo "Seems we updated also main namespace!" |
56 |
62 |
exit 1 |
exit 1 |
57 |
63 |
fi |
fi |
|
... |
... |
fi |
64 |
70 |
|
|
65 |
71 |
cd .. |
cd .. |
66 |
72 |
|
|
67 |
|
rm -rf hook_update_anon_*.git |
|
|
73 |
|
rm -rf ${P}_*.git |
68 |
74 |
|
|
69 |
|
echo "hook_update_anon: OK!" |
|
|
75 |
|
echo "hook_update_anon_nm: OK!" |