/**
* Return SVN path the user is not allowed to see
*
* @param PFUser $user
*
* @return string
*/
protected function getForbiddenPaths(PFUser $user)
{
$forbidden = svn_utils_get_forbidden_paths($user->getName(), $this->project->getSVNRootPath());
$where_forbidden = "";
foreach ($forbidden as $no_access => $v) {
$where_forbidden .= " AND svn_dirs.dir not like '" . db_es(substr($no_access, 1)) . "%'";
}
return $where_forbidden;
}
private function import_dumpfile(Project $project, $xml_svn, $extraction_path)
{
$attrs = $xml_svn->attributes();
if (!isset($attrs['dump-file'])) {
return true;
}
$rootpath_arg = escapeshellarg($project->getSVNRootPath());
$dumpfile_arg = escapeshellarg("{$extraction_path}/{$attrs["dump-file"]}");
$commandline = "svnadmin load {$rootpath_arg} <{$dumpfile_arg} 2>&1";
$this->logger->info($commandline);
try {
$cmd = new System_Command();
$command_output = $cmd->exec($commandline);
$return_status = 0;
} catch (System_Command_CommandException $e) {
$command_output = $e->output;
$return_status = $e->return_value;
}
foreach ($command_output as $line) {
$this->logger->debug($line);
}
$this->logger->debug("Exited with status {$return_status}");
return 0 === $return_status;
}
/**
* Rename svn repository (following project unix_name change)
*
* @param Project $project
* @param String $newName
*
* @return Boolean
*/
public function renameSVNRepository(Project $project, $newName)
{
return rename($project->getSVNRootPath(), $GLOBALS['svn_prefix'] . '/' . $newName);
}
function svn_get_revisions(Project $project, $offset, $chunksz, $_rev_id = '', $_commiter = '', $_srch = '', $order_by = '', $pv = 0, $foundRows = true)
{
global $_path;
$um = UserManager::instance();
//check user access rights
$forbidden = svn_utils_get_forbidden_paths($um->getCurrentUser()->getName(), $project->getSVNRootPath());
$select = 'SELECT';
$group_by = '';
if ($foundRows) {
$select .= ' SQL_CALC_FOUND_ROWS';
}
$select .= ' svn_commits.revision as revision, svn_commits.id as commit_id, svn_commits.description as description, svn_commits.date as date, svn_commits.whoid';
$from = " FROM svn_commits";
$where = " WHERE svn_commits.group_id=" . db_ei($project->getGroupId());
//check user access rights
if (!empty($forbidden)) {
$from .= " INNER JOIN svn_checkins ON (svn_checkins.commitid = svn_commits.id)";
$from .= " INNER JOIN svn_dirs ON (svn_dirs.id = svn_checkins.dirid)";
$where_forbidden = "";
foreach ($forbidden as $no_access => $v) {
if ($no_access == $_path) {
$_path = '';
}
$where_forbidden .= " AND svn_dirs.dir not like '" . db_es(substr($no_access, 1)) . "%'";
}
$where .= $where_forbidden;
$group_by .= ' GROUP BY revision';
}
//if status selected, and more to where clause
if ($_path != '') {
$path_str = " AND svn_dirs.dir like '%" . db_es($_path) . "%'";
if (!isset($forbidden) || empty($forbidden)) {
$from .= " INNER JOIN svn_checkins ON (svn_checkins.commitid = svn_commits.id)";
$from .= " INNER JOIN svn_dirs ON (svn_dirs.id = svn_checkins.dirid)";
$group_by .= ' GROUP BY revision';
}
} else {
$path_str = "";
}
//if revision selected, and more to where clause
if (isset($_rev_id) && $_rev_id != '') {
$commit_str = " AND svn_commits.revision='" . db_ei($_rev_id) . "' ";
} else {
$commit_str = '';
}
if (isset($_commiter) && $_commiter && $_commiter != 100) {
$commiter_str = " AND svn_commits.whoid='" . db_ei($um->getUserByUserName($_commiter)->getId()) . "' ";
} else {
//no assigned to was chosen, so don't add it to where clause
$commiter_str = '';
}
if (isset($_srch) && $_srch != '') {
$srch_str = " AND svn_commits.description like '%" . db_es(htmlspecialchars($_srch)) . "%'";
} else {
$srch_str = "";
}
$where .= $commiter_str . $commit_str . $srch_str . $path_str;
if (!isset($pv) || !$pv) {
$limit = " LIMIT " . db_ei($offset) . "," . db_ei($chunksz);
}
// SQLi Warning: no real possibility to escape $order_by here.
// We rely on a proper filtering of user input by calling methods.
if (!isset($order_by) || $order_by == '') {
$order_by = " ORDER BY revision DESC ";
}
$sql = $select . $from . $where . $group_by . $order_by . $limit;
//echo $sql."<br>\n";
$result = db_query($sql);
// Compute the number of rows.
$totalrows = -1;
if ($foundRows) {
$sql1 = 'SELECT FOUND_ROWS() as nb';
$result1 = db_query($sql1);
if ($result1 && !db_error($result1)) {
$row1 = db_fetch_array($result1);
$totalrows = $row1['nb'];
}
}
return array($result, $totalrows);
}
/**
* Update renamed ugroup line or comment invalid ugroup lines for all lines of .SVNAccessFile
*
* @param Project $project Project of the svn repository
* @param String $contents Text to validate
* @param Boolean $verbose Show feedback or not
*
* @return String
*/
public function parseGroupLines($project, $contents, $verbose = false)
{
$defaultLines = explode("\n", $this->getPlatformBlock($project->getSVNRootPath()));
$groups = array();
$currentSection = -1;
foreach ($defaultLines as $line) {
$currentSection = $this->getCurrentSection($line, $currentSection);
if ($currentSection == 'groups') {
$groups = $this->accumulateDefinedGroups($groups, $line, true);
}
}
$lines = explode("\n", $contents);
$validContents = '';
foreach ($lines as $line) {
$currentSection = $this->getCurrentSection($line, $currentSection);
switch ($currentSection) {
case 'groups':
$groups = $this->accumulateDefinedGroups($groups, $line, false);
$validContents .= $line . PHP_EOL;
break;
default:
$validContents .= $this->validateUGroupLine($groups, $line, $verbose) . PHP_EOL;
break;
}
}
return substr($validContents, 0, -1);
}
/**
* Returns revision info for a project E.g. array(
* lucky luke, //author
* 1545654656, //datestamp
* 16, //log message size (in bytes)
* 'my message', //log message
* );
*
* @param Project $project
* @param int $revision
*
* @throw SVN_SvnlookException
*
* @return array
*/
public function getInfo(Project $project, $revision)
{
$command = 'info -r ' . escapeshellarg($revision) . ' ' . escapeshellarg($project->getSVNRootPath());
return $this->execute($command);
}
public function userCanRead(PFUser $user, Project $project, $svnpath)
{
include_once 'www/svn/svn_utils.php';
return svn_utils_check_access($user->getUserName(), $project->getSVNRootPath(), $svnpath);
}
private function importAccessFile(Project $project, $xml_svn)
{
$dao = $this->getAccessFileDAO();
$tagname = "access-file";
$contents = (string) $xml_svn->{$tagname} . "\n";
$writer = new SVN_AccessFile_Writer($project->getSVNRootPath());
$this->logger->debug("Write SVN AccessFile: " . $writer->filename());
if (!$dao->saveNewAccessFileVersionInProject($project->getID(), $contents)) {
throw new SVNXMLImporterException("Could not save new access file version");
}
if (!$writer->write_with_defaults($contents)) {
throw new SVNXMLImporterException("Could not write to " . $writer->filename());
}
}
