public function index() { $title = $GLOBALS['Language']->getText('admin_main', 'configure_access_controls'); $params = array('title' => $title); $renderer = TemplateRendererFactory::build()->getRenderer($this->getTemplateDir()); $this->response->includeFooterJavascriptFile('/scripts/tuleap/admin-access-mode.js'); $this->response->header($params); $renderer->renderToPage(self::TEMPLATE, new ForgeAccess_AdminPresenter($this->csrf, $title, $this->localincfinder->getLocalIncPath(), ForgeConfig::get(ForgeAccess::CONFIG), count($this->user_dao->searchByStatus(PFUser::STATUS_RESTRICTED)), ForgeConfig::get(User_ForgeUGroup::CONFIG_AUTHENTICATED_LABEL), ForgeConfig::get(User_ForgeUGroup::CONFIG_REGISTERED_LABEL), ForgeConfig::get(ForgeAccess::PROJECT_ADMIN_CAN_CHOOSE_VISIBILITY), ForgeConfig::get(ForgeAccess::REVERSE_PROXY_REGEXP))); $this->response->footer($params); }
private function userHomeSanityCheck(BackendSystem $backend_system) { $dao = new UserDao(); $users = $dao->searchByStatus(array(PFUser::STATUS_ACTIVE, PFUser::STATUS_RESTRICTED))->instanciateWith(array(UserManager::instance(), 'getUserInstanceFromRow')); foreach ($users as $user) { $backend_system->userHomeSanityCheck($user); } }
/** * Process stored event */ function process() { $backendSystem = Backend::instance('System'); $backendAliases = Backend::instance('Aliases'); $backendSVN = Backend::instance('SVN'); $backendCVS = Backend::instance('CVS'); $backendMailingList = Backend::instance('MailingList'); //TODO: // User: unix_status vs status?? // Private project: if codeaxadm is not member of the project: check access to SVN (incl. ViewVC), CVS, Web... // CVS Watch? // TODO: log event in syslog? // TODO: check that there is no pending event??? What about lower priority events?? // First, force NSCD refresh to be sure that uid/gid will exist on next // actions $backendSystem->flushNscdAndFsCache(); // remove deleted releases and released files if (!$backendSystem->cleanupFRS()) { $this->error("An error occured while moving FRS files"); return false; } // Force global updates: aliases, CVS roots, SVN roots $backendAliases->setNeedUpdateMailAliases(); // Remove temporary files generated by aborted CVS commits $backendCVS->cleanup(); // Check mailing lists // (re-)create missing ML $mailinglistdao = new MailingListDao(); $dar = $mailinglistdao->searchAllActiveML(); foreach ($dar as $row) { $list = new MailingList($row); if (!$backendMailingList->listExists($list)) { $backendMailingList->createList($list->getId()); } // TODO what about lists that changed their setting (description, public/private) ? } // Check users // (re-)create missing home directories $user_manager = UserManager::instance(); $userdao = new UserDao(); $allowed_statuses = array(User::STATUS_ACTIVE, User::STATUS_RESTRICTED); $dar = $userdao->searchByStatus($allowed_statuses); foreach ($dar as $row) { $user = $user_manager->getUserInstanceFromRow($row); if ($user) { $backendSystem->userHomeSanityCheck($user); } } // dump SSH authorized_keys into all users homedirs $backendSystem->dumpSSHKeys(); $project_manager = ProjectManager::instance(); foreach ($project_manager->getProjectsByStatus(Project::STATUS_ACTIVE) as $project) { // Recreate project directories if they were deleted if (!$backendSystem->createProjectHome($project->getId())) { $this->error("Could not create project home"); return false; } if ($project->usesCVS()) { $backendCVS->setCVSRootListNeedUpdate(); if (!$backendCVS->repositoryExists($project)) { if (!$backendCVS->createProjectCVS($project->getId())) { $this->error("Could not create/initialize project CVS repository"); return false; } $backendCVS->setCVSPrivacy($project, !$project->isPublic() || $project->isCVSPrivate()); } $backendCVS->createLockDirIfMissing($project); // check post-commit hooks if (!$backendCVS->updatePostCommit($project)) { return false; } $backendCVS->updateCVSwriters($project->getID()); $backendCVS->updateCVSWatchMode($project->getID()); // Check ownership/mode/access rights $backendCVS->checkCVSMode($project); } if ($project->usesSVN()) { if (!$backendSVN->repositoryExists($project)) { if (!$backendSVN->createProjectSVN($project->getId())) { $this->error("Could not create/initialize project SVN repository"); return false; } $backendSVN->updateSVNAccess($project->getId()); $backendSVN->setSVNPrivacy($project, !$project->isPublic() || $project->isSVNPrivate()); $backendSVN->setSVNApacheConfNeedUpdate(); } else { $backendSVN->checkSVNAccessPresence($project->getId()); } $backendSVN->updateHooks($project); // Check ownership/mode/access rights $backendSVN->checkSVNMode($project); } } // If no codendi_svnroot.conf file, force recreate. if (!is_file($GLOBALS['svn_root_file'])) { $backendSVN->setSVNApacheConfNeedUpdate(); } $this->done(); return true; }