/**
* Init a new empty bare repository.
*
* @param string Full path to the repository
*/
public function initRepository($fullpath)
{
if (!file_exists($fullpath)) {
mkdir($fullpath, 0750, true);
}
$out = array();
$res = 0;
exec(sprintf(Pluf::f('idf_exec_cmd_prefix', '') . Pluf::f('git_path', 'git') . ' --git-dir=%s init', escapeshellarg($fullpath)), $out, $res);
if ($res != 0) {
Pluf_Log::error(array('IDF_Plugin_Git_Serve::initRepository', $res, $fullpath));
throw new Exception(sprintf('Init repository error, exit status %d.', $res));
}
Pluf_Log::event(array('IDF_Plugin_Git_Serve::initRepository', 'success', $fullpath));
// Add the post-update hook by removing the original one and add the
// Indefero's one.
$p = realpath(dirname(__FILE__) . '/../../../../scripts/git-post-update');
$p = Pluf::f('idf_plugin_syncgit_post_update', $p);
if (!@unlink($fullpath . '/hooks/post-update')) {
Pluf_Log::warn(array('IDF_Plugin_Git_Serve::initRepository', 'post-update hook removal error.', $fullpath . '/hooks/post-update'));
return;
}
$out = array();
$res = 0;
exec(sprintf(Pluf::f('idf_exec_cmd_prefix', '') . 'ln -s %s %s', escapeshellarg($p), escapeshellarg($fullpath . '/hooks/post-update')), $out, $res);
if ($res != 0) {
Pluf_Log::warn(array('IDF_Plugin_Git_Serve::initRepository', 'post-update hook creation error.', $fullpath . '/hooks/post-update'));
return;
}
Pluf_Log::debug(array('IDF_Plugin_Git_Serve::initRepository', 'Added post-update hook.', $fullpath));
// Configure the core.quotepath option
$quotepath = Pluf::f('git_core_quotepath', true) == true ? 'true' : 'false';
$out = array();
$res = 0;
exec(sprintf(Pluf::f('idf_exec_cmd_prefix', '') . Pluf::f('git_path', 'git') . ' config -f %s/config --add core.quotepath %s', escapeshellarg($fullpath), escapeshellarg($quotepath)), $out, $res);
if ($res != 0) {
Pluf_Log::warn(array('IDF_Plugin_Git_Serve::initRepository', 'core.quotepath configuration error.', $quotepath));
return;
}
Pluf_Log::debug(array('IDF_Plugin_Git_Serve::initRepository', 'core.quotepath configured.', $quotepath));
}
/**
* Given an array with the authentication data, auth the user and return it.
*/
public static function authenticate($auth_data)
{
$password = $auth_data['password'];
$login = $auth_data['login'];
// Small security check against the login
if (preg_match('/[^A-Za-z0-9\\-\\_]/', $login)) {
return false;
}
// We check the user against the LDAP server, if it works we
// are happy, if not return false.
$ldap_dn = Pluf::f('auth_ldap_dn', 'ou=users,dc=example,dc=com');
$ldap_user = Pluf::f('auth_ldap_user', null);
$ldap_password = Pluf::f('auth_ldap_password', null);
$ldap_version = Pluf::f('auth_ldap_version', 3);
$ldap_user_key = Pluf::f('auth_ldap_user_key', 'uid');
// If auth_ldap_password_key, it will use crypt hash control
// to test the login password, else it will bind.
$ldap_password_key = Pluf::f('auth_ldap_password_key', null);
$ldap_surname_key = Pluf::f('auth_ldap_surname_key', 'sn');
$ldap_givenname_key = Pluf::f('auth_ldap_givenname_key', 'cn');
$ldap_email_key = Pluf::f('auth_ldap_email_key', 'mail');
$ldap = ldap_connect(Pluf::f('auth_ldap_host', 'localhost'));
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, Pluf::f('auth_ldap_version', 3));
if (!ldap_bind($ldap, $ldap_user, $ldap_password)) {
Pluf_Log::warn(sprintf('Cannot bind to the ldap server, user:%s, password:***', $ldap_user));
ldap_close($ldap);
return false;
}
// Go for a search
$search = ldap_search($ldap, $ldap_dn, '(' . $ldap_user_key . '=' . $login . ')', array($ldap_user_key, $ldap_surname_key, $ldap_givenname_key, $ldap_email_key));
$n = ldap_get_entries($ldap, $search);
if ($n['count'] != 1) {
ldap_close($ldap);
return false;
}
$entry = ldap_first_entry($ldap, $search);
// We get all the data first, the bind or hash control is done
// later. If we control with bind now, we need to search again
// to have an $entry resource to get the values.
list($family_name, ) = @ldap_get_values($ldap, $entry, $ldap_surname_key);
list($first_name, ) = @ldap_get_values($ldap, $entry, $ldap_givenname_key);
list($email, ) = @ldap_get_values($ldap, $entry, $ldap_email_key);
$user_dn = ldap_get_dn($ldap, $entry);
if ($ldap_password_key) {
// Password authentication.
list($ldap_hash, ) = ldap_get_values($ldap, $entry, $ldap_password_key);
$ldap_hash = substr($ldap_hash, 7);
$salt = substr($ldap_hash, 0, 12);
$hash = crypt($password, $salt);
if ($ldap_hash != $hash) {
ldap_close($ldap);
return false;
}
} else {
// Bind authentication
if (!@ldap_bind($ldap, $user_dn, $password)) {
ldap_close($ldap);
return false;
}
}
// We get the user values as the
// Now we get the user and we create it if not available
$user = self::getUser($login);
if ($user) {
ldap_close($ldap);
return $user;
}
// Need to create it
ldap_close($ldap);
$user_model = Pluf::f('pluf_custom_user', 'Pluf_User');
$user = new $user_model();
$user->active = true;
$user->login = $login;
$user->password = $password;
$user->last_name = $family_name;
$user->first_name = $first_name;
$user->email = $email;
$user->create();
return $user;
}
/**
* Run svnadmin command to create the corresponding Subversion
* repository.
*
* @param IDF_Project
* @return bool Success
*/
function processSvnCreate($project)
{
if ($project->getConf()->getVal('scm') != 'svn') {
return false;
}
$shortname = $project->shortname;
if (false === ($svn_path = Pluf::f('idf_plugin_syncsvn_svn_path', false))) {
throw new Pluf_Exception_SettingError("'idf_plugin_syncsvn_svn_path' must be defined in your configuration file.");
}
if (file_exists($svn_path . '/' . $shortname)) {
throw new Exception(sprintf(__('The repository %s already exists.'), $svn_path . '/' . $shortname));
}
$return = 0;
$output = array();
$cmd = sprintf(Pluf::f('svnadmin_path', 'svnadmin') . ' create %s', escapeshellarg($svn_path . '/' . $shortname));
$cmd = Pluf::f('idf_exec_cmd_prefix', '') . $cmd;
$ll = exec($cmd, $output, $return);
if ($return != 0) {
Pluf_Log::error(array('IDF_Plugin_SyncSvn::processSvnCreate', 'Error', array('path' => $svn_path . '/' . $shortname, 'output' => $output)));
return;
}
$p = realpath(dirname(__FILE__) . '/../../../scripts/svn-post-commit');
exec(sprintf(Pluf::f('idf_exec_cmd_prefix', '') . 'ln -s %s %s', escapeshellarg($p), escapeshellarg($svn_path . '/' . $shortname . '/hooks/post-commit')), $out, $res);
if ($res != 0) {
Pluf_Log::warn(array('IDF_Plugin_SyncSvn::processSvnCreate', 'post-commit hook creation error.', $svn_path . '/' . $shortname . '/hooks/post-commit'));
return;
}
$p = realpath(dirname(__FILE__) . '/../../../scripts/svn-post-revprop-change');
exec(sprintf(Pluf::f('idf_exec_cmd_prefix', '') . 'ln -s %s %s', escapeshellarg($p), escapeshellarg($svn_path . '/' . $shortname . '/hooks/post-revprop-change')), $out, $res);
if ($res != 0) {
Pluf_Log::warn(array('IDF_Plugin_SyncSvn::processSvnCreate', 'post-revprop-change hook creation error.', $svn_path . '/' . $shortname . '/hooks/post-revprop-change'));
return;
}
return $return == 0;
}
