/** * Init a new empty bare repository. * * @param string Full path to the repository */ public function initRepository($fullpath) { if (!file_exists($fullpath)) { mkdir($fullpath, 0750, true); } $out = array(); $res = 0; exec(sprintf(Pluf::f('idf_exec_cmd_prefix', '') . Pluf::f('git_path', 'git') . ' --git-dir=%s init', escapeshellarg($fullpath)), $out, $res); if ($res != 0) { Pluf_Log::error(array('IDF_Plugin_Git_Serve::initRepository', $res, $fullpath)); throw new Exception(sprintf('Init repository error, exit status %d.', $res)); } Pluf_Log::event(array('IDF_Plugin_Git_Serve::initRepository', 'success', $fullpath)); // Add the post-update hook by removing the original one and add the // Indefero's one. $p = realpath(dirname(__FILE__) . '/../../../../scripts/git-post-update'); $p = Pluf::f('idf_plugin_syncgit_post_update', $p); if (!@unlink($fullpath . '/hooks/post-update')) { Pluf_Log::warn(array('IDF_Plugin_Git_Serve::initRepository', 'post-update hook removal error.', $fullpath . '/hooks/post-update')); return; } $out = array(); $res = 0; exec(sprintf(Pluf::f('idf_exec_cmd_prefix', '') . 'ln -s %s %s', escapeshellarg($p), escapeshellarg($fullpath . '/hooks/post-update')), $out, $res); if ($res != 0) { Pluf_Log::warn(array('IDF_Plugin_Git_Serve::initRepository', 'post-update hook creation error.', $fullpath . '/hooks/post-update')); return; } Pluf_Log::debug(array('IDF_Plugin_Git_Serve::initRepository', 'Added post-update hook.', $fullpath)); // Configure the core.quotepath option $quotepath = Pluf::f('git_core_quotepath', true) == true ? 'true' : 'false'; $out = array(); $res = 0; exec(sprintf(Pluf::f('idf_exec_cmd_prefix', '') . Pluf::f('git_path', 'git') . ' config -f %s/config --add core.quotepath %s', escapeshellarg($fullpath), escapeshellarg($quotepath)), $out, $res); if ($res != 0) { Pluf_Log::warn(array('IDF_Plugin_Git_Serve::initRepository', 'core.quotepath configuration error.', $quotepath)); return; } Pluf_Log::debug(array('IDF_Plugin_Git_Serve::initRepository', 'core.quotepath configured.', $quotepath)); }
/** * Given an array with the authentication data, auth the user and return it. */ public static function authenticate($auth_data) { $password = $auth_data['password']; $login = $auth_data['login']; // Small security check against the login if (preg_match('/[^A-Za-z0-9\\-\\_]/', $login)) { return false; } // We check the user against the LDAP server, if it works we // are happy, if not return false. $ldap_dn = Pluf::f('auth_ldap_dn', 'ou=users,dc=example,dc=com'); $ldap_user = Pluf::f('auth_ldap_user', null); $ldap_password = Pluf::f('auth_ldap_password', null); $ldap_version = Pluf::f('auth_ldap_version', 3); $ldap_user_key = Pluf::f('auth_ldap_user_key', 'uid'); // If auth_ldap_password_key, it will use crypt hash control // to test the login password, else it will bind. $ldap_password_key = Pluf::f('auth_ldap_password_key', null); $ldap_surname_key = Pluf::f('auth_ldap_surname_key', 'sn'); $ldap_givenname_key = Pluf::f('auth_ldap_givenname_key', 'cn'); $ldap_email_key = Pluf::f('auth_ldap_email_key', 'mail'); $ldap = ldap_connect(Pluf::f('auth_ldap_host', 'localhost')); ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, Pluf::f('auth_ldap_version', 3)); if (!ldap_bind($ldap, $ldap_user, $ldap_password)) { Pluf_Log::warn(sprintf('Cannot bind to the ldap server, user:%s, password:***', $ldap_user)); ldap_close($ldap); return false; } // Go for a search $search = ldap_search($ldap, $ldap_dn, '(' . $ldap_user_key . '=' . $login . ')', array($ldap_user_key, $ldap_surname_key, $ldap_givenname_key, $ldap_email_key)); $n = ldap_get_entries($ldap, $search); if ($n['count'] != 1) { ldap_close($ldap); return false; } $entry = ldap_first_entry($ldap, $search); // We get all the data first, the bind or hash control is done // later. If we control with bind now, we need to search again // to have an $entry resource to get the values. list($family_name, ) = @ldap_get_values($ldap, $entry, $ldap_surname_key); list($first_name, ) = @ldap_get_values($ldap, $entry, $ldap_givenname_key); list($email, ) = @ldap_get_values($ldap, $entry, $ldap_email_key); $user_dn = ldap_get_dn($ldap, $entry); if ($ldap_password_key) { // Password authentication. list($ldap_hash, ) = ldap_get_values($ldap, $entry, $ldap_password_key); $ldap_hash = substr($ldap_hash, 7); $salt = substr($ldap_hash, 0, 12); $hash = crypt($password, $salt); if ($ldap_hash != $hash) { ldap_close($ldap); return false; } } else { // Bind authentication if (!@ldap_bind($ldap, $user_dn, $password)) { ldap_close($ldap); return false; } } // We get the user values as the // Now we get the user and we create it if not available $user = self::getUser($login); if ($user) { ldap_close($ldap); return $user; } // Need to create it ldap_close($ldap); $user_model = Pluf::f('pluf_custom_user', 'Pluf_User'); $user = new $user_model(); $user->active = true; $user->login = $login; $user->password = $password; $user->last_name = $family_name; $user->first_name = $first_name; $user->email = $email; $user->create(); return $user; }
/** * Run svnadmin command to create the corresponding Subversion * repository. * * @param IDF_Project * @return bool Success */ function processSvnCreate($project) { if ($project->getConf()->getVal('scm') != 'svn') { return false; } $shortname = $project->shortname; if (false === ($svn_path = Pluf::f('idf_plugin_syncsvn_svn_path', false))) { throw new Pluf_Exception_SettingError("'idf_plugin_syncsvn_svn_path' must be defined in your configuration file."); } if (file_exists($svn_path . '/' . $shortname)) { throw new Exception(sprintf(__('The repository %s already exists.'), $svn_path . '/' . $shortname)); } $return = 0; $output = array(); $cmd = sprintf(Pluf::f('svnadmin_path', 'svnadmin') . ' create %s', escapeshellarg($svn_path . '/' . $shortname)); $cmd = Pluf::f('idf_exec_cmd_prefix', '') . $cmd; $ll = exec($cmd, $output, $return); if ($return != 0) { Pluf_Log::error(array('IDF_Plugin_SyncSvn::processSvnCreate', 'Error', array('path' => $svn_path . '/' . $shortname, 'output' => $output))); return; } $p = realpath(dirname(__FILE__) . '/../../../scripts/svn-post-commit'); exec(sprintf(Pluf::f('idf_exec_cmd_prefix', '') . 'ln -s %s %s', escapeshellarg($p), escapeshellarg($svn_path . '/' . $shortname . '/hooks/post-commit')), $out, $res); if ($res != 0) { Pluf_Log::warn(array('IDF_Plugin_SyncSvn::processSvnCreate', 'post-commit hook creation error.', $svn_path . '/' . $shortname . '/hooks/post-commit')); return; } $p = realpath(dirname(__FILE__) . '/../../../scripts/svn-post-revprop-change'); exec(sprintf(Pluf::f('idf_exec_cmd_prefix', '') . 'ln -s %s %s', escapeshellarg($p), escapeshellarg($svn_path . '/' . $shortname . '/hooks/post-revprop-change')), $out, $res); if ($res != 0) { Pluf_Log::warn(array('IDF_Plugin_SyncSvn::processSvnCreate', 'post-revprop-change hook creation error.', $svn_path . '/' . $shortname . '/hooks/post-revprop-change')); return; } return $return == 0; }