Initial commit for svn repository management and access control:

* Identifier attribute added on Project model. Used as the unix group name for the project
* Web services (disabled by default) and scripts for repository management on a remote svn host

git-svn-id: http://redmine.rubyforge.org/svn/trunk@396 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2007-04-01 19:43:59 +00:00
parent cb6c8bee47
commit 4ff8386e3d
18 changed files with 239 additions and 5 deletions

25
app/apis/sys_api.rb Normal file
View File

@ -0,0 +1,25 @@
# redMine - project management software
# Copyright (C) 2006-2007 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class SysApi < ActionWebService::API::Base
api_method :projects,
:expects => [],
:returns => [[Project]]
api_method :repository_created,
:expects => [:int, :string],
:returns => [:int]
end

View File

@ -0,0 +1,44 @@
# redMine - project management software
# Copyright (C) 2006-2007 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class SysController < ActionController::Base
wsdl_service_name 'Sys'
web_service_api SysApi
web_service_scaffold :invoke
before_invocation :check_enabled
def projects
Project.find(:all, :include => :repository)
end
def repository_created(project_id, url)
project = Project.find_by_id(project_id)
return 0 unless project && project.repository.nil?
logger.debug "Repository for #{project.name} created"
repository = Repository.new(:project => project, :url => url)
repository.root_url = url
repository.save
repository.id
end
protected
def check_enabled(name, args)
Setting.sys_api_enabled?
end
end

View File

@ -30,13 +30,23 @@ class Project < ActiveRecord::Base
has_one :wiki, :dependent => :destroy
has_and_belongs_to_many :custom_fields, :class_name => 'IssueCustomField', :join_table => "#{table_name_prefix}custom_fields_projects#{table_name_suffix}", :association_foreign_key => 'custom_field_id'
acts_as_tree :order => "name", :counter_cache => true
validates_presence_of :name, :description
validates_uniqueness_of :name
validates_presence_of :name, :description, :identifier
validates_uniqueness_of :name, :identifier
validates_associated :custom_values, :on => :update
validates_associated :repository, :wiki
validates_format_of :name, :with => /^[\w\s\'\-]*$/i
validates_length_of :identifier, :maximum => 12
validates_format_of :identifier, :with => /^[a-z0-9\-]*$/
def identifier=(identifier)
super unless identifier_frozen?
end
def identifier_frozen?
errors[:identifier].nil? && !(new_record? || identifier.blank?)
end
# returns latest created projects
# non public projects will be returned only if user is a member of those
def self.latest(user=nil, count=5)

View File

@ -9,6 +9,7 @@
<% end %>
<p><%= f.text_area :description, :required => true, :cols => 60, :rows => 3 %></p>
<p><%= f.text_field :identifier, :required => true, :size => 15, :disabled => @project.identifier_frozen? %><br /><em><%= l(:text_project_identifier_info) unless @project.identifier_frozen? %></em></p>
<p><%= f.text_field :homepage, :size => 40 %></p>
<p><%= f.check_box :is_public %></p>

View File

@ -48,6 +48,9 @@
<p><label><%= l(:setting_autofetch_changesets) %></label>
<%= check_box_tag 'settings[autofetch_changesets]', 1, Setting.autofetch_changesets? %><%= hidden_field_tag 'settings[autofetch_changesets]', 0 %></p>
<p><label><%= l(:setting_sys_api_enabled) %></label>
<%= check_box_tag 'settings[sys_api_enabled]', 1, Setting.sys_api_enabled? %><%= hidden_field_tag 'settings[sys_api_enabled]', 0 %></p>
</div>
<%= submit_tag l(:button_save) %>
</div>

View File

@ -52,3 +52,5 @@ feeds_limit:
default: 15
autofetch_changesets:
default: 1
sys_api_enabled:
default: 0

View File

@ -0,0 +1,24 @@
/* ssh views */
CREATE OR REPLACE VIEW ssh_users as
select login as username, hashed_password as password
from users
where status = 1;
/* nss views */
CREATE OR REPLACE VIEW nss_groups AS
select identifier AS name, (id + 5000) AS gid, 'x' AS password
from projects;
CREATE OR REPLACE VIEW nss_users AS
select login AS username, CONCAT_WS(' ', firstname, lastname) as realname, (id + 5000) AS uid, 'x' AS password
from users
where status = 1;
CREATE OR REPLACE VIEW nss_grouplist AS
select (members.project_id + 5000) AS gid, users.login AS username
from users, members
where users.id = members.user_id
and users.status = 1;

75
extra/svn/manage_repos.pl Normal file
View File

@ -0,0 +1,75 @@
#!/usr/bin/perl
#
# redMine is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
use strict;
use SOAP::Lite;
my $wdsl = 'http://192.168.0.10:3000/sys/service.wsdl';
my $service = SOAP::Lite->service($wdsl);
my $repos_base = '/var/svn';
my $projects = $service->Projects('');
foreach my $project (@{$projects}) {
my $repos_name = $project->{identifier};
if ($repos_name eq "") {
print("\tno identifier for project $project->{name}\n");
next;
}
unless ($repos_name =~ /^[a-z0-9\-]+$/) {
print("\tinvalid identifier for project $project->{name}\n");
next;
}
my $repos_path = "$repos_base/$repos_name";
if (-e $repos_path) {
# check unix right and change them if needed
my $other_read = (stat($repos_path))[2] & 00007;
my $right;
if ($project->{is_public} and not $other_read) {
$right = "0775";
} elsif (not $project->{is_public} and $other_read) {
$right = "0770";
} else {
next;
}
# change mode
system('chmod', '-R', $right, $repos_path) == 0 or
warn("\tunable to change mode on $repos_path : $?\n"), next;
print "\tmode change on $repos_path\n";
} else {
# change umask to suit the repository's privacy
$project->{is_public} ? umask 0002 : umask 0007;
# create the repository
system('svnadmin', 'create', $repos_path) == 0 or
warn("\tsystem svnadmin failed unable to create $repos_path\n"), next;
# set the group owner
system('chown', '-R', "root:$repos_name", $repos_path) == 0 or
warn("\tunable to create $repos_path : $?\n"), next;
print "\trepository $repos_path created\n";
my $call = $service->RepositoryCreated($project->{id}, "svn://host/$repos_name");
}
}

View File

@ -0,0 +1,25 @@
#!/usr/bin/perl
#
# redMine is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
# modify to suit your repository base
my $repos_base = '/var/svn';
my $path = '/usr/bin/';
my %kwown_commands = map { $_ => 1 } qw/svnserve/;
umask 0002;
exec ('/usr/bin/svnserve', '-r', $repos_base, '-t');

View File

@ -146,6 +146,7 @@ field_subproject: Subprojekt von
field_hours: Stunden
field_activity: Aktivität
field_spent_on: Datum
field_identifier: Identifier
setting_app_title: Applikation Titel
setting_app_subtitle: Applikation Untertitel
@ -161,6 +162,7 @@ setting_text_formatting: Textformatierung
setting_wiki_compression: Wiki-Historie komprimieren
setting_feeds_limit: Limit Feed Inhalt
setting_autofetch_changesets: Autofetch SVN commits
setting_sys_api_enabled: Enable WS for repository management
label_user: Benutzer
label_user_plural: Benutzer
@ -394,6 +396,7 @@ text_journal_deleted: gelöscht
text_tip_task_begin_day: Aufgabe, die an diesem Tag beginnt
text_tip_task_end_day: Aufgabe, die an diesem Tag beendet
text_tip_task_begin_end_day: Aufgabe, die an diesem Tag beginnt und beendet
text_project_identifier_info: '12 characters maximum. Letters (a-z), numbers (0-9) and dashes allowed.<br />Once saved, the identifier can not be changed.'
default_role_manager: Manager
default_role_developper: Developer

View File

@ -146,6 +146,7 @@ field_subproject: Subproject
field_hours: Hours
field_activity: Activity
field_spent_on: Date
field_identifier: Identifier
setting_app_title: Application title
setting_app_subtitle: Application subtitle
@ -161,6 +162,7 @@ setting_text_formatting: Text formatting
setting_wiki_compression: Wiki history compression
setting_feeds_limit: Feed content limit
setting_autofetch_changesets: Autofetch SVN commits
setting_sys_api_enabled: Enable WS for repository management
label_user: User
label_user_plural: Users
@ -394,6 +396,7 @@ text_journal_deleted: deleted
text_tip_task_begin_day: task beginning this day
text_tip_task_end_day: task ending this day
text_tip_task_begin_end_day: task beginning and ending this day
text_project_identifier_info: '12 characters maximum. Letters (a-z), numbers (0-9) and dashes allowed.<br />Once saved, the identifier can not be changed.'
default_role_manager: Manager
default_role_developper: Developer

View File

@ -146,6 +146,7 @@ field_subproject: Proyecto secundario
field_hours: Hours
field_activity: Activity
field_spent_on: Fecha
field_identifier: Identifier
setting_app_title: Título del aplicación
setting_app_subtitle: Subtítulo del aplicación
@ -161,6 +162,7 @@ setting_text_formatting: Formato de texto
setting_wiki_compression: Compresión de la historia de Wiki
setting_feeds_limit: Feed content limit
setting_autofetch_changesets: Autofetch SVN commits
setting_sys_api_enabled: Enable WS for repository management
label_user: Usuario
label_user_plural: Usuarios
@ -394,6 +396,7 @@ text_journal_deleted: suprimido
text_tip_task_begin_day: tarea que comienza este día
text_tip_task_end_day: tarea que termina este día
text_tip_task_begin_end_day: tarea que comienza y termina este día
text_project_identifier_info: '12 characters maximum. Letters (a-z), numbers (0-9) and dashes allowed.<br />Once saved, the identifier can not be changed.'
default_role_manager: Manager
default_role_developper: Desarrollador

View File

@ -146,6 +146,7 @@ field_subproject: Sous-projet
field_hours: Heures
field_activity: Activité
field_spent_on: Date
field_identifier: Identifiant
setting_app_title: Titre de l'application
setting_app_subtitle: Sous-titre de l'application
@ -161,6 +162,7 @@ setting_text_formatting: Formatage du texte
setting_wiki_compression: Compression historique wiki
setting_feeds_limit: Limite du contenu des flux RSS
setting_autofetch_changesets: Récupération auto. des commits SVN
setting_sys_api_enabled: Activer les WS pour la gestion des dépôts
label_user: Utilisateur
label_user_plural: Utilisateurs
@ -394,6 +396,7 @@ text_journal_deleted: supprimé
text_tip_task_begin_day: tâche commençant ce jour
text_tip_task_end_day: tâche finissant ce jour
text_tip_task_begin_end_day: tâche commençant et finissant ce jour
text_project_identifier_info: '12 caractères maximum. Lettres (a-z), chiffres (0-9) et tirets autorisés.<br />Un fois sauvegardé, l''identifiant ne pourra plus être modifié.'
default_role_manager: Manager
default_role_developper: Développeur

View File

@ -146,6 +146,7 @@ field_subproject: Sottoprogetto
field_hours: Hours
field_activity: Activity
field_spent_on: Data
field_identifier: Identifier
setting_app_title: Titolo applicazione
setting_app_subtitle: Sottotitolo applicazione
@ -161,6 +162,7 @@ setting_text_formatting: Formattazione testo
setting_wiki_compression: Compressione di storia di Wiki
setting_feeds_limit: Feed content limit
setting_autofetch_changesets: Autofetch SVN commits
setting_sys_api_enabled: Enable WS for repository management
label_user: Utente
label_user_plural: Utenti
@ -394,6 +396,7 @@ text_journal_deleted: deleted
text_tip_task_begin_day: task beginning this day
text_tip_task_end_day: task ending this day
text_tip_task_begin_end_day: task beginning and ending this day
text_project_identifier_info: '12 characters maximum. Letters (a-z), numbers (0-9) and dashes allowed.<br />Once saved, the identifier can not be changed.'
default_role_manager: Manager
default_role_developper: Sviluppatore

View File

@ -147,6 +147,7 @@ field_subproject: サブプロジェクト
field_hours: 時間
field_activity: 活動
field_spent_on: 日付
field_identifier: Identifier
setting_app_title: アプリケーションのタイトル
setting_app_subtitle: アプリケーションのサブタイトル
@ -162,6 +163,7 @@ setting_text_formatting: テキストの書式
setting_wiki_compression: Wiki履歴を圧縮する
setting_feeds_limit: フィード内容の上限
setting_autofetch_changesets: SVNコミットを自動取得する
setting_sys_api_enabled: Enable WS for repository management
label_user: ユーザ
label_user_plural: ユーザ
@ -395,6 +397,7 @@ text_journal_deleted: 削除
text_tip_task_begin_day: この日に開始するタスク
text_tip_task_end_day: この日に終了するタスク
text_tip_task_begin_end_day: この日のうちに開始して終了するタスク
text_project_identifier_info: '12 characters maximum. Letters (a-z), numbers (0-9) and dashes allowed.<br />Once saved, the identifier can not be changed.'
default_role_manager: 管理者
default_role_developper: 開発者

View File

@ -149,6 +149,7 @@ field_subproject: 子项目
field_hours: Hours
field_activity: 活动
field_spent_on: 日期
field_identifier: Identifier
setting_app_title: 应用程序标题
setting_app_subtitle: 应用程序子标题
@ -164,6 +165,7 @@ setting_text_formatting: 文本格式
setting_wiki_compression: Wiki history compression
setting_feeds_limit: Feed content limit
setting_autofetch_changesets: Autofetch SVN commits
setting_sys_api_enabled: Enable WS for repository management
label_user: 用户
label_user_plural: 用户列表
@ -397,6 +399,7 @@ text_journal_deleted: 已删除
text_tip_task_begin_day: 开始于此
text_tip_task_end_day: 在此结束
text_tip_task_begin_end_day: 开始并结束于此
text_project_identifier_info: '12 characters maximum. Letters (a-z), numbers (0-9) and dashes allowed.<br />Once saved, the identifier can not be changed.'
default_role_manager: 管理员
default_role_developper: 开发人员

View File

@ -8,6 +8,7 @@ projects_001:
description: Recipes management application
homepage: http://ecookbook.somenet.foo/
is_public: true
identifier: ecookbook
parent_id:
projects_002:
created_on: 2006-07-19 19:14:19 +02:00
@ -18,6 +19,7 @@ projects_002:
description: E-commerce web site
homepage: ""
is_public: false
identifier: onlinestore
parent_id:
projects_003:
created_on: 2006-07-19 19:15:21 +02:00
@ -28,6 +30,7 @@ projects_003:
description: eCookBook Subproject 1
homepage: ""
is_public: true
identifier: subproject1
parent_id: 1
projects_004:
created_on: 2006-07-19 19:15:51 +02:00
@ -38,4 +41,5 @@ projects_004:
description: eCookbook Subproject 2
homepage: ""
is_public: true
identifier: subproject1
parent_id: 1

View File

@ -45,7 +45,7 @@ class AdminTest < ActionController::IntegrationTest
get "projects/add"
assert_response :success
assert_template "projects/add"
post "projects/add", :project => { :name => "blog", :description => "weblog", :is_public => 1}
post "projects/add", :project => { :name => "blog", :description => "weblog", :identifier => "blog", :is_public => 1}
assert_redirected_to "admin/projects"
assert_equal 'Successful creation.', flash[:notice]