added code_read_access and file_read_access
This commit is contained in:
parent
0e962bbce4
commit
272f67d1d5
@ -92,9 +92,25 @@ language = "auto"
|
||||
index_page = "index.php"
|
||||
|
||||
;------------------------------------------------------------------------------
|
||||
; When set to yes, viewing pages require a user to sign in.
|
||||
; When set to yes, viewing pages requires a user to sign in.
|
||||
;------------------------------------------------------------------------------
|
||||
singin_compulsory = "no"
|
||||
signin_compulsory = "no"
|
||||
|
||||
;------------------------------------------------------------------------------
|
||||
; Code read access is limited to the specified user type. The types
|
||||
; include anonymous, authenticated, member. This applies to a public project
|
||||
; only. Write access to any projects and read access to a non-public project
|
||||
; require membership regardless of this item.
|
||||
;------------------------------------------------------------------------------
|
||||
code_read_access = "anonymous"
|
||||
|
||||
;------------------------------------------------------------------------------
|
||||
; File read access is limited to the specified user type. The types
|
||||
; include anonymous, authenticated, member. This applies to a public project
|
||||
; only. Write access to any projects and read access to a non-public project
|
||||
; require membership regardless of this item.
|
||||
;------------------------------------------------------------------------------
|
||||
file_read_access = "anonymous"
|
||||
|
||||
;------------------------------------------------------------------------------
|
||||
; When set to yes, non-http access is diverted to https using
|
||||
|
@ -245,7 +245,7 @@ $config['cache_path'] = CODEPOT_CACHE_DIR;
|
||||
| enabled you MUST set an encryption key. See the user guide for info.
|
||||
|
|
||||
*/
|
||||
$config['encryption_key'] = "";
|
||||
$config['encryption_key'] = "codepot";
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
@ -261,7 +261,7 @@ $config['encryption_key'] = "";
|
||||
*/
|
||||
$config['sess_cookie_name'] = 'codepot_session';
|
||||
$config['sess_expiration'] = 72000;
|
||||
$config['sess_encrypt_cookie'] = FALSE;
|
||||
$config['sess_encrypt_cookie'] = TRUE;
|
||||
$config['sess_use_database'] = FALSE;
|
||||
$config['sess_table_name'] = 'codepot_sessions';
|
||||
$config['sess_match_ip'] = FALSE;
|
||||
|
@ -26,6 +26,57 @@ class Code extends Controller
|
||||
$this->lang->load ('code', CODEPOT_LANG);
|
||||
}
|
||||
|
||||
private function _can_read ($pm, $projectid, $login)
|
||||
{
|
||||
if ($login['sysadmin?']) return TRUE;
|
||||
|
||||
$userid = $login['id'];
|
||||
if ($pm->projectIsPublic($projectid))
|
||||
{
|
||||
if (strcasecmp(CODEPOT_CODE_READ_ACCESS, 'anonymous') == 0) return TRUE;
|
||||
else if (strcasecmp(CODEPOT_CODE_READ_ACCESS, 'authenticated') == 0)
|
||||
{
|
||||
if ($userid != '') return TRUE;
|
||||
}
|
||||
else if (strcasecmp(CODEPOT_CODE_READ_ACCESS, 'member') == 0)
|
||||
{
|
||||
if ($userid != '' && $pm->projectHasMember($projectid, $userid)) return TRUE;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
// non-public project.
|
||||
if ($userid != '' && $pm->projectHasMember($projectid, $userid)) return TRUE;
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
private function _can_write ($pm, $projectid, $login)
|
||||
{
|
||||
if ($login['sysadmin?']) return TRUE;
|
||||
|
||||
$userid = $login['id'];
|
||||
if ($userid != '' && $pm->projectHasMember($projectid, $userid)) return TRUE;
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
private function _redirect_to_signin ($conv, $login, $project = NULL)
|
||||
{
|
||||
$userid = $login['id'];
|
||||
if ($userid == '')
|
||||
{
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $conv->AsciiTohex(current_url()));
|
||||
}
|
||||
else
|
||||
{
|
||||
$data['login'] = $login;
|
||||
$data['project'] = $project;
|
||||
$data['message'] = 'Disallowed';
|
||||
$this->load->view ($this->VIEW_ERROR, $data);
|
||||
}
|
||||
}
|
||||
|
||||
function home ($projectid = '', $subdir = '', $rev = SVN_REVISION_HEAD)
|
||||
{
|
||||
return $this->file ($projectid, $subdir, $rev);
|
||||
@ -39,7 +90,11 @@ class Code extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
{
|
||||
$this->_redirect_to_signin($this->converter, $login);
|
||||
return;
|
||||
}
|
||||
|
||||
$data['login'] = $login;
|
||||
|
||||
$path = $this->converter->HexToAscii ($path);
|
||||
@ -61,10 +116,12 @@ class Code extends Controller
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
//if ($project->public !== 'Y' && $login['id'] == '')
|
||||
if (!$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
$this->_redirect_to_signin($this->converter, $login, $project);
|
||||
return;
|
||||
}
|
||||
|
||||
$file = $this->subversion->getFile ($projectid, $path, $rev);
|
||||
@ -173,7 +230,10 @@ class Code extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
{
|
||||
$this->_redirect_to_signin($this->converter, $login);
|
||||
return;
|
||||
}
|
||||
$data['login'] = $login;
|
||||
|
||||
$path = $this->converter->HexToAscii ($path);
|
||||
@ -195,10 +255,12 @@ class Code extends Controller
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
//if ($project->public !== 'Y' && $login['id'] == '')
|
||||
if (!$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
$this->_redirect_to_signin($this->converter, $login, $project);
|
||||
return;
|
||||
}
|
||||
|
||||
$file = $this->subversion->getBlame ($projectid, $path, $rev);
|
||||
@ -251,7 +313,10 @@ class Code extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
{
|
||||
$this->_redirect_to_signin($this->converter, $login);
|
||||
return;
|
||||
}
|
||||
$data['login'] = $login;
|
||||
|
||||
$path = $this->converter->HexToAscii ($path);
|
||||
@ -273,10 +338,12 @@ class Code extends Controller
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
//if ($project->public !== 'Y' && $login['id'] == '')
|
||||
if (!$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
$this->_redirect_to_signin($this->converter, $login, $project);
|
||||
return;
|
||||
}
|
||||
|
||||
$file = $this->subversion->getFile ($projectid, $path, $rev);
|
||||
@ -447,10 +514,11 @@ class Code extends Controller
|
||||
{
|
||||
$status = "error - no such project {$projectid}";
|
||||
}
|
||||
else if (!$login['sysadmin?'] &&
|
||||
$this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
//else if (!$login['sysadmin?'] &&
|
||||
// $this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
else if (!$this->_can_write ($this->projects, $projectid, $login))
|
||||
{
|
||||
$status = "error - not a member {$login['id']}";
|
||||
$status = "error - disallowed";
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -515,10 +583,11 @@ class Code extends Controller
|
||||
{
|
||||
$status = "error - no such project {$projectid}";
|
||||
}
|
||||
else if (!$login['sysadmin?'] &&
|
||||
$this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
//else if (!$login['sysadmin?'] &&
|
||||
// $this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
else if (!$this->_can_write ($this->projects, $projectid, $login))
|
||||
{
|
||||
$status = "error - not a member {$login['id']}";
|
||||
$status = "error - disallowed";
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -574,10 +643,12 @@ class Code extends Controller
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
//if ($project->public !== 'Y' && $login['id'] == '')
|
||||
if (!$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
$this->_redirect_to_signin($this->converter, $login, $project);
|
||||
return;
|
||||
}
|
||||
|
||||
$tag = $this->converter->HexToAscii ($tag);
|
||||
@ -623,10 +694,11 @@ class Code extends Controller
|
||||
{
|
||||
$status = "error - no such project {$projectid}";
|
||||
}
|
||||
else if (!$login['sysadmin?'] &&
|
||||
$this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
//else if (!$login['sysadmin?'] &&
|
||||
// $this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
else if (!$this->_can_write ($this->projects, $projectid, $login))
|
||||
{
|
||||
$status = "error - not a member {$login['id']}";
|
||||
$status = "error - disallowed";
|
||||
}
|
||||
else if ($login['id'] != $this->subversion->getRevProp($projectid, $rev, 'svn:author'))
|
||||
{
|
||||
@ -681,10 +753,11 @@ class Code extends Controller
|
||||
{
|
||||
$status = "error - no such project {$projectid}";
|
||||
}
|
||||
else if (!$login['sysadmin?'] &&
|
||||
$this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
//else if (!$login['sysadmin?'] &&
|
||||
// $this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
else if (!$this->_can_write ($this->projects, $projectid, $login))
|
||||
{
|
||||
$status = "error - not a member {$login['id']}";
|
||||
$status = "error - disallowed";
|
||||
}
|
||||
//else if ($login['id'] != $this->subversion->getRevProp($projectid, $rev, 'svn:author'))
|
||||
//{
|
||||
@ -744,10 +817,11 @@ class Code extends Controller
|
||||
{
|
||||
$status = "error - no such project {$projectid}";
|
||||
}
|
||||
else if (!$login['sysadmin?'] &&
|
||||
$this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
//else if (!$login['sysadmin?'] &&
|
||||
// $this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
else if (!$this->_can_write ($this->projects, $projectid, $login))
|
||||
{
|
||||
$status = "error - not a member {$login['id']}";
|
||||
$status = "error - disallowed";
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -812,10 +886,11 @@ class Code extends Controller
|
||||
{
|
||||
$status = "error - no such project {$projectid}";
|
||||
}
|
||||
else if (!$login['sysadmin?'] &&
|
||||
$this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
//else if (!$login['sysadmin?'] &&
|
||||
// $this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
else if (!$this->_can_write ($this->projects, $projectid, $login))
|
||||
{
|
||||
$status = "error - not a member {$login['id']}";
|
||||
$status = "error - disallowed";
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -924,7 +999,10 @@ class Code extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
{
|
||||
$this->_redirect_to_signin($this->converter, $login);
|
||||
return;
|
||||
}
|
||||
$data['login'] = $login;
|
||||
|
||||
$path = $this->converter->HexToAscii ($path);
|
||||
@ -946,10 +1024,12 @@ class Code extends Controller
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
//if ($project->public !== 'Y' && $login['id'] == '')
|
||||
if (!$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
$this->_redirect_to_signin($this->converter, $login, $project);
|
||||
return;
|
||||
}
|
||||
|
||||
$file = $this->subversion->getHistory ($projectid, $path, $rev);
|
||||
@ -993,8 +1073,6 @@ class Code extends Controller
|
||||
$data['next_revision'] =
|
||||
$this->subversion->getNextRev ($projectid, $path, $rev);
|
||||
|
||||
$data['review_count'] =
|
||||
|
||||
$this->load->view ($this->VIEW_HISTORY, $data);
|
||||
}
|
||||
}
|
||||
@ -1008,7 +1086,10 @@ class Code extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
{
|
||||
$this->_redirect_to_signin($this->converter, $login);
|
||||
return;
|
||||
}
|
||||
$data['login'] = $login;
|
||||
|
||||
$path = $this->converter->HexToAscii ($path);
|
||||
@ -1035,10 +1116,12 @@ class Code extends Controller
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
//if ($project->public !== 'Y' && $login['id'] == '')
|
||||
if (!$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
$this->_redirect_to_signin($this->converter, $login, $project);
|
||||
return;
|
||||
}
|
||||
|
||||
$file = $this->subversion->getRevHistory ($projectid, $path, $rev);
|
||||
@ -1156,7 +1239,10 @@ class Code extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
{
|
||||
$this->_redirect_to_signin($this->converter, $login);
|
||||
return;
|
||||
}
|
||||
$data['login'] = $login;
|
||||
|
||||
$path = $this->converter->HexToAscii ($path);
|
||||
@ -1178,10 +1264,12 @@ class Code extends Controller
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
//if ($project->public !== 'Y' && $login['id'] == '')
|
||||
if (!$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
$this->_redirect_to_signin($this->converter, $login, $project);
|
||||
return;
|
||||
}
|
||||
|
||||
$file = $this->subversion->getDiff ($projectid, $path, $rev1, $rev2, $full);
|
||||
@ -1248,7 +1336,10 @@ class Code extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
{
|
||||
$this->_redirect_to_signin($this->converter, $login);
|
||||
return;
|
||||
}
|
||||
$data['login'] = $login;
|
||||
|
||||
$path = $this->converter->HexToAscii ($path);
|
||||
@ -1270,10 +1361,12 @@ class Code extends Controller
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
//if ($project->public !== 'Y' && $login['id'] == '')
|
||||
if (!$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
$this->_redirect_to_signin($this->converter, $login, $project);
|
||||
return;
|
||||
}
|
||||
|
||||
$file = $this->subversion->getFile ($projectid, $path, $rev);
|
||||
@ -1414,10 +1507,13 @@ class Code extends Controller
|
||||
{
|
||||
$this->load->model ('ProjectModel', 'projects');
|
||||
$this->load->model ('SubversionModel', 'subversion');
|
||||
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if ((CODEPOT_SIGNIN_COMPULSORY || CODEPOT_SIGNIN_FOR_CODE_SEARCH) && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
{
|
||||
$this->_redirect_to_signin($this->converter, $login);
|
||||
return;
|
||||
}
|
||||
|
||||
$project = $this->projects->get ($projectid);
|
||||
if ($project === FALSE)
|
||||
@ -1436,10 +1532,12 @@ class Code extends Controller
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
//if ($project->public !== 'Y' && $login['id'] == '')
|
||||
if (!$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
$this->_redirect_to_signin($this->converter, $login, $project);
|
||||
return 0;
|
||||
}
|
||||
|
||||
$this->_search_code ($project, $login);
|
||||
@ -1465,7 +1563,8 @@ class Code extends Controller
|
||||
}
|
||||
|
||||
$project = $this->projects->get ($projectid);
|
||||
if ($project === FALSE || ($project->public !== 'Y' && $login['id'] == ''))
|
||||
//if ($project === FALSE || ($project->public !== 'Y' && $login['id'] == ''))
|
||||
if ($project === FALSE || !$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
header($_SERVER['SERVER_PROTOCOL'].' 404 Not Found');
|
||||
return;
|
||||
@ -1477,7 +1576,6 @@ class Code extends Controller
|
||||
if ($path == '.') $path = ''; /* treat a period specially */
|
||||
$path = $this->_normalize_path ($path);
|
||||
|
||||
|
||||
if ($type == 'cloc-file')
|
||||
{
|
||||
// number of lines in a single file
|
||||
|
@ -19,6 +19,57 @@ class File extends Controller
|
||||
$this->lang->load ('file', CODEPOT_LANG);
|
||||
}
|
||||
|
||||
private function _can_read ($pm, $projectid, $login)
|
||||
{
|
||||
if ($login['sysadmin?']) return TRUE;
|
||||
|
||||
$userid = $login['id'];
|
||||
if ($pm->projectIsPublic($projectid))
|
||||
{
|
||||
if (strcasecmp(CODEPOT_FILE_READ_ACCESS, 'anonymous') == 0) return TRUE;
|
||||
else if (strcasecmp(CODEPOT_FILE_READ_ACCESS, 'authenticated') == 0)
|
||||
{
|
||||
if ($userid != '') return TRUE;
|
||||
}
|
||||
else if (strcasecmp(CODEPOT_FILE_READ_ACCESS, 'member') == 0)
|
||||
{
|
||||
if ($userid != '' && $pm->projectHasMember($projectid, $userid)) return TRUE;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
// non-public project.
|
||||
if ($userid != '' && $pm->projectHasMember($projectid, $userid)) return TRUE;
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
private function _can_write ($pm, $projectid, $login)
|
||||
{
|
||||
if ($login['sysadmin?']) return TRUE;
|
||||
|
||||
$userid = $login['id'];
|
||||
if ($userid != '' && $pm->projectHasMember($projectid, $userid)) return TRUE;
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
private function _redirect_to_signin ($conv, $login, $project = NULL)
|
||||
{
|
||||
$userid = $login['id'];
|
||||
if ($userid == '')
|
||||
{
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $conv->AsciiTohex(current_url()));
|
||||
}
|
||||
else
|
||||
{
|
||||
$data['login'] = $login;
|
||||
$data['project'] = $project;
|
||||
$data['message'] = 'Disallowed';
|
||||
$this->load->view ($this->VIEW_ERROR, $data);
|
||||
}
|
||||
}
|
||||
|
||||
function home ($projectid = '')
|
||||
{
|
||||
$this->load->model ('ProjectModel', 'projects');
|
||||
@ -26,7 +77,10 @@ class File extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
{
|
||||
$this->_redirect_to_signin($this->converter, $login);
|
||||
return;
|
||||
}
|
||||
$data['login'] = $login;
|
||||
|
||||
$project = $this->projects->get ($projectid);
|
||||
@ -44,10 +98,11 @@ class File extends Controller
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
if (!$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
$this->_redirect_to_signin($this->converter, $login, $project);
|
||||
return;
|
||||
}
|
||||
|
||||
$files = $this->files->getAll ($login['id'], $project);
|
||||
@ -73,7 +128,10 @@ class File extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
{
|
||||
$this->_redirect_to_signin($this->converter, $login);
|
||||
return;
|
||||
}
|
||||
$data['login'] = $login;
|
||||
|
||||
$name = $this->converter->HexToAscii ($name);
|
||||
@ -93,10 +151,11 @@ class File extends Controller
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
if (!$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
$this->_redirect_to_signin($this->converter, $login, $project);
|
||||
return;
|
||||
}
|
||||
|
||||
$file = $this->files->get ($login['id'], $project, $name);
|
||||
@ -129,7 +188,10 @@ class File extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
{
|
||||
$this->_redirect_to_signin($this->converter, $login);
|
||||
return;
|
||||
}
|
||||
$data['login'] = $login;
|
||||
|
||||
$name = $this->converter->HexToAscii ($name);
|
||||
@ -149,10 +211,11 @@ class File extends Controller
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
if (!$this->_can_read ($this->projects, $projectid, $login))
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
$this->_redirect_to_signin($this->converter, $login, $project);
|
||||
return;
|
||||
}
|
||||
|
||||
$file = $this->files->fetchFile ($login['id'], $project, $name);
|
||||
@ -260,10 +323,11 @@ class File extends Controller
|
||||
{
|
||||
$status = "error - no such project {$projectid}";
|
||||
}
|
||||
else if (!$login['sysadmin?'] &&
|
||||
$this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
//else if (!$login['sysadmin?'] &&
|
||||
// $this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
else if (!$this->_can_write ($this->projects, $projectid, $login))
|
||||
{
|
||||
$status = "error - not a member {$login['id']}";
|
||||
$status = "error - disallowed";
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -362,10 +426,11 @@ class File extends Controller
|
||||
{
|
||||
$status = "error - no such project {$projectid}";
|
||||
}
|
||||
else if (!$login['sysadmin?'] &&
|
||||
$this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
//else if (!$login['sysadmin?'] &&
|
||||
// $this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
else if (!$this->_can_write ($this->projects, $projectid, $login))
|
||||
{
|
||||
$status = "error - not a member {$login['id']}";
|
||||
$status = "error - disallowed";
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -444,10 +509,11 @@ class File extends Controller
|
||||
{
|
||||
$status = "error - no such project {$projectid}";
|
||||
}
|
||||
else if (!$login['sysadmin?'] &&
|
||||
$this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
//else if (!$login['sysadmin?'] &&
|
||||
// $this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
else if (!$this->_can_write ($this->projects, $projectid, $login))
|
||||
{
|
||||
$status = "error - not a member {$login['id']}";
|
||||
$status = "error - disallowed";
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -528,10 +594,11 @@ class File extends Controller
|
||||
{
|
||||
$status = "error - no such project {$projectid}";
|
||||
}
|
||||
else if (!$login['sysadmin?'] &&
|
||||
$this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
//else if (!$login['sysadmin?'] &&
|
||||
// $this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
else if (!$this->_can_write ($this->projects, $projectid, $login))
|
||||
{
|
||||
$status = "error - not a member {$login['id']}";
|
||||
$status = "error - disallowed";
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -540,7 +607,6 @@ class File extends Controller
|
||||
$file->tag = $this->input->post('file_edit_tag');
|
||||
$file->description = $this->input->post('file_edit_description');
|
||||
|
||||
|
||||
if ($file->name === FALSE || ($file->name = trim($file->name)) == '')
|
||||
{
|
||||
$status = 'error - no name';
|
||||
@ -594,10 +660,11 @@ class File extends Controller
|
||||
{
|
||||
$status = "error - no such project {$projectid}";
|
||||
}
|
||||
else if (!$login['sysadmin?'] &&
|
||||
$this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
//else if (!$login['sysadmin?'] &&
|
||||
// $this->projects->projectHasMember($projectid, $login['id']) === FALSE)
|
||||
else if (!$this->_can_write ($this->projects, $projectid, $login))
|
||||
{
|
||||
$status = "error - not a member {$login['id']}";
|
||||
$status = "error - disallowed";
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -623,8 +690,6 @@ class File extends Controller
|
||||
|
||||
print $status;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
@ -37,7 +37,7 @@ class Graph extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
$data['login'] = $login;
|
||||
|
||||
//$path = $this->converter->HexToAscii ($path);
|
||||
@ -62,7 +62,7 @@ class Graph extends Controller
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
}
|
||||
|
||||
$data['project'] = $project;
|
||||
|
@ -28,7 +28,7 @@ class Issue extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
$data['login'] = $login;
|
||||
|
||||
$project = $this->projects->get ($projectid);
|
||||
@ -49,7 +49,7 @@ class Issue extends Controller
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
}
|
||||
|
||||
if ($filter == '')
|
||||
@ -150,7 +150,7 @@ class Issue extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
$data['login'] = $login;
|
||||
|
||||
if ($hexid == '')
|
||||
@ -827,7 +827,7 @@ class Issue extends Controller
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
}
|
||||
|
||||
$att = $this->wikis->getAttachment ($login['id'], $project, $wikiname, $name);
|
||||
@ -914,7 +914,7 @@ class Issue extends Controller
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
}
|
||||
|
||||
$att = $this->issues->getFile ($login['id'], $project, $issueid, $filename);
|
||||
@ -985,7 +985,7 @@ class Issue extends Controller
|
||||
//
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
if ($issueid == '' || $filename == '')
|
||||
{
|
||||
|
@ -32,7 +32,7 @@ class Project extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
$data['login'] = $login;
|
||||
|
||||
if ($filter == '')
|
||||
@ -125,7 +125,7 @@ class Project extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
$data['login'] = $login;
|
||||
|
||||
@ -147,7 +147,7 @@ class Project extends Controller
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
}
|
||||
|
||||
$log_entries = $this->logs->getEntries (
|
||||
@ -275,7 +275,7 @@ class Project extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if ($login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
$project = new stdClass();
|
||||
$project->id = $projectid;
|
||||
@ -295,7 +295,7 @@ class Project extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if ($login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
$project = $this->projects->get ($projectid);
|
||||
if ($project === FALSE)
|
||||
@ -394,7 +394,7 @@ class Project extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if ($login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
$project = $this->projects->get ($projectid);
|
||||
if ($project === FALSE)
|
||||
|
@ -37,7 +37,7 @@ class Site extends Controller
|
||||
{
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
$this->load->model ('SiteModel', 'sites');
|
||||
$this->load->model ('ProjectModel', 'projects');
|
||||
@ -149,7 +149,7 @@ class Site extends Controller
|
||||
{
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
$this->load->model ('SiteModel', 'sites');
|
||||
|
||||
@ -173,7 +173,7 @@ class Site extends Controller
|
||||
{
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
$this->load->model ('SiteModel', 'sites');
|
||||
|
||||
@ -280,7 +280,7 @@ class Site extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if ($login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
if (!$login['sysadmin?'])
|
||||
{
|
||||
@ -305,7 +305,7 @@ class Site extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if ($login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
$site = $this->sites->get ($siteid);
|
||||
if ($site === FALSE)
|
||||
@ -397,7 +397,7 @@ class Site extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if ($login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
$site = $this->sites->get ($siteid);
|
||||
if ($site === FALSE)
|
||||
@ -566,7 +566,7 @@ class Site extends Controller
|
||||
{
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
$data['login'] = $login;
|
||||
|
||||
@ -588,7 +588,7 @@ class Site extends Controller
|
||||
{
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
$data['login'] = $login;
|
||||
|
||||
|
@ -31,7 +31,7 @@ class Wiki extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
$data['login'] = $login;
|
||||
|
||||
$project = $this->projects->get ($projectid);
|
||||
@ -52,7 +52,7 @@ class Wiki extends Controller
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
}
|
||||
|
||||
$wikis = $this->wikis->getAll ($login['id'], $project);
|
||||
@ -78,7 +78,7 @@ class Wiki extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
$data['login'] = $login;
|
||||
|
||||
if ($name == '')
|
||||
@ -108,7 +108,7 @@ class Wiki extends Controller
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
}
|
||||
|
||||
$link = $this->wikihelper->parseLink (
|
||||
@ -186,7 +186,7 @@ class Wiki extends Controller
|
||||
|
||||
$login = $this->login->getUser ();
|
||||
if ($login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
$data['login'] = $login;
|
||||
|
||||
$name = $this->converter->HexToAscii ($name);
|
||||
@ -319,7 +319,7 @@ class Wiki extends Controller
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
}
|
||||
|
||||
$att = $this->wikis->getAttachment ($login['id'], $project, $wikiname, $name);
|
||||
@ -406,7 +406,7 @@ class Wiki extends Controller
|
||||
if ($project->public !== 'Y' && $login['id'] == '')
|
||||
{
|
||||
// non-public projects require sign-in.
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
}
|
||||
|
||||
$att = $this->issues->getFile ($login['id'], $project, $issueid, $filename);
|
||||
@ -472,7 +472,7 @@ class Wiki extends Controller
|
||||
{
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
if ($target == '')
|
||||
{
|
||||
@ -519,7 +519,7 @@ class Wiki extends Controller
|
||||
{
|
||||
$login = $this->login->getUser ();
|
||||
if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '')
|
||||
redirect ("main/signin/" . $this->converter->AsciiTohex(current_url()));
|
||||
redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url()));
|
||||
|
||||
if ($wikiname == '' || $filename == '')
|
||||
{
|
||||
|
@ -7,6 +7,8 @@ define ('CODEPOT_WWW_DIR', '@WWWDIR@');
|
||||
define ('CODEPOT_LOG_DIR', '@LOGDIR@/'); // this requires a trailing slash
|
||||
define ('CODEPOT_CACHE_DIR', '@CACHEDIR@');
|
||||
|
||||
define ('CODEPOT_SIGNIN_REDIR_PATH', 'main/signin/');
|
||||
|
||||
function load_ini ($file)
|
||||
{
|
||||
if (defined('INI_SCANNER_RAW'))
|
||||
@ -31,6 +33,9 @@ function load_ini ($file)
|
||||
array ('index_page', 'string', 'index.php'),
|
||||
|
||||
array ('signin_compulsory', 'boolean', FALSE),
|
||||
array ('code_read_access', 'string', 'anonymous'),
|
||||
array ('file_read_access', 'string', 'anonymous'),
|
||||
|
||||
array ('https_compulsory', 'boolean', FALSE),
|
||||
array ('https_url', 'string', 'https://${SERVER_NAME}${REQUEST_URI}'),
|
||||
array ('api_base_url', 'string', 'http://127.0.0.1'),
|
||||
@ -108,6 +113,7 @@ function load_ini ($file)
|
||||
array ('svn_restriction_allowed_subdir_depth_min', 'integer', 0),
|
||||
array ('svn_restriction_allowed_subdir_depth_max', 'integer', 0),
|
||||
|
||||
|
||||
// this item is used by the codepot-user command.
|
||||
array ('codepot_user_executor', 'string', 'root'),
|
||||
);
|
||||
|
@ -186,7 +186,6 @@ www_DATA = \
|
||||
pdf.worker.min.js \
|
||||
webodf.js
|
||||
|
||||
|
||||
EXTRA_DIST = $(www_DATA)
|
||||
all: all-recursive
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user