diff --git a/codepot/etc/codepot.ini.in b/codepot/etc/codepot.ini.in index e7f3dbe8..5b2930bf 100644 --- a/codepot/etc/codepot.ini.in +++ b/codepot/etc/codepot.ini.in @@ -92,9 +92,25 @@ language = "auto" index_page = "index.php" ;------------------------------------------------------------------------------ -; When set to yes, viewing pages require a user to sign in. +; When set to yes, viewing pages requires a user to sign in. ;------------------------------------------------------------------------------ -singin_compulsory = "no" +signin_compulsory = "no" + +;------------------------------------------------------------------------------ +; Code read access is limited to the specified user type. The types +; include anonymous, authenticated, member. This applies to a public project +; only. Write access to any projects and read access to a non-public project +; require membership regardless of this item. +;------------------------------------------------------------------------------ +code_read_access = "anonymous" + +;------------------------------------------------------------------------------ +; File read access is limited to the specified user type. The types +; include anonymous, authenticated, member. This applies to a public project +; only. Write access to any projects and read access to a non-public project +; require membership regardless of this item. +;------------------------------------------------------------------------------ +file_read_access = "anonymous" ;------------------------------------------------------------------------------ ; When set to yes, non-http access is diverted to https using diff --git a/codepot/src/codepot/config/config.php b/codepot/src/codepot/config/config.php index d7bbb985..aed613f8 100644 --- a/codepot/src/codepot/config/config.php +++ b/codepot/src/codepot/config/config.php @@ -245,7 +245,7 @@ $config['cache_path'] = CODEPOT_CACHE_DIR; | enabled you MUST set an encryption key. See the user guide for info. | */ -$config['encryption_key'] = ""; +$config['encryption_key'] = "codepot"; /* |-------------------------------------------------------------------------- @@ -261,7 +261,7 @@ $config['encryption_key'] = ""; */ $config['sess_cookie_name'] = 'codepot_session'; $config['sess_expiration'] = 72000; -$config['sess_encrypt_cookie'] = FALSE; +$config['sess_encrypt_cookie'] = TRUE; $config['sess_use_database'] = FALSE; $config['sess_table_name'] = 'codepot_sessions'; $config['sess_match_ip'] = FALSE; diff --git a/codepot/src/codepot/controllers/code.php b/codepot/src/codepot/controllers/code.php index 30c2af10..8a7a16a6 100644 --- a/codepot/src/codepot/controllers/code.php +++ b/codepot/src/codepot/controllers/code.php @@ -26,6 +26,57 @@ class Code extends Controller $this->lang->load ('code', CODEPOT_LANG); } + private function _can_read ($pm, $projectid, $login) + { + if ($login['sysadmin?']) return TRUE; + + $userid = $login['id']; + if ($pm->projectIsPublic($projectid)) + { + if (strcasecmp(CODEPOT_CODE_READ_ACCESS, 'anonymous') == 0) return TRUE; + else if (strcasecmp(CODEPOT_CODE_READ_ACCESS, 'authenticated') == 0) + { + if ($userid != '') return TRUE; + } + else if (strcasecmp(CODEPOT_CODE_READ_ACCESS, 'member') == 0) + { + if ($userid != '' && $pm->projectHasMember($projectid, $userid)) return TRUE; + } + } + else + { + // non-public project. + if ($userid != '' && $pm->projectHasMember($projectid, $userid)) return TRUE; + } + + return FALSE; + } + + private function _can_write ($pm, $projectid, $login) + { + if ($login['sysadmin?']) return TRUE; + + $userid = $login['id']; + if ($userid != '' && $pm->projectHasMember($projectid, $userid)) return TRUE; + return FALSE; + } + + private function _redirect_to_signin ($conv, $login, $project = NULL) + { + $userid = $login['id']; + if ($userid == '') + { + redirect (CODEPOT_SIGNIN_REDIR_PATH . $conv->AsciiTohex(current_url())); + } + else + { + $data['login'] = $login; + $data['project'] = $project; + $data['message'] = 'Disallowed'; + $this->load->view ($this->VIEW_ERROR, $data); + } + } + function home ($projectid = '', $subdir = '', $rev = SVN_REVISION_HEAD) { return $this->file ($projectid, $subdir, $rev); @@ -39,7 +90,11 @@ class Code extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + { + $this->_redirect_to_signin($this->converter, $login); + return; + } + $data['login'] = $login; $path = $this->converter->HexToAscii ($path); @@ -61,10 +116,12 @@ class Code extends Controller } else { - if ($project->public !== 'Y' && $login['id'] == '') + //if ($project->public !== 'Y' && $login['id'] == '') + if (!$this->_can_read ($this->projects, $projectid, $login)) { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + $this->_redirect_to_signin($this->converter, $login, $project); + return; } $file = $this->subversion->getFile ($projectid, $path, $rev); @@ -173,7 +230,10 @@ class Code extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + { + $this->_redirect_to_signin($this->converter, $login); + return; + } $data['login'] = $login; $path = $this->converter->HexToAscii ($path); @@ -195,10 +255,12 @@ class Code extends Controller } else { - if ($project->public !== 'Y' && $login['id'] == '') + //if ($project->public !== 'Y' && $login['id'] == '') + if (!$this->_can_read ($this->projects, $projectid, $login)) { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + $this->_redirect_to_signin($this->converter, $login, $project); + return; } $file = $this->subversion->getBlame ($projectid, $path, $rev); @@ -251,7 +313,10 @@ class Code extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + { + $this->_redirect_to_signin($this->converter, $login); + return; + } $data['login'] = $login; $path = $this->converter->HexToAscii ($path); @@ -273,10 +338,12 @@ class Code extends Controller } else { - if ($project->public !== 'Y' && $login['id'] == '') + //if ($project->public !== 'Y' && $login['id'] == '') + if (!$this->_can_read ($this->projects, $projectid, $login)) { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + $this->_redirect_to_signin($this->converter, $login, $project); + return; } $file = $this->subversion->getFile ($projectid, $path, $rev); @@ -447,10 +514,11 @@ class Code extends Controller { $status = "error - no such project {$projectid}"; } - else if (!$login['sysadmin?'] && - $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + //else if (!$login['sysadmin?'] && + // $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + else if (!$this->_can_write ($this->projects, $projectid, $login)) { - $status = "error - not a member {$login['id']}"; + $status = "error - disallowed"; } else { @@ -515,10 +583,11 @@ class Code extends Controller { $status = "error - no such project {$projectid}"; } - else if (!$login['sysadmin?'] && - $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + //else if (!$login['sysadmin?'] && + // $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + else if (!$this->_can_write ($this->projects, $projectid, $login)) { - $status = "error - not a member {$login['id']}"; + $status = "error - disallowed"; } else { @@ -574,10 +643,12 @@ class Code extends Controller } else { - if ($project->public !== 'Y' && $login['id'] == '') + //if ($project->public !== 'Y' && $login['id'] == '') + if (!$this->_can_read ($this->projects, $projectid, $login)) { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + $this->_redirect_to_signin($this->converter, $login, $project); + return; } $tag = $this->converter->HexToAscii ($tag); @@ -623,10 +694,11 @@ class Code extends Controller { $status = "error - no such project {$projectid}"; } - else if (!$login['sysadmin?'] && - $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + //else if (!$login['sysadmin?'] && + // $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + else if (!$this->_can_write ($this->projects, $projectid, $login)) { - $status = "error - not a member {$login['id']}"; + $status = "error - disallowed"; } else if ($login['id'] != $this->subversion->getRevProp($projectid, $rev, 'svn:author')) { @@ -681,10 +753,11 @@ class Code extends Controller { $status = "error - no such project {$projectid}"; } - else if (!$login['sysadmin?'] && - $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + //else if (!$login['sysadmin?'] && + // $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + else if (!$this->_can_write ($this->projects, $projectid, $login)) { - $status = "error - not a member {$login['id']}"; + $status = "error - disallowed"; } //else if ($login['id'] != $this->subversion->getRevProp($projectid, $rev, 'svn:author')) //{ @@ -744,10 +817,11 @@ class Code extends Controller { $status = "error - no such project {$projectid}"; } - else if (!$login['sysadmin?'] && - $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + //else if (!$login['sysadmin?'] && + // $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + else if (!$this->_can_write ($this->projects, $projectid, $login)) { - $status = "error - not a member {$login['id']}"; + $status = "error - disallowed"; } else { @@ -812,10 +886,11 @@ class Code extends Controller { $status = "error - no such project {$projectid}"; } - else if (!$login['sysadmin?'] && - $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + //else if (!$login['sysadmin?'] && + // $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + else if (!$this->_can_write ($this->projects, $projectid, $login)) { - $status = "error - not a member {$login['id']}"; + $status = "error - disallowed"; } else { @@ -924,7 +999,10 @@ class Code extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + { + $this->_redirect_to_signin($this->converter, $login); + return; + } $data['login'] = $login; $path = $this->converter->HexToAscii ($path); @@ -946,10 +1024,12 @@ class Code extends Controller } else { - if ($project->public !== 'Y' && $login['id'] == '') + //if ($project->public !== 'Y' && $login['id'] == '') + if (!$this->_can_read ($this->projects, $projectid, $login)) { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + $this->_redirect_to_signin($this->converter, $login, $project); + return; } $file = $this->subversion->getHistory ($projectid, $path, $rev); @@ -993,8 +1073,6 @@ class Code extends Controller $data['next_revision'] = $this->subversion->getNextRev ($projectid, $path, $rev); - $data['review_count'] = - $this->load->view ($this->VIEW_HISTORY, $data); } } @@ -1008,7 +1086,10 @@ class Code extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + { + $this->_redirect_to_signin($this->converter, $login); + return; + } $data['login'] = $login; $path = $this->converter->HexToAscii ($path); @@ -1035,10 +1116,12 @@ class Code extends Controller } else { - if ($project->public !== 'Y' && $login['id'] == '') + //if ($project->public !== 'Y' && $login['id'] == '') + if (!$this->_can_read ($this->projects, $projectid, $login)) { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + $this->_redirect_to_signin($this->converter, $login, $project); + return; } $file = $this->subversion->getRevHistory ($projectid, $path, $rev); @@ -1156,7 +1239,10 @@ class Code extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + { + $this->_redirect_to_signin($this->converter, $login); + return; + } $data['login'] = $login; $path = $this->converter->HexToAscii ($path); @@ -1178,10 +1264,12 @@ class Code extends Controller } else { - if ($project->public !== 'Y' && $login['id'] == '') + //if ($project->public !== 'Y' && $login['id'] == '') + if (!$this->_can_read ($this->projects, $projectid, $login)) { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + $this->_redirect_to_signin($this->converter, $login, $project); + return; } $file = $this->subversion->getDiff ($projectid, $path, $rev1, $rev2, $full); @@ -1248,7 +1336,10 @@ class Code extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + { + $this->_redirect_to_signin($this->converter, $login); + return; + } $data['login'] = $login; $path = $this->converter->HexToAscii ($path); @@ -1270,10 +1361,12 @@ class Code extends Controller } else { - if ($project->public !== 'Y' && $login['id'] == '') + //if ($project->public !== 'Y' && $login['id'] == '') + if (!$this->_can_read ($this->projects, $projectid, $login)) { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + $this->_redirect_to_signin($this->converter, $login, $project); + return; } $file = $this->subversion->getFile ($projectid, $path, $rev); @@ -1414,10 +1507,13 @@ class Code extends Controller { $this->load->model ('ProjectModel', 'projects'); $this->load->model ('SubversionModel', 'subversion'); - + $login = $this->login->getUser (); if ((CODEPOT_SIGNIN_COMPULSORY || CODEPOT_SIGNIN_FOR_CODE_SEARCH) && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + { + $this->_redirect_to_signin($this->converter, $login); + return; + } $project = $this->projects->get ($projectid); if ($project === FALSE) @@ -1436,10 +1532,12 @@ class Code extends Controller } else { - if ($project->public !== 'Y' && $login['id'] == '') + //if ($project->public !== 'Y' && $login['id'] == '') + if (!$this->_can_read ($this->projects, $projectid, $login)) { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + $this->_redirect_to_signin($this->converter, $login, $project); + return 0; } $this->_search_code ($project, $login); @@ -1465,7 +1563,8 @@ class Code extends Controller } $project = $this->projects->get ($projectid); - if ($project === FALSE || ($project->public !== 'Y' && $login['id'] == '')) + //if ($project === FALSE || ($project->public !== 'Y' && $login['id'] == '')) + if ($project === FALSE || !$this->_can_read ($this->projects, $projectid, $login)) { header($_SERVER['SERVER_PROTOCOL'].' 404 Not Found'); return; @@ -1477,7 +1576,6 @@ class Code extends Controller if ($path == '.') $path = ''; /* treat a period specially */ $path = $this->_normalize_path ($path); - if ($type == 'cloc-file') { // number of lines in a single file diff --git a/codepot/src/codepot/controllers/file.php b/codepot/src/codepot/controllers/file.php index bbe76b12..70422e84 100644 --- a/codepot/src/codepot/controllers/file.php +++ b/codepot/src/codepot/controllers/file.php @@ -19,6 +19,57 @@ class File extends Controller $this->lang->load ('file', CODEPOT_LANG); } + private function _can_read ($pm, $projectid, $login) + { + if ($login['sysadmin?']) return TRUE; + + $userid = $login['id']; + if ($pm->projectIsPublic($projectid)) + { + if (strcasecmp(CODEPOT_FILE_READ_ACCESS, 'anonymous') == 0) return TRUE; + else if (strcasecmp(CODEPOT_FILE_READ_ACCESS, 'authenticated') == 0) + { + if ($userid != '') return TRUE; + } + else if (strcasecmp(CODEPOT_FILE_READ_ACCESS, 'member') == 0) + { + if ($userid != '' && $pm->projectHasMember($projectid, $userid)) return TRUE; + } + } + else + { + // non-public project. + if ($userid != '' && $pm->projectHasMember($projectid, $userid)) return TRUE; + } + + return FALSE; + } + + private function _can_write ($pm, $projectid, $login) + { + if ($login['sysadmin?']) return TRUE; + + $userid = $login['id']; + if ($userid != '' && $pm->projectHasMember($projectid, $userid)) return TRUE; + return FALSE; + } + + private function _redirect_to_signin ($conv, $login, $project = NULL) + { + $userid = $login['id']; + if ($userid == '') + { + redirect (CODEPOT_SIGNIN_REDIR_PATH . $conv->AsciiTohex(current_url())); + } + else + { + $data['login'] = $login; + $data['project'] = $project; + $data['message'] = 'Disallowed'; + $this->load->view ($this->VIEW_ERROR, $data); + } + } + function home ($projectid = '') { $this->load->model ('ProjectModel', 'projects'); @@ -26,7 +77,10 @@ class File extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + { + $this->_redirect_to_signin($this->converter, $login); + return; + } $data['login'] = $login; $project = $this->projects->get ($projectid); @@ -44,10 +98,11 @@ class File extends Controller } else { - if ($project->public !== 'Y' && $login['id'] == '') + if (!$this->_can_read ($this->projects, $projectid, $login)) { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + $this->_redirect_to_signin($this->converter, $login, $project); + return; } $files = $this->files->getAll ($login['id'], $project); @@ -73,7 +128,10 @@ class File extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + { + $this->_redirect_to_signin($this->converter, $login); + return; + } $data['login'] = $login; $name = $this->converter->HexToAscii ($name); @@ -93,10 +151,11 @@ class File extends Controller } else { - if ($project->public !== 'Y' && $login['id'] == '') + if (!$this->_can_read ($this->projects, $projectid, $login)) { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + $this->_redirect_to_signin($this->converter, $login, $project); + return; } $file = $this->files->get ($login['id'], $project, $name); @@ -129,7 +188,10 @@ class File extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + { + $this->_redirect_to_signin($this->converter, $login); + return; + } $data['login'] = $login; $name = $this->converter->HexToAscii ($name); @@ -149,10 +211,11 @@ class File extends Controller } else { - if ($project->public !== 'Y' && $login['id'] == '') + if (!$this->_can_read ($this->projects, $projectid, $login)) { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + $this->_redirect_to_signin($this->converter, $login, $project); + return; } $file = $this->files->fetchFile ($login['id'], $project, $name); @@ -260,10 +323,11 @@ class File extends Controller { $status = "error - no such project {$projectid}"; } - else if (!$login['sysadmin?'] && - $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + //else if (!$login['sysadmin?'] && + // $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + else if (!$this->_can_write ($this->projects, $projectid, $login)) { - $status = "error - not a member {$login['id']}"; + $status = "error - disallowed"; } else { @@ -362,10 +426,11 @@ class File extends Controller { $status = "error - no such project {$projectid}"; } - else if (!$login['sysadmin?'] && - $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + //else if (!$login['sysadmin?'] && + // $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + else if (!$this->_can_write ($this->projects, $projectid, $login)) { - $status = "error - not a member {$login['id']}"; + $status = "error - disallowed"; } else { @@ -444,10 +509,11 @@ class File extends Controller { $status = "error - no such project {$projectid}"; } - else if (!$login['sysadmin?'] && - $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + //else if (!$login['sysadmin?'] && + // $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + else if (!$this->_can_write ($this->projects, $projectid, $login)) { - $status = "error - not a member {$login['id']}"; + $status = "error - disallowed"; } else { @@ -528,10 +594,11 @@ class File extends Controller { $status = "error - no such project {$projectid}"; } - else if (!$login['sysadmin?'] && - $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + //else if (!$login['sysadmin?'] && + // $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + else if (!$this->_can_write ($this->projects, $projectid, $login)) { - $status = "error - not a member {$login['id']}"; + $status = "error - disallowed"; } else { @@ -540,7 +607,6 @@ class File extends Controller $file->tag = $this->input->post('file_edit_tag'); $file->description = $this->input->post('file_edit_description'); - if ($file->name === FALSE || ($file->name = trim($file->name)) == '') { $status = 'error - no name'; @@ -594,10 +660,11 @@ class File extends Controller { $status = "error - no such project {$projectid}"; } - else if (!$login['sysadmin?'] && - $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + //else if (!$login['sysadmin?'] && + // $this->projects->projectHasMember($projectid, $login['id']) === FALSE) + else if (!$this->_can_write ($this->projects, $projectid, $login)) { - $status = "error - not a member {$login['id']}"; + $status = "error - disallowed"; } else { @@ -623,8 +690,6 @@ class File extends Controller print $status; } - - } ?> diff --git a/codepot/src/codepot/controllers/graph.php b/codepot/src/codepot/controllers/graph.php index 7fd338f4..8f1610ba 100644 --- a/codepot/src/codepot/controllers/graph.php +++ b/codepot/src/codepot/controllers/graph.php @@ -37,7 +37,7 @@ class Graph extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $data['login'] = $login; //$path = $this->converter->HexToAscii ($path); @@ -62,7 +62,7 @@ class Graph extends Controller if ($project->public !== 'Y' && $login['id'] == '') { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); } $data['project'] = $project; diff --git a/codepot/src/codepot/controllers/issue.php b/codepot/src/codepot/controllers/issue.php index 4e8166ee..48b362c0 100644 --- a/codepot/src/codepot/controllers/issue.php +++ b/codepot/src/codepot/controllers/issue.php @@ -28,7 +28,7 @@ class Issue extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $data['login'] = $login; $project = $this->projects->get ($projectid); @@ -49,7 +49,7 @@ class Issue extends Controller if ($project->public !== 'Y' && $login['id'] == '') { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); } if ($filter == '') @@ -150,7 +150,7 @@ class Issue extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $data['login'] = $login; if ($hexid == '') @@ -827,7 +827,7 @@ class Issue extends Controller if ($project->public !== 'Y' && $login['id'] == '') { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); } $att = $this->wikis->getAttachment ($login['id'], $project, $wikiname, $name); @@ -914,7 +914,7 @@ class Issue extends Controller if ($project->public !== 'Y' && $login['id'] == '') { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); } $att = $this->issues->getFile ($login['id'], $project, $issueid, $filename); @@ -985,7 +985,7 @@ class Issue extends Controller // $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); if ($issueid == '' || $filename == '') { diff --git a/codepot/src/codepot/controllers/project.php b/codepot/src/codepot/controllers/project.php index b85bd732..c24cc195 100644 --- a/codepot/src/codepot/controllers/project.php +++ b/codepot/src/codepot/controllers/project.php @@ -32,7 +32,7 @@ class Project extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $data['login'] = $login; if ($filter == '') @@ -125,7 +125,7 @@ class Project extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $data['login'] = $login; @@ -147,7 +147,7 @@ class Project extends Controller if ($project->public !== 'Y' && $login['id'] == '') { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); } $log_entries = $this->logs->getEntries ( @@ -275,7 +275,7 @@ class Project extends Controller $login = $this->login->getUser (); if ($login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $project = new stdClass(); $project->id = $projectid; @@ -295,7 +295,7 @@ class Project extends Controller $login = $this->login->getUser (); if ($login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $project = $this->projects->get ($projectid); if ($project === FALSE) @@ -394,7 +394,7 @@ class Project extends Controller $login = $this->login->getUser (); if ($login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $project = $this->projects->get ($projectid); if ($project === FALSE) diff --git a/codepot/src/codepot/controllers/site.php b/codepot/src/codepot/controllers/site.php index 4763b459..8d56ee7f 100644 --- a/codepot/src/codepot/controllers/site.php +++ b/codepot/src/codepot/controllers/site.php @@ -37,7 +37,7 @@ class Site extends Controller { $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $this->load->model ('SiteModel', 'sites'); $this->load->model ('ProjectModel', 'projects'); @@ -149,7 +149,7 @@ class Site extends Controller { $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $this->load->model ('SiteModel', 'sites'); @@ -173,7 +173,7 @@ class Site extends Controller { $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $this->load->model ('SiteModel', 'sites'); @@ -280,7 +280,7 @@ class Site extends Controller $login = $this->login->getUser (); if ($login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); if (!$login['sysadmin?']) { @@ -305,7 +305,7 @@ class Site extends Controller $login = $this->login->getUser (); if ($login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $site = $this->sites->get ($siteid); if ($site === FALSE) @@ -397,7 +397,7 @@ class Site extends Controller $login = $this->login->getUser (); if ($login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $site = $this->sites->get ($siteid); if ($site === FALSE) @@ -566,7 +566,7 @@ class Site extends Controller { $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $data['login'] = $login; @@ -588,7 +588,7 @@ class Site extends Controller { $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $data['login'] = $login; diff --git a/codepot/src/codepot/controllers/wiki.php b/codepot/src/codepot/controllers/wiki.php index 4c7123ce..40e9b993 100644 --- a/codepot/src/codepot/controllers/wiki.php +++ b/codepot/src/codepot/controllers/wiki.php @@ -31,7 +31,7 @@ class Wiki extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $data['login'] = $login; $project = $this->projects->get ($projectid); @@ -52,7 +52,7 @@ class Wiki extends Controller if ($project->public !== 'Y' && $login['id'] == '') { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); } $wikis = $this->wikis->getAll ($login['id'], $project); @@ -78,7 +78,7 @@ class Wiki extends Controller $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $data['login'] = $login; if ($name == '') @@ -108,7 +108,7 @@ class Wiki extends Controller if ($project->public !== 'Y' && $login['id'] == '') { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); } $link = $this->wikihelper->parseLink ( @@ -186,7 +186,7 @@ class Wiki extends Controller $login = $this->login->getUser (); if ($login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); $data['login'] = $login; $name = $this->converter->HexToAscii ($name); @@ -319,7 +319,7 @@ class Wiki extends Controller if ($project->public !== 'Y' && $login['id'] == '') { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); } $att = $this->wikis->getAttachment ($login['id'], $project, $wikiname, $name); @@ -406,7 +406,7 @@ class Wiki extends Controller if ($project->public !== 'Y' && $login['id'] == '') { // non-public projects require sign-in. - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); } $att = $this->issues->getFile ($login['id'], $project, $issueid, $filename); @@ -472,7 +472,7 @@ class Wiki extends Controller { $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); if ($target == '') { @@ -519,7 +519,7 @@ class Wiki extends Controller { $login = $this->login->getUser (); if (CODEPOT_SIGNIN_COMPULSORY && $login['id'] == '') - redirect ("main/signin/" . $this->converter->AsciiTohex(current_url())); + redirect (CODEPOT_SIGNIN_REDIR_PATH . $this->converter->AsciiTohex(current_url())); if ($wikiname == '' || $filename == '') { diff --git a/codepot/src/config.php.in b/codepot/src/config.php.in index 25ed05a6..254f3a85 100644 --- a/codepot/src/config.php.in +++ b/codepot/src/config.php.in @@ -7,6 +7,8 @@ define ('CODEPOT_WWW_DIR', '@WWWDIR@'); define ('CODEPOT_LOG_DIR', '@LOGDIR@/'); // this requires a trailing slash define ('CODEPOT_CACHE_DIR', '@CACHEDIR@'); +define ('CODEPOT_SIGNIN_REDIR_PATH', 'main/signin/'); + function load_ini ($file) { if (defined('INI_SCANNER_RAW')) @@ -31,6 +33,9 @@ function load_ini ($file) array ('index_page', 'string', 'index.php'), array ('signin_compulsory', 'boolean', FALSE), + array ('code_read_access', 'string', 'anonymous'), + array ('file_read_access', 'string', 'anonymous'), + array ('https_compulsory', 'boolean', FALSE), array ('https_url', 'string', 'https://${SERVER_NAME}${REQUEST_URI}'), array ('api_base_url', 'string', 'http://127.0.0.1'), @@ -108,6 +113,7 @@ function load_ini ($file) array ('svn_restriction_allowed_subdir_depth_min', 'integer', 0), array ('svn_restriction_allowed_subdir_depth_max', 'integer', 0), + // this item is used by the codepot-user command. array ('codepot_user_executor', 'string', 'root'), ); diff --git a/codepot/src/js/Makefile.in b/codepot/src/js/Makefile.in index 5646ade8..c88c50b8 100644 --- a/codepot/src/js/Makefile.in +++ b/codepot/src/js/Makefile.in @@ -186,7 +186,6 @@ www_DATA = \ pdf.worker.min.js \ webodf.js - EXTRA_DIST = $(www_DATA) all: all-recursive