From b762ae6bdd16f2efd83dbc0d5f44058b677e255a Mon Sep 17 00:00:00 2001
From: guange <8863824@gmail.com>
Date: Sat, 4 Jul 2015 22:29:25 +0800
Subject: [PATCH] =?UTF-8?q?=E6=8A=A5=E5=91=8A=E4=BA=BA=E5=91=98=E5=8F=AA?=
 =?UTF-8?q?=E8=83=BD=E5=85=8B=E9=9A=86=EF=BC=8C=E4=B8=8D=E8=83=BD=E6=8F=90?=
 =?UTF-8?q?=E4=BA=A4=EF=BC=8C=E5=85=B6=E4=BB=96=E5=8F=AF=E4=BB=A5=E5=85=8B?=
 =?UTF-8?q?=E9=9A=86=E5=92=8C=E6=8F=90=E4=BA=A4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/repositories_controller.rb    | 12 ++--
 app/helpers/repositories_helper.rb            |  2 +-
 .../settings/_new_repositories.html.erb       | 16 +----
 app/views/repositories/show.html.erb          | 15 ++--
 config/configuration.yml                      |  2 +-
 lib/grack/lib/grack/server.rb                 |  6 +-
 lib/trustie/grack/auth.rb                     | 72 +++++++++++++++----
 7 files changed, 80 insertions(+), 45 deletions(-)

diff --git a/app/controllers/repositories_controller.rb b/app/controllers/repositories_controller.rb
index 607c9b5db..e73f19143 100644
--- a/app/controllers/repositories_controller.rb
+++ b/app/controllers/repositories_controller.rb
@@ -127,19 +127,18 @@ update
       end
     else  # 原逻辑
       ##xianbo
+      params[:repository_scm] = "Git"
       @root_path=RepositoriesHelper::ROOT_PATH
       @repository_name=User.current.login.to_s+"/"+params[:repository][:identifier]+".git"
       @project_path=@root_path+"htdocs/"+@repository_name
-      @repository_tag=params[:repository][:upassword] || params[:repository][:password]
+      @repository_tag=params[:repository][:upassword] || params[:repository][:password] || '1234'
       @repo_name=User.current.login.to_s+"_"+params[:repository][:identifier]
       logger.info "htpasswd -mb "+@root_path+"htdocs/user.passwd "+@repo_name+": "+@repository_tag
       logger.info "the value of create repository"+@root_path+": "+@repository_name+": "+@project_path+": "+@repo_name
       attrs = pickup_extra_info
-      if((@repository_tag!="")&&params[:repository_scm]=="Git")
-        params[:repository][:url]=@project_path
-      end
+      params[:repository][:url]=@project_path
       ###xianbo
-      @repository = Repository.factory(params[:repository_scm])
+      @repository = Repository.factory(params[:repository_scm]||"Git")
       @repository.safe_attributes = params[:repository]
       if attrs[:attrs_extra].keys.any?
         @repository.merge_extra_info(attrs[:attrs_extra])
@@ -270,7 +269,8 @@ update
       @course_tag = params[:course]
       project_path_cut = RepositoriesHelper::PROJECT_PATH_CUT
       ip = RepositoriesHelper::REPO_IP_ADDRESS
-      @repos_url = "http://"+@repository.login.to_s+"_"+@repository.identifier.to_s+"@"+ip.to_s+
+      # @repos_url = "http://"+@repository.login.to_s+"_"+@repository.identifier.to_s+"@"+ip.to_s+
+      @repos_url = "http://#{Setting.host_name}/#{@repository.login.to_s}/#{@repository.identifier.to_s}.git"
       @repository.url.slice(project_path_cut, @repository.url.length).to_s
       if @course_tag == 1
         render :action => 'show', :layout => 'base_courses'
diff --git a/app/helpers/repositories_helper.rb b/app/helpers/repositories_helper.rb
index 5cbc3af5a..718085f24 100644
--- a/app/helpers/repositories_helper.rb
+++ b/app/helpers/repositories_helper.rb
@@ -19,7 +19,7 @@
 
 module RepositoriesHelper
   if Rails.env.development?
-    ROOT_PATH="/tmp/" if Rails.env.development?
+    ROOT_PATH="/private/tmp/"
   else
     ROOT_PATH="/home/pdl/redmine-2.3.2-0/apache2/"
   end
diff --git a/app/views/projects/settings/_new_repositories.html.erb b/app/views/projects/settings/_new_repositories.html.erb
index ca771a487..b626b4089 100644
--- a/app/views/projects/settings/_new_repositories.html.erb
+++ b/app/views/projects/settings/_new_repositories.html.erb
@@ -62,15 +62,6 @@
 <%= labelled_form_for :repository, @repository, :url =>project_repositories_path(@project),:html => {:id => 'repository-form',:method=>"post"} do |f| %>
 <div id="pro_st_edit_ku" class="pro_st_edit_ku">
   <ul>
-    <li >
-      <label class="label02"><%=l(:label_scm)%>：</label>
-      <%= select_tag('repository_scm',
-                     options_for_select(["Git"],@repository.class.name.demodulize),
-                     :data => {:remote => true, :method => 'get'})%>
-      <% if @repository && ! @repository.class.scm_available %>
-          <span class="c_grey"><%= l(:text_scm_command_not_available) %></span>
-      <% end %>
-    </li>
     <% unless judge_main_repository(@project) %>
         <li>
             <label class="label02"><%=l(:field_repository_is_default)%>：</label>
@@ -84,14 +75,9 @@
          <span class="c_grey"><%=l(:text_length_between,:min=>1,:max=>254)<<l(:text_project_identifier_info) %></span>
       <% end %>
     </li>
-    <li >
-      <label class="label02"><span class="c_red">*</span><%=l(:label_password)%></label>
-      <%= f.password_field :upassword, :label=> "", :no_label => true %>
-      <span class="c_grey"><%= l(:label_upassword_info)%></span>
-    </li>
     <div class="cl"></div>
   </ul>
   <a href="#" onclick="$('#repository-form').submit();" class="blue_btn fl ml110"><%=l(:button_save)%></a>
   <a href="<%= settings_project_path(@project, :tab => 'repositories')%>" class="grey_btn fl ml10"><%=l(:button_cancel)%></a>
 </div><!--pro_st_edit_issues end-->
-<% end %>
\ No newline at end of file
+<% end %>
diff --git a/app/views/repositories/show.html.erb b/app/views/repositories/show.html.erb
index 474ac638f..5f279f2c2 100644
--- a/app/views/repositories/show.html.erb
+++ b/app/views/repositories/show.html.erb
@@ -33,8 +33,9 @@
 <div id="repos_git_more">
   <br>
   <div class=" c_dark f14">
+    <p color="red">git 克隆和提交的用户名和密码为登录用户名和密码 </p>
     <p>项目代码请设置好正确的编码方式（utf-8），否则中文会出现乱码。</p>
-    <p>通过cmd命令提示符进入代码对应文件夹的根目录，假设当前用户的登录名为user，版本库名称为demo，需要操作的版本库分支为branch。
+    <p>通过cmd命令提示符进入代码对应文件夹的根目录，
       如果是首次提交代码，执行如下命令：</p>
   </div>
   <div class="repos_explain">
@@ -45,19 +46,19 @@
     <p>git commit -m "first commit"</p>
 
     <p>git remote add origin
-      http://user_demo@repository.trustie.net/user/demo.git
+    <%= @repos_url %>
     </p>
 
     <p>git config http.postBuffer 524288000 #设置本地post缓存为500MB</p>
 
-    <p>git push -u origin branch:branch</p>
+    <p>git push -u origin master</p>
   </div>
   <!--repos_explain end-->
   <div class="c_dark f14">
     <p>已经有本地库，还没有配置远程地址，打开命令行执行如下：</p>
   </div>
   <div class="repos_explain">
-    <p>git remote add origin http://user_demo@repository.trustie.net/user/demo.git</p>
+    <p>git remote add origin <%= @repos_url %></p>
 
     <p>git add .</p>
 
@@ -65,14 +66,14 @@
 
     <p>git config http.postBuffer 524288000 #设置本地post缓存为500MB</p>
 
-    <p>git push -u origin branch:branch</p>
+    <p>git push -u origin master</p>
   </div>
   <!--repos_explain end-->
   <div class="c_dark f14">
     <p>已有远程地址，创建一个远程分支，并切换到该分支，打开命令行执行如下：</p>
   </div>
   <div class="repos_explain">
-    <p>git clone http://user_demo@repository.trustie.net/user/demo.git</p>
+    <p>git clone <%= @repos_url %></p>
 
     <p>git push</p>
 
@@ -86,7 +87,7 @@
   </div>
   <div class="repos_explain">
     <p>git remote add trustie
-      http://user_demo@repository.trustie.net/user/demo.git
+    <%= @repos_url %>
     </p>
 
     <p>git add .</p>
diff --git a/config/configuration.yml b/config/configuration.yml
index 4c786ad28..ef204a31e 100644
--- a/config/configuration.yml
+++ b/config/configuration.yml
@@ -197,7 +197,7 @@ default:
   #max_concurrent_ajax_uploads: 2
   #pic_types: "bmp,jpeg,jpg,png,gif"
 
-  repository_root_path: '/Users/guange/repository'
+  repository_root_path: '/tmp/htdocs'
 
 # specific configuration options for production environment
 # that overrides the default ones
diff --git a/lib/grack/lib/grack/server.rb b/lib/grack/lib/grack/server.rb
index 59e0bc271..6b4fe8801 100644
--- a/lib/grack/lib/grack/server.rb
+++ b/lib/grack/lib/grack/server.rb
@@ -50,7 +50,7 @@ module Grack
       return render_method_not_allowed if cmd == 'not_allowed'
       return render_not_found unless cmd
 
-      @git = get_git(path)
+      @git = get_git(env["REP_PATH"] || path)
       return render_not_found unless git.valid_repo?
 
       self.method(cmd).call
@@ -195,8 +195,8 @@ module Grack
     end
 
     def get_git(path)
-      root = @config[:project_root] || Dir.pwd
-      path = File.join(root, path)
+      # root = @config[:project_root] || Dir.pwd
+      # path = File.join(root, path)
       Grack::Git.new(@config[:git_path], path)
     end
 
diff --git a/lib/trustie/grack/auth.rb b/lib/trustie/grack/auth.rb
index c27477be2..5464b18ca 100644
--- a/lib/trustie/grack/auth.rb
+++ b/lib/trustie/grack/auth.rb
@@ -1,9 +1,16 @@
+#coding=utf-8
+#
 require 'rack/auth/basic'
 require 'rack/auth/abstract/handler'
 require 'rack/auth/abstract/request'
 
 module Grack
+
   class Auth < Rack::Auth::Basic
+    DOWNLOAD_COMMANDS = %w{ git-upload-pack git-upload-archive }
+    PUSH_COMMANDS = %w{ git-receive-pack }
+
+    attr_accessor :user, :repository
     def call(env)
       @env = env
       @request = Rack::Request.new(env)
@@ -16,6 +23,7 @@ module Grack
       else
         result = if (access = valid?(@auth) and access == true)
           @env['REMOTE_USER'] = @auth.username
+          env['REP_PATH'] = repository.root_url 
           @app.call(env)
         else
           if access == '404'
@@ -37,19 +45,59 @@ module Grack
     end
 
     def valid?(auth)
-      match = @request.path_info.match(/(\/.+\.git)\//)
-      if match 
-        rep = Repository.where("root_url like ?", "%#{match[1]}")
-        return "404" if rep.empty?
-        username, password = auth.credentials
-        user, last_login_on = User.try_to_login(username, password)
-        return '403' unless user
-        if user.member_of?(rep.first.project) || user.admin?
-          return true
-        end
-      end
-      false
+      self.repository = auth_rep
+      return "404" unless repository
+      username, password = auth.credentials
+      self.user = auth_user(username, password)
+      return '403' unless user
+      access = auth_request
+      puts "access #{access}"
+      access
     end
+
+    def auth_rep
+      rep = nil
+      match = @request.path_info.match(/(\/.+\.git)\//)
+      if match
+        rep = Repository.where("root_url like ?", "%#{match[1]}").first
+      end
+      rep
+    end
+
+    def auth_user(username, password)
+        u, last_login_on = User.try_to_login(username, password)
+        unless u && (u.member_of?(repository.project) || u.admin?)
+          u = nil
+        end
+        u
+    end
+
+    def auth_request
+      case git_cmd
+      when *DOWNLOAD_COMMANDS
+        user != nil
+      when *PUSH_COMMANDS
+        unless user
+          false
+        else
+          ### 只有Manager和Development才有push权限
+          repository.project.members.where(user_id: user.id).first.roles.any?{|r| r.name == 'Manager' || r.name == 'Developer'}
+        end
+      else
+        false
+      end
+    end
+
+    def git_cmd
+      if @request.get?
+        @request.params['service']
+      elsif @request.post?
+        File.basename(@request.path)
+      else
+        nil
+      end
+    end
+
   end# class Auth
 end# module Grack