Re: [PATCH 2/2] gitweb: support hiding projects from user-visible lists

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Matt McCutchen <matt@xxxxxxxxxxxxxxxxx> writes:

Commit message, please?

> Signed-off-by: Matt McCutchen <matt@xxxxxxxxxxxxxxxxx>
> ---
> 
> My Web site has a single gitweb installation in which some of the
> repositories are protected by a basic authentication login.  By virtue
> of my aforementioned setup with gitweb and pulling at the same URL, the
> login applies uniformly to both.  I had to include these repositories in
> the projects_list because I use strict_export, but I want to hide them
> when the user views the project list.  This patch implements that
> feature, and the previous one fixes a bug I noticed along the way.
> 
> Matt

Cannot you do this with new $export_auth_hook gitweb configuration
variable, added by Alexander Gavrilov in 
   dd7f5f1 (gitweb: Add a per-repository authorization hook.)
It is used in check_export_ok subroutine, and is is checked also when
getting list of project from file

>From gitweb/INSTALL

  - Finally, it is possible to specify an arbitrary perl subroutine that
    will be called for each project to determine if it can be exported.
    The subroutine receives an absolute path to the project as its only
    parameter.

    For example, if you use mod_perl to run the script, and have dumb
    http protocol authentication configured for your repositories, you
    can use the following hook to allow access only if the user is
    authorized to read the files:

      $export_auth_hook = sub {
          use Apache2::SubRequest ();
          use Apache2::Const -compile => qw(HTTP_OK);
          my $path = "$_[0]/HEAD";
          my $r    = Apache2::RequestUtil->request;
          my $sub  = $r->lookup_file($path);
          return $sub->filename eq $path
              && $sub->status == Apache2::Const::HTTP_OK;
      };


>  gitweb/gitweb.perl |   13 +++++++++----
>  1 files changed, 9 insertions(+), 4 deletions(-)

No documentation, in gitweb/README or gitweb/INSTALL

> 
> diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
> index 5357bcc..085cc60 100755
> --- a/gitweb/gitweb.perl
> +++ b/gitweb/gitweb.perl
> @@ -1144,7 +1144,7 @@ sub untabify {
>  
>  sub project_in_list {
>  	my $project = shift;
> -	# Tell git_get_projects_list to include forks.
> +	# Tell git_get_projects_list to include forks and hidden repositories.
>  	my @list = git_get_projects_list(undef, 1);
>  	return @list && scalar(grep { $_->{'path'} eq $project } @list);
>  }
> @@ -2174,15 +2174,18 @@ sub git_get_projects_list {
>  		# 'git%2Fgit.git Linus+Torvalds'
>  		# 'libs%2Fklibc%2Fklibc.git H.+Peter+Anvin'
>  		# 'linux%2Fhotplug%2Fudev.git Greg+Kroah-Hartman'
> +		#
> +		# 1 in the third field hides the project from user-visible lists, e.g.:
> +		# 'linux%2Fembargoed-security-fixes.git John+Doe 1'

I guess I'd rather use _last_ field, in the event we add project
description to project list file format.

>  		my %paths;
>  		open my ($fd), $projects_list or return;
>  	PROJECT:
>  		while (my $line = <$fd>) {
>  			chomp $line;
> -			my ($path, $owner) = split ' ', $line;
> +			my ($path, $owner, $hidden) = split ' ', $line;
>  			$path = unescape($path);
>  			$owner = unescape($owner);
> -			if (!defined $path) {
> +			if (!defined $path || ($hidden && !$for_strict_export)) {
>  				next;
>  			}
>  			if ($filter ne '') {
> @@ -2227,6 +2230,8 @@ sub git_get_projects_list {
>  	return @list;
>  }
>  
> +# This is used to look up the owner of a project the user is already allowed to
> +# see, so we shouldn't omit hidden repositories.
>  our $gitweb_project_owner = undef;
>  sub git_get_project_list_from_file {
>  
> @@ -2241,7 +2246,7 @@ sub git_get_project_list_from_file {
>  		open (my $fd , $projects_list);
>  		while (my $line = <$fd>) {
>  			chomp $line;
> -			my ($pr, $ow) = split ' ', $line;
> +			my ($pr, $ow, $hidden) = split ' ', $line;
>  			$pr = unescape($pr);
>  			$ow = unescape($ow);
>  			$gitweb_project_owner->{$pr} = to_utf8($ow);
> -- 
> 1.6.1.rc2.27.gc7114
> 

-- 
Jakub Narebski
Poland
ShadeHawk on #git
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux