diff options
Diffstat (limited to 'git-interface/git-serve.py')
-rwxr-xr-x | git-interface/git-serve.py | 162 |
1 files changed, 162 insertions, 0 deletions
diff --git a/git-interface/git-serve.py b/git-interface/git-serve.py new file mode 100755 index 0000000..eebb087 --- /dev/null +++ b/git-interface/git-serve.py @@ -0,0 +1,162 @@ +#!/usr/bin/python3 + +import configparser +import mysql.connector +import os +import pygit2 +import re +import shlex +import sys + +config = configparser.RawConfigParser() +config.read(os.path.dirname(os.path.realpath(__file__)) + "/../conf/config") + +aur_db_host = config.get('database', 'host') +aur_db_name = config.get('database', 'name') +aur_db_user = config.get('database', 'user') +aur_db_pass = config.get('database', 'password') +aur_db_socket = config.get('database', 'socket') + +repo_path = config.get('serve', 'repo-path') +repo_regex = config.get('serve', 'repo-regex') +git_shell_cmd = config.get('serve', 'git-shell-cmd') +ssh_cmdline = config.get('serve', 'ssh-cmdline') +template_path = config.get('serve', 'template-path') + +def pkgbase_exists(pkgbase): + db = mysql.connector.connect(host=aur_db_host, user=aur_db_user, + passwd=aur_db_pass, db=aur_db_name, + unix_socket=aur_db_socket) + cur = db.cursor() + + cur.execute("SELECT COUNT(*) FROM PackageBases WHERE Name = %s ", + [pkgbase]) + + db.close() + return (cur.fetchone()[0] > 0) + +def list_repos(user): + db = mysql.connector.connect(host=aur_db_host, user=aur_db_user, + passwd=aur_db_pass, db=aur_db_name, + unix_socket=aur_db_socket) + cur = db.cursor() + + cur.execute("SELECT ID FROM Users WHERE Username = %s ", [user]) + userid = cur.fetchone()[0] + if userid == 0: + die('%s: unknown user: %s' % (action, user)) + + cur.execute("SELECT Name, PackagerUID FROM PackageBases " + + "WHERE MaintainerUID = %s ", [userid]) + for row in cur: + print((' ' if row[1] else '*') + row[0]) + db.close() + +def setup_repo(pkgbase, user): + if not re.match(repo_regex, pkgbase): + die('%s: invalid repository name: %s' % (action, pkgbase)) + if pkgbase_exists(pkgbase): + die('%s: package base already exists: %s' % (action, pkgbase)) + + db = mysql.connector.connect(host=aur_db_host, user=aur_db_user, + passwd=aur_db_pass, db=aur_db_name, + unix_socket=aur_db_socket) + cur = db.cursor() + + cur.execute("SELECT ID FROM Users WHERE Username = %s ", [user]) + userid = cur.fetchone()[0] + if userid == 0: + die('%s: unknown user: %s' % (action, user)) + + cur.execute("INSERT INTO PackageBases (Name, SubmittedTS, ModifiedTS, " + + "SubmitterUID, MaintainerUID) VALUES (%s, UNIX_TIMESTAMP(), " + + "UNIX_TIMESTAMP(), %s, %s)", [pkgbase, userid, userid]) + pkgbase_id = cur.lastrowid + + cur.execute("INSERT INTO CommentNotify (PackageBaseID, UserID) " + + "VALUES (%s, %s)", [pkgbase_id, userid]) + + db.commit() + db.close() + + repo = pygit2.Repository(repo_path) + repo.create_reference('refs/heads/' + pkgbase, + 'refs/namespaces/' + pkgbase + '/refs/heads/master') + repo.create_reference('refs/namespaces/' + pkgbase + '/HEAD', + 'refs/namespaces/' + pkgbase + '/refs/heads/master') + +def check_permissions(pkgbase, user): + db = mysql.connector.connect(host=aur_db_host, user=aur_db_user, + passwd=aur_db_pass, db=aur_db_name, + unix_socket=aur_db_socket, buffered=True) + cur = db.cursor() + + cur.execute("SELECT AccountTypeID FROM Users WHERE UserName = %s ", [user]) + if cur.fetchone()[0] > 1: + return True + + cur.execute("SELECT COUNT(*) FROM PackageBases " + + "LEFT JOIN PackageComaintainers " + + "ON PackageComaintainers.PackageBaseID = PackageBases.ID " + + "INNER JOIN Users ON Users.ID = PackageBases.MaintainerUID " + + "OR PackageBases.MaintainerUID IS NULL " + + "OR Users.ID = PackageComaintainers.UsersID " + + "WHERE Name = %s AND Username = %s", [pkgbase, user]) + return cur.fetchone()[0] > 0 + +def die(msg): + sys.stderr.write("%s\n" % (msg)) + exit(1) + +def die_with_help(msg): + die(msg + "\nTry `%s help` for a list of commands." % (ssh_cmdline)) + +user = sys.argv[1] +cmd = os.environ.get("SSH_ORIGINAL_COMMAND") +if not cmd: + die_with_help("Interactive shell is disabled.") +cmdargv = shlex.split(cmd) +action = cmdargv[0] + +if action == 'git-upload-pack' or action == 'git-receive-pack': + if len(cmdargv) < 2: + die_with_help("%s: missing path" % (action)) + + path = cmdargv[1].rstrip('/') + if not path.startswith('/') or not path.endswith('.git'): + die('%s: invalid path: %s' % (action, path)) + pkgbase = path[1:-4] + if not re.match(repo_regex, pkgbase): + die('%s: invalid repository name: %s' % (action, repo)) + + if not pkgbase_exists(pkgbase): + setup_repo(pkgbase, user) + + if action == 'git-receive-pack': + if not check_permissions(pkgbase, user): + die('%s: permission denied: %s' % (action, user)) + + os.environ["AUR_USER"] = user + os.environ["AUR_PKGBASE"] = pkgbase + os.environ["GIT_NAMESPACE"] = pkgbase + cmd = action + " '" + repo_path + "'" + os.execl(git_shell_cmd, git_shell_cmd, '-c', cmd) +elif action == 'list-repos': + if len(cmdargv) > 1: + die_with_help("%s: too many arguments" % (action)) + list_repos(user) +elif action == 'setup-repo': + if len(cmdargv) < 2: + die_with_help("%s: missing repository name" % (action)) + if len(cmdargv) > 2: + die_with_help("%s: too many arguments" % (action)) + setup_repo(cmdargv[1], user) +elif action == 'help': + die("Commands:\n" + + " help Show this help message and exit.\n" + + " list-repos List all your repositories.\n" + + " setup-repo <name> Create an empty repository.\n" + + " git-receive-pack Internal command used with Git.\n" + + " git-upload-pack Internal command used with Git.") +else: + die_with_help("invalid command: %s" % (action)) |