def init(self): if Config.get("phoenix", "initialized") == "True": raise AdminException("Already initialized.") logging.info("Defining variables for init ...") user = self.args.git_user base = path.join(self.args.base_dir, user) repo = path.join(base, self.args.repository_dir) tar = path.join(base, self.args.tarball_dir) ssh = path.join(base, ".ssh") auth_keys = path.join(ssh, "authorized_keys") admin_repo = self.args.admin_repo email = self.args.admin_email name = self.args.admin_name username = self.args.admin_username sql = self.args.sql_connect or "sqlite://%s" % path.join(base, "phoenix.db") logging.info("Checking for permission to write the config file ...") if not File.writePermission(Config.get("CONF_FILE")): raise AdminException("You don't have permission to write the config file `%s' ..." % Config.get("CONF_FILE")) if not SysUser.exists(self.args.git_user): logging.info("Creating user `%s' ... " % user) SysUser.create(user, base) Config.set("phoenix", "user", user) Config.set("phoenix", "base", base) else: raise AdminException("The user `%s' already exists." % user) logging.info("Saving SQL connection string `%s' ..." % sql) Config.set("phoenix", "sql_connect", sql) Config.set("phoenix", "initialized", True) Config.set("phoenix", "authorized_keys", auth_keys) __import__("os").setgid(__import__("pwd").getpwnam(user).pw_gid) __import__("os").setuid(__import__("pwd").getpwnam(user).pw_uid) logging.info("Checking for permission to write the config file as `%s' ..." % user) if not File.writePermission(Config.get("CONF_FILE")): raise AdminException("You don't have permission to write the config file `%s' ..." % Config.get("CONF_FILE")) from sqlobject import connectionForURI, sqlhub connection = connectionForURI(Config.get("phoenix", "sql_connect")) sqlhub.processConnection = connection self._sqlChanges() self._createDirectoryStructure(repo, tar, ssh) logging.info("Creating `%s' ..." % auth_keys) File.touch(auth_keys) logging.info("Saving admin user information `%s' and `%s' in database ..." % (name, email)) admin = Member(username=username, email=email, name=name) if admin_repo: logging.info("Initializing development repository at `%s/phoenix.git' ..." % repo) admin.addRepository("Phoenix Server Management", "phoenix.git") print "Done."
def _sqlChanges(self): from Phoenix.Models import Privilege, Repository, Role Member.createTable(ifNotExists=True) Role.createTable(ifNotExists=True) Repository.createTable(ifNotExists=True) Privilege.createTable(ifNotExists=True) Hook.createTable(ifNotExists=True) Key.createTable(ifNotExists=True)
def _getMemberByUsernameOrEmail(self, username, email, must=False): logging.info("Trying to find the user by username or email ...") member = None try: if username: member = Member.selectBy(username=username)[0] if email: member = Member.selectBy(email=email)[0] except IndexError: if must and not member: raise AdminException("The user can not be found (username: `%s', email: `%s')" % (username, email)) if not must and member: raise AdminException("The user `%s' with email `%s' already exists." % (member.username, member.email)) return member
def serve(self): logging.disable(logging.INFO) key = Key.get(self.args.key_id) member = key.getMember() if not os.environ.get("SSH_ORIGINAL_COMMAND"): print "Hi %s!" % member.username print "You've successfully authenticated, but %s does not provide shell access." % Config.get("phoenix", "app_name", "Phoenix") print "Use the following command to clone a repository:" print " > git clone git@%s:%s/repository.git" % (gethostname(), member.username) return False else: (command, fullpath) = os.environ.get("SSH_ORIGINAL_COMMAND").replace("'", "").split() if not Validate.gitcommand(command): raise Exception(command) print "Hi %s!" % member.username print "You've successfully authenticated, but %s does not provide shell access." % Config.get("phoenix", "app_name", "Phoenix") print "Use the following command to clone a repository:" print " > git clone git@%s:%s/repository.git" % (gethostname(), member.username) return False (username, repopath) = fullpath.split("/") try: owner = Member.selectBy(username=username)[0] repo = Repository.selectBy(member=owner, path=repopath)[0] except IndexError: logging.error("Repository `%s' not found but requested ..." % fullpath) raise ClientException("You are not allowed in this repository!") if repo.hasAccess(member, "master", "", "U" if command == "git-receive-pack" else "R"): __import__("os").execvp("git", ["git", "shell", "-c", "%s '%s'" % (command, repo.getFullpath())]) else: logging.error("User `%s' tried to access repository `%s' ..." % (member.id, repo.id)) raise ClientException("You are not allowed in this repository!")
def _getMemberByUsernameOrEmail(self, username, email, must=False): logging.info("Trying to find the user by username or email ...") member = None try: if username: member = Member.selectBy(username=username)[0] if email: member = Member.selectBy(email=email)[0] except IndexError: if must and not member: raise AdminException( "The user can not be found (username: `%s', email: `%s')" % (username, email)) if not must and member: raise AdminException( "The user `%s' with email `%s' already exists." % (member.username, member.email)) return member
def adduser(self): logging.info("Defining username, name and email ...") username = self.args.username name = self.args.name email = self.args.email dummy = self._getMemberByUsernameOrEmail(username, email) logging.info("Creating and saving the new user ...") Member(username=username, email=email, name=name) print "Done."
def serve(self): logging.disable(logging.INFO) key = Key.get(self.args.key_id) member = key.getMember() if not os.environ.get("SSH_ORIGINAL_COMMAND"): print "Hi %s!" % member.username print "You've successfully authenticated, but %s does not provide shell access." % Config.get( "phoenix", "app_name", "Phoenix") print "Use the following command to clone a repository:" print " > git clone git@%s:%s/repository.git" % ( gethostname(), member.username) return False else: (command, fullpath) = os.environ.get("SSH_ORIGINAL_COMMAND").replace( "'", "").split() if not Validate.gitcommand(command): raise Exception(command) print "Hi %s!" % member.username print "You've successfully authenticated, but %s does not provide shell access." % Config.get( "phoenix", "app_name", "Phoenix") print "Use the following command to clone a repository:" print " > git clone git@%s:%s/repository.git" % ( gethostname(), member.username) return False (username, repopath) = fullpath.split("/") try: owner = Member.selectBy(username=username)[0] repo = Repository.selectBy(member=owner, path=repopath)[0] except IndexError: logging.error("Repository `%s' not found but requested ..." % fullpath) raise ClientException("You are not allowed in this repository!") if repo.hasAccess(member, "master", "", "U" if command == "git-receive-pack" else "R"): __import__("os").execvp("git", [ "git", "shell", "-c", "%s '%s'" % (command, repo.getFullpath()) ]) else: logging.error("User `%s' tried to access repository `%s' ..." % (member.id, repo.id)) raise ClientException("You are not allowed in this repository!")
def member(cls, id): from Phoenix.Models import Member if Member.get(id): return True return False
def init(self): if Config.get("phoenix", "initialized") == "True": raise AdminException("Already initialized.") logging.info("Defining variables for init ...") user = self.args.git_user base = path.join(self.args.base_dir, user) repo = path.join(base, self.args.repository_dir) tar = path.join(base, self.args.tarball_dir) ssh = path.join(base, ".ssh") auth_keys = path.join(ssh, "authorized_keys") admin_repo = self.args.admin_repo email = self.args.admin_email name = self.args.admin_name username = self.args.admin_username sql = self.args.sql_connect or "sqlite://%s" % path.join( base, "phoenix.db") logging.info("Checking for permission to write the config file ...") if not File.writePermission(Config.get("CONF_FILE")): raise AdminException( "You don't have permission to write the config file `%s' ..." % Config.get("CONF_FILE")) if not SysUser.exists(self.args.git_user): logging.info("Creating user `%s' ... " % user) SysUser.create(user, base) Config.set("phoenix", "user", user) Config.set("phoenix", "base", base) else: raise AdminException("The user `%s' already exists." % user) logging.info("Saving SQL connection string `%s' ..." % sql) Config.set("phoenix", "sql_connect", sql) Config.set("phoenix", "initialized", True) Config.set("phoenix", "authorized_keys", auth_keys) __import__("os").setgid(__import__("pwd").getpwnam(user).pw_gid) __import__("os").setuid(__import__("pwd").getpwnam(user).pw_uid) logging.info( "Checking for permission to write the config file as `%s' ..." % user) if not File.writePermission(Config.get("CONF_FILE")): raise AdminException( "You don't have permission to write the config file `%s' ..." % Config.get("CONF_FILE")) from sqlobject import connectionForURI, sqlhub connection = connectionForURI(Config.get("phoenix", "sql_connect")) sqlhub.processConnection = connection self._sqlChanges() self._createDirectoryStructure(repo, tar, ssh) logging.info("Creating `%s' ..." % auth_keys) File.touch(auth_keys) logging.info( "Saving admin user information `%s' and `%s' in database ..." % (name, email)) admin = Member(username=username, email=email, name=name) if admin_repo: logging.info( "Initializing development repository at `%s/phoenix.git' ..." % repo) admin.addRepository("Phoenix Server Management", "phoenix.git") print "Done."
def getMember(self): from Phoenix.Models import Member return Member.get(self.member.id)