Initial commit for svn repository management and access control:

* Identifier attribute added on Project model. Used as the unix group name for the project
* Web services (disabled by default) and scripts for repository management on a remote svn host

git-svn-id: http://redmine.rubyforge.org/svn/trunk@396 e93f8b46-1217-0410-a6f0-8f06a7374b81

18 files changed, 239 insertions, 5 deletions

diff --git a/app/apis/sys_api.rb b/app/apis/sys_api.rb
new file mode 100644
index 000000000..3a10c0402
--- /dev/null
+++ b/app/apis/sys_api.rb
@@ -0,0 +1,25 @@
+# redMine - project management software
+# Copyright (C) 2006-2007  Jean-Philippe Lang
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+class SysApi < ActionWebService::API::Base
+  api_method :projects,
+             :expects => [],
+             :returns => [[Project]]
+  api_method :repository_created,
+             :expects => [:int, :string],
+             :returns => [:int]
+end
diff --git a/app/controllers/sys_controller.rb b/app/controllers/sys_controller.rb
new file mode 100644
index 000000000..4900a845a
--- /dev/null
+++ b/app/controllers/sys_controller.rb
@@ -0,0 +1,44 @@
+# redMine - project management software
+# Copyright (C) 2006-2007  Jean-Philippe Lang
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+class SysController < ActionController::Base
+  wsdl_service_name 'Sys'
+  web_service_api SysApi
+  web_service_scaffold :invoke
+  
+  before_invocation :check_enabled
+  
+  def projects
+    Project.find(:all, :include => :repository)
+  end
+
+  def repository_created(project_id, url)
+    project = Project.find_by_id(project_id)
+    return 0 unless project && project.repository.nil?
+    logger.debug "Repository for #{project.name} created"
+    repository = Repository.new(:project => project, :url => url)
+    repository.root_url = url
+    repository.save
+    repository.id
+  end
+
+protected
+
+  def check_enabled(name, args)
+    Setting.sys_api_enabled?
+  end
+end
diff --git a/app/models/project.rb b/app/models/project.rb
index 10730ed1e..fe02cd829 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -30,13 +30,23 @@ class Project < ActiveRecord::Base
   has_one :wiki, :dependent => :destroy
   has_and_belongs_to_many :custom_fields, :class_name => 'IssueCustomField', :join_table => "#{table_name_prefix}custom_fields_projects#{table_name_suffix}", :association_foreign_key => 'custom_field_id'
   acts_as_tree :order => "name", :counter_cache => true
-
-  validates_presence_of :name, :description
-  validates_uniqueness_of :name
+  
+  validates_presence_of :name, :description, :identifier
+  validates_uniqueness_of :name, :identifier
   validates_associated :custom_values, :on => :update
   validates_associated :repository, :wiki
   validates_format_of :name, :with => /^[\w\s\'\-]*$/i
-
+  validates_length_of :identifier, :maximum => 12
+  validates_format_of :identifier, :with => /^[a-z0-9\-]*$/
+  
+  def identifier=(identifier)
+    super unless identifier_frozen?
+  end
+  
+  def identifier_frozen?
+    errors[:identifier].nil? && !(new_record? || identifier.blank?)
+  end
+  
   # returns latest created projects
   # non public projects will be returned only if user is a member of those
   def self.latest(user=nil, count=5)
diff --git a/app/views/projects/_form.rhtml b/app/views/projects/_form.rhtml
index ded227197..184370b92 100644
--- a/app/views/projects/_form.rhtml
+++ b/app/views/projects/_form.rhtml
@@ -9,6 +9,7 @@
 <% end %>
 
 <p><%= f.text_area :description, :required => true, :cols => 60, :rows => 3 %></p>
+<p><%= f.text_field :identifier, :required => true, :size => 15, :disabled => @project.identifier_frozen? %><br /><em><%= l(:text_project_identifier_info) unless @project.identifier_frozen? %></em></p>
 <p><%= f.text_field :homepage, :size => 40 %></p>
 <p><%= f.check_box :is_public %></p>
 
diff --git a/app/views/settings/edit.rhtml b/app/views/settings/edit.rhtml
index 223df7a9d..7a678c53f 100644
--- a/app/views/settings/edit.rhtml
+++ b/app/views/settings/edit.rhtml
@@ -48,6 +48,9 @@
 <p><label><%= l(:setting_autofetch_changesets) %></label>
 <%= check_box_tag 'settings[autofetch_changesets]', 1, Setting.autofetch_changesets? %><%= hidden_field_tag 'settings[autofetch_changesets]', 0 %></p>
 
+<p><label><%= l(:setting_sys_api_enabled) %></label>
+<%= check_box_tag 'settings[sys_api_enabled]', 1, Setting.sys_api_enabled? %><%= hidden_field_tag 'settings[sys_api_enabled]', 0 %></p>
+
 </div>
 <%= submit_tag l(:button_save) %>
 </div>
diff --git a/config/settings.yml b/config/settings.yml
index 5942f499b..979e9e7f7 100644
--- a/config/settings.yml
+++ b/config/settings.yml
@@ -52,3 +52,5 @@ feeds_limit:
   default: 15

 autofetch_changesets:

   default: 1

+sys_api_enabled:

+  default: 0

diff --git a/extra/svn/create_views.sql b/extra/svn/create_views.sql
new file mode 100644
index 000000000..ce02e0817
--- /dev/null
+++ b/extra/svn/create_views.sql
@@ -0,0 +1,24 @@
+/* ssh views */
+
+CREATE OR REPLACE VIEW ssh_users as
+select login as username, hashed_password as password
+from users
+where status = 1;
+
+
+/* nss views */
+
+CREATE OR REPLACE VIEW nss_groups AS
+select identifier AS name, (id + 5000) AS gid, 'x' AS password
+from projects;
+
+CREATE OR REPLACE VIEW nss_users AS
+select login AS username, CONCAT_WS(' ', firstname, lastname) as realname, (id + 5000) AS uid, 'x' AS password
+from users
+where status = 1;
+
+CREATE OR REPLACE VIEW nss_grouplist AS
+select (members.project_id + 5000) AS gid, users.login AS username 
+from users, members
+where users.id = members.user_id
+and users.status = 1;
diff --git a/extra/svn/manage_repos.pl b/extra/svn/manage_repos.pl
new file mode 100644
index 000000000..aab666f41
--- /dev/null
+++ b/extra/svn/manage_repos.pl
@@ -0,0 +1,75 @@
+#!/usr/bin/perl
+#
+# redMine is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+use strict;
+use SOAP::Lite;
+
+my $wdsl = 'http://192.168.0.10:3000/sys/service.wsdl';
+my $service = SOAP::Lite->service($wdsl);
+my $repos_base = '/var/svn';
+
+my $projects = $service->Projects('');
+
+foreach my $project (@{$projects}) {
+    my $repos_name = $project->{identifier};
+
+    if ($repos_name eq "") {
+        print("\tno identifier for project $project->{name}\n");
+        next;
+    }
+
+    unless ($repos_name =~ /^[a-z0-9\-]+$/) {
+        print("\tinvalid identifier for project $project->{name}\n");
+        next;
+    }
+
+    my $repos_path = "$repos_base/$repos_name";
+
+    if (-e $repos_path) {
+    	# check unix right and change them if needed
+    	my $other_read = (stat($repos_path))[2] & 00007;
+	    my $right;
+
+	    if ($project->{is_public} and not $other_read) {
+	        $right = "0775";
+	    } elsif (not $project->{is_public} and $other_read) {
+	        $right = "0770";
+	    } else {
+	        next;
+	    }
+		
+		# change mode	
+	    system('chmod', '-R', $right, $repos_path) == 0 or
+	        warn("\tunable to change mode on $repos_path : $?\n"), next;
+	
+	    print "\tmode change on $repos_path\n";
+    	    
+    } else {    
+	    # change umask to suit the repository's privacy
+	    $project->{is_public} ? umask 0002 : umask 0007;
+	    
+		# create the repository
+	    system('svnadmin', 'create', $repos_path) == 0 or
+	        warn("\tsystem svnadmin failed unable to create $repos_path\n"), next;
+	        
+		# set the group owner
+	    system('chown', '-R', "root:$repos_name", $repos_path) == 0 or
+	        warn("\tunable to create $repos_path : $?\n"), next;
+
+	    print "\trepository $repos_path created\n";
+	    my $call = $service->RepositoryCreated($project->{id}, "svn://host/$repos_name");
+	}
+}
diff --git a/extra/svn/svnserve.wrapper b/extra/svn/svnserve.wrapper
new file mode 100644
index 000000000..705a17e84
--- /dev/null
+++ b/extra/svn/svnserve.wrapper
@@ -0,0 +1,25 @@
+#!/usr/bin/perl
+#
+# redMine is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+# modify to suit your repository base
+my $repos_base = '/var/svn';
+
+my $path = '/usr/bin/';
+my %kwown_commands = map { $_ => 1 } qw/svnserve/;
+
+umask 0002;
+
+exec ('/usr/bin/svnserve', '-r', $repos_base, '-t');
diff --git a/lang/de.yml b/lang/de.yml
index 9c2c18a0a..a98947d77 100644
--- a/lang/de.yml
+++ b/lang/de.yml
@@ -146,6 +146,7 @@ field_subproject: Subprojekt von
 field_hours: Stunden
 field_activity: Aktivität
 field_spent_on: Datum
+field_identifier: Identifier
 
 setting_app_title: Applikation Titel
 setting_app_subtitle: Applikation Untertitel
@@ -161,6 +162,7 @@ setting_text_formatting: Textformatierung
 setting_wiki_compression: Wiki-Historie komprimieren
 setting_feeds_limit: Limit Feed Inhalt
 setting_autofetch_changesets: Autofetch SVN commits
+setting_sys_api_enabled: Enable WS for repository management
 
 label_user: Benutzer
 label_user_plural: Benutzer
@@ -394,6 +396,7 @@ text_journal_deleted: gelöscht
 text_tip_task_begin_day: Aufgabe, die an diesem Tag beginnt
 text_tip_task_end_day: Aufgabe, die an diesem Tag beendet
 text_tip_task_begin_end_day: Aufgabe, die an diesem Tag beginnt und beendet
+text_project_identifier_info: '12 characters maximum. Letters (a-z), numbers (0-9) and dashes allowed.<br />Once saved, the identifier can not be changed.'
 
 default_role_manager: Manager
 default_role_developper: Developer
diff --git a/lang/en.yml b/lang/en.yml
index ffc13928a..d4c589299 100644
--- a/lang/en.yml
+++ b/lang/en.yml
@@ -146,6 +146,7 @@ field_subproject: Subproject
 field_hours: Hours
 field_activity: Activity
 field_spent_on: Date
+field_identifier: Identifier
 
 setting_app_title: Application title
 setting_app_subtitle: Application subtitle
@@ -161,6 +162,7 @@ setting_text_formatting: Text formatting
 setting_wiki_compression: Wiki history compression
 setting_feeds_limit: Feed content limit
 setting_autofetch_changesets: Autofetch SVN commits
+setting_sys_api_enabled: Enable WS for repository management
 
 label_user: User
 label_user_plural: Users
@@ -394,6 +396,7 @@ text_journal_deleted: deleted
 text_tip_task_begin_day: task beginning this day
 text_tip_task_end_day: task ending this day
 text_tip_task_begin_end_day: task beginning and ending this day
+text_project_identifier_info: '12 characters maximum. Letters (a-z), numbers (0-9) and dashes allowed.<br />Once saved, the identifier can not be changed.'
 
 default_role_manager: Manager
 default_role_developper: Developer
diff --git a/lang/es.yml b/lang/es.yml
index acd03c53a..aad0b95a0 100644
--- a/lang/es.yml
+++ b/lang/es.yml
@@ -146,6 +146,7 @@ field_subproject: Proyecto secundario
 field_hours: Hours
 field_activity: Activity
 field_spent_on: Fecha
+field_identifier: Identifier
 
 setting_app_title: Título del aplicación
 setting_app_subtitle: Subtítulo del aplicación
@@ -161,6 +162,7 @@ setting_text_formatting: Formato de texto
 setting_wiki_compression: Compresión de la historia de Wiki
 setting_feeds_limit: Feed content limit
 setting_autofetch_changesets: Autofetch SVN commits
+setting_sys_api_enabled: Enable WS for repository management
 
 label_user: Usuario
 label_user_plural: Usuarios
@@ -394,6 +396,7 @@ text_journal_deleted: suprimido
 text_tip_task_begin_day: tarea que comienza este día
 text_tip_task_end_day: tarea que termina este día
 text_tip_task_begin_end_day: tarea que comienza y termina este día
+text_project_identifier_info: '12 characters maximum. Letters (a-z), numbers (0-9) and dashes allowed.<br />Once saved, the identifier can not be changed.'
 
 default_role_manager: Manager
 default_role_developper: Desarrollador
diff --git a/lang/fr.yml b/lang/fr.yml
index 243557e65..4218ca4f4 100644
--- a/lang/fr.yml
+++ b/lang/fr.yml
@@ -146,6 +146,7 @@ field_subproject: Sous-projet
 field_hours: Heures
 field_activity: Activité
 field_spent_on: Date
+field_identifier: Identifiant
 
 setting_app_title: Titre de l'application
 setting_app_subtitle: Sous-titre de l'application
@@ -161,6 +162,7 @@ setting_text_formatting: Formatage du texte
 setting_wiki_compression: Compression historique wiki
 setting_feeds_limit: Limite du contenu des flux RSS
 setting_autofetch_changesets: Récupération auto. des commits SVN
+setting_sys_api_enabled: Activer les WS pour la gestion des dépôts
 
 label_user: Utilisateur
 label_user_plural: Utilisateurs
@@ -394,6 +396,7 @@ text_journal_deleted: supprimé
 text_tip_task_begin_day: tâche commençant ce jour
 text_tip_task_end_day: tâche finissant ce jour
 text_tip_task_begin_end_day: tâche commençant et finissant ce jour
+text_project_identifier_info: '12 caractères maximum. Lettres (a-z), chiffres (0-9) et tirets autorisés.<br />Un fois sauvegardé, l''identifiant ne pourra plus être modifié.'
 
 default_role_manager: Manager
 default_role_developper: Développeur
diff --git a/lang/it.yml b/lang/it.yml
index c024b5fcf..d5c0f43dd 100644
--- a/lang/it.yml
+++ b/lang/it.yml
@@ -146,6 +146,7 @@ field_subproject: Sottoprogetto
 field_hours: Hours
 field_activity: Activity
 field_spent_on: Data
+field_identifier: Identifier
 
 setting_app_title: Titolo applicazione
 setting_app_subtitle: Sottotitolo applicazione
@@ -161,6 +162,7 @@ setting_text_formatting: Formattazione testo
 setting_wiki_compression: Compressione di storia di Wiki
 setting_feeds_limit: Feed content limit
 setting_autofetch_changesets: Autofetch SVN commits
+setting_sys_api_enabled: Enable WS for repository management
 
 label_user: Utente
 label_user_plural: Utenti
@@ -394,6 +396,7 @@ text_journal_deleted: deleted
 text_tip_task_begin_day: task beginning this day
 text_tip_task_end_day: task ending this day
 text_tip_task_begin_end_day: task beginning and ending this day
+text_project_identifier_info: '12 characters maximum. Letters (a-z), numbers (0-9) and dashes allowed.<br />Once saved, the identifier can not be changed.'
 
 default_role_manager: Manager
 default_role_developper: Sviluppatore
diff --git a/lang/ja.yml b/lang/ja.yml
index 90fdd9f77..127dbbe51 100644
--- a/lang/ja.yml
+++ b/lang/ja.yml
@@ -147,6 +147,7 @@ field_subproject: サブプロジェクト
 field_hours: 時間
 field_activity: 活動
 field_spent_on: 日付
+field_identifier: Identifier
 
 setting_app_title: アプリケーションのタイトル
 setting_app_subtitle: アプリケーションのサブタイトル
@@ -162,6 +163,7 @@ setting_text_formatting: テキストの書式
 setting_wiki_compression:  Wiki履歴を圧縮する
 setting_feeds_limit: フィード内容の上限
 setting_autofetch_changesets: SVNコミットを自動取得する
+setting_sys_api_enabled: Enable WS for repository management
 
 label_user: ユーザ
 label_user_plural: ユーザ
@@ -395,6 +397,7 @@ text_journal_deleted: 削除
 text_tip_task_begin_day: この日に開始するタスク
 text_tip_task_end_day: この日に終了するタスク
 text_tip_task_begin_end_day: この日のうちに開始して終了するタスク
+text_project_identifier_info: '12 characters maximum. Letters (a-z), numbers (0-9) and dashes allowed.<br />Once saved, the identifier can not be changed.'
 
 default_role_manager: 管理者
 default_role_developper: 開発者
diff --git a/lang/zh.yml b/lang/zh.yml
index b4b57f4a0..1496583fa 100644
--- a/lang/zh.yml
+++ b/lang/zh.yml
@@ -149,6 +149,7 @@ field_subproject: 子项目
 field_hours: Hours

 field_activity: 活动

 field_spent_on: 日期

+field_identifier: Identifier

 

 setting_app_title: 应用程序标题

 setting_app_subtitle: 应用程序子标题

@@ -164,6 +165,7 @@ setting_text_formatting: 文本格式
 setting_wiki_compression: Wiki history compression

 setting_feeds_limit: Feed content limit

 setting_autofetch_changesets: Autofetch SVN commits

+setting_sys_api_enabled: Enable WS for repository management

 

 label_user: 用户

 label_user_plural: 用户列表

@@ -397,6 +399,7 @@ text_journal_deleted: 已删除
 text_tip_task_begin_day: 开始于此

 text_tip_task_end_day: 在此结束

 text_tip_task_begin_end_day: 开始并结束于此

+text_project_identifier_info: '12 characters maximum. Letters (a-z), numbers (0-9) and dashes allowed.<br />Once saved, the identifier can not be changed.'

 

 default_role_manager: 管理员

 default_role_developper: 开发人员

diff --git a/test/fixtures/projects.yml b/test/fixtures/projects.yml
index 9aa2f9abe..d3758c9e3 100644
--- a/test/fixtures/projects.yml
+++ b/test/fixtures/projects.yml
@@ -8,6 +8,7 @@ projects_001:
   description: Recipes management application

   homepage: http://ecookbook.somenet.foo/

   is_public: true

+  identifier: ecookbook

   parent_id: 

 projects_002: 

   created_on: 2006-07-19 19:14:19 +02:00

@@ -18,6 +19,7 @@ projects_002:
   description: E-commerce web site

   homepage: ""

   is_public: false

+  identifier: onlinestore

   parent_id: 

 projects_003: 

   created_on: 2006-07-19 19:15:21 +02:00

@@ -28,6 +30,7 @@ projects_003:
   description: eCookBook Subproject 1

   homepage: ""

   is_public: true

+  identifier: subproject1

   parent_id: 1

 projects_004: 

   created_on: 2006-07-19 19:15:51 +02:00

@@ -38,4 +41,5 @@ projects_004:
   description: eCookbook Subproject 2

   homepage: ""

   is_public: true

+  identifier: subproject1

   parent_id: 1

diff --git a/test/integration/admin_test.rb b/test/integration/admin_test.rb
index 0241ae8da..c51dc1bf1 100644
--- a/test/integration/admin_test.rb
+++ b/test/integration/admin_test.rb
@@ -45,7 +45,7 @@ class AdminTest < ActionController::IntegrationTest
     get "projects/add"
     assert_response :success
     assert_template "projects/add"
-    post "projects/add", :project => { :name => "blog", :description => "weblog", :is_public => 1}
+    post "projects/add", :project => { :name => "blog", :description => "weblog", :identifier => "blog", :is_public => 1}
     assert_redirected_to "admin/projects"
     assert_equal 'Successful creation.', flash[:notice]