revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-09-23 02:38:48 +02:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/diffusion/ssh/DiffusionSSHWorkflow.php

130 lines
3.5 KiB
PHP
Raw Normal View History

Route some VCS connections over SSH Summary: - Add web UI for configuring SSH hosting. - Route git reads (`git-upload-pack` over SSH). Test Plan: >>> orbital ~ $ git clone ssh://127.0.0.1/ Cloning into '127.0.0.1'... Exception: Unrecognized repository path "/". Expected a path like "/diffusion/X/". fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/X/ Cloning into 'X'... Exception: No repository "X" exists! fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/MT/ Cloning into 'MT'... Exception: This repository is not available over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/P/ Cloning into 'P'... Exception: TODO: Implement serve over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. Reviewers: btrahan Reviewed By: btrahan CC: hach-que, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7421
2013-10-26 19:46:09 +02:00
<?php
abstract class DiffusionSSHWorkflow extends PhabricatorSSHWorkflow {
private $args;
Generalize SSH passthru for repository hosting Summary: Ref T2230. In Git, we can determine if a command is read-only or read/write from the command itself, but this isn't the case in Mercurial or SVN. For Mercurial and SVN, we need to proxy the protocol that's coming over the wire, look at each request from the client, and then check if it's a read or a write. To support this, provide a more flexible version of `passthruIO`. The way this will work is: - The SSH IO channel is wrapped in a `ProtocolChannel` which can parse the the incoming stream into message objects. - The `willWriteCallback` will look at those messages and determine if they're reads or writes. - If they're writes, it will check for write permission. - If we're good to go, the message object is converted back into a byte stream and handed to the underlying command. Test Plan: Executed `git clone`, `git clone --depth 3`, `git push` (against no-write repo, got error), `git push` (against valid repo). Reviewers: btrahan Reviewed By: btrahan CC: hach-que, asherkin, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7551
2013-11-11 21:12:21 +01:00
private $repository;
private $hasWriteAccess;
public function getRepository() {
Support serving SVN repositories over SSH Summary: Ref T2230. The SVN protocol has a sensible protocol format with a good spec here: http://svn.apache.org/repos/asf/subversion/trunk/subversion/libsvn_ra_svn/protocol Particularly, compare this statement to the clown show that is the Mercurial wire protocol: > It is possible to parse an item without knowing its type in advance. WHAT A REASONABLE STATEMENT TO BE ABLE TO MAKE ABOUT A WIRE PROTOCOL Although it makes substantially more sense than Mercurial, it's much heavier-weight than the Git or Mercurial protocols, since it isn't distributed. It's also not possible to figure out if a request is a write request (or even which repository it is against) without proxying some of the protocol frames. Finally, several protocol commands embed repository URLs, and we need to reach into the protocol and translate them. Test Plan: Ran various SVN commands over SSH (`svn log`, `svn up`, `svn commit`, etc). Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7556
2013-11-11 21:19:06 +01:00
if (!$this->repository) {
throw new Exception("Call loadRepository() before getRepository()!");
}
Generalize SSH passthru for repository hosting Summary: Ref T2230. In Git, we can determine if a command is read-only or read/write from the command itself, but this isn't the case in Mercurial or SVN. For Mercurial and SVN, we need to proxy the protocol that's coming over the wire, look at each request from the client, and then check if it's a read or a write. To support this, provide a more flexible version of `passthruIO`. The way this will work is: - The SSH IO channel is wrapped in a `ProtocolChannel` which can parse the the incoming stream into message objects. - The `willWriteCallback` will look at those messages and determine if they're reads or writes. - If they're writes, it will check for write permission. - If we're good to go, the message object is converted back into a byte stream and handed to the underlying command. Test Plan: Executed `git clone`, `git clone --depth 3`, `git push` (against no-write repo, got error), `git push` (against valid repo). Reviewers: btrahan Reviewed By: btrahan CC: hach-que, asherkin, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7551
2013-11-11 21:12:21 +01:00
return $this->repository;
}
Route some VCS connections over SSH Summary: - Add web UI for configuring SSH hosting. - Route git reads (`git-upload-pack` over SSH). Test Plan: >>> orbital ~ $ git clone ssh://127.0.0.1/ Cloning into '127.0.0.1'... Exception: Unrecognized repository path "/". Expected a path like "/diffusion/X/". fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/X/ Cloning into 'X'... Exception: No repository "X" exists! fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/MT/ Cloning into 'MT'... Exception: This repository is not available over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/P/ Cloning into 'P'... Exception: TODO: Implement serve over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. Reviewers: btrahan Reviewed By: btrahan CC: hach-que, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7421
2013-10-26 19:46:09 +02:00
public function getArgs() {
return $this->args;
Install pre-commit hooks in Git repositories Summary: Ref T4189. T4189 describes most of the intent here: - When updating hosted repositories, sync a pre-commit hook into them instead of doing a `git fetch`. - The hook calls into Phabricator. The acting Phabricator user is sent via PHABRICATOR_USER in the environment. The active repository is sent via CLI. - The hook doesn't do anything useful yet; it just veifies basic parameters, does a little parsing, and exits 0 to allow the commit. Test Plan: - Performed Git pushes and pulls over SSH and HTTP. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4189 Differential Revision: https://secure.phabricator.com/D7682
2013-12-03 00:45:36 +01:00
}
public function getEnvironment() {
return array(
'PHABRICATOR_USER' => $this->getUser()->getUsername(),
);
Route some VCS connections over SSH Summary: - Add web UI for configuring SSH hosting. - Route git reads (`git-upload-pack` over SSH). Test Plan: >>> orbital ~ $ git clone ssh://127.0.0.1/ Cloning into '127.0.0.1'... Exception: Unrecognized repository path "/". Expected a path like "/diffusion/X/". fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/X/ Cloning into 'X'... Exception: No repository "X" exists! fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/MT/ Cloning into 'MT'... Exception: This repository is not available over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/P/ Cloning into 'P'... Exception: TODO: Implement serve over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. Reviewers: btrahan Reviewed By: btrahan CC: hach-que, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7421
2013-10-26 19:46:09 +02:00
}
Support serving SVN repositories over SSH Summary: Ref T2230. The SVN protocol has a sensible protocol format with a good spec here: http://svn.apache.org/repos/asf/subversion/trunk/subversion/libsvn_ra_svn/protocol Particularly, compare this statement to the clown show that is the Mercurial wire protocol: > It is possible to parse an item without knowing its type in advance. WHAT A REASONABLE STATEMENT TO BE ABLE TO MAKE ABOUT A WIRE PROTOCOL Although it makes substantially more sense than Mercurial, it's much heavier-weight than the Git or Mercurial protocols, since it isn't distributed. It's also not possible to figure out if a request is a write request (or even which repository it is against) without proxying some of the protocol frames. Finally, several protocol commands embed repository URLs, and we need to reach into the protocol and translate them. Test Plan: Ran various SVN commands over SSH (`svn log`, `svn up`, `svn commit`, etc). Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7556
2013-11-11 21:19:06 +01:00
abstract protected function executeRepositoryOperations();
Serve Git reads over SSH Summary: Like D7423, but for SSH. Test Plan: Ran `git clone ssh://...`, got a clone. Reviewers: btrahan Reviewed By: btrahan CC: hach-que, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7424
2013-10-26 21:18:54 +02:00
Route some VCS connections over SSH Summary: - Add web UI for configuring SSH hosting. - Route git reads (`git-upload-pack` over SSH). Test Plan: >>> orbital ~ $ git clone ssh://127.0.0.1/ Cloning into '127.0.0.1'... Exception: Unrecognized repository path "/". Expected a path like "/diffusion/X/". fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/X/ Cloning into 'X'... Exception: No repository "X" exists! fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/MT/ Cloning into 'MT'... Exception: This repository is not available over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/P/ Cloning into 'P'... Exception: TODO: Implement serve over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. Reviewers: btrahan Reviewed By: btrahan CC: hach-que, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7421
2013-10-26 19:46:09 +02:00
protected function writeError($message) {
$this->getErrorChannel()->write($message);
return $this;
}
final public function execute(PhutilArgumentParser $args) {
$this->args = $args;
try {
Support serving SVN repositories over SSH Summary: Ref T2230. The SVN protocol has a sensible protocol format with a good spec here: http://svn.apache.org/repos/asf/subversion/trunk/subversion/libsvn_ra_svn/protocol Particularly, compare this statement to the clown show that is the Mercurial wire protocol: > It is possible to parse an item without knowing its type in advance. WHAT A REASONABLE STATEMENT TO BE ABLE TO MAKE ABOUT A WIRE PROTOCOL Although it makes substantially more sense than Mercurial, it's much heavier-weight than the Git or Mercurial protocols, since it isn't distributed. It's also not possible to figure out if a request is a write request (or even which repository it is against) without proxying some of the protocol frames. Finally, several protocol commands embed repository URLs, and we need to reach into the protocol and translate them. Test Plan: Ran various SVN commands over SSH (`svn log`, `svn up`, `svn commit`, etc). Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7556
2013-11-11 21:19:06 +01:00
return $this->executeRepositoryOperations();
Route some VCS connections over SSH Summary: - Add web UI for configuring SSH hosting. - Route git reads (`git-upload-pack` over SSH). Test Plan: >>> orbital ~ $ git clone ssh://127.0.0.1/ Cloning into '127.0.0.1'... Exception: Unrecognized repository path "/". Expected a path like "/diffusion/X/". fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/X/ Cloning into 'X'... Exception: No repository "X" exists! fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/MT/ Cloning into 'MT'... Exception: This repository is not available over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/P/ Cloning into 'P'... Exception: TODO: Implement serve over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. Reviewers: btrahan Reviewed By: btrahan CC: hach-que, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7421
2013-10-26 19:46:09 +02:00
} catch (Exception $ex) {
$this->writeError(get_class($ex).': '.$ex->getMessage());
return 1;
}
}
Support serving SVN repositories over SSH Summary: Ref T2230. The SVN protocol has a sensible protocol format with a good spec here: http://svn.apache.org/repos/asf/subversion/trunk/subversion/libsvn_ra_svn/protocol Particularly, compare this statement to the clown show that is the Mercurial wire protocol: > It is possible to parse an item without knowing its type in advance. WHAT A REASONABLE STATEMENT TO BE ABLE TO MAKE ABOUT A WIRE PROTOCOL Although it makes substantially more sense than Mercurial, it's much heavier-weight than the Git or Mercurial protocols, since it isn't distributed. It's also not possible to figure out if a request is a write request (or even which repository it is against) without proxying some of the protocol frames. Finally, several protocol commands embed repository URLs, and we need to reach into the protocol and translate them. Test Plan: Ran various SVN commands over SSH (`svn log`, `svn up`, `svn commit`, etc). Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7556
2013-11-11 21:19:06 +01:00
protected function loadRepository($path) {
Route some VCS connections over SSH Summary: - Add web UI for configuring SSH hosting. - Route git reads (`git-upload-pack` over SSH). Test Plan: >>> orbital ~ $ git clone ssh://127.0.0.1/ Cloning into '127.0.0.1'... Exception: Unrecognized repository path "/". Expected a path like "/diffusion/X/". fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/X/ Cloning into 'X'... Exception: No repository "X" exists! fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/MT/ Cloning into 'MT'... Exception: This repository is not available over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/P/ Cloning into 'P'... Exception: TODO: Implement serve over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. Reviewers: btrahan Reviewed By: btrahan CC: hach-que, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7421
2013-10-26 19:46:09 +02:00
$viewer = $this->getUser();
$regex = '@^/?diffusion/(?P<callsign>[A-Z]+)(?:/|$)@';
$matches = null;
if (!preg_match($regex, $path, $matches)) {
throw new Exception(
pht(
'Unrecognized repository path "%s". Expected a path like '.
'"%s".',
$path,
"/diffusion/X/"));
}
$callsign = $matches[1];
$repository = id(new PhabricatorRepositoryQuery())
->setViewer($viewer)
->withCallsigns(array($callsign))
->executeOne();
if (!$repository) {
throw new Exception(
pht('No repository "%s" exists!', $callsign));
}
Generalize SSH passthru for repository hosting Summary: Ref T2230. In Git, we can determine if a command is read-only or read/write from the command itself, but this isn't the case in Mercurial or SVN. For Mercurial and SVN, we need to proxy the protocol that's coming over the wire, look at each request from the client, and then check if it's a read or a write. To support this, provide a more flexible version of `passthruIO`. The way this will work is: - The SSH IO channel is wrapped in a `ProtocolChannel` which can parse the the incoming stream into message objects. - The `willWriteCallback` will look at those messages and determine if they're reads or writes. - If they're writes, it will check for write permission. - If we're good to go, the message object is converted back into a byte stream and handed to the underlying command. Test Plan: Executed `git clone`, `git clone --depth 3`, `git push` (against no-write repo, got error), `git push` (against valid repo). Reviewers: btrahan Reviewed By: btrahan CC: hach-que, asherkin, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7551
2013-11-11 21:12:21 +01:00
switch ($repository->getServeOverSSH()) {
case PhabricatorRepository::SERVE_READONLY:
case PhabricatorRepository::SERVE_READWRITE:
// If we have read or read/write access, proceed for now. We will
// check write access when the user actually issues a write command.
break;
case PhabricatorRepository::SERVE_OFF:
default:
throw new Exception(
pht('This repository is not available over SSH.'));
}
Support serving SVN repositories over SSH Summary: Ref T2230. The SVN protocol has a sensible protocol format with a good spec here: http://svn.apache.org/repos/asf/subversion/trunk/subversion/libsvn_ra_svn/protocol Particularly, compare this statement to the clown show that is the Mercurial wire protocol: > It is possible to parse an item without knowing its type in advance. WHAT A REASONABLE STATEMENT TO BE ABLE TO MAKE ABOUT A WIRE PROTOCOL Although it makes substantially more sense than Mercurial, it's much heavier-weight than the Git or Mercurial protocols, since it isn't distributed. It's also not possible to figure out if a request is a write request (or even which repository it is against) without proxying some of the protocol frames. Finally, several protocol commands embed repository URLs, and we need to reach into the protocol and translate them. Test Plan: Ran various SVN commands over SSH (`svn log`, `svn up`, `svn commit`, etc). Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7556
2013-11-11 21:19:06 +01:00
$this->repository = $repository;
Generalize SSH passthru for repository hosting Summary: Ref T2230. In Git, we can determine if a command is read-only or read/write from the command itself, but this isn't the case in Mercurial or SVN. For Mercurial and SVN, we need to proxy the protocol that's coming over the wire, look at each request from the client, and then check if it's a read or a write. To support this, provide a more flexible version of `passthruIO`. The way this will work is: - The SSH IO channel is wrapped in a `ProtocolChannel` which can parse the the incoming stream into message objects. - The `willWriteCallback` will look at those messages and determine if they're reads or writes. - If they're writes, it will check for write permission. - If we're good to go, the message object is converted back into a byte stream and handed to the underlying command. Test Plan: Executed `git clone`, `git clone --depth 3`, `git push` (against no-write repo, got error), `git push` (against valid repo). Reviewers: btrahan Reviewed By: btrahan CC: hach-que, asherkin, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7551
2013-11-11 21:12:21 +01:00
return $repository;
}
Support serving SVN repositories over SSH Summary: Ref T2230. The SVN protocol has a sensible protocol format with a good spec here: http://svn.apache.org/repos/asf/subversion/trunk/subversion/libsvn_ra_svn/protocol Particularly, compare this statement to the clown show that is the Mercurial wire protocol: > It is possible to parse an item without knowing its type in advance. WHAT A REASONABLE STATEMENT TO BE ABLE TO MAKE ABOUT A WIRE PROTOCOL Although it makes substantially more sense than Mercurial, it's much heavier-weight than the Git or Mercurial protocols, since it isn't distributed. It's also not possible to figure out if a request is a write request (or even which repository it is against) without proxying some of the protocol frames. Finally, several protocol commands embed repository URLs, and we need to reach into the protocol and translate them. Test Plan: Ran various SVN commands over SSH (`svn log`, `svn up`, `svn commit`, etc). Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7556
2013-11-11 21:19:06 +01:00
protected function requireWriteAccess($protocol_command = null) {
Generalize SSH passthru for repository hosting Summary: Ref T2230. In Git, we can determine if a command is read-only or read/write from the command itself, but this isn't the case in Mercurial or SVN. For Mercurial and SVN, we need to proxy the protocol that's coming over the wire, look at each request from the client, and then check if it's a read or a write. To support this, provide a more flexible version of `passthruIO`. The way this will work is: - The SSH IO channel is wrapped in a `ProtocolChannel` which can parse the the incoming stream into message objects. - The `willWriteCallback` will look at those messages and determine if they're reads or writes. - If they're writes, it will check for write permission. - If we're good to go, the message object is converted back into a byte stream and handed to the underlying command. Test Plan: Executed `git clone`, `git clone --depth 3`, `git push` (against no-write repo, got error), `git push` (against valid repo). Reviewers: btrahan Reviewed By: btrahan CC: hach-que, asherkin, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7551
2013-11-11 21:12:21 +01:00
if ($this->hasWriteAccess === true) {
return;
}
$repository = $this->getRepository();
$viewer = $this->getUser();
Route some VCS connections over SSH Summary: - Add web UI for configuring SSH hosting. - Route git reads (`git-upload-pack` over SSH). Test Plan: >>> orbital ~ $ git clone ssh://127.0.0.1/ Cloning into '127.0.0.1'... Exception: Unrecognized repository path "/". Expected a path like "/diffusion/X/". fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/X/ Cloning into 'X'... Exception: No repository "X" exists! fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/MT/ Cloning into 'MT'... Exception: This repository is not available over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/P/ Cloning into 'P'... Exception: TODO: Implement serve over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. Reviewers: btrahan Reviewed By: btrahan CC: hach-que, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7421
2013-10-26 19:46:09 +02:00
switch ($repository->getServeOverSSH()) {
case PhabricatorRepository::SERVE_READONLY:
Support serving SVN repositories over SSH Summary: Ref T2230. The SVN protocol has a sensible protocol format with a good spec here: http://svn.apache.org/repos/asf/subversion/trunk/subversion/libsvn_ra_svn/protocol Particularly, compare this statement to the clown show that is the Mercurial wire protocol: > It is possible to parse an item without knowing its type in advance. WHAT A REASONABLE STATEMENT TO BE ABLE TO MAKE ABOUT A WIRE PROTOCOL Although it makes substantially more sense than Mercurial, it's much heavier-weight than the Git or Mercurial protocols, since it isn't distributed. It's also not possible to figure out if a request is a write request (or even which repository it is against) without proxying some of the protocol frames. Finally, several protocol commands embed repository URLs, and we need to reach into the protocol and translate them. Test Plan: Ran various SVN commands over SSH (`svn log`, `svn up`, `svn commit`, etc). Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7556
2013-11-11 21:19:06 +01:00
if ($protocol_command !== null) {
throw new Exception(
pht(
'This repository is read-only over SSH (tried to execute '.
'protocol command "%s").',
$protocol_command));
} else {
throw new Exception(
pht('This repository is read-only over SSH.'));
}
Route some VCS connections over SSH Summary: - Add web UI for configuring SSH hosting. - Route git reads (`git-upload-pack` over SSH). Test Plan: >>> orbital ~ $ git clone ssh://127.0.0.1/ Cloning into '127.0.0.1'... Exception: Unrecognized repository path "/". Expected a path like "/diffusion/X/". fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/X/ Cloning into 'X'... Exception: No repository "X" exists! fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/MT/ Cloning into 'MT'... Exception: This repository is not available over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/P/ Cloning into 'P'... Exception: TODO: Implement serve over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. Reviewers: btrahan Reviewed By: btrahan CC: hach-que, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7421
2013-10-26 19:46:09 +02:00
break;
case PhabricatorRepository::SERVE_READWRITE:
Generalize SSH passthru for repository hosting Summary: Ref T2230. In Git, we can determine if a command is read-only or read/write from the command itself, but this isn't the case in Mercurial or SVN. For Mercurial and SVN, we need to proxy the protocol that's coming over the wire, look at each request from the client, and then check if it's a read or a write. To support this, provide a more flexible version of `passthruIO`. The way this will work is: - The SSH IO channel is wrapped in a `ProtocolChannel` which can parse the the incoming stream into message objects. - The `willWriteCallback` will look at those messages and determine if they're reads or writes. - If they're writes, it will check for write permission. - If we're good to go, the message object is converted back into a byte stream and handed to the underlying command. Test Plan: Executed `git clone`, `git clone --depth 3`, `git push` (against no-write repo, got error), `git push` (against valid repo). Reviewers: btrahan Reviewed By: btrahan CC: hach-que, asherkin, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7551
2013-11-11 21:12:21 +01:00
$can_push = PhabricatorPolicyFilter::hasCapability(
$viewer,
$repository,
DiffusionCapabilityPush::CAPABILITY);
if (!$can_push) {
throw new Exception(
pht('You do not have permission to push to this repository.'));
Route some VCS connections over SSH Summary: - Add web UI for configuring SSH hosting. - Route git reads (`git-upload-pack` over SSH). Test Plan: >>> orbital ~ $ git clone ssh://127.0.0.1/ Cloning into '127.0.0.1'... Exception: Unrecognized repository path "/". Expected a path like "/diffusion/X/". fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/X/ Cloning into 'X'... Exception: No repository "X" exists! fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/MT/ Cloning into 'MT'... Exception: This repository is not available over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/P/ Cloning into 'P'... Exception: TODO: Implement serve over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. Reviewers: btrahan Reviewed By: btrahan CC: hach-que, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7421
2013-10-26 19:46:09 +02:00
}
break;
case PhabricatorRepository::SERVE_OFF:
default:
Generalize SSH passthru for repository hosting Summary: Ref T2230. In Git, we can determine if a command is read-only or read/write from the command itself, but this isn't the case in Mercurial or SVN. For Mercurial and SVN, we need to proxy the protocol that's coming over the wire, look at each request from the client, and then check if it's a read or a write. To support this, provide a more flexible version of `passthruIO`. The way this will work is: - The SSH IO channel is wrapped in a `ProtocolChannel` which can parse the the incoming stream into message objects. - The `willWriteCallback` will look at those messages and determine if they're reads or writes. - If they're writes, it will check for write permission. - If we're good to go, the message object is converted back into a byte stream and handed to the underlying command. Test Plan: Executed `git clone`, `git clone --depth 3`, `git push` (against no-write repo, got error), `git push` (against valid repo). Reviewers: btrahan Reviewed By: btrahan CC: hach-que, asherkin, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7551
2013-11-11 21:12:21 +01:00
// This shouldn't be reachable because we don't get this far if the
// repository isn't enabled, but kick them out anyway.
Route some VCS connections over SSH Summary: - Add web UI for configuring SSH hosting. - Route git reads (`git-upload-pack` over SSH). Test Plan: >>> orbital ~ $ git clone ssh://127.0.0.1/ Cloning into '127.0.0.1'... Exception: Unrecognized repository path "/". Expected a path like "/diffusion/X/". fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/X/ Cloning into 'X'... Exception: No repository "X" exists! fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/MT/ Cloning into 'MT'... Exception: This repository is not available over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/P/ Cloning into 'P'... Exception: TODO: Implement serve over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. Reviewers: btrahan Reviewed By: btrahan CC: hach-que, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7421
2013-10-26 19:46:09 +02:00
throw new Exception(
pht('This repository is not available over SSH.'));
}
Generalize SSH passthru for repository hosting Summary: Ref T2230. In Git, we can determine if a command is read-only or read/write from the command itself, but this isn't the case in Mercurial or SVN. For Mercurial and SVN, we need to proxy the protocol that's coming over the wire, look at each request from the client, and then check if it's a read or a write. To support this, provide a more flexible version of `passthruIO`. The way this will work is: - The SSH IO channel is wrapped in a `ProtocolChannel` which can parse the the incoming stream into message objects. - The `willWriteCallback` will look at those messages and determine if they're reads or writes. - If they're writes, it will check for write permission. - If we're good to go, the message object is converted back into a byte stream and handed to the underlying command. Test Plan: Executed `git clone`, `git clone --depth 3`, `git push` (against no-write repo, got error), `git push` (against valid repo). Reviewers: btrahan Reviewed By: btrahan CC: hach-que, asherkin, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7551
2013-11-11 21:12:21 +01:00
$this->hasWriteAccess = true;
return $this->hasWriteAccess;
Route some VCS connections over SSH Summary: - Add web UI for configuring SSH hosting. - Route git reads (`git-upload-pack` over SSH). Test Plan: >>> orbital ~ $ git clone ssh://127.0.0.1/ Cloning into '127.0.0.1'... Exception: Unrecognized repository path "/". Expected a path like "/diffusion/X/". fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/X/ Cloning into 'X'... Exception: No repository "X" exists! fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/MT/ Cloning into 'MT'... Exception: This repository is not available over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. >>> orbital ~ $ git clone ssh://127.0.0.1/diffusion/P/ Cloning into 'P'... Exception: TODO: Implement serve over SSH. fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. Reviewers: btrahan Reviewed By: btrahan CC: hach-que, aran Maniphest Tasks: T2230 Differential Revision: https://secure.phabricator.com/D7421
2013-10-26 19:46:09 +02:00
}
}
Copy permalink