roundabout,
created on Saturday, 2 December 2023, 10:08:16 (1701511696),
received on Wednesday, 31 July 2024, 06:54:38 (1722408878)
Author identity: vlad <vlad.muntoiu@gmail.com>
93e6321c3d7645c340aac216ec5ff6e272aec62f
app.py
@@ -227,7 +227,7 @@ def main():
return flask.render_template("home.html") @app.route("/about")@app.route("/about/")def about(): return flask.render_template("about.html", platform=platform)
config.py
@@ -15,7 +15,7 @@ AUTH_REALM = "roundabout"
AVATAR_SIZE = (192, 192) HASHING_ROUNDS = 11 RESERVED_NAMES = ("git", "settings", "logout", "accounts", "info", "alerts", "notifications", "about",)RESERVED_NAMES = ("git", "settings", "logout", "accounts", "info", "alerts", "notifications", "about", "newrepo")locking = False
gitHTTP.py
@@ -15,6 +15,9 @@ import datetime
auth = HTTPBasicAuth(realm=config.AUTH_REALM) authRequired = flask.Response("Unauthorized Access", 401, {"WWW-Authenticate": 'Basic realm="Login Required"'}) @auth.verify_password def verifyPassword(username, password): user = User.query.filter_by(username=username).first()
@@ -27,8 +30,10 @@ def verifyPassword(username, password):
@app.route("/git/<username>/<repository>/git-upload-pack", methods=["POST"]) @auth.login_required@auth.login_required(optional=True)def gitUploadPack(username, repository): if auth.current_user() is None and not getVisibility(username, repository): return authRequiredif not (getVisibility(username, repository) or getPermissionLevel(flask.g.user, username, repository) is not None): flask.abort(403)
@@ -66,16 +71,23 @@ def gitReceivePack(username, repository):
@app.route("/git/<username>/<repository>/info/refs", methods=["GET"]) @auth.login_required@auth.login_required(optional=True)def gitInfoRefs(username, repository): if not (getVisibility(username, repository) or getPermissionLevel(flask.g.user, username, repository) is not None):flask.abort(403)if auth.current_user() is None and (not getVisibility(username, repository) or flask.request.args.get("service") == "git-receive-pack"): return authRequired try: if not (getVisibility(username, repository) or getPermissionLevel(flask.g.user, username, repository) is not None): flask.abort(403) except AttributeError: return authRequiredserverRepoLocation = os.path.join(config.REPOS_PATH, username, repository, ".git") service = flask.request.args.get("service") if service.startswith("git"): service = service[4:] else: flask.abort(403)if service == "receive-pack": print(getPermissionLevel(flask.g.user, username, repository))