• Information

By using this site, you agree to have cookies stored on your device, strictly for functional purposes, such as storing your session and preferences.

Dismiss

 gitHTTP.py

View raw Download text/x-script.python • 3.56 kiB
Python script, ASCII text executable 
        
            
1

            import uuid
        
            
2

            
        
            
3

            from app import app, gitCommand, User, Repo, Commit, RepoAccess, getPermissionLevel, getVisibility, db, bcrypt
        
            
4

            import os
        
            
5

            import shutil
        
            
6

            import config
        
            
7

            import flask
        
            
8

            import git
        
            
9

            import subprocess
        
            
10

            from flask_httpauth import HTTPBasicAuth
        
            
11

            import zlib
        
            
12

            import re
        
            
13

            import datetime
        
            
14

            
        
            
15

            auth = HTTPBasicAuth(realm=config.AUTH_REALM)
        
            
16

            
        
            
17

            
        
            
18

            @auth.verify_password
        
            
19

            def verifyPassword(username, password):
        
            
20

                user = User.query.filter_by(username=username).first()
        
            
21

            
        
            
22

                if user and bcrypt.check_password_hash(user.passwordHashed, password):
        
            
23

                    flask.g.user = username
        
            
24

                    return True
        
            
25

            
        
            
26

                return False
        
            
27

            
        
            
28

            
        
            
29

            @app.route("/git/<username>/<repository>/git-upload-pack", methods=["POST"])
        
            
30

            @auth.login_required
        
            
31

            def gitUploadPack(username, repository):
        
            
32

                if not (getVisibility(username, repository) or getPermissionLevel(flask.g.user, username, repository) is not None):
        
            
33

                    flask.abort(403)
        
            
34

            
        
            
35

                serverRepoLocation = os.path.join(config.REPOS_PATH, username, repository, ".git")
        
            
36

                text = gitCommand(serverRepoLocation, flask.request.data, "upload-pack", "--stateless-rpc", ".")
        
            
37

            
        
            
38

                return flask.Response(text, content_type="application/x-git-upload-pack-result")
        
            
39

            
        
            
40

            
        
            
41

            @app.route("/git/<username>/<repository>/git-receive-pack", methods=["POST"])
        
            
42

            @auth.login_required
        
            
43

            def gitReceivePack(username, repository):
        
            
44

                if not getPermissionLevel(flask.g.user, username, repository):
        
            
45

                    flask.abort(403)
        
            
46

            
        
            
47

                serverRepoLocation = os.path.join(config.REPOS_PATH, username, repository, ".git")
        
            
48

                text = gitCommand(serverRepoLocation, flask.request.data, "receive-pack", "--stateless-rpc", ".")
        
            
49

            
        
            
50

                sha = flask.request.data.split(b" ", 2)[1].decode()
        
            
51

                info = gitCommand(serverRepoLocation, None, "show", "-s", "--format='%H%n%at%n%cn <%ce>%n%B'", sha).decode()
        
            
52

            
        
            
53

                if re.match("^[0-9a-fA-F]{40}$", info[:40]):
        
            
54

                    print(info.split("\n", 3))
        
            
55

                    sha, time, identity, body = info.split("\n", 3)
        
            
56

                    login = flask.g.user
        
            
57

            
        
            
58

                    user = User.query.filter_by(username=login).first()
        
            
59

                    repo = Repo.query.filter_by(route=f"/{username}/{repository}").first()
        
            
60

                    commit = Commit(sha, user, repo, time, body, identity)
        
            
61

            
        
            
62

                    db.session.add(commit)
        
            
63

                    db.session.commit()
        
            
64

            
        
            
65

                return flask.Response(text, content_type="application/x-git-receive-pack-result")
        
            
66

            
        
            
67

            
        
            
68

            @app.route("/git/<username>/<repository>/info/refs", methods=["GET"])
        
            
69

            @auth.login_required
        
            
70

            def gitInfoRefs(username, repository):
        
            
71

                if not (getVisibility(username, repository) or getPermissionLevel(flask.g.user, username, repository) is not None):
        
            
72

                    flask.abort(403)
        
            
73

            
        
            
74

                serverRepoLocation = os.path.join(config.REPOS_PATH, username, repository, ".git")
        
            
75

                service = flask.request.args.get("service")
        
            
76

            
        
            
77

                if service.startswith("git"):
        
            
78

                    service = service[4:]
        
            
79

            
        
            
80

                if service == "receive-pack":
        
            
81

                    print(getPermissionLevel(flask.g.user, username, repository))
        
            
82

                    if not getPermissionLevel(flask.g.user, username, repository):
        
            
83

                        flask.abort(403)
        
            
84

            
        
            
85

                serviceLine = f"# service=git-{service}\n"
        
            
86

                serviceLine = (f"{len(serviceLine) + 4:04x}" + serviceLine).encode()
        
            
87

            
        
            
88

                if service == "upload-pack":
        
            
89

                    text = serviceLine + b"0000" + gitCommand(serverRepoLocation, None, "upload-pack", "--stateless-rpc", "--advertise-refs", "--http-backend-info-refs", ".")
        
            
90

                elif service == "receive-pack":
        
            
91

                    text = serviceLine + b"0000" + gitCommand(serverRepoLocation, None, "receive-pack", "--http-backend-info-refs", ".")
        
            
92

                else:
        
            
93

                    flask.abort(403)
        
            
94

            
        
            
95

                response = flask.Response(text, content_type=f"application/x-git-{service}-advertisement")
        
            
96

                response.headers["Cache-Control"] = "no-cache"
        
            
97

            
        
            
98

                return response
        
            
99

            
        
            
100