Python script, ASCII text executable
1
import uuid
2
from app import app, gitCommand, User, Repo, Commit, RepoAccess, getPermissionLevel, getVisibility, db, bcrypt
4
import os
5
import shutil
6
import config
7
import flask
8
import git
9
import subprocess
10
from flask_httpauth import HTTPBasicAuth
11
import zlib
12
import re
13
import datetime
14
auth = HTTPBasicAuth(realm=config.AUTH_REALM)
16
authRequired = flask.Response("Unauthorized Access", 401, {"WWW-Authenticate": 'Basic realm="Login Required"'})
19
@auth.verify_password
22
def verifyPassword(username, password):
23
user = User.query.filter_by(username=username).first()
24
if user and bcrypt.check_password_hash(user.passwordHashed, password):
26
flask.g.user = username
27
return True
28
return False
30
@app.route("/git/<username>/<repository>/git-upload-pack", methods=["POST"])
33
@auth.login_required(optional=True)
34
def gitUploadPack(username, repository):
35
if auth.current_user() is None and not getVisibility(username, repository):
36
return authRequired
37
if not (getVisibility(username, repository) or getPermissionLevel(flask.g.user, username, repository) is not None):
38
flask.abort(403)
39
serverRepoLocation = os.path.join(config.REPOS_PATH, username, repository, ".git")
41
text = gitCommand(serverRepoLocation, flask.request.data, "upload-pack", "--stateless-rpc", ".")
42
return flask.Response(text, content_type="application/x-git-upload-pack-result")
44
@app.route("/git/<username>/<repository>/git-receive-pack", methods=["POST"])
47
@auth.login_required
48
def gitReceivePack(username, repository):
49
if not getPermissionLevel(flask.g.user, username, repository):
50
flask.abort(403)
51
serverRepoLocation = os.path.join(config.REPOS_PATH, username, repository, ".git")
53
text = gitCommand(serverRepoLocation, flask.request.data, "receive-pack", "--stateless-rpc", ".")
54
sha = flask.request.data.split(b" ", 2)[1].decode()
56
info = gitCommand(serverRepoLocation, None, "show", "-s", "--format='%H%n%at%n%cn <%ce>%n%B'", sha).decode()
57
if re.match("^[0-9a-fA-F]{40}$", info[:40]):
59
print(info.split("\n", 3))
60
sha, time, identity, body = info.split("\n", 3)
61
login = flask.g.user
62
user = User.query.filter_by(username=login).first()
64
repo = Repo.query.filter_by(route=f"/{username}/{repository}").first()
65
commit = Commit(sha, user, repo, time, body, identity)
66
db.session.add(commit)
68
db.session.commit()
69
return flask.Response(text, content_type="application/x-git-receive-pack-result")
71
@app.route("/git/<username>/<repository>/info/refs", methods=["GET"])
74
@auth.login_required(optional=True)
75
def gitInfoRefs(username, repository):
76
if auth.current_user() is None and (not getVisibility(username, repository) or flask.request.args.get("service") == "git-receive-pack"):
77
return authRequired
78
try:
79
if not (getVisibility(username, repository) or getPermissionLevel(flask.g.user, username, repository) is not None):
80
flask.abort(403)
81
except AttributeError:
82
return authRequired
83
serverRepoLocation = os.path.join(config.REPOS_PATH, username, repository, ".git")
85
service = flask.request.args.get("service")
86
if service.startswith("git"):
88
service = service[4:]
89
else:
90
flask.abort(403)
91
if service == "receive-pack":
93
print(getPermissionLevel(flask.g.user, username, repository))
94
if not getPermissionLevel(flask.g.user, username, repository):
95
flask.abort(403)
96
serviceLine = f"# service=git-{service}\n"
98
serviceLine = (f"{len(serviceLine) + 4:04x}" + serviceLine).encode()
99
if service == "upload-pack":
101
text = serviceLine + b"0000" + gitCommand(serverRepoLocation, None, "upload-pack", "--stateless-rpc", "--advertise-refs", "--http-backend-info-refs", ".")
102
elif service == "receive-pack":
103
text = serviceLine + b"0000" + gitCommand(serverRepoLocation, None, "receive-pack", "--http-backend-info-refs", ".")
104
else:
105
flask.abort(403)
106
response = flask.Response(text, content_type=f"application/x-git-{service}-advertisement")
108
response.headers["Cache-Control"] = "no-cache"
109
return response
111