brownbeagle-gitauth 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE +661 -0
- data/README.rdoc +92 -0
- data/bin/gitauth +162 -0
- data/bin/gitauth-shell +66 -0
- data/lib/gitauth/client.rb +91 -0
- data/lib/gitauth/command.rb +105 -0
- data/lib/gitauth/repo.rb +106 -0
- data/lib/gitauth/users.rb +119 -0
- data/lib/gitauth.rb +51 -0
- metadata +74 -0
@@ -0,0 +1,119 @@
|
|
1
|
+
#--
|
2
|
+
# Copyright (C) 2009 Brown Beagle Software
|
3
|
+
# Copyright (C) 2008 Darcy Laycock <sutto@sutto.net>
|
4
|
+
#
|
5
|
+
# This program is free software: you can redistribute it and/or modify
|
6
|
+
# it under the terms of the GNU Affero General Public License as published by
|
7
|
+
# the Free Software Foundation, either version 3 of the License, or
|
8
|
+
# (at your option) any later version.
|
9
|
+
#
|
10
|
+
# This program is distributed in the hope that it will be useful,
|
11
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13
|
+
# GNU Affero General Public License for more details.
|
14
|
+
#
|
15
|
+
# You should have received a copy of the GNU Affero General Public License
|
16
|
+
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
17
|
+
#++
|
18
|
+
|
19
|
+
|
20
|
+
module GitAuth
|
21
|
+
class Users
|
22
|
+
|
23
|
+
USERS_PATH = File.join(GitAuth::GITAUTH_DIR, "users.yml")
|
24
|
+
|
25
|
+
def self.all
|
26
|
+
@@all_users ||= nil
|
27
|
+
end
|
28
|
+
|
29
|
+
def self.load!
|
30
|
+
self.all = YAML.load_file(USERS_PATH) rescue nil if File.exist?(USERS_PATH)
|
31
|
+
self.all = [] unless self.all.is_a?(Array)
|
32
|
+
end
|
33
|
+
|
34
|
+
def self.save!
|
35
|
+
load! if self.all.nil?
|
36
|
+
File.open(USERS_PATH, "w+") do |f|
|
37
|
+
f.write self.all.to_yaml
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def self.all=(value)
|
42
|
+
@@all_users = value
|
43
|
+
end
|
44
|
+
|
45
|
+
def self.get(name)
|
46
|
+
GitAuth.logger.debug "Getting user for the name '#{name}'"
|
47
|
+
self.all.detect { |r| r.name == name }
|
48
|
+
end
|
49
|
+
|
50
|
+
def self.create(name, admin, key)
|
51
|
+
user = self.new(name, admin)
|
52
|
+
if user.write_ssh_key!(key)
|
53
|
+
self.load!
|
54
|
+
self.all << user
|
55
|
+
self.save!
|
56
|
+
return true
|
57
|
+
else
|
58
|
+
return false
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
attr_reader :name, :admin
|
63
|
+
|
64
|
+
def initialize(name, admin = false)
|
65
|
+
@name = name
|
66
|
+
@admin = admin
|
67
|
+
end
|
68
|
+
|
69
|
+
def write_ssh_key!(key)
|
70
|
+
cleaned_key = clean_ssh_key(key)
|
71
|
+
if cleaned_key.nil?
|
72
|
+
return false
|
73
|
+
else
|
74
|
+
gitauth_path = GitAuth.settings.shell_executable
|
75
|
+
output = "command=\"#{gitauth_path} #{@name}\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding#{shell_accessible? ? "" : ",no-pty"} #{cleaned_key}"
|
76
|
+
File.open(GitAuth.settings.authorized_keys_file, "a+") do |file|
|
77
|
+
file.puts output
|
78
|
+
end
|
79
|
+
return true
|
80
|
+
end
|
81
|
+
end
|
82
|
+
|
83
|
+
def admin?
|
84
|
+
!!@admin
|
85
|
+
end
|
86
|
+
|
87
|
+
def shell_accessible?
|
88
|
+
admin?
|
89
|
+
end
|
90
|
+
|
91
|
+
def pushable?(repo)
|
92
|
+
admin? || repo.writeable_by?(self)
|
93
|
+
end
|
94
|
+
|
95
|
+
def pullable?(repo)
|
96
|
+
admin? || repo.readable_by?(self)
|
97
|
+
end
|
98
|
+
|
99
|
+
def can_execute?(command, repo)
|
100
|
+
return nil if command.bad?
|
101
|
+
if command.write?
|
102
|
+
GitAuth.logger.debug "Checking if #{self.name} can push to #{repo.name}"
|
103
|
+
return self.pushable?(repo)
|
104
|
+
else
|
105
|
+
GitAuth.logger.debug "Checking if #{self.name} can pull from #{repo.name}"
|
106
|
+
return self.pullable?(repo)
|
107
|
+
end
|
108
|
+
end
|
109
|
+
|
110
|
+
def clean_ssh_key(key)
|
111
|
+
if key =~ /^(ssh-\w+ [a-zA-Z0-9\/\+]+==) .*$/
|
112
|
+
return $1
|
113
|
+
else
|
114
|
+
return nil
|
115
|
+
end
|
116
|
+
end
|
117
|
+
|
118
|
+
end
|
119
|
+
end
|
data/lib/gitauth.rb
ADDED
@@ -0,0 +1,51 @@
|
|
1
|
+
#--
|
2
|
+
# Copyright (C) 2009 BrownBeagle
|
3
|
+
# Copyright (C) 2008 Darcy Laycock <sutto@sutto.net>
|
4
|
+
#
|
5
|
+
# This program is free software: you can redistribute it and/or modify
|
6
|
+
# it under the terms of the GNU Affero General Public License as published by
|
7
|
+
# the Free Software Foundation, either version 3 of the License, or
|
8
|
+
# (at your option) any later version.
|
9
|
+
#
|
10
|
+
# This program is distributed in the hope that it will be useful,
|
11
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
12
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
13
|
+
# GNU Affero General Public License for more details.
|
14
|
+
#
|
15
|
+
# You should have received a copy of the GNU Affero General Public License
|
16
|
+
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
17
|
+
#++
|
18
|
+
|
19
|
+
|
20
|
+
require 'logger'
|
21
|
+
require 'yaml'
|
22
|
+
require 'ostruct'
|
23
|
+
|
24
|
+
module GitAuth
|
25
|
+
|
26
|
+
BASE_DIR = File.expand_path(File.join(File.dirname(__FILE__), ".."))
|
27
|
+
GITAUTH_DIR = File.expand_path("~/.gitauth/")
|
28
|
+
|
29
|
+
def self.logger
|
30
|
+
@logger ||= ::Logger.new(File.join(GITAUTH_DIR, "gitauth.log"))
|
31
|
+
end
|
32
|
+
|
33
|
+
def self.settings
|
34
|
+
@settings ||= OpenStruct.new(YAML.load_file(File.join(GITAUTH_DIR, "settings.yml")))
|
35
|
+
end
|
36
|
+
|
37
|
+
def self.setup!
|
38
|
+
unless File.exist?(GITAUTH_DIR) && File.directory?(GITAUTH_DIR)
|
39
|
+
$stderr.puts "GitAuth not been setup, please run: gitauth install"
|
40
|
+
exit! 1
|
41
|
+
end
|
42
|
+
dir = File.expand_path(File.join(File.dirname(__FILE__), "gitauth"))
|
43
|
+
%w(repo users command client).each do |file|
|
44
|
+
require File.join(dir, file)
|
45
|
+
end
|
46
|
+
# Load the users and repositories from a YAML File.
|
47
|
+
GitAuth::Repo.load!
|
48
|
+
GitAuth::Users.load!
|
49
|
+
end
|
50
|
+
|
51
|
+
end
|
metadata
ADDED
@@ -0,0 +1,74 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: brownbeagle-gitauth
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Darcy Laycock
|
8
|
+
- Alex Pooley
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
|
13
|
+
date: 2009-04-05 00:00:00 -07:00
|
14
|
+
default_executable: gitauth
|
15
|
+
dependencies:
|
16
|
+
- !ruby/object:Gem::Dependency
|
17
|
+
name: thor
|
18
|
+
type: :runtime
|
19
|
+
version_requirement:
|
20
|
+
version_requirements: !ruby/object:Gem::Requirement
|
21
|
+
requirements:
|
22
|
+
- - ">="
|
23
|
+
- !ruby/object:Gem::Version
|
24
|
+
version: 0.9.7
|
25
|
+
version:
|
26
|
+
description: Git Authentication Server
|
27
|
+
email: sutto@sutto.net
|
28
|
+
executables:
|
29
|
+
- gitauth
|
30
|
+
- gitauth-shell
|
31
|
+
extensions: []
|
32
|
+
|
33
|
+
extra_rdoc_files:
|
34
|
+
- README.rdoc
|
35
|
+
- LICENSE
|
36
|
+
files:
|
37
|
+
- README.rdoc
|
38
|
+
- LICENSE
|
39
|
+
- bin/gitauth
|
40
|
+
- bin/gitauth-shell
|
41
|
+
- lib/gitauth.rb
|
42
|
+
- lib/gitauth/client.rb
|
43
|
+
- lib/gitauth/command.rb
|
44
|
+
- lib/gitauth/repo.rb
|
45
|
+
- lib/gitauth/users.rb
|
46
|
+
has_rdoc: false
|
47
|
+
homepage: http://github.com/brownbeagle/gitauth
|
48
|
+
post_install_message:
|
49
|
+
rdoc_options:
|
50
|
+
- --inline-source
|
51
|
+
- --charset=UTF-8
|
52
|
+
require_paths:
|
53
|
+
- lib
|
54
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
55
|
+
requirements:
|
56
|
+
- - ">="
|
57
|
+
- !ruby/object:Gem::Version
|
58
|
+
version: "0"
|
59
|
+
version:
|
60
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
61
|
+
requirements:
|
62
|
+
- - ">="
|
63
|
+
- !ruby/object:Gem::Version
|
64
|
+
version: "0"
|
65
|
+
version:
|
66
|
+
requirements: []
|
67
|
+
|
68
|
+
rubyforge_project:
|
69
|
+
rubygems_version: 1.2.0
|
70
|
+
signing_key:
|
71
|
+
specification_version: 2
|
72
|
+
summary: Git Authentication Server
|
73
|
+
test_files: []
|
74
|
+
|