From 43b322b7f0541735528cb4ad24c8d8565e6e3682 Mon Sep 17 00:00:00 2001 From: Richard Ipsum Date: Wed, 8 Jan 2014 16:46:43 +0000 Subject: Add gitano-command cgi --- bin/gitano-command.cgi.in | 91 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+) create mode 100755 bin/gitano-command.cgi.in diff --git a/bin/gitano-command.cgi.in b/bin/gitano-command.cgi.in new file mode 100755 index 0000000..bc280b2 --- /dev/null +++ b/bin/gitano-command.cgi.in @@ -0,0 +1,91 @@ +-- @@SHEBANG +-- -*- Lua -*- +-- command cgi +-- +-- Git (with) Augmented network operations -- User authentication wrapper +-- +-- Copyright 2014 Codethink Ltd +-- +-- + +-- @@GITANO_LUA_PATH + +local gitano = require "gitano" +local gall = require "gall" +local luxio = require "luxio" +local sio = require "luxio.simple" + +-- @@GITANO_BIN_PATH +-- @@GITANO_SHARE_PATH + +local stdout = sio.stdout + +function url_decode(str) + str = string.gsub (str, "+", " ") + str = string.gsub (str, "%%(%x%x)", + function(h) return string.char(tonumber(h,16)) end) + str = string.gsub (str, "\r\n", "\n") + return str +end + +function run_command(cmd, cmdline, parsed_cmdline, user, config, env) + gitano.log.debug("Welcome to " .. config.global.site_name) + gitano.log.debug("Running:") + for i = 1, #parsed_cmdline do + gitano.log.debug(" => " .. parsed_cmdline[i]) + end + gitano.log.debug("") + gitano.log.debug("On behalf of " .. user .. " using key " .. env["GITANO_KEYTAG"]) + + local how, why = cmd.run(config, repo, parsed_cmdline, env) + + if how ~= "exit" or why ~= 0 then + gitano.log.critical("Error running " .. parsed_cmdline[1] .. ": " .. how) + return why + else + gitano.log.syslog.info(cmdline, "completed successfully") + return 0 + end +end + +if os.getenv("QUERY_STRING") then + local query_string = url_decode(os.getenv("QUERY_STRING")) + local cmdline = query_string + + local _, e = string.find(query_string, "cmd=") + + if not e then + stdout:write("Status: 400 Bad request\r\n\r\n") + stdout:write("Malformed command line, format: ?cmd=arg0 arg1 ... argn\n") + return + end + + cmdline = string.sub(query_string, e + 1, #query_string) + + if cmdline == '' then + stdout:write("Status: 400 Bad request\r\n\r\n") + stdout:write("Malformed command line, format: ?cmd=arg0 arg1 ... argn\n") + return + end + + local user = os.getenv("REMOTE_USER") or "gitano/anonymous" + + gitano.log.buffer_output() + + local authorized, cmd, parsed_cmdline, config, env = + gitano.auth.is_authorized(user, "http", cmdline) + + if authorized then + local exit = run_command(cmd, cmdline, parsed_cmdline, user, config, env) + + stdout:write("Status: " .. (exit == 0 and "200 OK" or "400 Bad request") + .. "\r\n\r\n") + stdout:write(gitano.log.get_buffered_output() or "") + else + stdout:write("Status: 403 Forbidden\r\n\r\n") + stdout:write(gitano.log.get_buffered_output() or "") + end +else + stdout:write("Status: 400 Bad request\r\n\r\n") + stdout:write("Malformed command line, format: ?cmd=arg0 arg1 ... argn\n") +end -- cgit v1.2.1