Added script to generate svn auth files

This script only generates content of either svnroot-access or svnroot-authfile (depending on command line arguments). It's not directly usable yet and would need some magic to make it able to pass the data to svn.b.o. But this is up to machines setup, not to the script.
2013-11-12 23:47:17 +06:00
parent 6b1ed4fb9b
commit 531b0fa529
1 changed files with 112 additions and 0 deletions
--- a/scripts/svnauth/rebuild_svnauth.php
+++ b/scripts/svnauth/rebuild_svnauth.php
@@ -0,0 +1,112 @@
+#!/usr/bin/env php
+<?php
+
+$root = dirname(dirname(dirname(__FILE__)));
+require_once $root.'/scripts/__init_script__.php';
+
+// Get user's heys and put them to the configuration
+function handleSingleUserPHID(
+  $viewer, $userPHID, $repository, &$authfile, &$access) {
+  $user = id(new PhabricatorPeopleQuery())
+    ->setViewer($viewer)
+    ->withPHIDs(array($userPHID))
+    ->executeOne();
+
+  $user_name = $user->getUserName();
+  if (!array_key_exists($user_name, $authfile)) {
+    $field_list = PhabricatorCustomField::getObjectFields(
+      $user,
+      PhabricatorCustomField::ROLE_APPLICATIONTRANSACTIONS);
+    $field_list
+      ->setViewer($user)
+      ->readFieldsFromStorage($user);
+    $fields = $field_list->getFields();
+    $htaccess_field = idx($fields, 'std:user:htaccess_passowrd_hash');
+    if ($htaccess_field) {
+      $password_hash = $htaccess_field->getValueForStorage();
+      $authfile[$user_name] = $password_hash;
+    }
+  }
+
+  $respository_name = $repository->getName();
+  if (!array_key_exists($respository_name, $access)) {
+    $access[$respository_name] = array();
+  }
+  $access[$respository_name][] = $user_name;
+}
+
+// Parse repository and put it's members to the config file
+function handleSingleRepository(
+  $viewer, $repository, &$authfile, &$access) {
+  $policies = PhabricatorPolicyQuery::loadPolicies(
+    $viewer,
+    $repository);
+
+  $pushable = $policies[DiffusionCapabilityPush::CAPABILITY];
+  $type = phid_get_type($pushable->getPHID());
+
+  if ($type == PhabricatorProjectPHIDTypeProject::TYPECONST) {
+    $project = id(new PhabricatorProjectQuery())
+      ->setViewer($viewer)
+      ->needMembers(true)
+      ->withPHIDs(array($pushable->getPHID()))
+      ->executeOne();
+
+    $memberPHIDs = $project->getMemberPHIDs();
+    foreach ($memberPHIDs as $memberPHID) {
+      handleSingleUserPHID(
+        $viewer, $memberPHID, $repository, $authfile, $access);
+    }
+  } else if ($type == PhabricatorPeoplePHIDTypeUser::TYPECONST) {
+    handleSingleUserPHID(
+      $viewer, $pushable->getPHID(), $repository, $authfile, $access);
+  } else if ($type == PhabricatorPolicyPHIDTypePolicy::TYPECONST) {
+    /* pass */
+  } else {
+    /* pass */
+  }
+}
+
+function rebuildConfiguration($what) {
+  $viewer = id(new PhabricatorUser())
+    ->loadOneWhere('username = %s', 'sergey');
+
+  $repositories = id(new PhabricatorRepositoryQuery())
+    ->setViewer($viewer)
+    ->execute();
+
+  $authfile = array();
+  $access = array();
+  foreach ($repositories as $repository_id => $repository) {
+    $type = $repository->getVersionControlSystem();
+    if ($type == PhabricatorRepositoryType::REPOSITORY_TYPE_SVN || true) {
+      handleSingleRepository(
+        $viewer, $repository, $authfile, $access);
+    }
+  }
+  if ($what == 'AUTHFILE') {
+    foreach ($authfile as $user => $hash) {
+      print("$user:$hash\n");
+    }
+  }
+  else if ($what == 'ACCESS') {
+    foreach ($access as $repository => $users) {
+      print("[$repository:/]\n");
+      foreach ($users as $user) {
+        print("$user = rw\n");
+      }
+      print("anonsvn = r\n");
+      print("* = r\n");
+    }
+  }
+  return true;
+}
+
+if (count($argv) != 2 ||
+    ($argv[1] != 'ACCESS' && $argv[1] != 'AUTHFILE')) {
+  print("Usage: {$argv[0]} ACCESS|AUTHFILE\n");
+  exit(1);
+}
+
+rebuildConfiguration($argv[1]);
+?>