| @@ -59,8 +59,8 class SysController < ActionController::Base | |||||
| 59 |
|
59 | |||
| 60 | def check_enabled |
|
60 | def check_enabled | |
| 61 | User.current = nil |
|
61 | User.current = nil | |
| 62 | unless Setting.sys_api_enabled? |
|
62 | unless Setting.sys_api_enabled? && params[:key].to_s == Setting.sys_api_key | |
| 63 |
render : |
|
63 | render :text => 'Access denied. Repository management WS is disabled or key is invalid.', :status => 403 | |
| 64 | return false |
|
64 | return false | |
| 65 | end |
|
65 | end | |
| 66 | end |
|
66 | end | |
| @@ -3,7 +3,15 | |||||
| 3 | <div class="box tabular settings"> |
|
3 | <div class="box tabular settings"> | |
| 4 | <p><%= setting_check_box :autofetch_changesets %></p> |
|
4 | <p><%= setting_check_box :autofetch_changesets %></p> | |
| 5 |
|
5 | |||
| 6 |
<p><%= setting_check_box :sys_api_enabled |
|
6 | <p><%= setting_check_box :sys_api_enabled, | |
|
|
7 | :onclick => "if (this.checked) { Form.Element.enable('settings_sys_api_key'); } else { Form.Element.disable('settings_sys_api_key'); }" %></p> | |||
|
|
8 | ||||
|
|
9 | <p><%= setting_text_field :sys_api_key, :size => 30, | |||
|
|
10 | :id => 'settings_sys_api_key', | |||
|
|
11 | :disabled => !Setting.sys_api_enabled?, | |||
|
|
12 | :label => :setting_mail_handler_api_key %> | |||
|
|
13 | <%= link_to_function l(:label_generate_key), "if ($('settings_sys_api_key').disabled == false) { $('settings_sys_api_key').value = randomKey(20) }" %> | |||
|
|
14 | </p> | |||
| 7 |
|
15 | |||
| 8 | <p><%= setting_multiselect(:enabled_scm, REDMINE_SUPPORTED_SCM) %></p> |
|
16 | <p><%= setting_multiselect(:enabled_scm, REDMINE_SUPPORTED_SCM) %></p> | |
| 9 |
|
17 | |||
| @@ -85,6 +85,8 autofetch_changesets: | |||||
| 85 | default: 1 |
|
85 | default: 1 | |
| 86 | sys_api_enabled: |
|
86 | sys_api_enabled: | |
| 87 | default: 0 |
|
87 | default: 0 | |
|
|
88 | sys_api_key: | |||
|
|
89 | default: '' | |||
| 88 | commit_ref_keywords: |
|
90 | commit_ref_keywords: | |
| 89 | default: 'refs,references,IssueID' |
|
91 | default: 'refs,references,IssueID' | |
| 90 | commit_fix_keywords: |
|
92 | commit_fix_keywords: | |
| @@ -19,18 +19,21 | |||||
| 19 | # -r redmine.example.net |
|
19 | # -r redmine.example.net | |
| 20 | # -r http://redmine.example.net |
|
20 | # -r http://redmine.example.net | |
| 21 | # -r https://example.net/redmine |
|
21 | # -r https://example.net/redmine | |
|
|
22 | # -k, --key=KEY use KEY as the Redmine API key | |||
| 22 | # |
|
23 | # | |
| 23 | # == Options |
|
24 | # == Options | |
| 24 | # |
|
25 | # | |
| 25 | # -o, --owner=OWNER owner of the repository. using the rails login |
|
26 | # -o, --owner=OWNER owner of the repository. using the rails login | |
| 26 | # allow user to browse the repository within |
|
27 | # allow user to browse the repository within | |
| 27 |
# Redmine even for private project. If you want to |
|
28 | # Redmine even for private project. If you want to | |
| 28 |
# through Redmine.pm, you need |
|
29 | # share repositories through Redmine.pm, you need | |
|
|
30 | # to use the apache owner. | |||
| 29 | # -g, --group=GROUP group of the repository. (default: root) |
|
31 | # -g, --group=GROUP group of the repository. (default: root) | |
| 30 |
# --scm=SCM the kind of SCM repository you want to create (and |
|
32 | # --scm=SCM the kind of SCM repository you want to create (and | |
| 31 |
# Redmine (default: Subversion). |
|
33 | # register) in Redmine (default: Subversion). | |
| 32 | # and Subversion repositories. For all other kind (Bazaar, |
|
34 | # reposman is able to create Git and Subversion | |
| 33 |
# |
|
35 | # repositories. For all other kind, you must specify | |
|
|
36 | # a --command option | |||
| 34 | # -u, --url=URL the base url Redmine will use to access your |
|
37 | # -u, --url=URL the base url Redmine will use to access your | |
| 35 | # repositories. This option is used to automatically |
|
38 | # repositories. This option is used to automatically | |
| 36 | # register the repositories in Redmine. The project |
|
39 | # register the repositories in Redmine. The project | |
| @@ -41,8 +44,10 | |||||
| 41 | # the repositories in Redmine |
|
44 | # the repositories in Redmine | |
| 42 | # -c, --command=COMMAND use this command instead of "svnadmin create" to |
|
45 | # -c, --command=COMMAND use this command instead of "svnadmin create" to | |
| 43 | # create a repository. This option can be used to |
|
46 | # create a repository. This option can be used to | |
| 44 |
# create repositories other than subversion and git |
|
47 | # create repositories other than subversion and git | |
| 45 | # This command override the default creation for git and subversion. |
|
48 | # kind. | |
|
|
49 | # This command override the default creation for git | |||
|
|
50 | # and subversion. | |||
| 46 | # -f, --force force repository creation even if the project |
|
51 | # -f, --force force repository creation even if the project | |
| 47 | # repository is already declared in Redmine |
|
52 | # repository is already declared in Redmine | |
| 48 | # -t, --test only show what should be done |
|
53 | # -t, --test only show what should be done | |
| @@ -67,6 +72,7 SUPPORTED_SCM = %w( Subversion Darcs Mercurial Bazaar Git Filesystem ) | |||||
| 67 | opts = GetoptLong.new( |
|
72 | opts = GetoptLong.new( | |
| 68 | ['--svn-dir', '-s', GetoptLong::REQUIRED_ARGUMENT], |
|
73 | ['--svn-dir', '-s', GetoptLong::REQUIRED_ARGUMENT], | |
| 69 | ['--redmine-host', '-r', GetoptLong::REQUIRED_ARGUMENT], |
|
74 | ['--redmine-host', '-r', GetoptLong::REQUIRED_ARGUMENT], | |
|
|
75 | ['--key', '-k', GetoptLong::REQUIRED_ARGUMENT], | |||
| 70 | ['--owner', '-o', GetoptLong::REQUIRED_ARGUMENT], |
|
76 | ['--owner', '-o', GetoptLong::REQUIRED_ARGUMENT], | |
| 71 | ['--group', '-g', GetoptLong::REQUIRED_ARGUMENT], |
|
77 | ['--group', '-g', GetoptLong::REQUIRED_ARGUMENT], | |
| 72 | ['--url', '-u', GetoptLong::REQUIRED_ARGUMENT], |
|
78 | ['--url', '-u', GetoptLong::REQUIRED_ARGUMENT], | |
| @@ -127,6 +133,7 begin | |||||
| 127 | case opt |
|
133 | case opt | |
| 128 | when '--svn-dir'; $repos_base = arg.dup |
|
134 | when '--svn-dir'; $repos_base = arg.dup | |
| 129 | when '--redmine-host'; $redmine_host = arg.dup |
|
135 | when '--redmine-host'; $redmine_host = arg.dup | |
|
|
136 | when '--key'; $api_key = arg.dup | |||
| 130 | when '--owner'; $svn_owner = arg.dup; $use_groupid = false; |
|
137 | when '--owner'; $svn_owner = arg.dup; $use_groupid = false; | |
| 131 | when '--group'; $svn_group = arg.dup; $use_groupid = false; |
|
138 | when '--group'; $svn_group = arg.dup; $use_groupid = false; | |
| 132 | when '--url'; $svn_url = arg.dup |
|
139 | when '--url'; $svn_url = arg.dup | |
| @@ -184,7 +191,7 Project.site = "#{$redmine_host}/sys"; | |||||
| 184 |
|
191 | |||
| 185 | begin |
|
192 | begin | |
| 186 | # Get all active projects that have the Repository module enabled |
|
193 | # Get all active projects that have the Repository module enabled | |
| 187 | projects = Project.find(:all) |
|
194 | projects = Project.find(:all, :params => {:key => $api_key}) | |
| 188 | rescue => e |
|
195 | rescue => e | |
| 189 | log("Unable to connect to #{Project.site}: #{e}", :exit => true) |
|
196 | log("Unable to connect to #{Project.site}: #{e}", :exit => true) | |
| 190 | end |
|
197 | end | |
| @@ -285,7 +292,7 projects.each do |project| | |||||
| 285 |
|
292 | |||
| 286 | if $svn_url |
|
293 | if $svn_url | |
| 287 | begin |
|
294 | begin | |
| 288 | project.post(:repository, :vendor => $scm, :repository => {:url => "#{$svn_url}#{project.identifier}"}) |
|
295 | project.post(:repository, :vendor => $scm, :repository => {:url => "#{$svn_url}#{project.identifier}"}, :key => $api_key) | |
| 289 | log("\trepository #{repos_path} registered in Redmine with url #{$svn_url}#{project.identifier}"); |
|
296 | log("\trepository #{repos_path} registered in Redmine with url #{$svn_url}#{project.identifier}"); | |
| 290 | rescue => e |
|
297 | rescue => e | |
| 291 | log("\trepository #{repos_path} not registered in Redmine: #{e.message}"); |
|
298 | log("\trepository #{repos_path} not registered in Redmine: #{e.message}"); | |
| @@ -68,4 +68,25 class SysControllerTest < ActionController::TestCase | |||||
| 68 | get :fetch_changesets, :id => 'unknown' |
|
68 | get :fetch_changesets, :id => 'unknown' | |
| 69 | assert_response 404 |
|
69 | assert_response 404 | |
| 70 | end |
|
70 | end | |
|
|
71 | ||||
|
|
72 | def test_disabled_ws_should_respond_with_403_error | |||
|
|
73 | with_settings :sys_api_enabled => '0' do | |||
|
|
74 | get :projects | |||
|
|
75 | assert_response 403 | |||
|
|
76 | end | |||
|
|
77 | end | |||
|
|
78 | ||||
|
|
79 | def test_api_key | |||
|
|
80 | with_settings :sys_api_key => 'my_secret_key' do | |||
|
|
81 | get :projects, :key => 'my_secret_key' | |||
|
|
82 | assert_response :success | |||
|
|
83 | end | |||
|
|
84 | end | |||
|
|
85 | ||||
|
|
86 | def test_wrong_key_should_respond_with_403_error | |||
|
|
87 | with_settings :sys_api_enabled => 'my_secret_key' do | |||
|
|
88 | get :projects, :key => 'wrong_key' | |||
|
|
89 | assert_response 403 | |||
|
|
90 | end | |||
|
|
91 | end | |||
| 71 | end |
|
92 | end | |
General Comments 0
You need to be logged in to leave comments.
Login now