1、解释SVN权限[web/secure/parse_auth_passwd.php]
<?php
/**
* read_authz(): read authz file.
* read_passwd(): read passwd file.
* write_authz(): write authz file to a temp file.
* edit_group($group_name="",$group_users=""): edit a group and the users.
* remove_group($group_name=""): remove a group.
* get_groups(): return the groups of authz file.
* get_group_users($group_name = ""): return the group users.
* edit_repository($repo_name=""): edit(add) a repository.
* remove_repository($repo_name=""): remove a repository.
* editAuth_repository($repo_name="", $auth_rw=array()): edit authorization of the repository, $auth can be group or user.
* removeAuth_repository($repo_name="", $auth=""): remove authorization of the repository, $auth can be group or user.
* get_repositories(): return the repositories of the authz file.
* get_repository_group_user($repository_name = ""): get the groups and users of the repository.
* create_repository($repository_name = ''): create a repostory.
* edit_user($user_name="", $password=""): edit or add the user with the password.
* remove_user($user_name=""): remove the user.
* copy_authz(): copy authz file to a temp file.
* copy_passwd(): copy passwd file to a temp file.
* get_users(): get the users of authz file.
* active_authz(): active the authz configuration that you have changed.
* active_passwd(): active the passwd configuration that you have changed.
* restore_authz(): restore last authz file.
* restore_passwd(): restore last passwd file.
* copy_file($source="", $dest=""): private method to copy a file.
**/
if(PATH_SEPARATOR == ':'){
$backup_dir = "/opt/hdb/svnroot/conf/backup";/* Linux */
$authz = "/opt/hdb/svnroot/conf/authz";/* Linux */
$authz_temp = "/opt/hdb/svnroot/conf/.authz";/* Linux */
$passwd = "/opt/hdb/svnroot/conf/passwd";/* Linux */
$passwd_temp = "/opt/hdb/svnroot/conf/.passwd";/* Linux */
$htpasswd = "/usr/bin/htpasswd"; /* Linux */
$svn_repository_dir = '/opt/hdb/svnroot'; /* Linux */
$svn_admin = '/usr/bin/svnadmin';
} else {
$backup_dir = "D:\\ProgramFiles\\portable\\xampp\\htdocs\\web\backup";/* Windows */
$authz = "D:\\ProgramFiles\\portable\\xampp\\htdocs\\web\\authz";/* Windows */
$authz_temp = "D:\\ProgramFiles\\portable\\xampp\\htdocs\\web\\authz_temp";/* Windows */
$passwd = "D:\\ProgramFiles\\portable\\xampp\\htdocs\\web\\passwd";/* Windows */
$passwd_temp = "D:\\ProgramFiles\\portable\\xampp\\htdocs\\web\\passwd_temp";/* Windows */
$htpasswd = "D:\\ProgramFiles\\portable\\xampp\\apache\\bin\\htpasswd.exe"; /* Windows */
$svn_repository_dir = 'D:\\ProgramFiles\\portable\\xampp\\htdocs\\svnroot'; /* Windows */
$svn_admin = 'E:\\Server\\svn\\svn-win32-1.6.6\\bin\\svnadmin.exe';
}
$debug = false;
$authzArr = array("[groups]" => array());
$passwdArr = array();
try{
} catch (Exception $e) {
if($debug){
echo '<H1>Caught exception: ', $e->getMessage(), "<\H1>";
}
}
/* =========================== read authz file =========================== */
function read_authz() {
global $debug;
global $authzArr;
global $authz_temp;
$fd = @fopen($authz_temp, "r");
if ($fd == false) {
echo "<H1>fail to open file $authz_temp!<\H1>";
exit;
}
rewind($fd); /* unnessecary but I'm paranoid */
while (!feof($fd)) {
$buffer = fgets($fd, 4096);
if ($debug) {
echo "Buffer = [$buffer]<BR>";
}
/* all data is comprised of a name, an optional seperator, and a datum */
/* oh wow!.. trim()!!! I could hug somebody! */
$buffer = trim($buffer);
if( strlen ($buffer) < 1 || $buffer[0] == "#"){
continue;
}
{/* process [] section*/
if($buffer[0] == "["){
$section = $buffer;
if(!array_key_exists($section,$authzArr)){
$authzArr[$section] = array();
}
if ($debug) {
echo "currSection = [$section]<BR>";
}
continue;
}
}
{/* process [groups] section*/
if($section == "[groups]"){
$pieces = explode("=", $buffer);
$count = count($pieces);
if($count == 0){
continue;
}else if($count == 1){
$authzArr["[groups]"][trim($pieces[0])]=array();
continue;
}
$authzArr["[groups]"][trim($pieces[0])]=explode(",", trim($pieces[1]));
continue;
}
}
{// process repository section
$pieces = explode("=", $buffer);
$count = count($pieces);
if($count == 0){
continue;
}else if($count == 1){
$authzArr[$section][trim($pieces[0])]=array();
continue;
}
$authzArr[$section][trim($pieces[0])]=trim($pieces[1]);
continue;
}
}
if($debug){// print
echo "<BR/>========== print authz ============<BR/>";
foreach ($authzArr as $k => $v) {
echo "<BR/>KEY=$k, value=";
foreach ($v as $kk => $vv) {
echo "<BR/>KEY=$kk, value=";
print_r($vv);
echo "<BR/>";
}
echo "<BR/>";
}
echo "<BR/>========== print authz end ============<BR/>";
}
fclose($fd);
return;
}
function read_passwd() {
global $debug;
global $passwd_temp;
global $passwdArr;
$fd = @fopen($passwd_temp, "r");
if ($fd == false) {
echo "<H1>fail to open file $passwd_temp!<\H1>";
exit;
}
rewind($fd); /* unnessecary but I'm paranoid */
while (!feof($fd)) {
$buffer = fgets($fd, 4096);
if ($debug) {
echo "Buffer = [$buffer]<BR>";
}
/* all data is comprised of a name, an optional seperator, and a datum */
/* oh wow!.. trim()!!! I could hug somebody! */
$buffer = trim($buffer);
if( strlen ($buffer) < 1 || $buffer[0] == "#"){
continue;
}
{/* process user:password*/
if(strpos($buffer,':') > 0){
$pos = strpos($buffer,':');
$passwdArr[trim(substr($buffer,0,$pos))] = trim(substr($buffer,$pos+1));
}
}
}
if($debug){// print
echo "<BR/>========== print passwd ============<BR/>";
foreach ($passwdArr as $k => $v) {
echo "<BR/>KEY=$k, value=$v<BR/>";
}
echo "<BR/>========== print passwd end ============<BR/>";
}
fclose($fd);
return;
}
function write_authz(){
global $debug;
global $authzArr;
global $authz_temp;
echo "=============";
$fd_temp = @fopen($authz_temp, 'w');
rewind($fd_temp);
foreach ($authzArr as $k => $v) {
fputs($fd_temp,"\n".$k."\n");
foreach ($v as $kk => $vv) {
if(is_array($vv)){
fputs($fd_temp,$kk." = ".join(',',$vv)."\n");
}else{
fputs($fd_temp,$kk." = ".$vv."\n");
}
}
}
fclose($fd_temp);
}
/* =========================== read authz file end =========================== */
/* =========================== GROUP =========================== */
function edit_group($group_name="",$group_users=""){
global $debug;
global $authzArr;
{
$group_name = trim($group_name);
if( strlen($group_name) < 1 ){
return "group name is required: $group_name!";
}
$group_users = trim($group_users);
$pieces = strlen($group_users)>0 ? explode(",", $group_users) : array();
foreach( $pieces as $k => $v ){
if(strlen($v)<1){
continue;
}
if( !preg_match("/^[a-zA-Z][a-zA-Z0-9_]*$/", $v) ){
return "group user name is illegal(/^[a-zA-Z][a-zA-Z0-9_]*$/): $v!";
}
}
}
$authzArr["[groups]"][$group_name] = $pieces;
write_authz();
return;
}
function remove_group($group_name=""){
global $debug;
global $authzArr;
{
$group_name = trim($group_name);
if( strlen($group_name) < 1 ){
return "group name is required: $group_name!";
}
if( !array_key_exists($group_name, $authzArr["[groups]"]) ){
return;
}
}
unset( $authzArr["[groups]"][$group_name] );
write_authz();
return;
}
function get_groups(){
global $debug;
global $authzArr;
$groupArr = array();
foreach ($authzArr["[groups]"] as $k => $v) {
$groupArr[$k] = $k;
}
ksort($groupArr);
if( $debug ){
echo "Group: ".join(",",$groupArr)."\n";
}
return $groupArr;
}
function get_group_users($group_name = ""){
global $debug;
global $authzArr;
{
$group_name = trim($group_name);
if( strlen($group_name) < 1 ){
return array();
}
}
$groupUserArr = array();
foreach ($authzArr["[groups]"] as $k => $v) {
if( $k != $group_name ){
continue;
}
foreach ($v as $kk => $vv) {
$vv = trim($vv);
if( strlen($vv) > 0 ){
$groupUserArr[$vv] = $vv;
}
}
}
ksort($groupUserArr);
if( $debug ){
echo "Group [$group_name] users: ".join(",",$groupUserArr)."\n";
}
return $groupUserArr;
}
/* =========================== GROUP END =========================== */
/* =========================== Repository =========================== */
function edit_repository($repo_name=""){
global $debug;
global $authzArr;
{
$repo_name = trim($repo_name);
if( strlen($repo_name) < 1 ){
return "repository name is required: $repo_name!";
}
if( array_key_exists($repo_name, $authzArr) ){
return;
}
if( !preg_match("/^\\[[a-zA-Z0-9_:\/]*\\]$/", $repo_name) ){
return "repository name is illegal(/^\\[[a-zA-Z0-9_:\/]*\\]$/): $repo_name!";
}
}
$authzArr[$repo_name]=array();
write_authz();
return;
}
function remove_repository($repo_name=""){
global $debug;
global $authzArr;
{
$repo_name = trim($repo_name);
if( strlen($repo_name) < 1 ){
return "repository name is required: $repo_name!";
}
if( !array_key_exists($repo_name, $authzArr) ){
return;
}
}
unset( $authzArr[$repo_name] );
write_authz();
return;
}
function editAuth_repository($repo_name="", $auth_rw=array()){
global $debug;
global $authzArr;
{
$repo_name = trim($repo_name);
if( strlen($repo_name) < 1 ){
return "repository name is required: $repo_name!";
}
if( !array_key_exists($repo_name, $authzArr) ){
return "repository name not found: $repo_name!";
}
$authzArr[$repo_name] = array();
foreach($auth_rw as $k => $v){
$auth = trim($k);
$rw = trim($v);
if( strlen($auth) < 1 ){
return "group name or user name is required: $auth!";
}
$rw = (strpos($rw, "r") > -1 ? "r" : "").(strpos($rw, "w") > -1 ? "w" : "");
if( strlen($rw) < 1 ){
$rw = " ";
}
if( $auth[0] == "@" && !array_key_exists(substr($auth,1), $authzArr["[groups]"]) ){
return "group name not found: $auth!";
}
$authzArr[$repo_name][$auth] = $rw;
}
}
write_authz();
return;
}
function removeAuth_repository($repo_name="", $auth=""){
global $debug;
global $authzArr;
{
$repo_name = trim($repo_name);
if( strlen($repo_name) < 1 ){
return "repository name is required: $repo_name!";
}
$auth = trim($auth);
if( strlen($auth) < 1 ){
return "group name or user name is required: $auth!";
}
if( !array_key_exists($repo_name, $authzArr) ){
return "repository name not found: $repo_name!";
}
if( !array_key_exists($auth, $authzArr[$repo_name]) ){
return;
}
}
unset( $authzArr[$repo_name][$auth] );
write_authz();
return;
}
function get_repositories(){
global $debug;
global $authzArr;
$repositoryArr = array();
foreach ($authzArr as $k => $v) {
if($k == "[groups]"){
continue;
}
$repositoryArr[$k] = $k;
}
ksort($repositoryArr);
if( $debug ){
echo "Repository: ".join(",",$repositoryArr)."\n";
}
return $repositoryArr;
}
function get_repository_group_user($repository_name = ""){
global $debug;
global $authzArr;
{
$repository_name = trim($repository_name);
if( strlen($repository_name) < 1 ){
return array("group" => array(), "user" => array(), "*" => array());
}
}
$repositoryGroupUserArr = array("group" => array(), "user" => array(), "*" => array());
foreach ($authzArr as $k => $v) {
if($k == "[groups]" || $k != $repository_name ){
continue;
}
foreach ($v as $kk => $vv) {
$kk = trim($kk);
$vv = strtolower(trim($vv));
$vv = strlen($vv) < 1 ? ' ' : $vv;
if( $kk[0] == "@" ){
$repositoryGroupUserArr["group"][$kk] = $vv;
} else if( $kk == "*" ){
$repositoryGroupUserArr["*"][$kk] = $vv;
} else {
$repositoryGroupUserArr["user"][$kk] = $vv;
}
}
}
if( $debug ){
echo "Repository $repository_name: ";
print_r($repositoryGroupUserArr);
}
return $repositoryGroupUserArr;
}
function create_repository($repository_name = ''){
global $svn_repository_dir;
global $svn_admin;
{
$repository_name = trim($repository_name);
if( strlen($repository_name) < 1 ){
return "repository name is required!";
}
if( !preg_match("/^[a-zA-Z][a-zA-Z0-9_]*$/", $repository_name) ){
return "repository name is illegal (/^[a-zA-Z][a-zA-Z0-9_]*$/): $repository_name!";
}
{
$handle = opendir($svn_repository_dir);
$count = 0;
if($handle) {
while(false !== ($file = readdir($handle))) {
if ($file != '.' && $file != '..') {
if( $file == $repository_name ){
return "repository name is existing: $repository_name!";
}
$filename = $svn_repository_dir.DIRECTORY_SEPARATOR.$file;
if( is_dir($filename) ){
$count = $count + 1;
}
}
} // end while
closedir($handle);
}
if( $count > 19 ){
return "Can't make any more svn repository, repository number is over 20: $repository_name!";
}
}
}
{
if( !mkdir($svn_repository_dir.DIRECTORY_SEPARATOR.$repository_name) ){
return "Can't make repository dir: $repository_name!";
}
}
$out = '';
$retval = 1;
exec($svn_admin.' create '.$svn_repository_dir.DIRECTORY_SEPARATOR.$repository_name, $out, $retval);
if( $retval == 0 ){
return edit_repository("[$repository_name:/]");;
} else {
return "exec svn_admin error: $repository_name : $out !";
}
}
/* =========================== Repository end =========================== */
/* =========================== User =========================== */
function edit_user($user_name="", $password=""){
global $htpasswd;
global $passwd_temp;
{
$user_name = trim($user_name);
if( strlen($user_name) < 1 ){
return "user name is required: $user_name!";
}
if( !preg_match("/^[a-zA-Z][a-zA-Z0-9_]*$/", $user_name) ){
return "user name is illegal(/^[a-zA-Z][a-zA-Z0-9_]*$/): $user_name!";
}
$password = trim($password);
if( strlen($password) < 6 ){
return "password is required (length > 5): $password!";
}
if( strpos($password, " ") >-1 ){
return "password can't contain the blank character!";
}
}
$out = "";
$retval = 1;
exec($htpasswd." -bm ".$passwd_temp." ".$user_name." ".$password, $out, $retval);
if( $retval == 0 ){
return;
} else {
return "exec htpasswd error: $out, $user_name, $password!";
}
}
function remove_user($user_name=""){
global $debug;
global $authzArr;
global $passwd_temp;
global $htpasswd;
{
$user_name = trim($user_name);
if( strlen($user_name) < 1 ){
return "user name is required: $user_name!";
}
}
$out = "";
$retval = 1;
exec($htpasswd." -D ".$passwd_temp." ".$user_name, $out, $retval);
if( $retval == 1 ){
return "exec htpasswd error: $out";
}
foreach ($authzArr as $k => $v) {
foreach ($v as $kk => $vv) {
if($k == '[groups]'){
foreach ($vv as $kkk => $vvv) {
if( $vvv == $user_name){
unset($authzArr[$k][$kk][$kkk]);
}
}
} else if( $kk == $user_name ){
unset($authzArr[$k][$kk]);
}
}
}
write_authz();
return;
}
function get_users(){
global $debug;
global $authzArr;
global $passwdArr;
$userArr = array();
foreach ($authzArr as $k => $v) {
foreach ($v as $kk => $vv) {
if($k == "[groups]"){
if( !is_array($vv) ){
continue;
}
foreach ($vv as $kkk => $vvv) {
$vvv = trim($vvv);
if( strlen($vvv) > 0 ){
$userArr[$vvv] = $vvv;
}
}
} else if($kk[0] != "@" ){
$kk = trim($kk);
if( strlen($kk) > 0 ){
$userArr[$kk] = $kk;
}
}
}
}
foreach ($passwdArr as $k => $v) {
if( !array_key_exists($k, $userArr) ){
$userArr[$k] = $k;
}
}
if( array_key_exists("*", $userArr) ){
unset($userArr["*"]);
}
ksort($userArr);
if( $debug ){
echo "User: ".join(",",$userArr)."\n";
}
return $userArr;
}
/* =========================== User end =========================== */
function copy_authz(){
global $authz;
global $authz_temp;
copy_file($authz,$authz_temp);
}
function copy_passwd(){
global $passwd;
global $passwd_temp;
copy_file($passwd,$passwd_temp);
}
function active_authz(){
global $authz;
global $authz_temp;
global $backup_dir;
copy_file($authz,$backup_dir.DIRECTORY_SEPARATOR.'authz'.time());
copy_file($authz_temp, $authz);
}
function active_passwd(){
global $passwd;
global $passwd_temp;
global $backup_dir;
copy_file($passwd,$backup_dir.DIRECTORY_SEPARATOR.'passwd'.time());
copy_file($passwd_temp, $passwd);
}
function restore_authz(){
global $authz;
global $backup_dir;
$last_file = '';
$handle = opendir($backup_dir);
if($handle) {
while(false !== ($file = readdir($handle))) {
if ($file != '.' && $file != '..' && strpos($file,'authz')>-1) {
$filename = $backup_dir.DIRECTORY_SEPARATOR.$file;
if(is_file($filename)&&(strlen($last_file)==0 || filectime($last_file)<filectime($filename))) {
$last_file = $filename;
}
}
} // end while
closedir($handle);
}
if(strlen($last_file)>0){
copy_file($last_file,$authz);
}
}
function restore_passwd(){
global $passwd;
global $backup_dir;
$last_file = '';
$handle = opendir($backup_dir);
if($handle) {
while(false !== ($file = readdir($handle))) {
if ($file != '.' && $file != '..' && strpos($file,'passwd')>-1) {
$filename = $backup_dir.DIRECTORY_SEPARATOR.$file;
if(is_file($filename)&&(strlen($last_file)==0 || filectime($last_file)<filectime($filename))) {
$last_file = $filename;
}
}
} // end while
closedir($handle);
}
if(strlen($last_file)>0){
copy_file($last_file,$passwd);
}
}
function copy_file($source="", $dest=""){
global $debug;
{
$source = trim($source);
if( strlen($source) < 1 ){
exit;
}
$dest = trim($dest);
if( strlen($dest) < 1 ){
exit;
}
}
$fd = false;
$fd_temp = false;
try{
$fd = @fopen($source, "r");
rewind($fd);
$fd_temp = @fopen($dest, 'w');
rewind($fd_temp);
while (!feof($fd)) {
$buffer = fgets($fd, 4096);
if ($debug) {
echo "Buffer = [$buffer]<BR>";
}
fputs($fd_temp, $buffer);
}
} catch(Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
try{fclose($fd_temp);}catch(Exception $ee){}
try{fclose($fd);}catch(Exception $ee){}
exit;
}
try{fclose($fd_temp);}catch(Exception $ee){}
try{fclose($fd);}catch(Exception $ee){}
}
?>
2、生成管理页面[web/secure/edit_auth_passwd.php]
<?php
session_start();
require('parse_auth_passwd.php');
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");// always modified
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Pragma: no-cache"); // HTTP/1.0
$view_group = "";
$view_repository = "";
$remove_group = "";
$remove_repository = "";
$remove_user = "";
$add_group = "";
$add_repository = "";
$create_repository = "";
$add_user = "";
$edit_group_user = "";
$edit_repository_group_user = "";
$active_authz_passwd = "";
$active_start = "";
$rollback_authz = "";
$rollback_passwd = "";
$hide_add = "";
if(!isset($_SESSION["last_view"])){
$_SESSION["last_view"] = "";
}
if(!isset($_SESSION["hide_add"])){
$_SESSION["hide_add"] = "0";
}
if( isset($_SESSION["COPY_FILE"]) ){
$_SESSION["COPY_FILE"] = time();
read_authz();
read_passwd();
}
if(isset($_GET['view_group'])){
$view_group = trim($_GET['view_group']);
$_SESSION["last_view"]='view_group='.rawurlencode($view_group);
}
if(isset($_GET['view_repository'])){
$view_repository = trim($_GET['view_repository']);
$_SESSION["last_view"]='view_repository='.rawurlencode($view_repository);
}
if(isset($_GET['remove_group'])){
$remove_group = trim($_GET['remove_group']);
remove_group($remove_group);
redirect();
}else if(isset($_GET['remove_repository'])){
$remove_repository = trim($_GET['remove_repository']);
remove_repository($remove_repository);
redirect();
}else if(isset($_GET['remove_user'])){
$remove_user = trim($_GET['remove_user']);
remove_user($remove_user);
redirect();
}else if(isset($_GET['active_authz_passwd'])){
$active_authz_passwd = trim($_GET['active_authz_passwd']);
active_authz();
active_passwd();
copy_authz();
copy_passwd();
redirect();
}else if(isset($_GET['rollback_authz'])){
$rollback_authz = trim($_GET['rollback_authz']);
restore_authz();
copy_authz();
copy_passwd();
redirect();
}else if(isset($_GET['rollback_passwd'])){
$rollback_passwd = trim($_GET['rollback_passwd']);
restore_passwd();
copy_authz();
copy_passwd();
redirect();
}else if(isset($_GET['active_start'])){
$active_start = trim($_GET['active_start']);
$_SESSION["COPY_FILE"] = time();
copy_authz();
copy_passwd();
redirect();
}else if(isset($_POST['add_group'])){
$add_group = trim($_POST['add_group']);
$group_name = trim($_POST['group_name']);
error(edit_group($group_name));
redirect();
}else if(isset($_POST['add_repository'])){
$add_repository = trim($_POST['add_repository']);
$repository_name = trim($_POST['repository_name']);
error(edit_repository($repository_name));
redirect();
}else if(isset($_POST['create_repository'])){
$create_repository = trim($_POST['create_repository']);
$repository_name = trim($_POST['repository_name']);
error(create_repository($repository_name));
redirect();
}else if(isset($_POST['add_user'])){
$add_user = trim($_POST['add_user']);
$user_name = trim($_POST['user_name']);
$user_password = trim($_POST['user_password']);
$user_password_confirm = trim($_POST['user_password_confirm']);
if($user_password != $user_password_confirm){
error("User password has different input: $user_password and $user_password_confirm!");
}else{
error(edit_user($user_name,$user_password));
}
redirect();
}else if(isset($_POST['edit_group_user'])){
$edit_group_user = trim($_POST['edit_group_user']);
$group_name = $view_group = trim($_POST['group_name']);
$users = get_users();
$group_users = array();
foreach($users as $k){
if(isset($_POST[$k])){
$group_users[]=$k;
}
}
error(edit_group($group_name,join(',',$group_users)));
redirect();
}else if(isset($_POST['edit_repository_group_user'])){
$edit_repository_group_user = trim($_POST['edit_repository_group_user']);
$repository_name = $view_repository = trim($_POST['repository_name']);
$repository_groups_users = array();
{
$groups = get_groups();
foreach($groups as $k){
$rw = '';
if(isset($_POST['@'.$k.'=r'])){
$rw=$rw.'r';
}
if(isset($_POST['@'.$k.'=w'])){
$rw=$rw.'w';
}
if(isset($_POST['@'.$k.'=n'])){
$rw=' ';
}
if(strlen($rw)>0){
$repository_groups_users['@'.$k]=$rw;
}
}
}
{
$users = get_users();
foreach($users as $k){
$rw = '';
if(isset($_POST[$k.'=r'])){
$rw=$rw.'r';
}
if(isset($_POST[$k.'=w'])){
$rw=$rw.'w';
}
if(isset($_POST[$k.'=n'])){
$rw=' ';
}
if(strlen($rw)>0){
$repository_groups_users[$k]=$rw;
}
}
}
{
$rw = '';
if(isset($_POST['*=r'])){
$rw=$rw.'r';
}
if(isset($_POST['*=w'])){
$rw=$rw.'w';
}
if(strlen($rw)<1 && isset($_POST['*=n'])){
$rw=' ';
}
if(strlen($rw)>0){
$repository_groups_users['*']=$rw;
}
}
error(editAuth_repository($repository_name,$repository_groups_users));
redirect();
}else if(isset($_GET['hide_add'])){
$_SESSION["hide_add"] = $hide_add = trim($_GET['hide_add']);
redirect();
}
function redirect(){
global $view_group;
global $view_repository;
if(isset($_SESSION["last_view"])&&strlen($_SESSION["last_view"])>0){
header('Location: '.request_uri().'?'.$_SESSION["last_view"]);
}else{
header('Location: '.request_uri());
}
exit;
}
function request_uri(){
if (isset($_SERVER['PHP_SELF'])){
$uri = $_SERVER['PHP_SELF'];
}
return $uri;
}
function error($error_msg = ""){
if(strlen($error_msg)>0){
if(!array_key_exists("error_msg",$_SESSION)){
$_SESSION["error_msg"]=array();
}
$_SESSION["error_msg"][]=$error_msg;
}else{
$msg=isset($_SESSION["error_msg"])?join(',',$_SESSION["error_msg"]):"";
$_SESSION["error_msg"]=array();
return $msg;
}
}
?>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict Level 3//EN">
<HTML>
<HEAD>
<TITLE>SVN Authorization Management</TITLE>
<STYLE TYPE="text/css">
<!--
TD {
font-family: helvetica, sans-serif;
}
.logo {
color: #FFFFFF;
}
A.logolink {
color: #FFFFFF;
font-size: .8em;
}
.taboff {
color: #FFFFFF;
}
.tabon {
color: #999999;
}
.title {
font-size: .8em;
font-weight: bold;
color: #660000;
}
.smtext {
font-size: .8em;
}
.green {
color: green;
}
TD.checkbox {
width: 25px;
}
TD.op {
width: 32px;
}
DIV.scroll{
height: 150px;
overflow-y: scroll;
overflow-x: hidden;
padding-right: 18px\9;
}
DIV.body{
padding: 0px;
margin: auto;
width: 960px;
}
DIV.floatl{
position: relative;
float: left;
}
DIV.floatr{
position: relative;
float: right;
}
DIV.with48p{
width: 48%;
}
DIV.clear{
clear: both;
height: 18px\9;
}
// -->
</STYLE>
</HEAD>
<BODY BGCOLOR="#660000">
<?php if(!isset($_SESSION["COPY_FILE"])){ ?>
<DIV CLASS="body">
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD ALIGN=center CLASS="logo"> <B>SVN AUTHORIZATION CONFIGURATION TOOL</B> </TD></TR>
<TR BGCOLOR="#CC0000"> <TD ALIGN=center CLASS="logo"> <A CLASS="logo" HREF="edit_auth_passwd.php?active_start=1">Start Configure</A> </TD></TR>
</TABLE>
</DIV>
</BODY>
</HTML>
<?php exit;} ?>
<DIV CLASS="body"><!-- BODY DIV START -->
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD ALIGN=center CLASS="logo"> <B>SVN AUTHORIZATION CONFIGURATION TOOL</B> </TD></TR>
</TABLE>
<BR/>
<!-- =================================== ERROR MESSAGES =================================== -->
<?php $msg=error(); if(strlen($msg)>0){ ?>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD ALIGN=left CLASS="logo"> <B>ERROR MESSAGE: </B><?php echo $msg; ?> </TD></TR>
</TABLE>
<BR/>
<?php } ?>
<!-- =================================== ERROR MESSAGES END =================================== -->
<!-- =================================== SVN AUTHORIZATION CONFIGURATION PANEL =================================== -->
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000">
<TD CLASS="logo"> <B>SVN AUTHORIZATION</B> CONFIGURATION PANEL </TD>
<TD CLASS="logo"></TD>
<TD CLASS="logo" ALIGN=right>
<A CLASS="logo" HREF="edit_auth_passwd.php?active_authz_passwd=1" onclick="return confirm('Write the changes to auth and passwd file?');">Active Profile</A> |
<A CLASS="logo" HREF="edit_auth_passwd.php?active_start=1" onclick="return confirm('Give up the current changes?');">Reset Configuration</A> |
<A CLASS="logo" HREF="edit_auth_passwd.php?rollback_authz=1" onclick="return confirm('Rollback the last auth file?');">Rollback Authz</A> |
<A CLASS="logo" HREF="edit_auth_passwd.php?rollback_passwd=1" onclick="return confirm('Rollback the last passwd file?');">Rollback Passwd</A>
</TD>
</TR>
</TABLE>
<BR/>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000">
<TD CLASS="logo"> <B>SVN ADD</B> INFOMATION PANEL </TD>
<TD ALIGN=right CLASS="logo">
<?php if(isset($_SESSION["hide_add"])&&$_SESSION["hide_add"]=="0"){ ?>
<A CLASS="logo" HREF="edit_auth_passwd.php?hide_add=1">Hide Add Panel</A>
<?php } else{ ?>
<A CLASS="logo" HREF="edit_auth_passwd.php?hide_add=0">Show Add Panel</A>
<?php } ?>
</TD>
</TR>
</TABLE>
<BR/>
<?php if(isset($_SESSION["hide_add"])&&$_SESSION["hide_add"]!="1"){ ?>
<DIV>
<DIV>
<!-- === SUMIT GROUP === -->
<DIV CLASS="floatl with48p">
<FORM METHOD="POST" ENCTYPE="application/x-www-form-urlencoded" ACTION="edit_auth_passwd.php">
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD CLASS="logo" colspan="2"> <B>ADD GROUP</B> </TD></TR>
<TR>
<TD ALIGN=left CLASS="logo"> Group Name: </TD>
<TD ALIGN=right CLASS="logo"> <INPUT TYPE="text" SIZE="32" MAXLENGTH="64" NAME="group_name"> </TD>
</TR>
<TR BGCOLOR="#CC0000"> <TD ALIGN=right CLASS="logo" colspan="2"> <INPUT TYPE="submit" NAME="add_group" value="ADD GROUP"> </TD></TR>
</TABLE>
</FORM>
</DIV>
<!-- === SUMIT GROUP END === -->
<!-- === SUMIT REPOSITORY NAME === -->
<DIV CLASS="floatr with48p">
<FORM METHOD="POST" ENCTYPE="application/x-www-form-urlencoded" ACTION="edit_auth_passwd.php">
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD CLASS="logo" colspan="2"> <B>ADD REPOSITORY</B> </TD></TR>
<TR>
<TD ALIGN=left CLASS="logo"> Repository Name: </TD>
<TD ALIGN=right CLASS="logo"> <INPUT TYPE="text" SIZE="32" MAXLENGTH="128" NAME="repository_name"> </TD>
</TR>
<TR BGCOLOR="#CC0000"> <TD ALIGN=right CLASS="logo" colspan="2"> <INPUT TYPE="submit" NAME="create_repository" value="CREATE REPOSITORY" onclick="return confirm('Do you want to create repository?');"/> <INPUT TYPE="submit" NAME="add_repository" value="ADD REPOSITORY"/> </TD></TR>
</TABLE>
</FORM>
</DIV>
<!-- === SUMIT REPOSITORY NAME END === -->
<DIV CLASS="clear"></DIV>
</DIV>
<DIV>
<!-- === SUMIT USER NAME === -->
<FORM METHOD="POST" ENCTYPE="application/x-www-form-urlencoded" ACTION="edit_auth_passwd.php">
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD CLASS="logo" colspan="6"> <B>ADD USER</B> </TD></TR>
<TR>
<TD ALIGN=left CLASS="logo"> User Name: </TD>
<TD ALIGN=right CLASS="logo"> <INPUT TYPE="text" SIZE="24" MAXLENGTH="64" NAME="user_name"> </TD>
<TD ALIGN=left CLASS="logo"> User Password: </TD>
<TD ALIGN=right CLASS="logo"> <INPUT TYPE="password" SIZE="24" MAXLENGTH="64" NAME="user_password"> </TD>
<TD ALIGN=left CLASS="logo"> Password Confirm: </TD>
<TD ALIGN=right CLASS="logo"> <INPUT TYPE="password" SIZE="24" MAXLENGTH="64" NAME="user_password_confirm"> </TD>
</TR>
<TR BGCOLOR="#CC0000"> <TD ALIGN=right CLASS="logo" colspan="6"> <INPUT TYPE="submit" NAME="add_user" value="ADD USER"> </TD></TR>
</TABLE>
</FORM>
<!-- === SUMIT USER NAME END === -->
</DIV>
<DIV CLASS="clear"></DIV>
</DIV>
<?php } ?>
<!-- =================================== SVN AUTHORIZATION CONFIGURATION PANEL END =================================== -->
<!-- =================================== SVN AUTHORIZATION INFOMATION PANEL =================================== -->
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD CLASS="logo"> <B>SVN AUTHORIZATION</B> INFOMATION PANEL </TD></TR>
</TABLE>
<BR/>
<DIV>
<DIV CLASS="floatl" STYLE="width: 29%;">
<DIV>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD CLASS="logo" COLSPAN="3"> <B>GROUP LIST</B> </TD></TR>
</TABLE>
</DIV>
<DIV CLASS="scroll" STYLE="background-color:#666666;">
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<?php $groups = get_groups(); foreach($groups as $k){ $t = htmlentities($k); ?>
<TR BGCOLOR="#666666">
<TD ALIGN=right CLASS="logo"> <?php echo $t; ?> </TD>
<TD ALIGN=right CLASS="logo op"> <A HREF="edit_auth_passwd.php?remove_group=<?php echo rawurlencode($k); ?>" CLASS="tabon" onclick="return confirm('Remove Group <?php echo $t; ?>?');">DELETE</a> </TD>
<TD ALIGN=right CLASS="logo"> <A HREF="edit_auth_passwd.php?view_group=<?php echo rawurlencode($k); ?>" CLASS="tabon">VIEW</a> </TD>
</TR>
<?php } ?>
</TABLE>
</DIV>
</DIV>
<DIV CLASS="floatl" style="width: 44%; left: 10px; right: 10px;">
<DIV>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD CLASS="logo" COLSPAN="3"> <B>REPOSITORY LIST</B> </TD></TR>
</TABLE>
</DIV>
<DIV CLASS="scroll" STYLE="background-color:#666666;">
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<?php $repositories = get_repositories(); foreach($repositories as $k){ $t = htmlentities($k); ?>
<TR BGCOLOR="#666666">
<TD ALIGN=right CLASS="logo"> <?php echo $t; ?> </TD>
<TD ALIGN=right CLASS="logo op"> <A HREF="edit_auth_passwd.php?remove_repository=<?php echo rawurlencode($k); ?>" CLASS="tabon" onclick="return confirm('Remove Repository <?php echo $t; ?>?');">DELETE</a> </TD>
<TD ALIGN=right CLASS="logo"> <A HREF="edit_auth_passwd.php?view_repository=<?php echo rawurlencode($k); ?>" CLASS="tabon">VIEW</a> </TD>
</TR>
<?php } ?>
</TABLE>
</DIV>
</DIV>
<DIV CLASS="floatl" STYLE="width: 25%; left: 20px;">
<DIV>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD CLASS="logo" COLSPAN="2"> <B>USER LIST</B> </TD></TR>
</TABLE>
</DIV>
<DIV CLASS="scroll" STYLE="background-color:#666666;">
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<?php $users = get_users(); foreach($users as $k){ $t = htmlentities($k); ?>
<TR BGCOLOR="#666666">
<TD ALIGN=right CLASS="logo"> <?php echo $t; ?> </TD>
<TD ALIGN=right CLASS="logo op"> <A HREF="edit_auth_passwd.php?remove_user=<?php echo rawurlencode($k); ?>" CLASS="tabon" onclick="return confirm('Remove User <?php echo $t; ?>?');">DELETE</a> </TD>
</TR>
<?php } ?>
</TABLE>
</DIV>
</DIV>
<DIV CLASS="clear"></DIV>
</DIV>
<!-- =================================== SVN AUTHORIZATION INFOMATION PANEL END =================================== -->
<!-- =================================== SVN GROUP [] CONFIGURATION PANEL =================================== -->
<?php if(strlen($view_group)>0){ ?>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD CLASS="logo"> <B>SVN GROUP <?php echo $view_group; ?></B> CONFIGURATION PANEL (R:read W:write N:none)</TD></TR>
</TABLE>
<BR/>
<DIV>
<FORM METHOD="POST" ENCTYPE="application/x-www-form-urlencoded" ACTION="edit_auth_passwd.php">
<INPUT TYPE=hidden NAME="group_name" VALUE="<?php echo htmlentities($view_group);?>"/>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD CLASS="logo" COLSPAN="<?php echo $column=6;?>"> <B>GROUP USER LIST</B> </TD></TR>
<TR BGCOLOR="#666666">
<?php for($i=0;$i<$column;$i++){ /*start for*/?>
<TD CLASS="logo" VALIGN="top" <?php if($i+1!=$column){?>STYLE="border-right:white 1px solid;"<?php } ?>>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<?php $count=0; $users = get_users(); $groupUsers = get_group_users($view_group); foreach($users as $k){if($count++%$column!=$i){continue;} $t = htmlentities($k); $ake=array_key_exists($k,$groupUsers);/*start foreach1*/ ?>
<TR BGCOLOR="<?php echo $ake?'#AA1122':'#666666';?>">
<TD ALIGN=left CLASS="logo checkbox"> <INPUT TYPE="checkbox" NAME="<?php echo $t; ?>" value="1" <?php if($ake){ ?>checked="checked" <?php } ?> /> </TD>
<TD ALIGN=right CLASS="logo"> <?php echo $t; ?> </TD>
</TR>
<?php }/*end foreach1*/ ?>
</TABLE>
</TD>
<?php } /*end for*/?>
</TR>
<TR BGCOLOR="#CC0000"> <TD ALIGN=right CLASS="logo" COLSPAN="<?php echo $column;?>"> <INPUT TYPE="SUBMIT" NAME="edit_group_user" value="Edit Group User"/> </TD></TR>
</TABLE>
</FORM>
</DIV>
<?php } ?>
<!-- =================================== SVN GROUP [] CONFIGURATION PANEL END =================================== -->
<!-- =================================== SVN REPOSITORY [] CONFIGURATION PANEL =================================== -->
<?php if(strlen($view_repository)>0){ $groups = get_groups(); $users = get_users(); $repoGroupUsers = get_repository_group_user($view_repository); ?>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD CLASS="logo"> <B>SVN REPOSITORY <?php echo $view_repository; ?></B> CONFIGURATION PANEL (R:read W:write N:none)</TD></TR>
</TABLE>
<BR/>
<DIV>
<FORM METHOD="POST" ENCTYPE="application/x-www-form-urlencoded" ACTION="edit_auth_passwd.php">
<INPUT TYPE=hidden NAME="repository_name" VALUE="<?php echo htmlentities($view_repository);?>"/>
<DIV>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD CLASS="logo" COLSPAN="<?php echo $column=3;?>"> <B>REPOSITORY GROUP LIST</B> </TD></TR>
<TR BGCOLOR="#666666">
<?php for($i=0;$i<$column;$i++){ /*start for*/?>
<TD CLASS="logo" VALIGN="top" <?php if($i+1!=$column){?>STYLE="border-right:white 1px solid;"<?php } ?>>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<?php $count=0; foreach($groups as $k){if($count++%$column!=$i){continue;} $t = htmlentities($k); $ake=array_key_exists("@".$k,$repoGroupUsers["group"]);/*start foreach1*/ ?>
<TR BGCOLOR="<?php echo $ake?'#AA1122':'#666666';?>">
<TD ALIGN=left CLASS="logo">
<INPUT TYPE="checkbox" NAME="<?php echo htmlentities('@'.$t.'=r'); ?>" value="r" <?php if($ake && strpos($repoGroupUsers["group"]["@".$k],"r")>-1){ ?>checked="checked"<?php } ?>/>R
<INPUT TYPE="checkbox" NAME="<?php echo htmlentities('@'.$t.'=w'); ?>" value="w" <?php if($ake && strpos($repoGroupUsers["group"]["@".$k],"w")>-1){ ?>checked="checked"<?php } ?>/>W
<INPUT TYPE="checkbox" NAME="<?php echo htmlentities('@'.$t.'=n'); ?>" value="n" <?php if($ake && $repoGroupUsers["group"]["@".$k]==' '){ ?>checked="checked"<?php } ?>/>N
</TD>
<TD ALIGN=right CLASS="logo"> <?php echo '@'.$t; ?> </TD>
</TR>
<?php }/*end foreach1*/ ?>
</TABLE>
</TD>
<?php } /*end for*/?>
</TR>
<TR BGCOLOR="#CC0000"> <TD ALIGN=right CLASS="logo" COLSPAN="<?php echo $column;?>"> <INPUT TYPE="SUBMIT" NAME="edit_repository_group_user" value="Edit Repostitory Group & User"/> </TD></TR>
</TABLE>
</DIV>
<BR/>
<DIV>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<TR BGCOLOR="#CC0000"> <TD CLASS="logo" COLSPAN="<?php echo $column=3;?>"> <B>REPOSITORY USER LIST</B> </TD></TR>
<TR BGCOLOR="#666666">
<?php for($i=0;$i<$column;$i++){ /*start for*/?>
<TD CLASS="logo" VALIGN="top" <?php if($i+1!=$column){?>STYLE="border-right:white 1px solid;"<?php } ?>>
<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="5">
<?php $count=0; foreach($users as $k){if($count++%$column!=$i){continue;} $t = htmlentities($k); $ake=array_key_exists($k,$repoGroupUsers["user"]);/*start foreach1*/ ?>
<?php if($count==$i+1){$ake1=0;if($count==1){$ake1=array_key_exists('*',$repoGroupUsers['*']);}/*start if3*/ ?>
<TR BGCOLOR="<?php echo $ake1?'#AA1122':'#666666';?>">
<TD ALIGN=left CLASS="logo">
<?php if($count==1){ ?>
<INPUT TYPE="checkbox" NAME="<?php echo htmlentities('*=r'); ?>" value="r" <?php if($ake1 && strpos($repoGroupUsers['*']['*'],"r")>-1){ ?>checked="checked"<?php } ?>/>R
<INPUT TYPE="checkbox" NAME="<?php echo htmlentities('*=w'); ?>" value="w" <?php if($ake1 && strpos($repoGroupUsers['*']['*'],"w")>-1){ ?>checked="checked"<?php } ?>/>W
<INPUT TYPE="checkbox" NAME="<?php echo htmlentities('*=n'); ?>" value="n" <?php if($ake1 && $repoGroupUsers['*']['*']==' '){ ?>checked="checked"<?php } ?>/>N
<?php } ?>
</TD>
<TD ALIGN=right CLASS="logo"> <?php echo $count==1?'*':' '; ?> </TD>
</TR>
<?php }/*end if3*/ ?>
<TR BGCOLOR="<?php echo $ake?'#AA1122':'#666666';?>">
<TD ALIGN=left CLASS="logo">
<INPUT TYPE="checkbox" NAME="<?php echo htmlentities($t.'=r'); ?>" value="r" <?php if($ake && strpos($repoGroupUsers["user"][$k],"r")>-1){ ?>checked="checked"<?php } ?>/>R
<INPUT TYPE="checkbox" NAME="<?php echo htmlentities($t.'=w'); ?>" value="w" <?php if($ake && strpos($repoGroupUsers["user"][$k],"w")>-1){ ?>checked="checked"<?php } ?>/>W
<INPUT TYPE="checkbox" NAME="<?php echo htmlentities($t.'=n'); ?>" value="n" <?php if($ake && $repoGroupUsers["user"][$k]==' '){ ?>checked="checked"<?php } ?>/>N
</TD>
<TD ALIGN=right CLASS="logo"> <?php echo $t; ?> </TD>
</TR>
<?php }/*end foreach1*/ ?>
</TABLE>
</TD>
<?php } /*end for*/?>
</TR>
<TR BGCOLOR="#CC0000"> <TD ALIGN=right CLASS="logo" COLSPAN="<?php echo $column;?>"> <INPUT TYPE="SUBMIT" NAME="edit_repository_group_user" value="Edit Repostitory Group & User"/> </TD></TR>
</TABLE>
</DIV>
<DIV CLASS="clear"></DIV>
</FORM>
</DIV>
<?php } ?>
<!-- =================================== SVN REPOSITORY [] CONFIGURATION PANEL END =================================== -->
</DIV><!-- BODY DIV END -->
</BODY>
</HTML>
3、生成secure的Index页面[web/secure/index.php]
<?php
header('Location: edit_auth_passwd.php');
exit;
?>
4、生成Index页面[web/index.php]
<?php
header('Location: secure/edit_auth_passwd.php');
exit;
?>
5、Apache的httpd/conf.d/svn_tools.conf的配置
Alias /svntools/ "/opt/hdb/svnroot/httpd/web/"
<Directory /opt/hdb/svnroot/httpd/web/>
AllowOverride all
Options Indexes Includes FollowSymLinks
Order deny,allow
Allow from all
</Directory>
<Directory /opt/hdb/svnroot/httpd/web/secure/>
AllowOverride all
Order deny,allow
Allow from all
AuthUserFile /opt/hdb/svnroot/conf/passwd
#AuthGroupFile /dev/null
AuthName "access to the svn tools web GUI"
AuthType Basic
<Limit GET>
require user chenzhao
</Limit>
</Directory>
6、注意权限问题
chown -R apache.apache svnroot/conf
chown -R apache.apache svnroot/httpd/web