Commit 38463b50 authored by Leigh Stoller's avatar Leigh Stoller

Iframe the cvsweb interface.

parent da18bf14
......@@ -46,7 +46,7 @@
# SUCH DAMAGE.
#
# $FreeBSD: projects/cvsweb/cvsweb.cgi,v 1.119.2.6 2002/09/26 20:56:05 scop Exp $
# $Id: cvsweb.cgi,v 1.5 2005-09-02 22:07:23 stoller Exp $
# $Id: cvsweb.cgi,v 1.6 2005-11-09 17:28:12 stoller Exp $
# $Idaemons: /home/cvs/cvsweb/cvsweb.cgi,v 1.84 2001/10/07 20:50:10 knu Exp $
#
###
......@@ -311,7 +311,8 @@ $maycompress =
# to hold our state - they will be added (with
# their current value) to any link/query string
# you construct
@stickyvars = qw(cvsroot hideattic sortby logsort f only_with_tag pid);
@stickyvars = qw(cvsroot hideattic sortby logsort f only_with_tag
pid eid exptidx);
@unsafevars = qw(logsort only_with_tag r1 r2 rev sortby tr1 tr2);
if (-f $config) {
......
......@@ -9,7 +9,7 @@
# based on work by Bill Fenner <fenner@FreeBSD.org>
#
# $FreeBSD: projects/cvsweb/cvsweb.conf,v 1.36.2.3 2002/09/23 05:30:17 scop Exp $
# $Id: cvsweb.conf,v 1.6 2005-09-02 22:07:23 stoller Exp $
# $Id: cvsweb.conf,v 1.7 2005-11-09 17:28:13 stoller Exp $
# $Idaemons: /home/cvs/cvsweb/cvsweb.conf,v 1.27 2001/08/01 09:48:39 knu Exp $
#
###
......@@ -139,7 +139,7 @@ $body_tag_for_src = '<body text="#000000" bgcolor="#eeeeee">';
# XXX: This is just a copy of the one from menu.php3, and has Utah-specific
# stuff hardcoded. Since it shouldn't run on other sites, seemed like a
# waste to spend to much time doing it in a more 'correct' way
$logo = '<table cellpadding=0 cellspacing=0 border=0 width=50%><tr>
$nologo = '<table cellpadding=0 cellspacing=0 border=0 width=50%><tr>
<td align=left valign=top width="0%">
<table cellpadding=5 cellspacing=0 border=0 bgcolor="#880000">
<tr>
......
......@@ -16,6 +16,10 @@ require("defs.php3");
# WARNING: See the LOGGEDINORDIE() calls below.
#
$uid = GETLOGIN();
unset($repodir);
# Tell system we do not want any headers drawn on errors.
$noheaders = 1;
#
# Verify form arguments.
......@@ -40,19 +44,97 @@ if (isset($pid) && $pid != "") {
if (! TBValidProject($pid)) {
USERERROR("The project '$pid' is not a valid project.", 1);
}
if (! ISADMIN($uid) &&
! TBProjAccessCheck($uid, $pid, $pid, $TB_PROJECT_READINFO)) {
# Then check to see if the project cvs repo is public.
if (isset($eid) && $eid != "") {
#
# Wants access to the experiment archive, which is really a repo.
#
if (!TBvalid_eid($eid)) {
PAGEARGERROR("Invalid experiment ID.");
}
if (! TBValidExperiment($pid, $eid)) {
USERERROR("Experiment '$pid/$eid' is not a valid experiment", 1);
}
if (! ISADMIN($uid) &&
! TBExptAccessCheck($uid, $pid, $eid, $TB_EXPT_READINFO)) {
USERERROR("Not enough permission to view '$pid/$eid'", 1);
}
# Get the repo index for the experiment.
$query_result =
DBQueryFatal("select cvsrepo_public from projects ".
"where pid='$pid'");
DBQueryFatal("select s.archive_idx from experiments as e ".
"left join experiment_stats as s on s.exptidx=e.idx ".
"where e.pid='$pid' and e.eid='$eid'");
if (!mysql_num_rows($query_result)) {
TBERROR("Error getting cvsrepo_public bit", 1);
TBERROR("Error getting repo index for '$pid/$eid'", 1);
}
$row = mysql_fetch_array($query_result);
if (!isset($row[0])) {
TBERROR("Error getting repo index for '$pid/$eid'", 1);
}
$row = mysql_fetch_array($query_result);
if ($row[0] == 0) {
USERERROR("You are not a member of Project $pid.", 1);
$repoidx = $row[0];
$repodir = "/usr/testbed/exparchive/$repoidx/repo/";
}
else {
#
# Wants access to the project repo.
#
if (! ISADMIN($uid) &&
! TBProjAccessCheck($uid, $pid, $gid, $TB_PROJECT_READINFO)) {
# Then check to see if the project cvs repo is public.
$query_result =
DBQueryFatal("select cvsrepo_public from projects ".
"where pid='$pid'");
if (!mysql_num_rows($query_result)) {
TBERROR("Error getting cvsrepo_public bit", 1);
}
$row = mysql_fetch_array($query_result);
if ($row[0] == 0) {
USERERROR("You are not a member of Project $pid.", 1);
}
}
$repodir = "$TBCVSREPO_DIR/$pid";
}
}
elseif (isset($exptidx) && $exptidx != "") {
if (!$CVSSUPPORT) {
USERERROR("Project CVS support is not enabled!", 1);
}
if (!TBvalid_integer($exptidx)) {
PAGEARGERROR("Invalid experiment index.");
}
# Must be logged in for this!
if ($uid) {
LOGGEDINORDIE($uid);
}
# Need the pid/eid/gid. Access the stats table since we want to provide
# cvs access to terminated experiments via the archive.
$query_result =
DBQueryFatal("select pid,eid,gid,archive_idx from experiment_stats ".
"where exptidx='$exptidx'");
if (!mysql_num_rows($query_result)) {
USERERROR("Experiment '$exptidx' is not a valid experiment", 1);
}
$row = mysql_fetch_array($query_result);
$pid = $row[0];
$eid = $row[1];
$gid = $row[2];
$repoidx = $row[3];
# If a current experiment, check usual permissions.
if (TBValidExperiment($pid, $eid)) {
if (! ISADMIN($uid) &&
! TBExptAccessCheck($uid, $pid, $eid, $TB_EXPT_READINFO)) {
USERERROR("Not enough permission to view '$pid/$eid'", 1);
}
$repodir = "/usr/testbed/exparchive/$repoidx/repo/";
}
else {
if (! ISADMIN($uid)) {
USERERROR("Must be administrator to view historical archives!", 1);
}
$repodir = "$TBDIR/expinfo/${pid}-${eid}.${exptidx}/Archive";
}
}
else {
......@@ -111,13 +193,13 @@ $shellcmd = "env PATH=./cvsweb/ QUERY_STRING=$query PATH_INFO=$path " .
"SCRIPT_NAME=$name HTTP_USER_AGENT=$agent " .
"HTTP_ACCEPT_ENCODING=$encoding ";
if (isset($pid)) {
# I know, I added an argument to a script that is not supposed to
# take any. So be it; it was easy.
$shellcmd .= "$TBSUEXEC_PATH $uid $pid webcvsweb -repo $TBCVSREPO_DIR/$pid";
if (isset($repodir)) {
# I know, I added an argument to a script that is not supposed to
# take any. So be it; it was easy.
$shellcmd .= "$TBSUEXEC_PATH $uid $pid webcvsweb -repo $repodir";
}
else {
$shellcmd .= "$script";
$shellcmd .= "$script";
}
$fp = popen($shellcmd, 'r');
......
<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002, 2005 University of Utah and the Flux Group.
# All rights reserved.
#
#
# Wrapper Wrapper script for cvsweb.cgi
#
chdir("../");
require("defs.php3");
#
# We look for anon access, and if so, redirect to ops web server.
# WARNING: See the LOGGEDINORDIE() calls below.
#
$uid = GETLOGIN();
# Redirect now, to avoid phishing.
if ($uid) {
LOGGEDINORDIE($uid);
}
else {
$url = $OPSCVSURL . "?cvsroot=$pid";
header("Location: $url");
return;
}
#
# Form the real url.
#
$newurl = preg_replace("/cvswebwrap/", "cvsweb", $_SERVER['REQUEST_URI']);
#
# Standard Testbed Header
#
PAGEHEADER("Emulab CVS Repository");
echo "<iframe width=100% height=800 scrolling=yes src='$newurl' border=0 ".
"style=\"width:100%; height:800; border: 0px\"> ".
"</iframe>\n";
#
# Standard Testbed Footer
#
PAGEFOOTER();
?>
......@@ -89,7 +89,7 @@ echo "<tr>
while (list($pid) = each($projlist)) {
$cvsdir = "$TBCVSREPO_DIR/$pid";
$cvsurl = "cvsweb/cvsweb.php3?pid=$pid";
$cvsurl = "cvsweb/cvswebwrap.php3?pid=$pid";
echo "<tr>
<td><A href='showproject.php3?pid=$pid'>$pid</A></td>
......@@ -104,7 +104,7 @@ echo "</table>\n";
if (TBCvswebAllowed($uid)) {
echo "<br><center>
You also have CVSweb access to the
<a href=cvsweb/cvsweb.php3>Emulab Source Repository</a>.
<a href=cvsweb/cvswebwrap.php3>Emulab Source Repository</a>.
</center><br>\n";
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment