[Sandweb-commit] CVS: sandweb/bin sandweb-expect,1.9,1.10 sandweb.cgi,1.332,1.333

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/sandweb/sandweb/bin
In directory usw-pr-cvs1:/tmp/cvs-serv15989/bin

Modified Files:
	sandweb-expect sandweb.cgi 
Log Message:
this checkin enables :

* vcs password support for tag/branch
* security problem with sandweb-expect ( password showing up
  in process list ) is solved




Index: sandweb-expect
===================================================================
RCS file: /cvsroot/sandweb/sandweb/bin/sandweb-expect,v
retrieving revision 1.9
retrieving revision 1.10
diff -U2 -r1.9 -r1.10

--- sandweb-expect	6 Nov 2002 05:54:28 -0000	1.9
+++ sandweb-expect	7 Nov 2002 08:01:10 -0000	1.10
@@ -1,83 +1,44 @@
 #!expect
 
-# System account, vcs password :
-# input : system_vcs system_username system_password vcs_password vcs_command
+# 
+# input : vcs users_dir vcs_command
 #
-# Unix account, no vcs password :
-# input : system system_username system_password vcs_command
-#
-# No Unix account, vcs password:
-# input : vcs vcs_password vcs_command
 
 set timeout -1
 
-if {[lindex $argv 0]=="system_vcs"} {
-	set system_username [lindex $argv 1]
-	set system_password [lindex $argv 2]
-	set vcs_password [lindex $argv 5]
-	set vcs_command [lindex $argv 6]
-
-	spawn /bin/su - $system_username -c $vcs_command
-
-	expect {
-		"Password:" { send "$system_password\r" }
-		"password:" { send "$vcs_password\r" }
-		"Sorry." { 
-			send "Invalid system username/password\r"
-			exit 1
-		}
-		"Are you sure" { send "yes\r" }
-		eof { 
-			send_user "Unexpected EOF\r\n" 
-			exit 3
-		}
-	}
-} 
-
-if {[lindex $argv 0]=="system"} {
-	set system_username [lindex $argv 1]
-	set system_password [lindex $argv 2]
-	set vcs_command [lindex $argv 3]
-
-	spawn /bin/su - $system_username -c $vcs_command
-
-	expect {
-		"Password:" { send "$system_password\r" }
-		"Sorry." { 
-			send "Invalid system username/password\r"
-			exit 1
-		}
-		eof { 
-			send_user "Unexpected EOF\r\n" 
-			exit 3
-		}
-	}
-} 
-
 if {[lindex $argv 0]=="vcs"} {
-	set vcs_password [lindex $argv 1]
+
+	set users_dir [lindex $argv 1]
 	set vcs_command [lindex $argv 2]
 
-	spawn /bin/sh -c $vcs_command
+	set file [ open $users_dir r ]
 
-	expect {
-		"password:" { send "$vcs_password\r" }
-	}
+	foreach line [ split [ read $file ] "\n" ] {
+	        set vcs_password [ lindex $line 0 ]
 
-	expect {
+		spawn /bin/sh -c $vcs_command
 
-		"Are you sure" { 
-			send "y" 
+		expect {
+			"password:" { send "$vcs_password\r" }
 		}
 
-		"denied" { 
-			send "Invalid VCS username/password\r" 
-			exit 2
-		}
+		expect {
 
-		eof { 
-			# success
-			exit 0
+			"Are you sure" { 
+				send "y" 
+			}
+
+			"denied" { 
+				send "Invalid VCS username/password\r" 
+				exit 2
+			}
+			
+			eof { 
+				# success
+				exit 0
+			}
 		}
+
+		close $file
 	}
 }

Index: sandweb.cgi
===================================================================
RCS file: /cvsroot/sandweb/sandweb/bin/sandweb.cgi,v
retrieving revision 1.332
retrieving revision 1.333
diff -U2 -r1.332 -r1.333
--- sandweb.cgi	6 Nov 2002 22:57:57 -0000	1.332
+++ sandweb.cgi	7 Nov 2002 08:01:12 -0000	1.333
@@ -739,4 +739,5 @@
 		'root' => $repo_root,
 		'connection' => $repo_connection,
+		'users_dir' => $users_dir,
 		'vcs_username' => $repo_username,
 		'vcs_password' => $repo_password,
@@ -1697,5 +1698,8 @@
 # vcs menu
 #
-# asks user for VCS password
+# asks user for VCS password, if the user does not have 
+# remember_vcs_password selected for the current repository. 
+#
+# All VCS commands go through this subroutine.
 #
 # args:
@@ -1721,8 +1725,13 @@
 	my $vcs_command = $args{'vcs_command'};
 	my $vcs_message = $args{'message'};
-	my $main_window_url = "$ENV{'HTTP_REFERER'}";
+	my $params = $args{'params'};
+	my $main_window_url = $args{'main_window_url'} || '';
 	my @filename_loop = ();
 	my $count = 0;
 
+	unless ($main_window_url) {
+		$main_window_url = "$ENV{'HTTP_REFERER'}";
+	}
+
 	my $remember_repo_password = $user->get_remember_repo_password(repo => $repo_name);
 
@@ -1778,4 +1787,5 @@
 			filename => \@filename,
 			location => $location,
+			params => $params,
 		);
 
@@ -2342,6 +2352,15 @@
 	my $repo_name = $args{'repo_name'};
 	my $main_window_url = $args{'main_window_url'};
+	my $params = $args{'params'} || '';
+
 	my %return;
 
+	# dereference params hash
+	my %params;
+	
+	if ($params) {
+		%params = %$params;
+	}
+
 	$log->debug("module_name: $module_name");
 	$log->debug("username: $username");
@@ -2403,4 +2422,5 @@
 		repo_type => $repo_type,
 		sandbox => "$users_dir/$username/$repo_name/$module_name/$location",
+		users_dir => "$users_dir/$username",
 		'ssh_bin' => $ssh_bin,
 		'cvs_bin' => $cvs_bin,
@@ -2530,4 +2550,5 @@
 			%return = $repository->$vcs_command( 
 				file => "$file",
+				%params,
 			);
 			push (@vcs_output, "$return{'output'}\n");
@@ -2859,6 +2880,4 @@
 # processes calls from tag menu to sync with/switch to trunk or tagname
 #
-# A Repository object is created and used.
-#
 # args:
 # 	ck_auth		- the sessions cookie
@@ -2925,21 +2944,4 @@
 	my @vcs_error = ();
 
-	my $repository = SandWeb::Repository->new(
-		root => $repo_root,
-		connection => $repo_connection,
-                'vcs_username' => $repo_username,
-                'vcs_password' => $repo_password,
-		'unix_auth' => $unix_auth,
-                'system_username' => $system_username,
-                'system_password' => $system_password,
-		server => $repo_server,
-		repo_type => $repo_type,
-		sandbox => "$users_dir/$username/$repo_name/$module_name/$location",
-		'ssh_bin' => $ssh_bin,
-		'cvs_bin' => $cvs_bin,
-		'bindir' => $bindir,
-		'log_obj' => $log,
-	);
-
 	$log->debug("Repo name: $repo_name");
 	$log->debug("Repo root: $repo_root");
@@ -2949,66 +2951,108 @@
 
 	if ($tag_sync) {
-		foreach my $file (@filename) {
-			%return = $repository->update( 
-				file => "$file",
-				rev => "$tag_sync",
-			);
-			push (@vcs_output, "$return{'output'}\n");
-			push (@vcs_error, "$return{'error'}\n");
-		}
+		my %params = (
+			rev => $tag_sync,
+		);
+
+		vcs_menu(
+			ck_auth => $ck_auth,
+			vcs_command => 'update',
+			module_name => $module_name,
+			repo_name => $repo_name,
+			repo_password => $repo_password,
+			filename => \@filename,
+			location => $location,
+			params => \%params,
+			main_window_url => $main_window_url,
+		);
 	}
 	if ($tag_switch) {
-		foreach my $file (@filename) {
-			%return = $repository->update( 
-				file => "$file",
-				rev => "$tag_switch",
-				clobber => 1,
-			);
-			push (@vcs_output, "$return{'output'}\n");
-			push (@vcs_error, "$return{'error'}\n");
-		}
+		my %params = (
+			rev => $tag_switch,
+			clobber => 1,
+		);
+
+		vcs_menu(
+			ck_auth => $ck_auth,
+			vcs_command => 'update',
+			module_name => $module_name,
+			repo_name => $repo_name,
+			repo_password => $repo_password,
+			filename => \@filename,
+			location => $location,
+			params => \%params,
+			main_window_url => $main_window_url,
+		);
 	}
 	if ($trunk_sync) {
-		foreach my $file (@filename) {
-			%return = $repository->update( 
-				file => "$file",
-				reset => 1,
-			);
-			push (@vcs_output, "$return{'output'}\n");
-			push (@vcs_error, "$return{'error'}\n");
-		}
+		my %params = (
+			rev => $trunk_sync,
+		);
+
+		vcs_menu(
+			ck_auth => $ck_auth,
+			vcs_command => 'update',
+			module_name => $module_name,
+			repo_name => $repo_name,
+			repo_password => $repo_password,
+			filename => \@filename,
+			location => $location,
+			params => \%params,
+			main_window_url => $main_window_url,
+		);
 	}
 	if ($trunk_switch) {
-		foreach my $file (@filename) {
-			%return = $repository->update( 
-				file => "$file",
-				clobber => 1,
-				reset => 1,
-			);
-			push (@vcs_output, "$return{'output'}\n");
-			push (@vcs_error, "$return{'error'}\n");
-		}
+		my %params = (
+			rev => $trunk_switch,
+			clobber => 1,
+		);
+
+		vcs_menu(
+			ck_auth => $ck_auth,
+			vcs_command => 'update',
+			module_name => $module_name,
+			repo_name => $repo_name,
+			repo_password => $repo_password,
+			filename => \@filename,
+			location => $location,
+			params => \%params,
+			main_window_url => $main_window_url,
+		);
 	}
 
 	if ($create_tag) {
-		foreach my $file (@filename) {
-			%return = $repository->tag( 
-				file => "$file",
-				name => "$create_tag",
-			);
-			push (@vcs_output, "$return{'output'}\n");
-			push (@vcs_error, "$return{'error'}\n");
-		}
+		my %params = (
+			name => "$create_tag",
+		);
+
+		vcs_menu(
+			ck_auth => $ck_auth,
+			vcs_command => 'tag',
+			module_name => $module_name,
+			repo_name => $repo_name,
+			repo_password => $repo_password,
+			filename => \@filename,
+			location => $location,
+			params => \%params,
+			main_window_url => $main_window_url,
+		);
 	}
 	if ($remove_tag) {
-		foreach my $file (@filename) {
-			%return = $repository->tag( 
-				file => "$file",
-				name => "$remove_tag",
-				delete => 1,
-			);
-			push (@vcs_output, "$return{'output'}\n");
-			push (@vcs_error, "$return{'error'}\n");
-		}
+		my %params = (
+			delete => 1,
+			name => "$remove_tag",
+		);
+
+		vcs_menu(
+			ck_auth => $ck_auth,
+			vcs_command => 'tag',
+			module_name => $module_name,
+			repo_name => $repo_name,
+			repo_password => $repo_password,
+			filename => \@filename,
+			location => $location,
+			params => \%params,
+			main_window_url => $main_window_url,
+		);
 	}
 
@@ -3109,21 +3153,4 @@
 	my @vcs_error = ();
 
-	my $repository = SandWeb::Repository->new(
-		root => $repo_root,
-		connection => $repo_connection,
-                'vcs_username' => $repo_username,
-                'vcs_password' => $repo_password,
-		'unix_auth' => $unix_auth,
-                'system_username' => $system_username,
-                'system_password' => $system_password,
-		server => $repo_server,
-		repo_type => $repo_type,
-		sandbox => "$users_dir/$username/$repo_name/$module_name/$location",
-		'ssh_bin' => $ssh_bin,
-		'cvs_bin' => $cvs_bin,
-		'bindir' => $bindir,
-		'log_obj' => $log,
-	);
-
 	$log->debug("Repo name: $repo_name");
 	$log->debug("Repo root: $repo_root");
@@ -3133,68 +3160,109 @@
 
 	if ($branch_sync) {
-		foreach my $file (@filename) {
-			%return = $repository->update( 
-				file => "$file",
-				rev => "$branch_sync",
-			);
-			push (@vcs_output, "$return{'output'}\n");
-			push (@vcs_error, "$return{'error'}\n");
-		}
+		my %params = (
+			rev => $branch_sync,
+		);
+
+		vcs_menu(
+			ck_auth => $ck_auth,
+			vcs_command => 'update',
+			module_name => $module_name,
+			repo_name => $repo_name,
+			repo_password => $repo_password,
+			filename => \@filename,
+			location => $location,
+			params => \%params,
+			main_window_url => $main_window_url,
+		);
 	}
 	if ($branch_switch) {
-		foreach my $file (@filename) {
-			%return = $repository->update( 
-				file => "$file",
-				rev => "$branch_switch",
-				clobber => 1,
-			);
-			push (@vcs_output, "$return{'output'}\n");
-			push (@vcs_error, "$return{'error'}\n");
-		}
+		my %params = (
+			rev => $branch_switch,
+			clobber => 1,
+		);
+
+		vcs_menu(
+			ck_auth => $ck_auth,
+			vcs_command => 'update',
+			module_name => $module_name,
+			repo_name => $repo_name,
+			repo_password => $repo_password,
+			filename => \@filename,
+			location => $location,
+			params => \%params,
+			main_window_url => $main_window_url,
+		);
 	}
 	if ($trunk_sync) {
-		foreach my $file (@filename) {
-			%return = $repository->update( 
-				file => "$file",
-				reset => 1,
-			);
-			push (@vcs_output, "$return{'output'}\n");
-			push (@vcs_error, "$return{'error'}\n");
-		}
+		my %params = (
+			reset => 1,
+		);
+
+		vcs_menu(
+			ck_auth => $ck_auth,
+			vcs_command => 'update',
+			module_name => $module_name,
+			repo_name => $repo_name,
+			repo_password => $repo_password,
+			filename => \@filename,
+			location => $location,
+			params => \%params,
+			main_window_url => $main_window_url,
+		);
 	}
 	if ($trunk_switch) {
-		foreach my $file (@filename) {
-			%return = $repository->update( 
-				file => "$file",
-				clobber => 1,
-				reset => 1,
-			);
-			push (@vcs_output, "$return{'output'}\n");
-			push (@vcs_error, "$return{'error'}\n");
-		}
+		my %params = (
+			rev => $branch_switch,
+			clobber => 1,
+		);
+
+		vcs_menu(
+			ck_auth => $ck_auth,
+			vcs_command => 'update',
+			module_name => $module_name,
+			repo_name => $repo_name,
+			repo_password => $repo_password,
+			filename => \@filename,
+			location => $location,
+			params => \%params,
+			main_window_url => $main_window_url,
+		);
 	}
 
 	if ($create_branch) {
-		foreach my $file (@filename) {
-			%return = $repository->tag( 
-				file => "$file",
-				name => "$create_branch",
-				branch => 1,
-			);
-			push (@vcs_output, "$return{'output'}\n");
-			push (@vcs_error, "$return{'error'}\n");
-		}
+		my %params = (
+			branch => 1,
+			name => $create_branch,
+		);
+
+		vcs_menu(
+			ck_auth => $ck_auth,
+			vcs_command => 'tag',
+			module_name => $module_name,
+			repo_name => $repo_name,
+			repo_password => $repo_password,
+			filename => \@filename,
+			location => $location,
+			params => \%params,
+			main_window_url => $main_window_url,
+		);
 	}
 	if ($remove_branch) {
-		foreach my $file (@filename) {
-			%return = $repository->tag( 
-				file => "$file",
-				name => "$remove_branch",
-				branch => 1,
-				delete => 1,
-			);
-			push (@vcs_output, "$return{'output'}\n");
-			push (@vcs_error, "$return{'error'}\n");
-		}
+		my %params = (
+			delete => 1,
+			name => "$remove_branch",
+		);
+
+		vcs_menu(
+			ck_auth => $ck_auth,
+			vcs_command => 'tag',
+			module_name => $module_name,
+			repo_name => $repo_name,
+			repo_password => $repo_password,
+			filename => \@filename,
+			location => $location,
+			params => \%params,
+			main_window_url => $main_window_url,
+		);
 	}
 



