class GitsController < ApplicationController
#供git-workhorse反向调用认证
def auth
# HTTP_AUTHORIZATION: "Basic 这里base64编码的的密码(user:passwd)"
logger.info("11111112222223333#{request.env["HTTP_AUTHORIZATION"]}")
#logger.info("#########-----request_env: #{request.env}")
# {"service"=>"git-receive-pack", "controller"=>"gits", "action"=>"auth",
# "url"=>"forge01/cermyt39.git/info/refs"}
#
gituser = edu_setting('git_username')
gitpassword = edu_setting('git_password')
result = false
if request.env["HTTP_AUTHORIZATION"] && request.env["HTTP_AUTHORIZATION"].split(" ").length == 2
username_password = Base64.decode64(request.env["HTTP_AUTHORIZATION"].split(" ")[1])
input_username = username_password.split(":")[0].strip()
input_password = username_password.split(":")[1].strip()
uid_logger("git start auth: input_username is #{input_username}")
# Git 超级权限用户
if input_username == gituser && input_password == gitpassword
result = true
else
# 用户是否对对象拥有权限
system_user = User.find_by_login(input_username) || User.find_by_mail(input_username) || User.find_by_phone(input_username)
# 如果用户名密码错误
if !system_user.check_password?(input_password)
uid_logger_error("git start: password is wrong")
result = false
else
git_url = params["url"]
username = git_url.split("/")[0]
shixunname = git_url.split("/")[1].split(".")[0]
repo_name = username + "/" + shixunname
uid_logger("git start: repo_name is #{repo_name}")
shixun = Shixun.select([:id, :user_id, :repo_name, :identifier]).where(repo_name: repo_name).first
uid_logger("git start auth: shixun identifier is #{shixun.try(:identifier)}")
uid_logger("git start auth: systemuser is #{system_user.try(:login)}")
if shixun.present?
if system_user.present? && system_user.manager_of_shixun?(shixun)
result = true
else
logger.info("git411 start")
result = false
end
else
render :json => { :status => 404 }
result = false
end
end
end
end
authenticate_or_request_with_http_basic do |username, password|
result
end
end
end