[英]Plugin to use gitolite's ACLs for CGIT/Apache httpd?
We use gitolite's ACL mechanism to control who has access to different repositories.我们使用 gitolite 的 ACL 机制来控制谁可以访问不同的存储库。 We also use CGIT with Apache httpd to allow browsing of readable repositories.
我们还将 CGIT 与 Apache httpd 一起使用,以允许浏览可读存储库。
We'd like to also use the gitolite ACLs in the Apache httpd access control system.我们还想在 Apache httpd 访问控制系统中使用 gitolite ACL。
Is there an Apache httpd authn/authz module that provides this functionality?是否有提供此功能的 Apache httpd authn/authz 模块?
Thanks!谢谢!
I have integrated CGit and gitolite a while ago with this cgi Perl script, calling gitolite: cgit/cgit.pl.tpl
.不久前,我将 CGit 和 gitolite 与这个 cgi Perl 脚本集成在一起,调用 gitolite:
cgit/cgit.pl.tpl
。
(don't mind the @H@
, those are template placeholder that are supposed to be valued later in order to produce the actual Perl script) (不要介意
@H@
,这些是模板占位符,应该在以后评估以生成实际的 Perl 脚本)
The idea is to benefit from the authentication done by Apache:这个想法是从 Apache 完成的身份验证中受益:
my $remote_user=$ENV{"REMOTE_USER"};
And to use that user when calling Gitolite to check if the access to a repo can be granted, calling the actual cgit.cgi
C procedure if the access is granted:并在调用 Gitolite 时使用该用户检查是否可以授予对 repo 的访问权限,如果授予访问权限,则调用实际的
cgit.cgi
C 过程:
use Gitolite::Rc;
use Gitolite::Common;
use Gitolite::Conf::Load;
(my $repo)=($path_info =~ /\/([^\/]+)/);
my $perm = "R";
if ($repo ne "") {
my $aperm = access( $repo, $user, 'R', 'any' );
# my ($aperm, $creator) = &repo_rights($repo);
$perm=$aperm;
}
if ($perm !~ /DENIED/) {
system("@H@/cgit/cgit.cgi");
}
else {
print "Content-type: text/html\n\n";
print "<html>\n";
print "<body>\n";
print " <h1>HTTP Status 403 - Access is denied</h1>\n";
print " You don't have access to repo <b>$repo</b> as <b>$user</b>\n";
print "</body>\n";
print "</html>\n";
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.