testing: clone/push over http in http test mode

This sets up password auth for the gitano-smart-http wrapper
so we can finally test commands over http.

We wouldn't normally bother with auth during test mode,
but lighttpd does not pass REMOTE_USER through to the CGIs
unless we have authenticated.

1 files changed, 86 insertions, 7 deletions

diff --git a/testing/gitano-test-tool.in b/testing/gitano-test-tool.in
index d998c0a..92e3e6c 100644
--- a/testing/gitano-test-tool.in
+++ b/testing/gitano-test-tool.in
@@ -133,6 +133,19 @@ local function generate_exturl(user, key, repo)
 			  esc(authline.user), esc(authline.keyset))
 end
 
+local function generate_httpurl(user, key, repo)
+   local authkeys = load_auth(ssh_key_file("testinstance", "authorized_keys"))
+   local pubkey = (sio.open(ssh_key_file(user, key) .. ".pub", "r")):read("*l")
+   local authline = assert(authkeys[pubkey])
+
+   local port_file = basedir .. "lighttpd.port"
+   local fh = io.open(port_file, "r")
+   local port = tonumber(fh:read())
+   fh:close()
+
+   return ("http://%s:%s@localhost:%d/git/%s"):format(authline.user, authline.user, port, repo)
+end
+
 function cmd_setgitconfig(username, key, value)
    run_program {
       "git", "config", "--file", user_home(username).."/.gitconfig", key, value
@@ -175,14 +188,18 @@ end
 
 function cmd_setupstandard(owning_user, master_key, bypass_key)
    local clodname = basedir .. "setup.clod"
+   local repo_path = user_home(owning_user) .. "/repos"
    local fh = io.open(clodname, "w")
    fh:write('setup.batch "true"\n')
    fh:write(('paths.pubkey %q\n'):format(ssh_key_file(owning_user, master_key) .. ".pub"))
    fh:write(('paths.bypasskey %q\n'):format(ssh_key_file(owning_user, bypass_key) .. ".pub"))
-   fh:write(('paths.repos %q\n'):format(user_home(owning_user) .. "/repos"))
+   fh:write(('paths.repos %q\n'):format(repo_path))
    fh:write('site.name "Gitano Test Instance"\n')
    fh:write('log.prefix "gitano-test"\n')
    fh:write(('admin.keyname %q\n'):format(master_key))
+   if os.getenv("GTT_PROTO") == "http" then
+      fh:write('use.htpasswd "yes"\n')
+   end
    fh:close()
    run_program {
       "gitano-setup", clodname,
@@ -191,6 +208,7 @@ function cmd_setupstandard(owning_user, master_key, bypass_key)
    }
    if os.getenv("GTT_PROTO") == "http" then
       -- setup lighttpd
+      local htpasswd = user_home(owning_user) .. "/htpasswd"
       local pid_file = basedir .. "lighttpd.pid"
       local port_file = basedir .. "lighttpd.port"
       local docroot = basedir .. "docroot"
@@ -199,19 +217,65 @@ function cmd_setupstandard(owning_user, master_key, bypass_key)
       local how, why
       for repetition=1, 10 do
          local fh = io.open(lighttpd_conf, "w+")
-         fh:write(('server.modules = ( "mod_cgi" )\n'))
          fh:write(('server.pid-file = %q\n'):format(pid_file))
          fh:write(('server.document-root = %q\n'):format(docroot))
          fh:write(('server.port = %d\n'):format(port))
+         fh:write('server.modules = ( "mod_auth", "mod_alias", "mod_cgi", "mod_setenv" )\n')
+         fh:write(([[
+$HTTP["url"] =~ ".*/gitano-command.cgi$" {
+        setenv.add-environment = (
+                "HOME" => %q,
+                "GITANO_ROOT" => %q
+        )
+
+        auth.require = (
+        	"/" => (
+        		"method" => "basic",
+        		"realm" => "Git Access",
+        		"require" => "valid-user"
+        	       )
+        )
+        
+        auth.backend = "htpasswd"
+        auth.backend.htpasswd.userfile = %q
+}
+
+$HTTP["url"] =~ "^/git/.*$" {
+        alias.url += ( "/git" => %q )
+
+        cgi.assign = ("" => "")
+        setenv.add-environment = (
+                "GIT_HTTP_EXPORT_ALL" => "",
+                "GIT_PROJECT_ROOT" => %q,
+                "HOME" => %q,
+                "GITANO_ROOT" => %q
+        )
+
+        auth.require = (
+        	"/" => (
+        		"method" => "basic",
+        		"realm" => "Git Access",
+        		"require" => "valid-user"
+        	       )
+        )
+        
+        auth.backend = "htpasswd"
+        auth.backend.htpasswd.userfile = %q
+}
+]]):format(user_home(owning_user), repo_path, htpasswd,
+           gitano.config.lib_bin_path() .. "/gitano-smart-http.cgi", repo_path,
+           user_home(owning_user), repo_path, htpasswd))
+
          fh:close()
+
          local proc = sp.spawn_simple {
             "lighttpd", "-f", lighttpd_conf,
          }
          how, why = proc:wait()
-         port = port + 1
          if how == "exit" and why == 0 then
             break
          end
+         port = port + 1
       end
       if how == -1 then
           unix_assert(how, why)
@@ -221,6 +285,9 @@ function cmd_setupstandard(owning_user, master_key, bypass_key)
                          .. how .. ":" .. tostring(why) .. "\n")
          os.exit(1)
       end
+      local fh = io.open(port_file, "w")
+      fh:write(("%d"):format(port))
+      fh:close()
    end
 end
 
@@ -234,19 +301,31 @@ function cmd_teardownstandard()
 end
 
 function cmd_clone(user, key, repo, localname, ...)
-   local exturl = generate_exturl(user, key, repo)
+   local url
+   if os.getenv("GTT_PROTO") == "http" then
+      url = generate_httpurl(user, key, repo)
+   end
+   if os.getenv("GTT_PROTO") == "ssh" then
+      url = generate_exturl(user, key, repo)
+   end
    run_program {
       env = { HOME = user_home(user) },
-      "git", "clone", exturl, user_home(user) .. "/" .. localname, ...
+      "git", "clone", url, user_home(user) .. "/" .. localname, ...
    }
 end
 
 function cmd_push(user, key, localname, repo, ...)
-   local exturl = generate_exturl(user, key, repo)
+   local url
+   if os.getenv("GTT_PROTO") == "http" then
+      url = generate_httpurl(user, key, repo)
+   end
+   if os.getenv("GTT_PROTO") == "ssh" then
+      url = generate_exturl(user, key, repo)
+   end
    run_program {
       cwd = user_home(user) .. "/" .. localname,
       env = { HOME = user_home(user) },
-      "git", "push", exturl, ...
+      "git", "push", url, ...
    }
 end