From ac5bed6b42d7c1c8839666cfd8906a0950abd6cb Mon Sep 17 00:00:00 2001
From: Daniel Silverstone <dsilvers@digital-scurf.org>
Date: Mon, 31 Jul 2017 14:38:45 -0400
Subject: Update htpasswd when user names change

When deleting or renaming users, the htpasswd file needs
updating so that we don't leave stale or incorrectly assigned
user credentials around.
---
 lib/gitano/admincommand.lua | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

(limited to 'lib')

diff --git a/lib/gitano/admincommand.lua b/lib/gitano/admincommand.lua
index e9f2fdf..be6bf0a 100644
--- a/lib/gitano/admincommand.lua
+++ b/lib/gitano/admincommand.lua
@@ -124,6 +124,35 @@ local function builtin_as_run(conf, _, cmdline, env)
    return cmdline.cmd.run(conf, cmdline.repo, cmdline.copy, env)
 end
 
+local function update_user_in_htpasswd(conf, userfrom, userto)
+   if conf.clod.settings["use_htpasswd"] ~= "yes" then
+      return
+   end
+   local htpasswd_path = os.getenv("HOME") .. "/htpasswd"
+   local fh = io.open(htpasswd_path, "r")
+   if not fh then return end
+   local to_write = {}
+   for l in fh:lines() do
+      if l:sub(1, #userfrom + 1) == userfrom .. ":" then
+         if userto then
+            to_write[#to_write + 1] = userto .. ":" .. l:sub(#userfrom + 2, -1)
+         end
+      else
+         to_write[#to_write+1] = l
+      end
+   end
+   fh:close()
+   fh = assert(io.open(htpasswd_path .. ".new", "w"))
+   fh:write(table.concat(to_write, "\n"))
+   fh:write("\n")
+   fh:close()
+   local ok, errno = luxio.rename(htpasswd_path .. ".new", htpasswd_path)
+   if ok ~= 0 then
+      log.warn(i18n.expand("ERROR_UNABLE_TO_RENAME_INTO_PLACE",
+                           {what="htpasswd", reason=luxio.strerror(errno)}))
+   end
+end
+
 local builtin_user_short = "Manage users in Gitano"
 local builtin_user_helptext = [[
 usage: user [list]
@@ -345,6 +374,7 @@ local function builtin_user_run(conf, _, cmdline, env)
       end
       log.state("Committed: " .. reason)
       if cmdline[2] == "rename" then
+         update_user_in_htpasswd(conf, cmdline[3], cmdline[4])
          local function reown_repo(_, repo)
             if repo:conf_get("project.owner") == cmdline[3] then
                local ok, msg = repo:conf_set_and_save(
@@ -357,6 +387,8 @@ local function builtin_user_run(conf, _, cmdline, env)
             end
          end
          repository.foreach(conf, reown_repo)
+      elseif cmdline[2] == "del" then
+         update_user_in_htpasswd(conf, cmdline[3], nil)
       end
    end
    return "exit", 0
-- 
cgit v1.2.1