Re: software for remote repository administration (via http)

On Thu, Mar 25, 2004 at 03:33:58PM -0600, Ben Collins-Sussman wrote:
> On Thu, 2004-03-25 at 14:46, solo turn wrote:

> > what software do you suggest to administer a svn repository via http? i.e.
> > - create users
> > - users can change their own password
> > - set access rights
>
> Actually, somebody wrote a CGI environment to do exactly this, and
> posted about it many times on this list, about a year ago.

That was me. But there was little interest for including this script
into the contrib, so I have not actively worked further on it.

You can find the version I posted on

  http://subversion.tigris.org/servlets/ReadMsg?list=dev?msgId=218353

But bear in mind that this is a very outdated version. I've added a
framework for additional user interfaces and started to add a command
line interface. I have plans to add a Tk interface, too. But due to
lack of time (and lack of interest from the svn people) I have left it
in a half-bakened state.

I'd be happy to share it if there is significant interest. But I'd like
to bring it into a stable state before sharing (which will probably take
some time).

Here comes a (pretty outdated) description:

-------- snip ---------

    With this CGI you can do most of the day-by-day administration of your
    subversion server without the need to log into the server. You simply
    fire up your favourite www-browser and go ahead.
    With this CGI it is also (fairly) simple to set up networked repositories.

  Features:
    - You can create new repositories. When creating a new repository, you
      can choose one of several (previosly defined) templates for this new
      repos. The template defines any initial files, directories, property
      settings and pre-commit/post-commit definitions (such as access
      permissions and commit-email).
    - You can add/delete users to the svn-passwd and change their passwords.
      Every user can change its own password, of course.
    - You can define which users have access (read/write) and which ones have
      administration permissions to which repositories.
    - The CGI registers itself as [pre|post]-commit-hook. This way it is able
      to implement access restrictions, send commit-emails and do
      database-backups after every commit.
    - You can browse/edit commit-logs in a (IMHO) more convinient way than
      tweak-log.cgi does.
    - You can quickly browse which changes any commit did to the repository.
    - It is already prepared for support of different languages (currently
      english and german).

  Notes:
    - Please protect this script via SSL and some sort of authentication.
    
  Caveats:
    - It needs enhancements in security. Currently, I would run it _only_
      in secure environments (that is, authenticated SSL). PLEASE do NOT
      use it in any untrusted environments.
    - It needs to do more sanity checks.
    - It needs to do more taint-cheks on user input.
    - It needs to "apachectl graceful" after a new repository is created.
      You can use sudo to allow your svnadmin user to run this command.
      Alternately, a C-program to do this in a (hopefully) secure manner is
      attached below. You should install it with mode=4750, owner=root,
      group=svn. The need for this kludge will hopefully disappear as soon as
      AuthGroupFile (which seemed to be broken the last time I checked)
      will be functional.
    - Currently, the cgi is run as the usual httpd-user. This is not good.
      It should use Suexec. But Suexec is dangerous, because the current
      implementation of the cgi constructs httpd-configs. This construction
      of the httpd-configs can not be disabled as long as AuthGroupFile is
      not functional. ARGHL :-()

  TODO:
    - Ask for credentials if we are not called from apache.
    - create independent configurations for commit-access and commit-email.
    - allow for textual replacements in configuration-template and/or
      configuration files (e.g. $reposname)
    - add buttons to insert access/email-configurations in the middle of the
      list.
    - make it more robust. (sanity checks).
    - make more taint-checks.
    - cleanup and document the code.
    - make it work with AuthGroupFile, so that apache restart will not be
      needed anymore.
    - remove write-locks and obsolete logs from the database after backup.
    - implement an "intelligent" backup scheme, so that replay-logs are
      backupped exactly once.
    - rewrite to use mod_perl so authentication and speed will be enhanced.
    - make the script more robust, so that parallel execution etc/pp will
      be handled gracefully.
    - create frontend for template creation/maintanance.
    - make it safe for Suexec-usage.
    - fix bugs.
    - accurately log every action. Have a logfile for each repos in addition
      to a global logfile.
    - make it more configurable.
    - add more hook-functionality (propchange etc)
    - add Tk interface
    - add command line interface
    - do automatic "svn up"/"svn co" and run regressions withhin commit-hook(s)
    - parse commit-logs for issue-tickets and feed issue-tracker.
    - make use of the new "svnadmin copy" command to make backups.

-- 
-- Josef Wolf -- jw@raven.inka.de --
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org