Merge pull request #4 from nhnb/setup

Setup and Distribution improvements

.gitignore

@@ -1 +1,2 @@
 *.pyc
+dist

README.md

@@ -1,31 +1,10 @@
-# postsai-commitstop
+# Commit Stop
+**Manage Push Permissions**
 
-A Postsai extension that adds the capability to establish and manage commit stops through a simple web interface for both Git and CVS.
+*Commit Stop* allows the management of push permissions for source code repositories. 
 
+For example only certain people may be allowed to commit directly to Git master. Or
+commits to a certain release branch are only allowed with special information in the 
+commit message.
 
-## CVS
-
-
-The integration with CVS repositories is achieved via a CVS verifymsg hook.
-
-After you copied the file hooks/verifymsg.py to your CVS server, you need to edit CVSROOT/verifymsg in order to invoke it. Please note that verifymsg only supports one hook per module pattern (unlike loginfo).
-
-For example, to use the commitstop extension for all CVS modules in the current repository with a postsai server at example.com:
-
-~~~~
-  .* /usr/local/bin/verifymsg.py --repository=repo --url=https://example.com/postsai/extensions/commitstop/api.py --msgfile=%l
-~~~~
-
-
-## Frontend for viewing and updating configurations 
-
-
-The source code of the web frontend is located under the directory ./frontend. After building it with angular-cli using the command
-
-ng build -w -prod --bh ""
-
-, it can be invoked by opening the location
-
-$domain/postsai/extensions/postsai-commitstop/frontend/dist/
-
-where $domain is the base url of the postsai installation.
+Please see [https://hiseg.github.io/commitstop](https://hiseg.github.com/commitstop) for details.  

__init__.py

@@ -1,6 +1,6 @@
 # coding=UTF-8
 # The MIT License (MIT)
-# Copyright (c) 2016 Postsai
+# Copyright (c) 2016-2017 HIS e. G.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a
 # copy of this software and associated documentation files (the "Software"),
@@ -20,50 +20,48 @@
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 # DEALINGS IN THE SOFTWARE.
 
+import sys
 from backend.db import PostsaiDB
-import config
 
+try:
+    import config
+    import warnings
+except ImportError:
+    pass
 
 
 class Extension:
 
     def install_extension_setup(self, config):
         """install.py - hook invoked after reading the configuration file"""
 
-        print("Initializing " + __name__)
+        if not "repository_status_permission" in config:
+            print("ERROR: Configuration for committstop is missing.")
+            self.install_print_config_stub()
+            sys.exit(1)
+
 
 
     def install_print_config_stub(self):
         """adds stubs for retrieving the current user name and for permission checking to the config file"""
 
         print("# configuration for " + __name__)
-        print()
+        print("")
         print("""
-# checks the permission to submit a new commit stop configuration
-# (edit according to your needs)
 def repository_status_permission():
-    return True
+    \"\"\"checks the permission to submit a new commit stop configuration\"\"\"
 
-# returns the name of the user who is committing a new configuration
-# (edit according to your needs)
-def repository_status_username():
-    return "anonymous"
+    # return os.environ.get("AUTHENTICATE_POSTSAI_COMMITSTOP_MANAGER", "False") == "True"
+    # return os.environ.get("REMOTE_USER", "-") in ("admin1", "admin2")
+    return True
 """)
 
 
-    def install_pre_database_structure_update(self):
-        """install.py - hook invoked before the database structure is created or updated. 
-        Obsolete indexes and views my be deleted here"""
-
-        print("Pre database update cleanup for " + __name__)
-
-
     def install_post_database_structure_update(self):
         """install.py - hook invoked after the main database structure has been created or updated. 
         Extension can add additional tables here"""
 
-        """ XXX hier die Erstellung der Datenbank """
-        print("Post database update adjustments for " + __name__ + ": creating table repository_status")
+        """ Hier die Erstellung der Datenbank """
 
         create_config_table_sql = """\
 CREATE TABLE IF NOT EXISTS repository_status (
@@ -77,36 +75,9 @@ def install_post_database_structure_update(self):
 """
         db = PostsaiDB(vars(config))
         db.connect()
-        rows = db.query(create_config_table_sql, None, cursor_type=None)
+        with warnings.catch_warnings():
+            warnings.simplefilter("ignore")
+            db.query(create_config_table_sql, None, cursor_type=None)
         db.disconnect()
-        print "created table unless it already existed, sever response: " + str(rows) + "."
-
-
-
-    def install_post(self):
-        """install.py - hook invoked shortly before install.py is finished"""
-
-        print("Completed install for " + __name__)
-
-
-
-    def query_extension_setup(self, config):
-        """query-page hook invoked after reading the configuration file"""
-
-        pass
-
-
-    def query_create_query(self, postsai, form):
-        """query-page hook invoked after postsai.sql and postsai.data have been created, but before the statement
-           is executed. postsai.sql and postsai.data may be modified at this point"""
-
-        pass
-
 
-    def query_post_process_result(self, postsai, form, db, result):
-        """query-page hook invoked after the database query completed. The result object contains ui-configuration,
-        list of repositories, and the actual query results from the database. The result object may be modified here.
-        Extension specific information should be communicated to the client in the result["extension"][__name__]
-        namespace."""
 
-        result["extension"][__name__] = "loaded"

api.py

@@ -1,7 +1,7 @@
 #! /usr/bin/python
 
 # The MIT License (MIT)
-# Copyright (c) 2016 Postsai
+# Copyright (c) 2016-2017 HIS e. G.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a
 # copy of this software and associated documentation files (the "Software"),
@@ -22,6 +22,7 @@
 # DEALINGS IN THE SOFTWARE.
 
 
+
 import sys
 import os
 import json

api_test.py

@@ -1,3 +1,25 @@
+# The MIT License (MIT)
+# Copyright (c) 2016-2017 HIS e. G.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+# DEALINGS IN THE SOFTWARE.
+
+
 from permissions import checkPrivilege
 
 import unittest

dist.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+
+cd `dirname $0`
+
+SRCDIR=`pwd`
+TMPDIR=`mktemp -d`
+
+# Clean build of angular app
+cd frontend
+rm -rf dist
+ng build --prod --aot
+cd ..
+cp -ax . $TMPDIR/commitstop
+
+# Delete unnecessary files
+mv $TMPDIR/commitstop/frontend/dist $TMPDIR/
+rm -rf $TMPDIR/commitstop/.git $TMPDIR/commitstop/dist.sh $TMPDIR/commitstop/frontend
+rm `find . -name *.pyc`
+mv $TMPDIR/dist $TMPDIR/commitstop/frontend
+
+# adjust relativ path because path is just "frontend" in distribution instead of "frontend/dist" 
+export JS_FILE=`ls $TMPDIR/commitstop/frontend/main.*`
+sed "s|\.\./\.\./api.py|../api.py|" < $JS_FILE > $TMPDIR/t.txt
+mv $TMPDIR/t.txt $JS_FILE
+
+# Create .zip-file
+cd $TMPDIR
+zip -r $SRCDIR/dist/commitstop-$1.zip *
+cd $SRCDIR
+rm -rf $TMPDIR

docs/index.html

@@ -22,6 +22,21 @@ <h2>Manage Push Permissions</h2>
 
 <div class="content">
 
+<section id="intro">
+<h3>Commit Stop</h3>
+
+<p><i>Commit Stop</i> allows the management of push permissions for source code repositories. 
+It integrates with both Git and CVS. Other source code repositories may be integrated via
+custom hooks based on <i>Commit Stop</i>'s REST service.</p>  
+
+<p><i>Commit Stop</i> is commonly used to prevent pushes (commits) to sensitive branches,
+unless there is a good reason for it. It allows the definition of permission rules via a simple
+website. Those rules may check for the name of the repository, branch, user, group and the content
+of the commit message.</p>
+
+
+</section>
+
 <section id="configuration">
 <h3>Configuration</h3>
 
@@ -111,9 +126,17 @@ <h3>CVS Installation</h3>
 
 <p>Please note: verifymsg does only execute the first line that matches the module name. You cannot define multiple
 verifymsg hook without using a shell script as multiplexer.</p>
+</section>
 
+<section id="rest">
+<h3>Custom Integration</h3>
 
+<p>The endpoint for <i>Commit Stop</i>'s REST service is <code>https://[server]/postsai/extensions/commitstop/api.py</code>.
+The following URL-parameters are understood: repository, branch, user, group amd commitmsg.  
 
+<p><i>Commit Stop</i> uses normal HTTP status code to communicate whether the actions is allowed or not: 
+200 means permisison is granted and 403 means that permission was denied. The body of the HTTP response
+may contain an explanation as plain text.</p>
 </section>
 
 <footer>

docs/test.css

@@ -5,7 +5,7 @@ html, body {
 	background-color: #EEE;
 }
 header {
-	background-color: #030;
+	background-color: #006ab2;
 	color: #FFF;
 	padding: 3em 0em;
 	box-shadow: 0px 3px 3px 0px #333;
@@ -25,7 +25,7 @@ a.button {
 	text-align: center;
 }
 a.button:hover {
-	background-color: #333;
+	background-color: #b3d4fc;
 }
 .screenshot {
 	max-width: 850px;

permissions/__init__.py

@@ -1,5 +1,5 @@
 # The MIT License (MIT)
-# Copyright (c) 2016 Postsai
+# Copyright (c) 2016-2017 HIS e. G.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a
 # copy of this software and associated documentation files (the "Software"),

permissions/checkPrivilege.py

@@ -1,5 +1,5 @@
 # The MIT License (MIT)
-# Copyright (c) 2016 Postsai
+# Copyright (c) 2016-2017 HIS e. G.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a
 # copy of this software and associated documentation files (the "Software"),

permissions/configDb.py

@@ -1,4 +1,24 @@
-# coding=UTF-8
+# The MIT License (MIT)
+# Copyright (c) 2016-2017 HIS e. G.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+# DEALINGS IN THE SOFTWARE.
+
 from backend.db import PostsaiDB
 from permissions.response import ret200
 import config

permissions/response.py

@@ -1,3 +1,24 @@
+# The MIT License (MIT)
+# Copyright (c) 2016-2017 HIS e. G.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+# DEALINGS IN THE SOFTWARE.
+
 import json
 import datetime
 

permissions/sendHistory.py

@@ -1,3 +1,23 @@
+# The MIT License (MIT)
+# Copyright (c) 2016-2017 HIS e. G.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+# DEALINGS IN THE SOFTWARE.
 
 
 from permissions.response import retJson