From 6b647b7d7c3fb13df4890f5f313b19352b436659 Mon Sep 17 00:00:00 2001
From: Hendrik Brummermann <brummermann@his.de>
Date: Tue, 7 Mar 2017 17:07:52 +0100
Subject: [PATCH 1/5] simplified setup instructions

---
 __init__.py | 69 ++++++++++++++++-------------------------------------
 1 file changed, 20 insertions(+), 49 deletions(-)

diff --git a/__init__.py b/__init__.py
index 7d0fe4a..65cd657 100644
--- a/__init__.py
+++ b/__init__.py
@@ -20,9 +20,14 @@
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 # DEALINGS IN THE SOFTWARE.
 
+import sys
 from backend.db import PostsaiDB
-import config
 
+try:
+    import config
+    import warnings
+except ImportError:
+    pass
 
 
 class Extension:
@@ -30,40 +35,33 @@ class Extension:
     def install_extension_setup(self, config):
         """install.py - hook invoked after reading the configuration file"""
 
-        print("Initializing " + __name__)
+        if not "repository_status_permission" in config:
+            print("ERROR: Configuration for committstop is missing.")
+            self.install_print_config_stub()
+            sys.exit(1)
+
 
 
     def install_print_config_stub(self):
         """adds stubs for retrieving the current user name and for permission checking to the config file"""
 
         print("# configuration for " + __name__)
-        print()
+        print("")
         print("""
-# checks the permission to submit a new commit stop configuration
-# (edit according to your needs)
 def repository_status_permission():
-    return True
+    \"\"\"checks the permission to submit a new commit stop configuration\"\"\"
 
-# returns the name of the user who is committing a new configuration
-# (edit according to your needs)
-def repository_status_username():
-    return "anonymous"
+    # return os.environ.get("AUTHENTICATE_POSTSAI_COMMITSTOP_MANAGER", "False") == "True"
+    # return os.environ.get("REMOTE_USER", "-") in ("admin1", "admin2")
+    return True
 """)
 
 
-    def install_pre_database_structure_update(self):
-        """install.py - hook invoked before the database structure is created or updated. 
-        Obsolete indexes and views my be deleted here"""
-
-        print("Pre database update cleanup for " + __name__)
-
-
     def install_post_database_structure_update(self):
         """install.py - hook invoked after the main database structure has been created or updated. 
         Extension can add additional tables here"""
 
-        """ XXX hier die Erstellung der Datenbank """
-        print("Post database update adjustments for " + __name__ + ": creating table repository_status")
+        """ Hier die Erstellung der Datenbank """
 
         create_config_table_sql = """\
 CREATE TABLE IF NOT EXISTS repository_status (
@@ -77,36 +75,9 @@ def install_post_database_structure_update(self):
 """
         db = PostsaiDB(vars(config))
         db.connect()
-        rows = db.query(create_config_table_sql, None, cursor_type=None)
+        with warnings.catch_warnings():
+            warnings.simplefilter("ignore")
+            db.query(create_config_table_sql, None, cursor_type=None)
         db.disconnect()
-        print "created table unless it already existed, sever response: " + str(rows) + "."
-
-
-
-    def install_post(self):
-        """install.py - hook invoked shortly before install.py is finished"""
-
-        print("Completed install for " + __name__)
-
-
-
-    def query_extension_setup(self, config):
-        """query-page hook invoked after reading the configuration file"""
-
-        pass
-
-
-    def query_create_query(self, postsai, form):
-        """query-page hook invoked after postsai.sql and postsai.data have been created, but before the statement
-           is executed. postsai.sql and postsai.data may be modified at this point"""
-
-        pass
-
 
-    def query_post_process_result(self, postsai, form, db, result):
-        """query-page hook invoked after the database query completed. The result object contains ui-configuration,
-        list of repositories, and the actual query results from the database. The result object may be modified here.
-        Extension specific information should be communicated to the client in the result["extension"][__name__]
-        namespace."""
 
-        result["extension"][__name__] = "loaded"

From 20f3a9c3efebd851c3322562f089f0597397625d Mon Sep 17 00:00:00 2001
From: Hendrik Brummermann <brummermann@his.de>
Date: Tue, 7 Mar 2017 17:08:25 +0100
Subject: [PATCH 2/5] updated copyright year

---
 __init__.py                   |  2 +-
 api.py                        |  3 ++-
 api_test.py                   | 22 ++++++++++++++++++++++
 permissions/__init__.py       |  2 +-
 permissions/checkPrivilege.py |  2 +-
 permissions/configDb.py       | 22 +++++++++++++++++++++-
 permissions/response.py       | 21 +++++++++++++++++++++
 permissions/sendHistory.py    | 20 ++++++++++++++++++++
 permissions/storeConfig.py    | 26 ++++++++++++++++++++++++--
 query.js                      |  1 -
 10 files changed, 113 insertions(+), 8 deletions(-)
 delete mode 100644 query.js

diff --git a/__init__.py b/__init__.py
index 65cd657..ddf2cb5 100644
--- a/__init__.py
+++ b/__init__.py
@@ -1,6 +1,6 @@
 # coding=UTF-8
 # The MIT License (MIT)
-# Copyright (c) 2016 Postsai
+# Copyright (c) 2016-2017 HIS e. G.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a
 # copy of this software and associated documentation files (the "Software"),
diff --git a/api.py b/api.py
index d21329d..ca03864 100755
--- a/api.py
+++ b/api.py
@@ -1,7 +1,7 @@
 #! /usr/bin/python
 
 # The MIT License (MIT)
-# Copyright (c) 2016 Postsai
+# Copyright (c) 2016-2017 HIS e. G.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a
 # copy of this software and associated documentation files (the "Software"),
@@ -22,6 +22,7 @@
 # DEALINGS IN THE SOFTWARE.
 
 
+
 import sys
 import os
 import json
diff --git a/api_test.py b/api_test.py
index ab196e8..66da626 100644
--- a/api_test.py
+++ b/api_test.py
@@ -1,3 +1,25 @@
+# The MIT License (MIT)
+# Copyright (c) 2016-2017 HIS e. G.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+# DEALINGS IN THE SOFTWARE.
+
+
 from permissions import checkPrivilege
 
 import unittest
diff --git a/permissions/__init__.py b/permissions/__init__.py
index 2c5f72d..1f45c61 100644
--- a/permissions/__init__.py
+++ b/permissions/__init__.py
@@ -1,5 +1,5 @@
 # The MIT License (MIT)
-# Copyright (c) 2016 Postsai
+# Copyright (c) 2016-2017 HIS e. G.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a
 # copy of this software and associated documentation files (the "Software"),
diff --git a/permissions/checkPrivilege.py b/permissions/checkPrivilege.py
index ffbf8c9..37be586 100644
--- a/permissions/checkPrivilege.py
+++ b/permissions/checkPrivilege.py
@@ -1,5 +1,5 @@
 # The MIT License (MIT)
-# Copyright (c) 2016 Postsai
+# Copyright (c) 2016-2017 HIS e. G.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a
 # copy of this software and associated documentation files (the "Software"),
diff --git a/permissions/configDb.py b/permissions/configDb.py
index 00cb144..db1c60d 100644
--- a/permissions/configDb.py
+++ b/permissions/configDb.py
@@ -1,4 +1,24 @@
-# coding=UTF-8
+# The MIT License (MIT)
+# Copyright (c) 2016-2017 HIS e. G.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+# DEALINGS IN THE SOFTWARE.
+
 from backend.db import PostsaiDB
 from permissions.response import ret200
 import config
diff --git a/permissions/response.py b/permissions/response.py
index 82b8080..351b14b 100644
--- a/permissions/response.py
+++ b/permissions/response.py
@@ -1,3 +1,24 @@
+# The MIT License (MIT)
+# Copyright (c) 2016-2017 HIS e. G.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+# DEALINGS IN THE SOFTWARE.
+
 import json
 import datetime
 
diff --git a/permissions/sendHistory.py b/permissions/sendHistory.py
index 3d8ac79..1d7a6f3 100644
--- a/permissions/sendHistory.py
+++ b/permissions/sendHistory.py
@@ -1,3 +1,23 @@
+# The MIT License (MIT)
+# Copyright (c) 2016-2017 HIS e. G.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+# DEALINGS IN THE SOFTWARE.
 
 
 from permissions.response import retJson
diff --git a/permissions/storeConfig.py b/permissions/storeConfig.py
index 1556545..97c772c 100644
--- a/permissions/storeConfig.py
+++ b/permissions/storeConfig.py
@@ -17,6 +17,25 @@
 # THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
 # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+# The MIT License (MIT)
+# Copyright (c) 2016-2017 HIS e. G.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 # DEALINGS IN THE SOFTWARE.
 
 
@@ -49,6 +68,9 @@ def storeConfig(arguments):
         ret403("no configText.\n")
     elif not config.repository_status_permission():
         ret403("no permission to alter configuration.")
-    else:        
-        data = (arguments["configText"], config.repository_status_username(), arguments["changeComment"])
+    else:     
+        username = os.environ.get("REMOTE_USER", "-")
+        if "repository_status_username" in vars(config):
+            username = config.repository_status_username()
+        data = (arguments["configText"], username, arguments["changeComment"])
         writeConfigToDB(data)
diff --git a/query.js b/query.js
deleted file mode 100644
index 3b06d20..0000000
--- a/query.js
+++ /dev/null
@@ -1 +0,0 @@
-window.console && console.log("extension postsai-commitstop loaded")
\ No newline at end of file

From e714c4a1012f2040ba060bd0363a739516335e9e Mon Sep 17 00:00:00 2001
From: Hendrik Brummermann <nhnb@users.sourceforge.net>
Date: Sat, 11 Mar 2017 11:26:19 +0100
Subject: [PATCH 3/5] improved documentation

---
 README.md       | 35 +++++++----------------------------
 docs/index.html | 23 +++++++++++++++++++++++
 docs/test.css   |  2 +-
 3 files changed, 31 insertions(+), 29 deletions(-)

diff --git a/README.md b/README.md
index f34e1a9..b4b910b 100644
--- a/README.md
+++ b/README.md
@@ -1,31 +1,10 @@
-# postsai-commitstop
+# Commit Stop
+**Manage Push Permissions**
 
-A Postsai extension that adds the capability to establish and manage commit stops through a simple web interface for both Git and CVS.
+*Commit Stop* allows the management of push permissions for source code repositories. 
 
+For example only certain people may be allowed to commit directly to Git master. Or
+commits to a certain release branch are only allowed with special information in the 
+commit message.
 
-## CVS
-
-
-The integration with CVS repositories is achieved via a CVS verifymsg hook.
-
-After you copied the file hooks/verifymsg.py to your CVS server, you need to edit CVSROOT/verifymsg in order to invoke it. Please note that verifymsg only supports one hook per module pattern (unlike loginfo).
-
-For example, to use the commitstop extension for all CVS modules in the current repository with a postsai server at example.com:
-
-~~~~
-  .* /usr/local/bin/verifymsg.py --repository=repo --url=https://example.com/postsai/extensions/commitstop/api.py --msgfile=%l
-~~~~
-
-
-## Frontend for viewing and updating configurations 
-
-
-The source code of the web frontend is located under the directory ./frontend. After building it with angular-cli using the command
-
-ng build -w -prod --bh ""
-
-, it can be invoked by opening the location
-
-$domain/postsai/extensions/postsai-commitstop/frontend/dist/
-
-where $domain is the base url of the postsai installation.
\ No newline at end of file
+Please see [https://hiseg.github.io/commitstop](https://hiseg.github.com/commitstop) for details.  
\ No newline at end of file
diff --git a/docs/index.html b/docs/index.html
index e0adf03..6f107c0 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -22,6 +22,21 @@ <h2>Manage Push Permissions</h2>
 
 <div class="content">
 
+<section id="intro">
+<h3>Commit Stop</h3>
+
+<p><i>Commit Stop</i> allows the management of push permissions for source code repositories. 
+It integrates with both Git and CVS. Other source code repositories may be integrated via
+custom hooks based on <i>Commit Stop</i>'s REST service.</p>  
+
+<p><i>Commit Stop</i> is commonly used to prevent pushes (commits) to sensitive branches,
+unless there is a good reason for it. It allows the definition of permission rules via a simple
+website. Those rules may check for the name of the repository, branch, user, group and the content
+of the commit message.</p>
+
+
+</section>
+
 <section id="configuration">
 <h3>Configuration</h3>
 
@@ -111,9 +126,17 @@ <h3>CVS Installation</h3>
 
 <p>Please note: verifymsg does only execute the first line that matches the module name. You cannot define multiple
 verifymsg hook without using a shell script as multiplexer.</p>
+</section>
 
+<section id="rest">
+<h3>Custom Integration</h3>
 
+<p>The endpoint for <i>Commit Stop</i>'s REST service is <code>https://[server]/postsai/extensions/commitstop/api.py</code>.
+The following URL-parameters are understood: repository, branch, user, group amd commitmsg.  
 
+<p><i>Commit Stop</i> uses normal HTTP status code to communicate whether the actions is allowed or not: 
+200 means permisison is granted and 403 means that permission was denied. The body of the HTTP response
+may contain an explanation as plain text.</p>
 </section>
 
 <footer>
diff --git a/docs/test.css b/docs/test.css
index 979b47f..bab9fbb 100644
--- a/docs/test.css
+++ b/docs/test.css
@@ -5,7 +5,7 @@ html, body {
 	background-color: #EEE;
 }
 header {
-	background-color: #030;
+	background-color: #b3d4fc;
 	color: #FFF;
 	padding: 3em 0em;
 	box-shadow: 0px 3px 3px 0px #333;

From 15f3b379ddcae8403ad9d1475fd728d4cad8f856 Mon Sep 17 00:00:00 2001
From: Hendrik Brummermann <brummermann@his.de>
Date: Mon, 20 Mar 2017 15:15:23 +0100
Subject: [PATCH 4/5] distribution script

---
 .gitignore |  1 +
 dist.sh    | 30 ++++++++++++++++++++++++++++++
 2 files changed, 31 insertions(+)
 create mode 100755 dist.sh

diff --git a/.gitignore b/.gitignore
index 0d20b64..013702e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 *.pyc
+dist
diff --git a/dist.sh b/dist.sh
new file mode 100755
index 0000000..0b8b4ab
--- /dev/null
+++ b/dist.sh
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+cd `dirname $0`
+
+SRCDIR=`pwd`
+TMPDIR=`mktemp -d`
+
+# Clean build of angular app
+cd frontend
+rm -rf dist
+ng build --prod --aot
+cd ..
+cp -ax . $TMPDIR/commitstop
+
+# Delete unnecessary files
+mv $TMPDIR/commitstop/frontend/dist $TMPDIR/
+rm -rf $TMPDIR/commitstop/.git $TMPDIR/commitstop/dist.sh $TMPDIR/commitstop/frontend
+rm `find . -name *.pyc`
+mv $TMPDIR/dist $TMPDIR/commitstop/frontend
+
+# adjust relativ path because path is just "frontend" in distribution instead of "frontend/dist" 
+export JS_FILE=`ls $TMPDIR/commitstop/frontend/main.*`
+sed "s|\.\./\.\./api.py|../api.py|" < $JS_FILE > $TMPDIR/t.txt
+mv $TMPDIR/t.txt $JS_FILE
+
+# Create .zip-file
+cd $TMPDIR
+zip -r $SRCDIR/dist/commitstop-$1.zip *
+cd $SRCDIR
+rm -rf $TMPDIR

From 52f20695805a7ae9482c436eaf5962c9c34fbe9d Mon Sep 17 00:00:00 2001
From: Hendrik Brummermann <brummermann@his.de>
Date: Mon, 20 Mar 2017 15:15:35 +0100
Subject: [PATCH 5/5] layout

---
 docs/test.css | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/test.css b/docs/test.css
index bab9fbb..ccd73d6 100644
--- a/docs/test.css
+++ b/docs/test.css
@@ -5,7 +5,7 @@ html, body {
 	background-color: #EEE;
 }
 header {
-	background-color: #b3d4fc;
+	background-color: #006ab2;
 	color: #FFF;
 	padding: 3em 0em;
 	box-shadow: 0px 3px 3px 0px #333;
@@ -25,7 +25,7 @@ a.button {
 	text-align: center;
 }
 a.button:hover {
-	background-color: #333;
+	background-color: #b3d4fc;
 }
 .screenshot {
 	max-width: 850px;