Make SVN backend more robust

The SVN backend failed when trying to access historical information on deleted files.

There's also an initial test case for the SVN backend, testing this issue
and issue 364, which is about a similar problem for renamed files.
Reverting any of these fixes breaks the test.
This commit is contained in:
Patrick Georgi 2011-08-12 20:53:26 +02:00
parent d54c86f813
commit 57c2389aae
36 changed files with 908 additions and 25 deletions

View File

@ -163,11 +163,12 @@ class IDF_Scm_Svn extends IDF_Scm
return IDF_Scm::REVISION_VALID;
}
$cmd = sprintf(Pluf::f('svn_path', 'svn').' info --no-auth-cache --username=%s --password=%s --revision=%s %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' info --no-auth-cache --username=%s --password=%s --revision=%s %s@%s',
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($rev),
escapeshellarg($this->repo));
escapeshellarg($this->repo),
escapeshellarg($rev));
$cmd = Pluf::f('idf_exec_cmd_prefix', '').$cmd;
self::exec('IDF_Scm_Svn::validateRevision', $cmd, $out, $ret);
@ -190,11 +191,12 @@ class IDF_Scm_Svn extends IDF_Scm
}
// Else, test the path on revision
$cmd = sprintf(Pluf::f('svn_path', 'svn').' info --no-auth-cache --xml --username=%s --password=%s --revision=%s %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' info --no-auth-cache --xml --username=%s --password=%s --revision=%s %s@%s',
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($rev),
escapeshellarg($this->repo.'/'.self::smartEncode($path)));
escapeshellarg($this->repo.'/'.self::smartEncode($path)),
escapeshellarg($rev));
$cmd = Pluf::f('idf_exec_cmd_prefix', '').$cmd;
$xmlInfo = self::shell_exec('IDF_Scm_Svn::testHash', $cmd);
@ -217,11 +219,12 @@ class IDF_Scm_Svn extends IDF_Scm
public function getTree($commit, $folder='/', $branch=null)
{
$cmd = sprintf(Pluf::f('svn_path', 'svn').' ls --no-auth-cache --xml --username=%s --password=%s --revision=%s %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' ls --no-auth-cache --xml --username=%s --password=%s --revision=%s %s@%s',
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($commit),
escapeshellarg($this->repo.'/'.self::smartEncode($folder)));
escapeshellarg($this->repo.'/'.self::smartEncode($folder)),
escapeshellarg($commit));
$cmd = Pluf::f('idf_exec_cmd_prefix', '').$cmd;
$xml = simplexml_load_string(self::shell_exec('IDF_Scm_Svn::getTree', $cmd));
$res = array();
@ -258,11 +261,12 @@ class IDF_Scm_Svn extends IDF_Scm
if (isset($this->cache['commitmess'][$rev])) {
return $this->cache['commitmess'][$rev];
}
$cmd = sprintf(Pluf::f('svn_path', 'svn').' log --no-auth-cache --xml --limit 1 --username=%s --password=%s --revision=%s %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' log --no-auth-cache --xml --limit 1 --username=%s --password=%s --revision=%s %s@%s',
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($rev),
escapeshellarg($this->repo));
escapeshellarg($this->repo),
escapeshellarg($rev));
$cmd = Pluf::f('idf_exec_cmd_prefix', '').$cmd;
try {
$xml = simplexml_load_string(self::shell_exec('IDF_Scm_Svn::getCommitMessage', $cmd));
@ -279,11 +283,12 @@ class IDF_Scm_Svn extends IDF_Scm
if ($rev == null) {
$rev = 'HEAD';
}
$cmd = sprintf(Pluf::f('svn_path', 'svn').' info --no-auth-cache --xml --username=%s --password=%s --revision=%s %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' info --no-auth-cache --xml --username=%s --password=%s --revision=%s %s@%s',
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($rev),
escapeshellarg($this->repo.'/'.self::smartEncode($filename)));
escapeshellarg($this->repo.'/'.self::smartEncode($filename)),
escapeshellarg($rev));
$cmd = Pluf::f('idf_exec_cmd_prefix', '').$cmd;
$xml = simplexml_load_string(self::shell_exec('IDF_Scm_Svn::getPathInfo', $cmd));
if (!isset($xml->entry)) {
@ -306,11 +311,12 @@ class IDF_Scm_Svn extends IDF_Scm
public function getFile($def, $cmd_only=false)
{
$cmd = sprintf(Pluf::f('svn_path', 'svn').' cat --no-auth-cache --username=%s --password=%s --revision=%s %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' cat --no-auth-cache --username=%s --password=%s --revision=%s %s@%s',
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($def->rev),
escapeshellarg($this->repo.'/'.self::smartEncode($def->fullpath)));
escapeshellarg($this->repo.'/'.self::smartEncode($def->fullpath)),
escapeshellarg($def->rev));
$cmd = Pluf::f('idf_exec_cmd_prefix', '').$cmd;
return ($cmd_only) ?
$cmd : self::shell_exec('IDF_Scm_Svn::getFile', $cmd);
@ -327,7 +333,7 @@ class IDF_Scm_Svn extends IDF_Scm
return $this->cache['branches'];
}
$res = array();
$cmd = sprintf(Pluf::f('svn_path', 'svn').' ls --no-auth-cache --username=%s --password=%s --revision=HEAD %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' ls --no-auth-cache --username=%s --password=%s --revision=HEAD %s@HEAD',
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($this->repo.'/branches'));
@ -342,7 +348,7 @@ class IDF_Scm_Svn extends IDF_Scm
}
}
ksort($res);
$cmd = sprintf(Pluf::f('svn_path', 'svn').' info --no-auth-cache --username=%s --password=%s --revision=HEAD %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' info --no-auth-cache --username=%s --password=%s --revision=HEAD %s@HEAD',
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($this->repo.'/trunk'));
@ -366,7 +372,7 @@ class IDF_Scm_Svn extends IDF_Scm
return $this->cache['tags'];
}
$res = array();
$cmd = sprintf(Pluf::f('svn_path', 'svn').' ls --no-auth-cache --username=%s --password=%s --revision=HEAD %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' ls --no-auth-cache --username=%s --password=%s --revision=HEAD %s@HEAD',
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($this->repo.'/tags'));
@ -423,11 +429,12 @@ class IDF_Scm_Svn extends IDF_Scm
return false;
}
$res = array();
$cmd = sprintf(Pluf::f('svn_path', 'svn').' log --no-auth-cache --xml --limit 1 -v --username=%s --password=%s --revision=%s %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' log --no-auth-cache --xml --limit 1 -v --username=%s --password=%s --revision=%s %s@%s',
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($commit),
escapeshellarg($this->repo));
escapeshellarg($this->repo),
escapeshellarg($commit));
$cmd = Pluf::f('idf_exec_cmd_prefix', '').$cmd;
$xmlRes = self::shell_exec('IDF_Scm_Svn::getCommit', $cmd);
$xml = simplexml_load_string($xmlRes);
@ -577,12 +584,13 @@ class IDF_Scm_Svn extends IDF_Scm
$branch = 'HEAD';
}
$res = array();
$cmd = sprintf(Pluf::f('svn_path', 'svn').' log --no-auth-cache --xml -v --limit %s --username=%s --password=%s --revision=%s %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' log --no-auth-cache --xml -v --limit %s --username=%s --password=%s --revision=%s %s@%s',
escapeshellarg($n),
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($branch),
escapeshellarg($this->repo));
escapeshellarg($this->repo),
escapeshellarg($branch));
$cmd = Pluf::f('idf_exec_cmd_prefix', '').$cmd;
$xmlRes = self::shell_exec('IDF_Scm_Svn::getChangeLog', $cmd);
$xml = simplexml_load_string($xmlRes);
@ -609,11 +617,12 @@ class IDF_Scm_Svn extends IDF_Scm
public function getProperties($rev, $path='')
{
$res = array();
$cmd = sprintf(Pluf::f('svn_path', 'svn').' proplist --no-auth-cache --xml --username=%s --password=%s --revision=%s %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' proplist --no-auth-cache --xml --username=%s --password=%s --revision=%s %s@%s',
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($rev),
escapeshellarg($this->repo.'/'.self::smartEncode($path)));
escapeshellarg($this->repo.'/'.self::smartEncode($path)),
escapeshellarg($rev));
$cmd = Pluf::f('idf_exec_cmd_prefix', '').$cmd;
$xmlProps = self::shell_exec('IDF_Scm_Svn::getProperties', $cmd);
$props = simplexml_load_string($xmlProps);
@ -643,12 +652,13 @@ class IDF_Scm_Svn extends IDF_Scm
private function getProperty($property, $rev, $path='')
{
$res = array();
$cmd = sprintf(Pluf::f('svn_path', 'svn').' propget --no-auth-cache --xml %s --username=%s --password=%s --revision=%s %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' propget --no-auth-cache --xml %s --username=%s --password=%s --revision=%s %s@%s',
escapeshellarg($property),
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($rev),
escapeshellarg($this->repo.'/'.self::smartEncode($path)));
escapeshellarg($this->repo.'/'.self::smartEncode($path)),
escapeshellarg($rev));
$cmd = Pluf::f('idf_exec_cmd_prefix', '').$cmd;
$xmlProp = self::shell_exec('IDF_Scm_Svn::getProperty', $cmd);
$prop = simplexml_load_string($xmlProp);
@ -666,11 +676,12 @@ class IDF_Scm_Svn extends IDF_Scm
public function getLastCommit($rev='HEAD')
{
$xmlInfo = '';
$cmd = sprintf(Pluf::f('svn_path', 'svn').' info --no-auth-cache --xml --username=%s --password=%s --revision=%s %s',
$cmd = sprintf(Pluf::f('svn_path', 'svn').' info --no-auth-cache --xml --username=%s --password=%s --revision=%s %s@%s',
escapeshellarg($this->username),
escapeshellarg($this->password),
escapeshellarg($rev),
escapeshellarg($this->repo));
escapeshellarg($this->repo),
escapeshellarg($rev));
$cmd = Pluf::f('idf_exec_cmd_prefix', '').$cmd;
$xmlInfo = self::shell_exec('IDF_Scm_Svn::getLastCommit', $cmd);

54
test/IDF/Scm/SvnTest.php Normal file
View File

@ -0,0 +1,54 @@
<?php
/* -*- tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
# ***** BEGIN LICENSE BLOCK *****
# This file is part of InDefero, an open source project management application.
# Copyright (C) 2011 Céondo Ltd and contributors.
#
# InDefero is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# InDefero is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#
# ***** END LICENSE BLOCK ***** */
class IDF_Scm_SvnTest extends PHPUnit_Framework_TestCase
{
private $proj = null;
public function setUp()
{
$this->proj = new IDF_Project();
$this->proj->id = 1;
$this->proj->name = $this->proj->shortname = 'test';
$this->proj->create();
}
public function tearDown()
{
$this->proj->delete();
}
public function createMock()
{
$instance = new IDF_Scm_Svn(sprintf(Pluf::f('svn_repositories'),'testrepository', $this->proj));
return $instance;
}
public function testAccessHistoryOfRenamedAndDeletedFiles()
{
$instance = $this->createMock();
$this->assertEquals('new-file', $instance->getPathInfo('new-file', 1)->fullpath);
$this->assertEquals('alternate-name', $instance->getPathInfo('alternate-name', 2)->fullpath);
}
}

View File

@ -0,0 +1,5 @@
This is a Subversion repository; use the 'svnadmin' tool to examine
it. Do not add, delete, or modify files here unless you know how
to avoid corrupting the repository.
Visit http://subversion.tigris.org/ for more information.

View File

@ -0,0 +1,32 @@
### This file is an example authorization file for svnserve.
### Its format is identical to that of mod_authz_svn authorization
### files.
### As shown below each section defines authorizations for the path and
### (optional) repository specified by the section name.
### The authorizations follow. An authorization line can refer to:
### - a single user,
### - a group of users defined in a special [groups] section,
### - an alias defined in a special [aliases] section,
### - all authenticated users, using the '$authenticated' token,
### - only anonymous users, using the '$anonymous' token,
### - anyone, using the '*' wildcard.
###
### A match can be inverted by prefixing the rule with '~'. Rules can
### grant read ('r') access, read-write ('rw') access, or no access
### ('').
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups]
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
# [/foo/bar]
# harry = rw
# &joe = r
# * =
# [repository:/baz/fuz]
# @harry_and_sally = rw
# * = r

View File

@ -0,0 +1,8 @@
### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.
[users]
# harry = harryssecret
# sally = sallyssecret

View File

@ -0,0 +1,47 @@
### This file controls the configuration of the svnserve daemon, if you
### use it to allow access to this repository. (If you only allow
### access through http: and/or file: URLs, then this file is
### irrelevant.)
### Visit http://subversion.tigris.org/ for more information.
[general]
### These options control access to the repository for unauthenticated
### and authenticated users. Valid values are "write", "read",
### and "none". The sample settings below are the defaults.
# anon-access = read
# auth-access = write
### The password-db option controls the location of the password
### database file. Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
# password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control. Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file. If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
# authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa. The default realm
### is repository's uuid.
# realm = My First Repository
[sasl]
### This option specifies whether you want to use the Cyrus SASL
### library for authentication. Default is false.
### This section will be ignored if svnserve is not built with Cyrus
### SASL support; to check, run 'svnserve --version' and look for a line
### reading 'Cyrus SASL authentication is available.'
# use-sasl = true
### These options specify the desired strength of the security layer
### that you want SASL to provide. 0 means no encryption, 1 means
### integrity-checking only, values larger than 1 are correlated
### to the effective key length for encryption (e.g. 128 means 128-bit
### encryption). The values below are the defaults.
# min-encryption = 0
# max-encryption = 256

View File

@ -0,0 +1 @@
3

View File

@ -0,0 +1,2 @@
4
layout sharded 1000

View File

@ -0,0 +1 @@
fsfs

View File

@ -0,0 +1,37 @@
### This file controls the configuration of the FSFS filesystem.
[memcached-servers]
### These options name memcached servers used to cache internal FSFS
### data. See http://www.danga.com/memcached/ for more information on
### memcached. To use memcached with FSFS, run one or more memcached
### servers, and specify each of them as an option like so:
# first-server = 127.0.0.1:11211
# remote-memcached = mymemcached.corp.example.com:11212
### The option name is ignored; the value is of the form HOST:PORT.
### memcached servers can be shared between multiple repositories;
### however, if you do this, you *must* ensure that repositories have
### distinct UUIDs and paths, or else cached data from one repository
### might be used by another accidentally. Note also that memcached has
### no authentication for reads or writes, so you must ensure that your
### memcached servers are only accessible by trusted users.
[caches]
### When a cache-related error occurs, normally Subversion ignores it
### and continues, logging an error if the server is appropriately
### configured (and ignoring it with file:// access). To make
### Subversion never ignore cache errors, uncomment this line.
# fail-stop = true
[rep-sharing]
### To conserve space, the filesystem can optionally avoid storing
### duplicate representations. This comes at a slight cost in performace,
### as maintaining a database of shared representations can increase
### commit times. The space savings are dependent upon the size of the
### repository, the number of objects it contains and the amount of
### duplication between them, usually a function of the branching and
### merging process.
###
### The following parameter enables rep-sharing in the repository. It can
### be switched on and off at will, but for best space-saving results
### should be enabled consistently over the life of the repository.
# enable-rep-sharing = false

View File

@ -0,0 +1 @@
0

View File

@ -0,0 +1,5 @@
K 8
svn:date
V 27
2011-08-12T17:06:15.429110Z
END

View File

@ -0,0 +1,13 @@
K 10
svn:author
V 7
patrick
K 8
svn:date
V 27
2011-08-12T17:07:33.111035Z
K 7
svn:log
V 12
added a file
END

View File

@ -0,0 +1,13 @@
K 10
svn:author
V 7
patrick
K 8
svn:date
V 27
2011-08-12T17:07:55.894416Z
K 7
svn:log
V 14
renamed a file
END

View File

@ -0,0 +1,13 @@
K 10
svn:author
V 7
patrick
K 8
svn:date
V 27
2011-08-12T17:08:12.646051Z
K 7
svn:log
V 14
deleted a file
END

View File

@ -0,0 +1,11 @@
PLAIN
END
ENDREP
id: 0.0.r0/17
type: dir
count: 0
text: 0 0 4 4 2d2977d1c96f487abe4a1e202dd03b4e
cpath: /
17 107

View File

@ -0,0 +1,28 @@
DELTA
SVNENDREP
id: 0-1.0.r1/17
type: file
count: 0
text: 1 0 4 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 0-0/_2
cpath: /new-file
copyroot: 0 /
PLAIN
K 8
new-file
V 16
file 0-1.0.r1/17
END
ENDREP
id: 0.0.r1/232
type: dir
pred: 0.0.r0/17
count: 1
text: 1 180 39 39 4a0c4e617d69f8a0bf11161d1e1b09a6
cpath: /
copyroot: 0 /
_0.0.t0-0 add-file true false /new-file
232 357

View File

@ -0,0 +1,29 @@
id: 0-1.0-2.r2/0
type: file
pred: 0-1.0.r1/17
count: 1
text: 1 0 4 0 d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 0-0/_2
cpath: /alternate-name
copyfrom: 1 /new-file
PLAIN
K 14
alternate-name
V 17
file 0-1.0-2.r2/0
END
ENDREP
id: 0.0.r2/256
type: dir
pred: 0.0.r1/232
count: 2
text: 2 196 47 47 518568bcb7e6fe3165235a9f9993f5e1
cpath: /
copyroot: 0 /
0-1.0.r1/17 delete-file false false /new-file
0-1._0.t1-1 add-file false false /alternate-name
1 /new-file
256 382

View File

@ -0,0 +1,15 @@
PLAIN
END
ENDREP
id: 0.0.r3/17
type: dir
pred: 0.0.r2/256
count: 3
text: 3 0 4 4 2d2977d1c96f487abe4a1e202dd03b4e
cpath: /
copyroot: 0 /
0-1.0-2.r2/0 delete-file false false /alternate-name
17 138

View File

@ -0,0 +1 @@
3

View File

@ -0,0 +1 @@
5d5eaf70-0fe3-4d07-ada0-45c336a5bfad

View File

@ -0,0 +1 @@
5

View File

@ -0,0 +1,50 @@
#!/bin/sh
# POST-COMMIT HOOK
#
# The post-commit hook is invoked after a commit. Subversion runs
# this hook by invoking a program (script, executable, binary, etc.)
# named 'post-commit' (for which this file is a template) with the
# following ordered arguments:
#
# [1] REPOS-PATH (the path to this repository)
# [2] REV (the number of the revision just committed)
#
# The default working directory for the invocation is undefined, so
# the program should set one explicitly if it cares.
#
# Because the commit has already completed and cannot be undone,
# the exit code of the hook program is ignored. The hook program
# can use the 'svnlook' utility to help it examine the
# newly-committed tree.
#
# On a Unix system, the normal procedure is to have 'post-commit'
# invoke other programs to do the real work, though it may do the
# work itself too.
#
# Note that 'post-commit' must be executable by the user(s) who will
# invoke it (typically the user httpd runs as), and that user must
# have filesystem-level permission to access the repository.
#
# On a Windows system, you should name the hook program
# 'post-commit.bat' or 'post-commit.exe',
# but the basic idea is the same.
#
# The hook program typically does not inherit the environment of
# its parent process. For example, a common problem is for the
# PATH environment variable to not be set to its usual value, so
# that subprograms fail to launch unless invoked via absolute path.
# If you're having unexpected problems with a hook program, the
# culprit may be unusual (or missing) environment variables.
#
# Here is an example hook script, for a Unix /bin/sh interpreter.
# For more examples and pre-written hooks, see those in
# /usr/share/subversion/hook-scripts, and in the repository at
# http://svn.apache.org/repos/asf/subversion/trunk/tools/hook-scripts/ and
# http://svn.apache.org/repos/asf/subversion/trunk/contrib/hook-scripts/
REPOS="$1"
REV="$2"
"$REPOS"/hooks/mailer.py commit "$REPOS" $REV "$REPOS"/mailer.conf

View File

@ -0,0 +1,45 @@
#!/bin/sh
# POST-LOCK HOOK
#
# The post-lock hook is run after a path is locked. Subversion runs
# this hook by invoking a program (script, executable, binary, etc.)
# named 'post-lock' (for which this file is a template) with the
# following ordered arguments:
#
# [1] REPOS-PATH (the path to this repository)
# [2] USER (the user who created the lock)
#
# The paths that were just locked are passed to the hook via STDIN (as
# of Subversion 1.2, only one path is passed per invocation, but the
# plan is to pass all locked paths at once, so the hook program
# should be written accordingly).
#
# The default working directory for the invocation is undefined, so
# the program should set one explicitly if it cares.
#
# Because the lock has already been created and cannot be undone,
# the exit code of the hook program is ignored. The hook program
# can use the 'svnlook' utility to help it examine the
# newly-created lock.
#
# On a Unix system, the normal procedure is to have 'post-lock'
# invoke other programs to do the real work, though it may do the
# work itself too.
#
# Note that 'post-lock' must be executable by the user(s) who will
# invoke it (typically the user httpd runs as), and that user must
# have filesystem-level permission to access the repository.
#
# On a Windows system, you should name the hook program
# 'post-lock.bat' or 'post-lock.exe',
# but the basic idea is the same.
#
# Here is an example hook script, for a Unix /bin/sh interpreter:
REPOS="$1"
USER="$2"
# Send email to interested parties, let them know a lock was created:
"$REPOS"/hooks/mailer.py lock \
"$REPOS" "$USER" "$REPOS"/hooks/mailer.conf

View File

@ -0,0 +1,57 @@
#!/bin/sh
# POST-REVPROP-CHANGE HOOK
#
# The post-revprop-change hook is invoked after a revision property
# has been added, modified or deleted. Subversion runs this hook by
# invoking a program (script, executable, binary, etc.) named
# 'post-revprop-change' (for which this file is a template), with the
# following ordered arguments:
#
# [1] REPOS-PATH (the path to this repository)
# [2] REV (the revision that was tweaked)
# [3] USER (the username of the person tweaking the property)
# [4] PROPNAME (the property that was changed)
# [5] ACTION (the property was 'A'dded, 'M'odified, or 'D'eleted)
#
# [STDIN] PROPVAL ** the old property value is passed via STDIN.
#
# Because the propchange has already completed and cannot be undone,
# the exit code of the hook program is ignored. The hook program
# can use the 'svnlook' utility to help it examine the
# new property value.
#
# On a Unix system, the normal procedure is to have 'post-revprop-change'
# invoke other programs to do the real work, though it may do the
# work itself too.
#
# Note that 'post-revprop-change' must be executable by the user(s) who will
# invoke it (typically the user httpd runs as), and that user must
# have filesystem-level permission to access the repository.
#
# On a Windows system, you should name the hook program
# 'post-revprop-change.bat' or 'post-revprop-change.exe',
# but the basic idea is the same.
#
# The hook program typically does not inherit the environment of
# its parent process. For example, a common problem is for the
# PATH environment variable to not be set to its usual value, so
# that subprograms fail to launch unless invoked via absolute path.
# If you're having unexpected problems with a hook program, the
# culprit may be unusual (or missing) environment variables.
#
# Here is an example hook script, for a Unix /bin/sh interpreter.
# For more examples and pre-written hooks, see those in
# /usr/share/subversion/hook-scripts, and in the repository at
# http://svn.apache.org/repos/asf/subversion/trunk/tools/hook-scripts/ and
# http://svn.apache.org/repos/asf/subversion/trunk/contrib/hook-scripts/
REPOS="$1"
REV="$2"
USER="$3"
PROPNAME="$4"
ACTION="$5"
"$REPOS"/hooks/mailer.py propchange2 "$REPOS" $REV \
"$USER" "$PROPNAME" "$ACTION" "$REPOS"/hooks/mailer.conf

View File

@ -0,0 +1,43 @@
#!/bin/sh
# POST-UNLOCK HOOK
#
# The post-unlock hook runs after a path is unlocked. Subversion runs
# this hook by invoking a program (script, executable, binary, etc.)
# named 'post-unlock' (for which this file is a template) with the
# following ordered arguments:
#
# [1] REPOS-PATH (the path to this repository)
# [2] USER (the user who destroyed the lock)
#
# The paths that were just unlocked are passed to the hook via STDIN
# (as of Subversion 1.2, only one path is passed per invocation, but
# the plan is to pass all unlocked paths at once, so the hook program
# should be written accordingly).
#
# The default working directory for the invocation is undefined, so
# the program should set one explicitly if it cares.
#
# Because the lock has already been destroyed and cannot be undone,
# the exit code of the hook program is ignored.
#
# On a Unix system, the normal procedure is to have 'post-unlock'
# invoke other programs to do the real work, though it may do the
# work itself too.
#
# Note that 'post-unlock' must be executable by the user(s) who will
# invoke it (typically the user httpd runs as), and that user must
# have filesystem-level permission to access the repository.
#
# On a Windows system, you should name the hook program
# 'post-unlock.bat' or 'post-unlock.exe',
# but the basic idea is the same.
#
# Here is an example hook script, for a Unix /bin/sh interpreter:
REPOS="$1"
USER="$2"
# Send email to interested parties, let them know a lock was removed:
"$REPOS"/hooks/mailer.py unlock \
"$REPOS" "$USER" "$REPOS"/hooks/mailer.conf

View File

@ -0,0 +1,85 @@
#!/bin/sh
# PRE-COMMIT HOOK
#
# The pre-commit hook is invoked before a Subversion txn is
# committed. Subversion runs this hook by invoking a program
# (script, executable, binary, etc.) named 'pre-commit' (for which
# this file is a template), with the following ordered arguments:
#
# [1] REPOS-PATH (the path to this repository)
# [2] TXN-NAME (the name of the txn about to be committed)
#
# [STDIN] LOCK-TOKENS ** the lock tokens are passed via STDIN.
#
# If STDIN contains the line "LOCK-TOKENS:\n" (the "\n" denotes a
# single newline), the lines following it are the lock tokens for
# this commit. The end of the list is marked by a line containing
# only a newline character.
#
# Each lock token line consists of a URI-escaped path, followed
# by the separator character '|', followed by the lock token string,
# followed by a newline.
#
# The default working directory for the invocation is undefined, so
# the program should set one explicitly if it cares.
#
# If the hook program exits with success, the txn is committed; but
# if it exits with failure (non-zero), the txn is aborted, no commit
# takes place, and STDERR is returned to the client. The hook
# program can use the 'svnlook' utility to help it examine the txn.
#
# On a Unix system, the normal procedure is to have 'pre-commit'
# invoke other programs to do the real work, though it may do the
# work itself too.
#
# *** NOTE: THE HOOK PROGRAM MUST NOT MODIFY THE TXN, EXCEPT ***
# *** FOR REVISION PROPERTIES (like svn:log or svn:author). ***
#
# This is why we recommend using the read-only 'svnlook' utility.
# In the future, Subversion may enforce the rule that pre-commit
# hooks should not modify the versioned data in txns, or else come
# up with a mechanism to make it safe to do so (by informing the
# committing client of the changes). However, right now neither
# mechanism is implemented, so hook writers just have to be careful.
#
# Note that 'pre-commit' must be executable by the user(s) who will
# invoke it (typically the user httpd runs as), and that user must
# have filesystem-level permission to access the repository.
#
# On a Windows system, you should name the hook program
# 'pre-commit.bat' or 'pre-commit.exe',
# but the basic idea is the same.
#
# The hook program typically does not inherit the environment of
# its parent process. For example, a common problem is for the
# PATH environment variable to not be set to its usual value, so
# that subprograms fail to launch unless invoked via absolute path.
# If you're having unexpected problems with a hook program, the
# culprit may be unusual (or missing) environment variables.
#
# Here is an example hook script, for a Unix /bin/sh interpreter.
# For more examples and pre-written hooks, see those in
# /usr/share/subversion/hook-scripts, and in the repository at
# http://svn.apache.org/repos/asf/subversion/trunk/tools/hook-scripts/ and
# http://svn.apache.org/repos/asf/subversion/trunk/contrib/hook-scripts/
REPOS="$1"
TXN="$2"
# Make sure that the log message contains some text.
SVNLOOK=/usr/bin/svnlook
$SVNLOOK log -t "$TXN" "$REPOS" | \
grep "[a-zA-Z0-9]" > /dev/null || exit 1
# Exit on all errors.
set -e
# Check that the author of this commit has the rights to perform
# the commit on the files and directories being modified.
"$REPOS"/hooks/commit-access-control.pl "$REPOS" $TXN \
"$REPOS"/hooks/commit-access-control.cfg
# All checks passed, so allow the commit.
exit 0

View File

@ -0,0 +1,71 @@
#!/bin/sh
# PRE-LOCK HOOK
#
# The pre-lock hook is invoked before an exclusive lock is
# created. Subversion runs this hook by invoking a program
# (script, executable, binary, etc.) named 'pre-lock' (for which
# this file is a template), with the following ordered arguments:
#
# [1] REPOS-PATH (the path to this repository)
# [2] PATH (the path in the repository about to be locked)
# [3] USER (the user creating the lock)
# [4] COMMENT (the comment of the lock)
# [5] STEAL-LOCK (1 if the user is trying to steal the lock, else 0)
#
# If the hook program outputs anything on stdout, the output string will
# be used as the lock token for this lock operation. If you choose to use
# this feature, you must guarantee the tokens generated are unique across
# the repository each time.
#
# The default working directory for the invocation is undefined, so
# the program should set one explicitly if it cares.
#
# If the hook program exits with success, the lock is created; but
# if it exits with failure (non-zero), the lock action is aborted
# and STDERR is returned to the client.
# On a Unix system, the normal procedure is to have 'pre-lock'
# invoke other programs to do the real work, though it may do the
# work itself too.
#
# Note that 'pre-lock' must be executable by the user(s) who will
# invoke it (typically the user httpd runs as), and that user must
# have filesystem-level permission to access the repository.
#
# On a Windows system, you should name the hook program
# 'pre-lock.bat' or 'pre-lock.exe',
# but the basic idea is the same.
#
# Here is an example hook script, for a Unix /bin/sh interpreter:
REPOS="$1"
PATH="$2"
USER="$3"
# If a lock exists and is owned by a different person, don't allow it
# to be stolen (e.g., with 'svn lock --force ...').
# (Maybe this script could send email to the lock owner?)
SVNLOOK=/usr/bin/svnlook
GREP=/bin/grep
SED=/bin/sed
LOCK_OWNER=`$SVNLOOK lock "$REPOS" "$PATH" | \
$GREP '^Owner: ' | $SED 's/Owner: //'`
# If we get no result from svnlook, there's no lock, allow the lock to
# happen:
if [ "$LOCK_OWNER" = "" ]; then
exit 0
fi
# If the person locking matches the lock's owner, allow the lock to
# happen:
if [ "$LOCK_OWNER" = "$USER" ]; then
exit 0
fi
# Otherwise, we've got an owner mismatch, so return failure:
echo "Error: $PATH already locked by ${LOCK_OWNER}." 1>&2
exit 1

View File

@ -0,0 +1,66 @@
#!/bin/sh
# PRE-REVPROP-CHANGE HOOK
#
# The pre-revprop-change hook is invoked before a revision property
# is added, modified or deleted. Subversion runs this hook by invoking
# a program (script, executable, binary, etc.) named 'pre-revprop-change'
# (for which this file is a template), with the following ordered
# arguments:
#
# [1] REPOS-PATH (the path to this repository)
# [2] REVISION (the revision being tweaked)
# [3] USER (the username of the person tweaking the property)
# [4] PROPNAME (the property being set on the revision)
# [5] ACTION (the property is being 'A'dded, 'M'odified, or 'D'eleted)
#
# [STDIN] PROPVAL ** the new property value is passed via STDIN.
#
# If the hook program exits with success, the propchange happens; but
# if it exits with failure (non-zero), the propchange doesn't happen.
# The hook program can use the 'svnlook' utility to examine the
# existing value of the revision property.
#
# WARNING: unlike other hooks, this hook MUST exist for revision
# properties to be changed. If the hook does not exist, Subversion
# will behave as if the hook were present, but failed. The reason
# for this is that revision properties are UNVERSIONED, meaning that
# a successful propchange is destructive; the old value is gone
# forever. We recommend the hook back up the old value somewhere.
#
# On a Unix system, the normal procedure is to have 'pre-revprop-change'
# invoke other programs to do the real work, though it may do the
# work itself too.
#
# Note that 'pre-revprop-change' must be executable by the user(s) who will
# invoke it (typically the user httpd runs as), and that user must
# have filesystem-level permission to access the repository.
#
# On a Windows system, you should name the hook program
# 'pre-revprop-change.bat' or 'pre-revprop-change.exe',
# but the basic idea is the same.
#
# The hook program typically does not inherit the environment of
# its parent process. For example, a common problem is for the
# PATH environment variable to not be set to its usual value, so
# that subprograms fail to launch unless invoked via absolute path.
# If you're having unexpected problems with a hook program, the
# culprit may be unusual (or missing) environment variables.
#
# Here is an example hook script, for a Unix /bin/sh interpreter.
# For more examples and pre-written hooks, see those in
# /usr/share/subversion/hook-scripts, and in the repository at
# http://svn.apache.org/repos/asf/subversion/trunk/tools/hook-scripts/ and
# http://svn.apache.org/repos/asf/subversion/trunk/contrib/hook-scripts/
REPOS="$1"
REV="$2"
USER="$3"
PROPNAME="$4"
ACTION="$5"
if [ "$ACTION" = "M" -a "$PROPNAME" = "svn:log" ]; then exit 0; fi
echo "Changing revision properties other than svn:log is prohibited" >&2
exit 1

View File

@ -0,0 +1,63 @@
#!/bin/sh
# PRE-UNLOCK HOOK
#
# The pre-unlock hook is invoked before an exclusive lock is
# destroyed. Subversion runs this hook by invoking a program
# (script, executable, binary, etc.) named 'pre-unlock' (for which
# this file is a template), with the following ordered arguments:
#
# [1] REPOS-PATH (the path to this repository)
# [2] PATH (the path in the repository about to be unlocked)
# [3] USER (the user destroying the lock)
# [4] TOKEN (the lock token to be destroyed)
# [5] BREAK-UNLOCK (1 if the user is breaking the lock, else 0)
#
# The default working directory for the invocation is undefined, so
# the program should set one explicitly if it cares.
#
# If the hook program exits with success, the lock is destroyed; but
# if it exits with failure (non-zero), the unlock action is aborted
# and STDERR is returned to the client.
# On a Unix system, the normal procedure is to have 'pre-unlock'
# invoke other programs to do the real work, though it may do the
# work itself too.
#
# Note that 'pre-unlock' must be executable by the user(s) who will
# invoke it (typically the user httpd runs as), and that user must
# have filesystem-level permission to access the repository.
#
# On a Windows system, you should name the hook program
# 'pre-unlock.bat' or 'pre-unlock.exe',
# but the basic idea is the same.
#
# Here is an example hook script, for a Unix /bin/sh interpreter:
REPOS="$1"
PATH="$2"
USER="$3"
# If a lock is owned by a different person, don't allow it be broken.
# (Maybe this script could send email to the lock owner?)
SVNLOOK=/usr/bin/svnlook
GREP=/bin/grep
SED=/bin/sed
LOCK_OWNER=`$SVNLOOK lock "$REPOS" "$PATH" | \
$GREP '^Owner: ' | $SED 's/Owner: //'`
# If we get no result from svnlook, there's no lock, return success:
if [ "$LOCK_OWNER" = "" ]; then
exit 0
fi
# If the person unlocking matches the lock's owner, return success:
if [ "$LOCK_OWNER" = "$USER" ]; then
exit 0
fi
# Otherwise, we've got an owner mismatch, so return failure:
echo "Error: $PATH locked by ${LOCK_OWNER}." 1>&2
exit 1

View File

@ -0,0 +1,68 @@
#!/bin/sh
# START-COMMIT HOOK
#
# The start-commit hook is invoked before a Subversion txn is created
# in the process of doing a commit. Subversion runs this hook
# by invoking a program (script, executable, binary, etc.) named
# 'start-commit' (for which this file is a template)
# with the following ordered arguments:
#
# [1] REPOS-PATH (the path to this repository)
# [2] USER (the authenticated user attempting to commit)
# [3] CAPABILITIES (a colon-separated list of capabilities reported
# by the client; see note below)
#
# Note: The CAPABILITIES parameter is new in Subversion 1.5, and 1.5
# clients will typically report at least the "mergeinfo" capability.
# If there are other capabilities, then the list is colon-separated,
# e.g.: "mergeinfo:some-other-capability" (the order is undefined).
#
# The list is self-reported by the client. Therefore, you should not
# make security assumptions based on the capabilities list, nor should
# you assume that clients reliably report every capability they have.
#
# The working directory for this hook program's invocation is undefined,
# so the program should set one explicitly if it cares.
#
# If the hook program exits with success, the commit continues; but
# if it exits with failure (non-zero), the commit is stopped before
# a Subversion txn is created, and STDERR is returned to the client.
#
# On a Unix system, the normal procedure is to have 'start-commit'
# invoke other programs to do the real work, though it may do the
# work itself too.
#
# Note that 'start-commit' must be executable by the user(s) who will
# invoke it (typically the user httpd runs as), and that user must
# have filesystem-level permission to access the repository.
#
# On a Windows system, you should name the hook program
# 'start-commit.bat' or 'start-commit.exe',
# but the basic idea is the same.
#
# The hook program typically does not inherit the environment of
# its parent process. For example, a common problem is for the
# PATH environment variable to not be set to its usual value, so
# that subprograms fail to launch unless invoked via absolute path.
# If you're having unexpected problems with a hook program, the
# culprit may be unusual (or missing) environment variables.
#
# Here is an example hook script, for a Unix /bin/sh interpreter.
# For more examples and pre-written hooks, see those in
# /usr/share/subversion/hook-scripts, and in the repository at
# http://svn.apache.org/repos/asf/subversion/trunk/tools/hook-scripts/ and
# http://svn.apache.org/repos/asf/subversion/trunk/contrib/hook-scripts/
REPOS="$1"
USER="$2"
# Exit on all errors.
set -e
"$REPOS"/hooks/commit-allower.pl --repository "$REPOS" --user "$USER"
"$REPOS"/hooks/special-auth-check.py --user "$USER" --auth-level 3
# All checks passed, so allow the commit.
exit 0

View File

@ -0,0 +1,3 @@
This file is not used by Subversion 1.3.x or later.
However, its existence is required for compatibility with
Subversion 1.2.x or earlier.

View File

@ -0,0 +1,3 @@
This file is not used by Subversion 1.3.x or later.
However, its existence is required for compatibility with
Subversion 1.2.x or earlier.