Feature #13038

Base path for filesystem repository adapter

Added by Joshua DeClercq almost 5 years ago. Updated about 3 years ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:SCM
Target version:-
Resolution:Duplicate

Description

It would be very helpful to have a field in administrative settings for a custom root when using file system repositories. Preventing access to '/' for every project's manager would be quite a challenge, so limiting that risk to admin users goes a long way.

I don't have the skills to offer an example patch, but it seems as simple as:

  1. Adding a value to the settings table
  2. Adding a form field to the administrative repository settings page that writes to that value
  3. Updating /lib/redmine/scm/adapters/filesystem_adapter.rb to include that value when it defines @url

Correct me if I'm wrong about the scope of work.

And thanks!


Related issues

Related to Redmine - Feature #1415: Let system administrator limit repositories valid sources Closed 2008-06-09

History

#1 Updated by Toshi MARUYAMA almost 5 years ago

  • Category changed from Administration to SCM

#2 Updated by Joshua DeClercq almost 5 years ago

I believe I was able to do this pretty well on my own, and I think it's safe and general-purpose enough that it should be made part of basic Redmine functionality. Here's what I did:

1. Add to settings table a value filesystem_base_path.

2. /config/settings.yml needs to describe this value, so somewhere along the way make sure it includes:

filesystem_base_path:
  default: ''

3. /locales/ needs a string to use as a label. In my case, I updated en.yml by finding where the 'setting_' entries all were and adding:

setting_filesystem_base_path: Filesystem base path

4. /app/views/settings/_repositories.html.erb is the Administrative settings panel for repositories, and a good place to add a field for users to set this value. Wherever you'd like, add the field (I just duplicated the repository_log_display_limit field):

<p><%= setting_text_field :filesystem_base_path, :size => 6 %></p>

5. /lib/redmine/scm/adapters/filesystem_adapter.rb is where the magic happens. Toward the very beginning, you'll find a line that reads:

@url = with_trailling_slash(url)

There may be better places or better code for this step, but I modified this line to read:
@url = with_trailling_slash(Setting.filesystem_base_path) + with_trailling_slash(url)

This concatenates the base path value and the individual repository's location, and makes sure there's a slash at the end of your base path before doing so.

And unless I missed one of my steps, that should do it. You now have a setting restricted to administrators to set a global base path for file system repositories.

This is an under-used and under-appreciated module, but can be ridiculously powerful. A great example would be anyone using a newer version of the DMSF plugin with WebDAV enabled: have your Redmine server mount itself at the WebDAV root (http://redmine/dmsf/webdav) using admin credentials and set that mount point as your base path. Now from any project, add a file system repository and simply use the project identifier as the repository path, gaining access to many separate DMSFs from one project point and give the finger to duplication.

#3 Updated by Go MAEDA about 3 years ago

  • Related to Defect #18291: Path property security issue when adding filesystem repository added

#4 Updated by Jean-Philippe Lang about 3 years ago

  • Status changed from New to Closed
  • Resolution set to Duplicate

Closing as a dup of #1415 which is addressed for 3.0 by adding configuration settings to limit valid repository path.

#5 Updated by Jean-Philippe Lang about 3 years ago

  • Related to Feature #1415: Let system administrator limit repositories valid sources added

#6 Updated by Jean-Philippe Lang about 3 years ago

  • Related to deleted (Defect #18291: Path property security issue when adding filesystem repository)

Also available in: Atom PDF