0008847: Revamp SVN and CVS integration - MantisBT - Signup temporarily disabled due to spam

ID	Project	Category	View Status	Date Submitted	Last Update

0008847	mantisbt	integration	public	2008-02-01 06:09	2009-03-03 12:47

Reporter	simpson_2	Assigned To	jreese
Priority	normal	Severity	feature	Reproducibility	N/A
Status	closed	Resolution	fixed
Product Version	1.1.0
Fixed in Version	1.1.6

Summary	0008847: Revamp SVN and CVS integration
Description	The SVN and CVS integration can be extended to work more integrated without to much troubles. Some features I've added to make it work better: 1) Remote SVN or CVS server: In the current implementation Mantis and the source control server should be on the same machine, or you need to install mantis on your source control server with access to the remote database. 2) When using a dedicated source control account, users who commit their work to the source control server do not get the credits for closing the bug.
Additional Information	For both issues I've created a 'fix': 1) I've modified and moved ./core/checkin.php to ./checkincurl.php in the post_commit/logingfo hook you call curl which posts a form to the right address. this form contains 2 fields user & log, where user is the CVS / SVN user, and log is the log message. checkincurl.php checks that the remote server is from a allowed IP ( configurable through config_inc.php ) and tries to login with the supplied user ( see point (2) ) for more info. ) it then works exactly like ./core/checkin.php 2) I've added a field to the user table, and a procedure to user_api.php to retrieve a use by source control ID, there is no UI addition to set these fields on a user yet. I hope I find time this weekend, to diff against the original source, and upload here.
Tags	No tags attached.
Attached Files	checkincurl.php (3,705 bytes) <?php # Mantis - a php based bugtracking system # Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org # Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev@lists.sourceforge.net # Modification for CURL checkin by Bart van Leeuwen bart-nospam@netage.nl # Mantis is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # Mantis is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Mantis. If not, see <http://www.gnu.org/licenses/>. # See the README and LICENSE files for details # -------------------------------------------------------- # $Id: checkin.php,v 1.5.2.1 2007-10-13 22:35:16 giallu Exp $ # -------------------------------------------------------- global $g_bypass_headers; $g_bypass_headers = 1; require_once( 'core.php' ); # Check that failover the username is set and exists $t_username = config_get( 'source_control_account' ); if ( is_blank( $t_username ) \|\| ( user_get_id_by_name( $t_username ) === false ) ) { echo "Invalid source control account ('$t_username').\n"; exit( 1 ); } # Detect references to issues + concat all lines to have the comment log. $t_commit_regexp = config_get( 'source_control_regexp' ); $t_commit_fixed_regexp = config_get( 'source_control_fixed_regexp' ); $t_source_control_server = config_get( 'source_control_server' ); $t_comment = ''; $t_issues = array(); $t_fixed_issues = array(); # check if we are called from the right IP ( @todo might wanna use a array here ) if($_SERVER['REMOTE_ADDR'] != $t_source_control_server ) { echo "Not allowed from this IP !!\n"; exit(0); } $t_line = $_POST['log']; print("$_t_line"); $t_comment .= $t_line; if ( preg_match_all( $t_commit_regexp, $t_line, $t_matches ) ) { for ( $i = 0; $i < count( $t_matches[0] ); ++$i ) { $t_issues[] = $t_matches[1][$i]; } } if ( preg_match_all( $t_commit_fixed_regexp, $t_line, $t_matches) ) { for ( $i = 0; $i < count( $t_matches[0] ); ++$i ) { $t_fixed_issues[] = $t_matches[1][$i]; } } # If no issues found, then no work to do. if ( ( count( $t_issues ) == 0 ) && ( count( $t_fixed_issues ) == 0 ) ) { echo "Comment does not reference any issues.\n"; exit(0); } # first we try to figure out if we can login with the source control user $temp_username = user_get_name_by_source_control_id( $_POST['user'] ); if( !auth_attempt_script_login( $temp_username ) ) { # Login as source control user if ( !auth_attempt_script_login( $t_username ) ) { echo "Unable to login\n"; exit( 1 ); } } # history parameters are reserved for future use. $t_history_old_value = ''; $t_history_new_value = ''; # add note to each bug only once $t_issues = array_unique( $t_issues ); $t_fixed_issues = array_unique( $t_fixed_issues ); # Call the custom function to register the checkin on each issue. foreach ( $t_issues as $t_issue_id ) { if ( !in_array( $t_issue_id, $t_fixed_issues ) ) { helper_call_custom_function( 'checkin', array( $t_issue_id, $t_comment, $t_history_old_value, $t_history_new_value, false ) ); } } foreach ( $t_fixed_issues as $t_issue_id ) { helper_call_custom_function( 'checkin', array( $t_issue_id, $t_comment, $t_history_old_value, $t_history_new_value, true ) ); } exit( 0 ); ?> checkincurl.php (3,705 bytes) user_api.diff (835 bytes) --- user_api.old 2007-10-14 14:35:04.000000000 +0100 +++ user_api.php 2008-01-27 22:45:00.000000000 +0100 @@ -548,6 +548,24 @@ FROM $t_user_table WHERE username='$c_username'"; $result = db_query( $query ); + if ( 0 == db_num_rows( $result ) ) { + return false; + } else { + return db_result( $result ); + } + } + + # -------------------- + # get a user id from a username + # return false if the username does not exist + function user_get_name_by_source_control_id( $p_sc_id ) { + $c_username = db_prepare_string( $p_sc_id ); + $t_user_table = config_get( 'mantis_user_table' ); + + $query = "SELECT username + FROM $t_user_table + WHERE source_control_id='$c_username'"; + $result = db_query( $query ); if ( 0 == db_num_rows( $result ) ) { return false; user_api.diff (835 bytes) post-commit (2,271 bytes)

simpson_2 2008-02-04 16:46 reporter ~0016946	i've uploaded 3 files for SVN support. a diff for core/user_api.php which adds a function to get a user based on a source control account. ( this needs a extra column to the user table, but thats rather obvious ) then checkincurl.php which will react on posted information, needs a extra config setting: $g_source_control_server to hold the IP of the SVN server. post-commit, a SVN control file. todo: add UI to set the SVN account, most probably this should only be allowed by admins though

vboctor 2008-03-17 14:51 manager ~0017396	Thanks simpson_2 for your contribution. I haven't looked in too much details but following are my comments: The configuration option for source control server should be an array. If empty, then this feature should be disabled, otherwise, the remote address should be validated against the array. It would be useful if this feature supports logging. I expect that when using a third party source control service provider (e.g. SourceForge), you may not know the IPs upfront and you may want to log the attempts from IPs that are not yet in the list in order to add them. The GUI associated with the source control user name. Update for admin/schema.php to add the source control user name and an index on it. Refactor the original checkin script and your curl checkin script so that the common code lives in core/source_control_api.php (i.e. create a new API). Send a message to mantisbt-dev mailing list to get other developers' feedback. It would be great if one day the integration is more than just notes and auto-resolving / closing of issues.

jreese 2008-03-18 11:11 reporter ~0017402	I'm currently working on a source control integration plugin, that will support any source control system interacting with an abstracted API, and will track changesets separate from the way bugnotes are tracked. My initial support will only include SVN, as that's what my employer requires, but the system will be designed with other types of VCS in mind, such as Git/Mercurial, CVS, etc.

simpson_2 2008-04-02 15:41 reporter ~0017541	Is there stil interest , or will the plugin handle all of this ??

jreese 2008-04-02 20:10 reporter ~0017543	Can you give a complete diff/patch against the latest SVN trunk? I'd like to take a look at how it works, because even with my upcoming plugin, Mantis needs to maintain its existing integration system for back compatibility reasons, and any easy enhancements that are useful without breaking existing functionality should be welcome. So if you can post a patch against the latest SVN trunk, then I'll look into the system and either give you some feedback, or pull out the parts that I think are feasible for maintaining the current integration.

vboctor 2008-05-28 02:31 manager ~0017927	Here is a forum thread that refers to a contributed script to help with working with a remote SVN: http://www.mantisbt.org/forums/viewtopic.php?f=4&t=4851

kauton 2008-09-12 10:29 reporter ~0019394	Any chance you make a Windows command prompt script similar to the post-commit already attached?

klkl 2008-11-27 11:01 reporter ~0020081	I think that post-commit hook may send invalid data when description contains "&" character: "user=$auth&log=Changeset [${REV}] $n$log$n$changed" Arguments should be URL-encoded first.

thraxisp 2008-12-06 17:57 reporter ~0020274	A cleaned version of the checkincurl.php script was submitted for 1.1.6. Note that the message passed to the script may need to be URL-encoded depending on your version of curl. The script I use for CVS is below: ! /bin/bash gather up cvs info and pass to Mantis back end # tmp=`mktemp cvs.msg.XXXXXX` tmp2=`mktemp cvs.emsg.XXXXXX` get log message, add file names and url encode it to preserve formatting cat > /tmp/$tmp echo -n 'log=' > /tmp/$tmp2 perl -pe 's/([^-_.~A-Za-z0-9])/sprintf("%%%02X", ord($1))/seg' /tmp/$tmp >> /tmp/$tmp2 curl -s -d user="${CVSUSER:-${USER}}" -d @/tmp/$tmp2 "http://<host>/mantis/core/checkincurl.php" rm /tmp/$tmp /tmp/$tmp2

jreese 2008-12-09 09:25 reporter ~0020305	Marking as resolved for 1.1.6.

kauton 2008-12-15 09:30 reporter ~0020373	Any chance you post how to make this work under Windows?

View Issue Details

Activities

gather up cvs info and pass to Mantis back end

get log message, add file names and url encode it to preserve formatting