Fossil

/*
** Attempt to join a login-group.
**
** If problems arise, leave an error message in *pzErrMsg.
*/
void login_group_join(
  const char *zRepo,         /* Repository file in the login group */
  int bPwRequired,           /* True if the login,password is required */
  const char *zLogin,        /* Login name for the other repo */
  const char *zPassword,     /* Password to prove we are authorized to join */
  const char *zNewName,      /* Name of new login group if making a new one */
  char **pzErrMsg            /* Leave an error message here */
){
  Blob fullName;             /* Blob for finding full pathnames */
  sqlite3 *pOther;           /* The other repository */
  int rc;                    /* Return code from sqlite3 functions */
  char *zOtherProjCode;      /* Project code for pOther */

  char *zSelfRepo;           /* Name of our repository */
  char *zSelfLabel;          /* Project-name for our repository */
  char *zSelfProjCode;       /* Our project-code */
  char *zSql;                /* SQL to run on all peers */
  const char *zSelf;         /* The ATTACH name of our repository */

  *pzErrMsg = 0;   /* Default to no errors */

  /* Attach the other repository.  Make sure the username/password is
  ** valid and has Setup permission.
  */
  db_attach(zRepo, "other");
  zOtherProjCode = db_text("x", "SELECT value FROM other.config"
                                " WHERE name='project-code'");
  if( bPwRequired ){
    char *zPwHash;             /* Password hash on pOther */
    zPwHash = sha1_shared_secret(zPassword, zLogin, zOtherProjCode);
    if( !db_exists(
      "SELECT 1 FROM other.user"
      " WHERE login=%Q AND cap GLOB '*s*'"
      "   AND (pw=%Q OR pw=%Q)",
      zLogin, zPassword, zPwHash)
    ){
      db_detach("other");
      *pzErrMsg = "The supplied username/password does not correspond to a"
                  " user Setup permission on the other repository.";
      return;
    }
  }

  /* Create all the necessary CONFIG table entries on both the
  ** other repository and on our own repository.
  */
  zSelfProjCode = abbreviated_project_code(zSelfProjCode);
  zOtherProjCode = abbreviated_project_code(zOtherProjCode);

  login_group_sql(zSql, "<li> ", "</li>", pzErrMsg);
  fossil_free(zSql);
  db_multi_exec(
    "DELETE FROM config "
    " WHERE name GLOB 'peer-*'"
    "    OR name GLOB 'login-group-*';"
  );
}

/*
** COMMAND: login-group
**
** Usage: %fossil login-group
**    or: %fossil login-group join REPO [-name NAME]
**    or: %fossil login-group leave
**
** With no arguments, this command shows the login-group to which the
** repository belongs.
**
** The "join" command adds this repository to login group to which REPO
** belongs, or creates a new login group between itself and REPO if REPO
** does not already belong to a login-group.  When creating a new login-
** group, the name of the new group is determined by the "--name" option.
**
** The "leave" command takes the repository out of whatever login group
** it is currently a part of.
**
** About Login Groups:
**
** A login-group is a set of repositories that share user credentials.
** If a user is logged into one member of the group, then that user can
** access any other group member as long as they have an entry in the
** USER table of that member.  If a user changes their password using
** web interface, their password is also automatically changed in every
** other member of the login group.
*/
void login_group_command(void){
  const char *zLGName;
  const char *zCmd;
  int nCmd;
  Stmt q;
  db_find_and_open_repository(0,0);
  if( g.argc>2 ){
    zCmd = g.argv[2];
    nCmd = (int)strlen(zCmd);
    if( strncmp(zCmd,"join",nCmd)==0 && nCmd>=1 ){
      const char *zNewName = find_option("name",0,1);
      const char *zOther;
      char *zErr = 0;
      verify_all_options();
      if( g.argc!=4 ){
        fossil_fatal("unknown extra arguments to \"login-group add\"");
      }
      zOther = g.argv[3];
      login_group_join(zOther,0,0,0,zNewName,&zErr);
      if( zErr ){
        fossil_fatal("%s", zErr);
      }
    }else if( strncmp(zCmd,"leave",nCmd)==0 && nCmd>=1 ){
      verify_all_options();
      if( g.argc!=3 ){
        fossil_fatal("unknown extra arguments to \"login-group leave\"");
      }
      zLGName = login_group_name();
      if( zLGName ){
        char *zErr = 0;
        fossil_print("Leaving login-group \"%s\"\n", zLGName);
        login_group_leave(&zErr);
        return;
      }
    }else{
      fossil_fatal("unknown command \"%s\" - should be \"add\" or \"leave\"",
                   zCmd);
    }
  }
  /* Show the current login group information */
  zLGName = login_group_name();
  if( zLGName==0 ){
    fossil_print("Not currently a part of any login-group\n");
    return;
  }
  fossil_print("Now part of login-group \"%s\" with:\n", zLGName);
  db_prepare(&q, "SELECT value FROM config WHERE name LIKE 'peer-name-%%'");
  while( db_step(&q)==SQLITE_ROW ){
    fossil_print("  %s\n", db_column_text(&q,0));
  }
  db_finalize(&q);

}

    login_needed(0);
    return;
  }
  file_canonical_name(g.zRepositoryName, &fullName, 0);
  zSelfRepo = fossil_strdup(blob_str(&fullName));
  blob_reset(&fullName);
  if( P("join")!=0 ){
    login_group_join(zRepo, 1, zLogin, zPw, zNewName, &zErrMsg);
  }else if( P("leave") ){
    login_group_leave(&zErrMsg);
  }
  style_header("Login Group Configuration");
  if( zErrMsg ){
    @ <p class="generalError">%s(zErrMsg)</p>
  }