From d2b7e0e94f9890d66d6841d0942deaa2c5ee00fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Huet?= Date: Sat, 13 Dec 2014 13:58:06 +0100 Subject: [PATCH 01/11] Adds Permissions task. Parameters are : paths, checkPathsExist, owner, group, rights --- .../BuiltIn/Filesystem/PermissionsTask.php | 256 ++++++++++++++++++ 1 file changed, 256 insertions(+) create mode 100644 Mage/Task/BuiltIn/Filesystem/PermissionsTask.php diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php new file mode 100644 index 0000000..ee4a91a --- /dev/null +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php @@ -0,0 +1,256 @@ + + */ +class PermissionsTask extends AbstractTask +{ + /** + * Paths to change of permissions separated by PATH_SEPARATOR. + * + * @var string + */ + private $paths; + + /** + * If set to true, will check existance of given paths on remote host and + * throw SkipException if at least one does not exist. + * + * @var boolean + */ + private $checkPathsExist = true; + + /** + * Owner to set for the given paths (ex : "www-data") + * + * @var string + */ + private $owner; + + /** + * Group to set for the given paths (ex : "www-data") + * + * @var string + */ + private $group; + + /** + * Rights to set for the given paths (ex: "755") + * + * @var string + */ + private $rights; + + /** + * Initialize parameters. + * + * @throws SkipException + */ + public function init() + { + parent::init(); + + if (! is_null($this->getParameter('checkPathsExist'))) { + $this->setCheckPathsExist($this->getParameter('checkPathsExist')); + } + + if (! $this->getParameter('paths')) { + throw new SkipException('Param paths is mandatory'); + } + $this->setPaths(explode(PATH_SEPARATOR, $this->getParameter('paths', ''))); + + if (! is_null($this->getParameter('owner'))) { + $this->setOwner($this->getParameter('owner')); + } + + if (! is_null($this->getParameter('group'))) { + $this->setGroup($this->getParameter('group')); + } + + if (! is_null($this->getParameter('rights'))) { + $this->setRights($this->getParameter('rights')); + } + } + + /** + * @return string + */ + public function getName() + { + return "Change rights / owner / group for paths : " . $this->getPathsForCmd() . " [built-in]"; + } + + /** + * @return boolean + */ + public function run() + { + $command = ''; + + if ($this->paths && $this->owner) { + $command .= 'chown -R ' . $this->owner . ' ' . $this->getPathsForCmd() . ';'; + } + + if ($this->paths && $this->group) { + $command .= 'chgrp -R ' . $this->group . ' ' . $this->getPathsForCmd() . ';'; + } + + if ($this->paths && $this->rights) { + $command .= 'chmod -R ' . $this->rights . ' ' . $this->getPathsForCmd() . ';'; + } + + $result = $this->runCommandRemote($command); + + return $result; + } + + /** + * Transforms paths array to a string separated by 1 space in order to use + * it in a command line. + * + * @return string + */ + protected function getPathsForCmd($paths = null) + { + if (is_null($paths)) { + $paths = $this->paths; + } + + return implode(' ', $paths); + } + + /** + * Set paths. Will check if they exist on remote host depending on + * checkPathsExist flag. + * + * @param array $paths + * @return PermissionsTask + * @throws SkipException + */ + protected function setPaths(array $paths) + { + if ($this->checkPathsExist == true) { + $commands = array(); + foreach ($paths as $path) { + $commands[] = '(([ -f ' . $path . ' ]) || ([ -d ' . $path . ' ]))'; + } + + $command = implode(' && ', $commands); + if (! $this->runCommandRemote($command)) { + throw new SkipException('Make sure all paths given exist on remote host : ' . $this->getPathsForCmd($paths)); + } + } + + $this->paths = $paths; + + return $this; + } + + /** + * @return string + */ + protected function getPaths() + { + return $this->paths; + } + + /** + * Set checkPathsExist. + * + * @param boolean $checkPathsExist + * @return PermissionsTask + */ + protected function setCheckPathsExist($checkPathsExist) + { + $this->checkPathsExist = $checkPathsExist; + + return $this; + } + + /** + * @return boolean + */ + protected function getCheckPathsExist() + { + return $this->checkPathsExist; + } + + /** + * Set owner. + * + * @todo check existance of $owner on remote, might be different ways depending on OS. + * + * @param string $owner + * @return PermissionsTask + */ + protected function setOwner($owner) + { + $this->owner = $owner; + + return $this; + } + + /** + * @return string + */ + protected function getOwner() + { + return $this->owner; + } + + /** + * Set group. + * + * @todo check existance of $group on remote, might be different ways depending on OS. + * + * @param string $group + * @return PermissionsTask + */ + protected function setGroup($group) + { + $this->group = $group; + + return $this; + } + + /** + * @return string + */ + protected function getGroup() + { + return $this->group; + } + + /** + * Set rights. + * + * @todo better way to check if $rights is in a correct format. + * + * @param string $rights + * @return PermissionsTask + */ + protected function setRights($rights) + { + if (strlen($rights) != 3 || !is_numeric($rights) || $rights > 777) { + throw new SkipException('Make sure the rights "' . $rights . '" are in a correct format.'); + } + + $this->rights = $rights; + + return $this; + } + + /** + * @return string + */ + protected function getRights() + { + return $this->rights; + } +} \ No newline at end of file From 8247b15ad009c213e26488825460aaa3aa8f12f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Huet?= Date: Sat, 13 Dec 2014 13:59:57 +0100 Subject: [PATCH 02/11] Adds PermissionsWritableByApache task that extends Permissions task we predefined parameters --- .../PermissionsWritableByApacheTask.php | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php new file mode 100644 index 0000000..57d45da --- /dev/null +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php @@ -0,0 +1,26 @@ + + */ +class PermissionsWritableByApacheTask extends PermissionsTask +{ + public function init() + { + parent::init(); + + $this->setGroup('www-data') + ->setRights('775'); + } + + /** + * @return string + */ + public function getName() + { + return "Gives write permissions to Apache user for given paths [built-in]"; + } +} \ No newline at end of file From 9d1e6aba6f996440a137753fda3c56744e03d736 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Huet?= Date: Sat, 13 Dec 2014 15:57:33 +0100 Subject: [PATCH 03/11] Allow for changing permissions on local host too depending on the stage --- .../BuiltIn/Filesystem/PermissionsTask.php | 28 +++++++++++++------ .../PermissionsWritableByApacheTask.php | 8 +++++- 2 files changed, 26 insertions(+), 10 deletions(-) diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php index ee4a91a..ab924af 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php @@ -5,7 +5,14 @@ use Mage\Task\AbstractTask; use Mage\Task\SkipException; /** - * Task for setting permissions on given paths. + * Task for setting permissions on given paths. Change will be done on local or + * remote host depending on the stage of the deployment. + * + * Usage : + * pre-deploy: + * - filesystem/permissions: {paths: /var/www/myapp/app/cache:/var/www/myapp/app/cache, checkPathsExist: true, owner: www-data, group: www-data, rights: 775} + * on-deploy: + * - filesystem/permissions: {paths: app/cache:app/logs, checkPathsExist: true, owner: www-data, group: www-data, rights: 775} * * @author Jérémy Huet */ @@ -14,12 +21,15 @@ class PermissionsTask extends AbstractTask /** * Paths to change of permissions separated by PATH_SEPARATOR. * + * If the stage is on local host you should give full paths. If on remote + * you may give full or relative to the current release directory paths. + * * @var string */ private $paths; /** - * If set to true, will check existance of given paths on remote host and + * If set to true, will check existance of given paths on the host and * throw SkipException if at least one does not exist. * * @var boolean @@ -105,7 +115,7 @@ class PermissionsTask extends AbstractTask $command .= 'chmod -R ' . $this->rights . ' ' . $this->getPathsForCmd() . ';'; } - $result = $this->runCommandRemote($command); + $result = $this->runCommand($command); return $result; } @@ -126,7 +136,7 @@ class PermissionsTask extends AbstractTask } /** - * Set paths. Will check if they exist on remote host depending on + * Set paths. Will check if they exist on the host depending on * checkPathsExist flag. * * @param array $paths @@ -142,8 +152,8 @@ class PermissionsTask extends AbstractTask } $command = implode(' && ', $commands); - if (! $this->runCommandRemote($command)) { - throw new SkipException('Make sure all paths given exist on remote host : ' . $this->getPathsForCmd($paths)); + if (! $this->runCommand($command)) { + throw new SkipException('Make sure all paths given exist on the host : ' . $this->getPathsForCmd($paths)); } } @@ -184,7 +194,7 @@ class PermissionsTask extends AbstractTask /** * Set owner. * - * @todo check existance of $owner on remote, might be different ways depending on OS. + * @todo check existance of $owner on host, might be different ways depending on OS. * * @param string $owner * @return PermissionsTask @@ -207,7 +217,7 @@ class PermissionsTask extends AbstractTask /** * Set group. * - * @todo check existance of $group on remote, might be different ways depending on OS. + * @todo check existance of $group on host, might be different ways depending on OS. * * @param string $group * @return PermissionsTask @@ -253,4 +263,4 @@ class PermissionsTask extends AbstractTask { return $this->rights; } -} \ No newline at end of file +} diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php index 57d45da..c786e5e 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php @@ -4,6 +4,12 @@ namespace Mage\Task\BuiltIn\Filesystem; /** * Task for giving Apache write permissions on given paths. * + * Usage : + * pre-deploy: + * - filesystem/permissions-writable-by-apache: {paths: /var/www/myapp/app/cache:/var/www/myapp/app/cache, checkPathsExist: true} + * on-deploy: + * - filesystem/permissions-writable-by-apache: {paths: app/cache:app/logs, checkPathsExist: true} + * * @author Jérémy Huet */ class PermissionsWritableByApacheTask extends PermissionsTask @@ -23,4 +29,4 @@ class PermissionsWritableByApacheTask extends PermissionsTask { return "Gives write permissions to Apache user for given paths [built-in]"; } -} \ No newline at end of file +} From 89d82b9992281763b59e13ce7638fa2663fcf2b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Huet?= Date: Sat, 13 Dec 2014 16:05:13 +0100 Subject: [PATCH 04/11] Changing EOL to Linux LF --- .../BuiltIn/Filesystem/PermissionsTask.php | 532 +++++++++--------- .../PermissionsWritableByApacheTask.php | 64 +-- 2 files changed, 298 insertions(+), 298 deletions(-) diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php index ab924af..e04ef91 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php @@ -1,266 +1,266 @@ - - */ -class PermissionsTask extends AbstractTask -{ - /** - * Paths to change of permissions separated by PATH_SEPARATOR. - * - * If the stage is on local host you should give full paths. If on remote - * you may give full or relative to the current release directory paths. - * - * @var string - */ - private $paths; - - /** - * If set to true, will check existance of given paths on the host and - * throw SkipException if at least one does not exist. - * - * @var boolean - */ - private $checkPathsExist = true; - - /** - * Owner to set for the given paths (ex : "www-data") - * - * @var string - */ - private $owner; - - /** - * Group to set for the given paths (ex : "www-data") - * - * @var string - */ - private $group; - - /** - * Rights to set for the given paths (ex: "755") - * - * @var string - */ - private $rights; - - /** - * Initialize parameters. - * - * @throws SkipException - */ - public function init() - { - parent::init(); - - if (! is_null($this->getParameter('checkPathsExist'))) { - $this->setCheckPathsExist($this->getParameter('checkPathsExist')); - } - - if (! $this->getParameter('paths')) { - throw new SkipException('Param paths is mandatory'); - } - $this->setPaths(explode(PATH_SEPARATOR, $this->getParameter('paths', ''))); - - if (! is_null($this->getParameter('owner'))) { - $this->setOwner($this->getParameter('owner')); - } - - if (! is_null($this->getParameter('group'))) { - $this->setGroup($this->getParameter('group')); - } - - if (! is_null($this->getParameter('rights'))) { - $this->setRights($this->getParameter('rights')); - } - } - - /** - * @return string - */ - public function getName() - { - return "Change rights / owner / group for paths : " . $this->getPathsForCmd() . " [built-in]"; - } - - /** - * @return boolean - */ - public function run() - { - $command = ''; - - if ($this->paths && $this->owner) { - $command .= 'chown -R ' . $this->owner . ' ' . $this->getPathsForCmd() . ';'; - } - - if ($this->paths && $this->group) { - $command .= 'chgrp -R ' . $this->group . ' ' . $this->getPathsForCmd() . ';'; - } - - if ($this->paths && $this->rights) { - $command .= 'chmod -R ' . $this->rights . ' ' . $this->getPathsForCmd() . ';'; - } - - $result = $this->runCommand($command); - - return $result; - } - - /** - * Transforms paths array to a string separated by 1 space in order to use - * it in a command line. - * - * @return string - */ - protected function getPathsForCmd($paths = null) - { - if (is_null($paths)) { - $paths = $this->paths; - } - - return implode(' ', $paths); - } - - /** - * Set paths. Will check if they exist on the host depending on - * checkPathsExist flag. - * - * @param array $paths - * @return PermissionsTask - * @throws SkipException - */ - protected function setPaths(array $paths) - { - if ($this->checkPathsExist == true) { - $commands = array(); - foreach ($paths as $path) { - $commands[] = '(([ -f ' . $path . ' ]) || ([ -d ' . $path . ' ]))'; - } - - $command = implode(' && ', $commands); - if (! $this->runCommand($command)) { - throw new SkipException('Make sure all paths given exist on the host : ' . $this->getPathsForCmd($paths)); - } - } - - $this->paths = $paths; - - return $this; - } - - /** - * @return string - */ - protected function getPaths() - { - return $this->paths; - } - - /** - * Set checkPathsExist. - * - * @param boolean $checkPathsExist - * @return PermissionsTask - */ - protected function setCheckPathsExist($checkPathsExist) - { - $this->checkPathsExist = $checkPathsExist; - - return $this; - } - - /** - * @return boolean - */ - protected function getCheckPathsExist() - { - return $this->checkPathsExist; - } - - /** - * Set owner. - * - * @todo check existance of $owner on host, might be different ways depending on OS. - * - * @param string $owner - * @return PermissionsTask - */ - protected function setOwner($owner) - { - $this->owner = $owner; - - return $this; - } - - /** - * @return string - */ - protected function getOwner() - { - return $this->owner; - } - - /** - * Set group. - * - * @todo check existance of $group on host, might be different ways depending on OS. - * - * @param string $group - * @return PermissionsTask - */ - protected function setGroup($group) - { - $this->group = $group; - - return $this; - } - - /** - * @return string - */ - protected function getGroup() - { - return $this->group; - } - - /** - * Set rights. - * - * @todo better way to check if $rights is in a correct format. - * - * @param string $rights - * @return PermissionsTask - */ - protected function setRights($rights) - { - if (strlen($rights) != 3 || !is_numeric($rights) || $rights > 777) { - throw new SkipException('Make sure the rights "' . $rights . '" are in a correct format.'); - } - - $this->rights = $rights; - - return $this; - } - - /** - * @return string - */ - protected function getRights() - { - return $this->rights; - } -} + + */ +class PermissionsTask extends AbstractTask +{ + /** + * Paths to change of permissions separated by PATH_SEPARATOR. + * + * If the stage is on local host you should give full paths. If on remote + * you may give full or relative to the current release directory paths. + * + * @var string + */ + private $paths; + + /** + * If set to true, will check existance of given paths on the host and + * throw SkipException if at least one does not exist. + * + * @var boolean + */ + private $checkPathsExist = true; + + /** + * Owner to set for the given paths (ex : "www-data") + * + * @var string + */ + private $owner; + + /** + * Group to set for the given paths (ex : "www-data") + * + * @var string + */ + private $group; + + /** + * Rights to set for the given paths (ex: "755") + * + * @var string + */ + private $rights; + + /** + * Initialize parameters. + * + * @throws SkipException + */ + public function init() + { + parent::init(); + + if (! is_null($this->getParameter('checkPathsExist'))) { + $this->setCheckPathsExist($this->getParameter('checkPathsExist')); + } + + if (! $this->getParameter('paths')) { + throw new SkipException('Param paths is mandatory'); + } + $this->setPaths(explode(PATH_SEPARATOR, $this->getParameter('paths', ''))); + + if (! is_null($this->getParameter('owner'))) { + $this->setOwner($this->getParameter('owner')); + } + + if (! is_null($this->getParameter('group'))) { + $this->setGroup($this->getParameter('group')); + } + + if (! is_null($this->getParameter('rights'))) { + $this->setRights($this->getParameter('rights')); + } + } + + /** + * @return string + */ + public function getName() + { + return "Change rights / owner / group for paths : " . $this->getPathsForCmd() . " [built-in]"; + } + + /** + * @return boolean + */ + public function run() + { + $command = ''; + + if ($this->paths && $this->owner) { + $command .= 'chown -R ' . $this->owner . ' ' . $this->getPathsForCmd() . ';'; + } + + if ($this->paths && $this->group) { + $command .= 'chgrp -R ' . $this->group . ' ' . $this->getPathsForCmd() . ';'; + } + + if ($this->paths && $this->rights) { + $command .= 'chmod -R ' . $this->rights . ' ' . $this->getPathsForCmd() . ';'; + } + + $result = $this->runCommand($command); + + return $result; + } + + /** + * Transforms paths array to a string separated by 1 space in order to use + * it in a command line. + * + * @return string + */ + protected function getPathsForCmd($paths = null) + { + if (is_null($paths)) { + $paths = $this->paths; + } + + return implode(' ', $paths); + } + + /** + * Set paths. Will check if they exist on the host depending on + * checkPathsExist flag. + * + * @param array $paths + * @return PermissionsTask + * @throws SkipException + */ + protected function setPaths(array $paths) + { + if ($this->checkPathsExist == true) { + $commands = array(); + foreach ($paths as $path) { + $commands[] = '(([ -f ' . $path . ' ]) || ([ -d ' . $path . ' ]))'; + } + + $command = implode(' && ', $commands); + if (! $this->runCommand($command)) { + throw new SkipException('Make sure all paths given exist on the host : ' . $this->getPathsForCmd($paths)); + } + } + + $this->paths = $paths; + + return $this; + } + + /** + * @return string + */ + protected function getPaths() + { + return $this->paths; + } + + /** + * Set checkPathsExist. + * + * @param boolean $checkPathsExist + * @return PermissionsTask + */ + protected function setCheckPathsExist($checkPathsExist) + { + $this->checkPathsExist = $checkPathsExist; + + return $this; + } + + /** + * @return boolean + */ + protected function getCheckPathsExist() + { + return $this->checkPathsExist; + } + + /** + * Set owner. + * + * @todo check existance of $owner on host, might be different ways depending on OS. + * + * @param string $owner + * @return PermissionsTask + */ + protected function setOwner($owner) + { + $this->owner = $owner; + + return $this; + } + + /** + * @return string + */ + protected function getOwner() + { + return $this->owner; + } + + /** + * Set group. + * + * @todo check existance of $group on host, might be different ways depending on OS. + * + * @param string $group + * @return PermissionsTask + */ + protected function setGroup($group) + { + $this->group = $group; + + return $this; + } + + /** + * @return string + */ + protected function getGroup() + { + return $this->group; + } + + /** + * Set rights. + * + * @todo better way to check if $rights is in a correct format. + * + * @param string $rights + * @return PermissionsTask + */ + protected function setRights($rights) + { + if (strlen($rights) != 3 || !is_numeric($rights) || $rights > 777) { + throw new SkipException('Make sure the rights "' . $rights . '" are in a correct format.'); + } + + $this->rights = $rights; + + return $this; + } + + /** + * @return string + */ + protected function getRights() + { + return $this->rights; + } +} diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php index c786e5e..5bb3f7c 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php @@ -1,32 +1,32 @@ - - */ -class PermissionsWritableByApacheTask extends PermissionsTask -{ - public function init() - { - parent::init(); - - $this->setGroup('www-data') - ->setRights('775'); - } - - /** - * @return string - */ - public function getName() - { - return "Gives write permissions to Apache user for given paths [built-in]"; - } -} + + */ +class PermissionsWritableByApacheTask extends PermissionsTask +{ + public function init() + { + parent::init(); + + $this->setGroup('www-data') + ->setRights('775'); + } + + /** + * @return string + */ + public function getName() + { + return "Gives write permissions to Apache user for given paths [built-in]"; + } +} From e449a4529fc52987afb8f2170ac5f0c597ec3b68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Huet?= Date: Sat, 13 Dec 2014 16:22:56 +0100 Subject: [PATCH 05/11] Adds a recursive parameter and allows for more chmod possibilities such as +a --- .../BuiltIn/Filesystem/PermissionsTask.php | 51 +++++++++++++++---- .../PermissionsWritableByApacheTask.php | 6 +-- 2 files changed, 43 insertions(+), 14 deletions(-) diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php index e04ef91..167f1d2 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php @@ -10,9 +10,9 @@ use Mage\Task\SkipException; * * Usage : * pre-deploy: - * - filesystem/permissions: {paths: /var/www/myapp/app/cache:/var/www/myapp/app/cache, checkPathsExist: true, owner: www-data, group: www-data, rights: 775} + * - filesystem/permissions: {paths: /var/www/myapp/app/cache:/var/www/myapp/app/cache, recursive: false, checkPathsExist: true, owner: www-data, group: www-data, rights: 775} * on-deploy: - * - filesystem/permissions: {paths: app/cache:app/logs, checkPathsExist: true, owner: www-data, group: www-data, rights: 775} + * - filesystem/permissions: {paths: app/cache:app/logs, recursive: false, checkPathsExist: true, owner: www-data, group: www-data, rights: 775} * * @author Jérémy Huet */ @@ -57,6 +57,13 @@ class PermissionsTask extends AbstractTask */ private $rights; + /** + * If set to true, will recursively change permissions on given paths. + * + * @var string + */ + private $recursive = false; + /** * Initialize parameters. * @@ -86,6 +93,10 @@ class PermissionsTask extends AbstractTask if (! is_null($this->getParameter('rights'))) { $this->setRights($this->getParameter('rights')); } + + if (! is_null($this->getParameter('recursive'))) { + $this->setRecursive($this->getParameter('recursive')); + } } /** @@ -102,17 +113,18 @@ class PermissionsTask extends AbstractTask public function run() { $command = ''; + $recursive = $this->recursive ? '-R' : ''; if ($this->paths && $this->owner) { - $command .= 'chown -R ' . $this->owner . ' ' . $this->getPathsForCmd() . ';'; + $command .= 'chown '. $recursive .' ' . $this->owner . ' ' . $this->getPathsForCmd() . ';'; } if ($this->paths && $this->group) { - $command .= 'chgrp -R ' . $this->group . ' ' . $this->getPathsForCmd() . ';'; + $command .= 'chgrp '. $recursive .' ' . $this->group . ' ' . $this->getPathsForCmd() . ';'; } if ($this->paths && $this->rights) { - $command .= 'chmod -R ' . $this->rights . ' ' . $this->getPathsForCmd() . ';'; + $command .= 'chmod '. $recursive .' ' . $this->rights . ' ' . $this->getPathsForCmd() . ';'; } $result = $this->runCommand($command); @@ -178,7 +190,7 @@ class PermissionsTask extends AbstractTask */ protected function setCheckPathsExist($checkPathsExist) { - $this->checkPathsExist = $checkPathsExist; + $this->checkPathsExist = (bool) $checkPathsExist; return $this; } @@ -240,17 +252,13 @@ class PermissionsTask extends AbstractTask /** * Set rights. * - * @todo better way to check if $rights is in a correct format. + * @todo check if $rights is in a correct format. * * @param string $rights * @return PermissionsTask */ protected function setRights($rights) { - if (strlen($rights) != 3 || !is_numeric($rights) || $rights > 777) { - throw new SkipException('Make sure the rights "' . $rights . '" are in a correct format.'); - } - $this->rights = $rights; return $this; @@ -263,4 +271,25 @@ class PermissionsTask extends AbstractTask { return $this->rights; } + + /** + * Set recursive. + * + * @param boolean $recursive + * @return PermissionsTask + */ + protected function setRecursive($recursive) + { + $this->recursive = (bool) $recursive; + + return $this; + } + + /** + * @return boolean + */ + protected function getRecursive() + { + return $this->recursive; + } } diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php index 5bb3f7c..defd90e 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php @@ -6,9 +6,9 @@ namespace Mage\Task\BuiltIn\Filesystem; * * Usage : * pre-deploy: - * - filesystem/permissions-writable-by-apache: {paths: /var/www/myapp/app/cache:/var/www/myapp/app/cache, checkPathsExist: true} + * - filesystem/permissions-writable-by-apache: {paths: /var/www/myapp/app/cache:/var/www/myapp/app/cache, recursive: false, checkPathsExist: true} * on-deploy: - * - filesystem/permissions-writable-by-apache: {paths: app/cache:app/logs, checkPathsExist: true} + * - filesystem/permissions-writable-by-apache: {paths: app/cache:app/logs, recursive: false, checkPathsExist: true} * * @author Jérémy Huet */ @@ -19,7 +19,7 @@ class PermissionsWritableByApacheTask extends PermissionsTask parent::init(); $this->setGroup('www-data') - ->setRights('775'); + ->setRights('g+w'); } /** From 979a86992cbc9dcd3ef3674f1c71ff766eca4708 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Huet?= Date: Sat, 13 Dec 2014 16:44:47 +0100 Subject: [PATCH 06/11] More generic way to retrieve web server user --- .../PermissionsWritableByApacheTask.php | 32 ----------- .../PermissionsWritableByWebServerTask.php | 54 +++++++++++++++++++ 2 files changed, 54 insertions(+), 32 deletions(-) delete mode 100644 Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php create mode 100644 Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php deleted file mode 100644 index defd90e..0000000 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByApacheTask.php +++ /dev/null @@ -1,32 +0,0 @@ - - */ -class PermissionsWritableByApacheTask extends PermissionsTask -{ - public function init() - { - parent::init(); - - $this->setGroup('www-data') - ->setRights('g+w'); - } - - /** - * @return string - */ - public function getName() - { - return "Gives write permissions to Apache user for given paths [built-in]"; - } -} diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php new file mode 100644 index 0000000..69ad065 --- /dev/null +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php @@ -0,0 +1,54 @@ + + */ +class PermissionsWritableByWebServerTask extends PermissionsTask +{ + /** + * Set group with web server user and give group write permissions. + */ + public function init() + { + parent::init(); + + $this->setGroup($this->getParameter('group', $this->getWebServerUser())) + ->setRights('g+w'); + } + + /** + * @return string + */ + public function getName() + { + return "Gives write permissions to web server user for given paths [built-in]"; + } + + /** + * Tries to guess the web server user by going thru the running processes. + * + * @return string + * @throws SkipException + */ + protected function getWebServerUser() + { + $this->runCommand("ps aux | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1", $webServerUser); + + if (empty($webServerUser)) { + throw new SkipException("Can't guess web server user. Please check if it is running or force it by setting the group parameter"); + } + + return $webServerUser; + } +} From ffdadb45cf480a7522ec2962c847c6a29596629a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Huet?= Date: Mon, 15 Dec 2014 18:50:09 +0100 Subject: [PATCH 07/11] More generic way to handle command line options --- .../BuiltIn/Filesystem/PermissionsTask.php | 28 ++++++++++++++++--- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php index 167f1d2..981a0de 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php @@ -113,18 +113,17 @@ class PermissionsTask extends AbstractTask public function run() { $command = ''; - $recursive = $this->recursive ? '-R' : ''; if ($this->paths && $this->owner) { - $command .= 'chown '. $recursive .' ' . $this->owner . ' ' . $this->getPathsForCmd() . ';'; + $command .= 'chown '. $this->getOptionsForCmd() .' ' . $this->owner . ' ' . $this->getPathsForCmd() . ';'; } if ($this->paths && $this->group) { - $command .= 'chgrp '. $recursive .' ' . $this->group . ' ' . $this->getPathsForCmd() . ';'; + $command .= 'chgrp '. $this->getOptionsForCmd() .' ' . $this->group . ' ' . $this->getPathsForCmd() . ';'; } if ($this->paths && $this->rights) { - $command .= 'chmod '. $recursive .' ' . $this->rights . ' ' . $this->getPathsForCmd() . ';'; + $command .= 'chmod '. $this->getOptionsForCmd() .' ' . $this->rights . ' ' . $this->getPathsForCmd() . ';'; } $result = $this->runCommand($command); @@ -132,6 +131,27 @@ class PermissionsTask extends AbstractTask return $result; } + /** + * Returns the options for the commands to run. Only supports -R for now. + * + * @return string + */ + protected function getOptionsForCmd() + { + $optionsForCmd = ''; + $options = array( + 'R' => $this->recursive + ); + + foreach($options as $option => $apply) { + if ($apply == true) { + $optionsForCmd .= $option; + } + } + + return $optionsForCmd ? '-' . $optionsForCmd : ''; + } + /** * Transforms paths array to a string separated by 1 space in order to use * it in a command line. From 209c6b9aa319184f973b459b1d4a4d3abc5a4394 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Huet?= Date: Mon, 15 Dec 2014 18:50:27 +0100 Subject: [PATCH 08/11] typo --- .../BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php index 69ad065..66ba1d7 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php @@ -8,7 +8,7 @@ use Mage\Task\SkipException; * * Usage : * pre-deploy: - * - filesystem/permissions-writable-by-web-server: {paths: /var/www/myapp/app/cache:/var/www/myapp/app/cache, recursive: false, checkPathsExist: true} + * - filesystem/permissions-writable-by-web-server: {paths: /var/www/myapp/app/cache:/var/www/myapp/app/logs, recursive: false, checkPathsExist: true} * on-deploy: * - filesystem/permissions-writable-by-web-server: {paths: app/cache:app/logs, recursive: false, checkPathsExist: true} * From 42d3d5a8a139c61b1d663e5ab0616ebb9af59f24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Huet?= Date: Thu, 18 Dec 2014 17:45:12 +0100 Subject: [PATCH 09/11] Better usage doc + allow to set owner and group by using www-data:www-data syntax + task now fails if at least one command returns error --- .../BuiltIn/Filesystem/PermissionsTask.php | 50 ++++++++++++------- .../PermissionsWritableByWebServerTask.php | 8 ++- 2 files changed, 39 insertions(+), 19 deletions(-) diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php index 981a0de..8f1f6f4 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php @@ -11,6 +11,14 @@ use Mage\Task\SkipException; * Usage : * pre-deploy: * - filesystem/permissions: {paths: /var/www/myapp/app/cache:/var/www/myapp/app/cache, recursive: false, checkPathsExist: true, owner: www-data, group: www-data, rights: 775} + * - filesystem/permissions: + * paths: + * - /var/www/myapp/app/cache + * - /var/www/myapp/app/logs + * recursive: false + * checkPathsExist: true + * owner: www-data:www-data + * rights: 775 * on-deploy: * - filesystem/permissions: {paths: app/cache:app/logs, recursive: false, checkPathsExist: true, owner: www-data, group: www-data, rights: 775} * @@ -37,7 +45,8 @@ class PermissionsTask extends AbstractTask private $checkPathsExist = true; /** - * Owner to set for the given paths (ex : "www-data") + * Owner to set for the given paths (ex : "www-data" or "www-data:www-data" + * to set both owner and group at the same time) * * @var string */ @@ -51,7 +60,7 @@ class PermissionsTask extends AbstractTask private $group; /** - * Rights to set for the given paths (ex: "755") + * Rights to set for the given paths (ex: "755" or "g+w") * * @var string */ @@ -80,22 +89,27 @@ class PermissionsTask extends AbstractTask if (! $this->getParameter('paths')) { throw new SkipException('Param paths is mandatory'); } - $this->setPaths(explode(PATH_SEPARATOR, $this->getParameter('paths', ''))); - - if (! is_null($this->getParameter('owner'))) { - $this->setOwner($this->getParameter('owner')); + $this->setPaths(is_array($this->getParameter('paths')) ? $this->getParameter('paths') : explode(PATH_SEPARATOR, $this->getParameter('paths', ''))); + + if (! is_null($owner = $this->getParameter('owner'))) { + if (strpos($owner, ':') !== false) { + $this->setOwner(array_shift(explode(':', $owner))); + $this->setGroup(array_pop(explode(':', $owner))); + } else { + $this->setOwner($owner); + } } - if (! is_null($this->getParameter('group'))) { - $this->setGroup($this->getParameter('group')); + if (! is_null($group = $this->getParameter('group'))) { + $this->setGroup($group); } - if (! is_null($this->getParameter('rights'))) { - $this->setRights($this->getParameter('rights')); + if (! is_null($rights = $this->getParameter('rights'))) { + $this->setRights($rights); } - if (! is_null($this->getParameter('recursive'))) { - $this->setRecursive($this->getParameter('recursive')); + if (! is_null($recursive = $this->getParameter('recursive'))) { + $this->setRecursive($recursive); } } @@ -104,7 +118,7 @@ class PermissionsTask extends AbstractTask */ public function getName() { - return "Change rights / owner / group for paths : " . $this->getPathsForCmd() . " [built-in]"; + return "Changing rights / owner / group for given paths [built-in]"; } /** @@ -112,21 +126,21 @@ class PermissionsTask extends AbstractTask */ public function run() { - $command = ''; + $commands = array(); if ($this->paths && $this->owner) { - $command .= 'chown '. $this->getOptionsForCmd() .' ' . $this->owner . ' ' . $this->getPathsForCmd() . ';'; + $commands []= 'chown '. $this->getOptionsForCmd() .' ' . $this->owner . ' ' . $this->getPathsForCmd(); } if ($this->paths && $this->group) { - $command .= 'chgrp '. $this->getOptionsForCmd() .' ' . $this->group . ' ' . $this->getPathsForCmd() . ';'; + $commands []= 'chgrp '. $this->getOptionsForCmd() .' ' . $this->group . ' ' . $this->getPathsForCmd(); } if ($this->paths && $this->rights) { - $command .= 'chmod '. $this->getOptionsForCmd() .' ' . $this->rights . ' ' . $this->getPathsForCmd() . ';'; + $commands []= 'chmod '. $this->getOptionsForCmd() .' ' . $this->rights . ' ' . $this->getPathsForCmd(); } - $result = $this->runCommand($command); + $result = $this->runCommand(implode(' && ', $commands)); return $result; } diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php index 66ba1d7..ec1fe7d 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php @@ -9,6 +9,12 @@ use Mage\Task\SkipException; * Usage : * pre-deploy: * - filesystem/permissions-writable-by-web-server: {paths: /var/www/myapp/app/cache:/var/www/myapp/app/logs, recursive: false, checkPathsExist: true} + * - filesystem/permissions-writable-by-web-server: + * paths: + * - /var/www/myapp/app/cache + * - /var/www/myapp/app/logs + * recursive: false + * checkPathsExist: true * on-deploy: * - filesystem/permissions-writable-by-web-server: {paths: app/cache:app/logs, recursive: false, checkPathsExist: true} * @@ -32,7 +38,7 @@ class PermissionsWritableByWebServerTask extends PermissionsTask */ public function getName() { - return "Gives write permissions to web server user for given paths [built-in]"; + return "Giving write permissions to web server user for given paths [built-in]"; } /** From fbc50a52bd25d5d9eb2e5d59e2c57cfe93b7ae9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Huet?= Date: Thu, 18 Dec 2014 17:46:13 +0100 Subject: [PATCH 10/11] Adds a task to only have read permission for web server --- ...PermissionsReadableOnlyByWebServerTask.php | 60 +++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 Mage/Task/BuiltIn/Filesystem/PermissionsReadableOnlyByWebServerTask.php diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsReadableOnlyByWebServerTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsReadableOnlyByWebServerTask.php new file mode 100644 index 0000000..d0a04e8 --- /dev/null +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsReadableOnlyByWebServerTask.php @@ -0,0 +1,60 @@ + + */ +class PermissionsReadableOnlyByWebServerTask extends PermissionsTask +{ + /** + * Set group with web server user and give group write permissions. + */ + public function init() + { + parent::init(); + + $this->setGroup($this->getParameter('group', $this->getWebServerUser())) + ->setRights('040'); + } + + /** + * @return string + */ + public function getName() + { + return "Giving read permissions only to web server user for given paths [built-in]"; + } + + /** + * Tries to guess the web server user by going thru the running processes. + * + * @return string + * @throws SkipException + */ + protected function getWebServerUser() + { + $this->runCommand("ps aux | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1", $webServerUser); + + if (empty($webServerUser)) { + throw new SkipException("Can't guess web server user. Please check if it is running or force it by setting the group parameter"); + } + + return $webServerUser; + } +} From 5643616e50581dbb29d8ce1b177af56b1c297ef3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Huet?= Date: Sun, 28 Dec 2014 16:47:59 +0100 Subject: [PATCH 11/11] Only tries to guess web server user if none provided with 'group' parameter --- .../Filesystem/PermissionsReadableOnlyByWebServerTask.php | 2 +- Mage/Task/BuiltIn/Filesystem/PermissionsTask.php | 3 ++- .../BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsReadableOnlyByWebServerTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsReadableOnlyByWebServerTask.php index d0a04e8..375489d 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsReadableOnlyByWebServerTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsReadableOnlyByWebServerTask.php @@ -29,7 +29,7 @@ class PermissionsReadableOnlyByWebServerTask extends PermissionsTask { parent::init(); - $this->setGroup($this->getParameter('group', $this->getWebServerUser())) + $this->setGroup($this->getParameter('group') ? $this->getParameter('group') : $this->getWebServerUser()) ->setRights('040'); } diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php index 8f1f6f4..171770b 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsTask.php @@ -27,7 +27,8 @@ use Mage\Task\SkipException; class PermissionsTask extends AbstractTask { /** - * Paths to change of permissions separated by PATH_SEPARATOR. + * Paths to change of permissions in an array or a string separated by + * PATH_SEPARATOR. * * If the stage is on local host you should give full paths. If on remote * you may give full or relative to the current release directory paths. diff --git a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php index ec1fe7d..6abaf07 100644 --- a/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php +++ b/Mage/Task/BuiltIn/Filesystem/PermissionsWritableByWebServerTask.php @@ -29,7 +29,7 @@ class PermissionsWritableByWebServerTask extends PermissionsTask { parent::init(); - $this->setGroup($this->getParameter('group', $this->getWebServerUser())) + $this->setGroup($this->getParameter('group') ? $this->getParameter('group') : $this->getWebServerUser()) ->setRights('g+w'); }