merge "allow full email addresses as usernames"

Merge branch 'pu'
This commit is contained in:
Sitaram Chamarty 2009-12-08 15:14:29 +05:30
commit 38255e4096
4 changed files with 39 additions and 12 deletions

View file

@ -6,9 +6,13 @@
# the description string for gitweb) # the description string for gitweb)
# - comments in the normal shell-ish style; no surprises there # - comments in the normal shell-ish style; no surprises there
# - there are NO continuation lines of any kind # - there are NO continuation lines of any kind
# - user/repo names as simple as possible # - user/repo names as simple as possible; they must start with an
# (usernames: only alphanumerics, ".", "_", "-"; # alphanumeric, but after that they can also contain ".", "_", "-".
# reponames: same, plus "/", but not at the start) # - usernames can optionally be followed by an "@" and a domainname
# containing at least one "." (this allows you to use an email
# address as someone's username)
# - reponames can contain "/" characters (this allows you to
# put your repos in a tree-structure for convenience)
# objectives, over and above gitosis: # objectives, over and above gitosis:
# - simpler syntax # - simpler syntax

View file

@ -344,12 +344,36 @@ gitolite knows these two keys belong to the same person.
Note that you don't say "sitaram@laptop" and so on in the **config** file -- Note that you don't say "sitaram@laptop" and so on in the **config** file --
as far as the config file is concerned there's just **one** user called as far as the config file is concerned there's just **one** user called
"sitaram" -- so you only say "sitaram" there. Only the **pubkey files** have "sitaram" -- so you only say "sitaram" there.
the extra "@" stuff.
I think this is easier to maintain if you have to delete or change one of I think this is easier to maintain if you have to delete or change one of
those keys. those keys.
However, now that `sitaramc@gmail.com` is also a valid username, we need to
distinguish between `sitaramc@gmail.com.pub` and `sitaramc@desktop.pub`. We
do that by requiring that the multi-key suffix you use (like "desktop" and
"laptop") should not have a `"."` in it. If it does, it looks like an email
address. The following table lists sample pubkey filenames and the
corresponding derived usernames (which is what goes into the
`conf/gitolite.conf` file):
* old style multikeys; not mistaken for emails because there is no "." in
hostname part
sitaramc.pub sitaramc
sitaramc@laptop.pub sitaramc
sitaramc@desktop.pub sitaramc
* new style, email keys; there is a "." in hostname part; so it's an email
address
sitaramc@gmail.com.pub sitaramc@gmail.com
* multikeys *with* email address
sitaramc@gmail.com@laptop.pub sitaramc@gmail.com
sitaramc@gmail.com@desktop.pub sitaramc@gmail.com
#### support for git installed outside default PATH #### support for git installed outside default PATH
The normal solution is to add to the system default PATH somehow, either by The normal solution is to add to the system default PATH somehow, either by

View file

@ -24,9 +24,9 @@ $WARN = "\n\t\t***** WARNING *****\n ";
$R_COMMANDS=qr/^(git[ -]upload-pack|git[ -]upload-archive)$/; $R_COMMANDS=qr/^(git[ -]upload-pack|git[ -]upload-archive)$/;
$W_COMMANDS=qr/^git[ -]receive-pack$/; $W_COMMANDS=qr/^git[ -]receive-pack$/;
# note that REPONAME_PATT allows a "/" also, which USERNAME_PATT doesn't # note that REPONAME_PATT allows "/", while USERNAME_PATT allows "@"
$REPONAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._/-]*$); # very simple pattern $REPONAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._/-]*$); # very simple pattern
$USERNAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._-]*$); # very simple pattern $USERNAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._\@-]*$); # very simple pattern
# ---------------------------------------------------------------------------- # ----------------------------------------------------------------------------
# convenience subs # convenience subs

View file

@ -121,7 +121,7 @@ sub expand_list
{ {
# we test with the slightly more relaxed pattern here; we'll catch the # we test with the slightly more relaxed pattern here; we'll catch the
# "/" in user name thing later; it doesn't affect security anyway # "/" in user name thing later; it doesn't affect security anyway
die "$ABRT bad user or repo name $item\n" unless $item =~ $REPONAME_PATT; die "$ABRT bad user or repo name $item\n" unless $item =~ $REPONAME_PATT or $item =~ $USERNAME_PATT;
if ($item =~ /^@/) # nested group if ($item =~ /^@/) # nested group
{ {
die "$ABRT undefined group $item\n" unless $groups{$item}; die "$ABRT undefined group $item\n" unless $groups{$item};
@ -174,7 +174,6 @@ sub parse_conf_file
# store the members of each group as hash key. Keep track of when # store the members of each group as hash key. Keep track of when
# the group was *first* created by using $fragment as the *value* # the group was *first* created by using $fragment as the *value*
do { $groups{$1}{$_} ||= $fragment } for ( expand_list( split(' ', $2) ) ); do { $groups{$1}{$_} ||= $fragment } for ( expand_list( split(' ', $2) ) );
# again, we take the more "relaxed" pattern
die "$ABRT bad group $1\n" unless $1 =~ $REPONAME_PATT; die "$ABRT bad group $1\n" unless $1 =~ $REPONAME_PATT;
} }
# repo(s) # repo(s)
@ -200,7 +199,7 @@ sub parse_conf_file
# expand the user list, unless it is just "@all" # expand the user list, unless it is just "@all"
@users = expand_list ( @users ) @users = expand_list ( @users )
unless (@users == 1 and $users[0] eq '@all'); unless (@users == 1 and $users[0] eq '@all');
do { die "$ABRT bad username $_\n" unless $_ =~ $USERNAME_PATT } for @users; do { die "$ABRT bad username $_ PATT is $USERNAME_PATT,\n" unless $_ =~ $USERNAME_PATT } for @users;
# ok, we can finally populate the %repos hash # ok, we can finally populate the %repos hash
for my $repo (@repos) # each repo in the current stanza for my $repo (@repos) # each repo in the current stanza
@ -408,7 +407,7 @@ for my $pubkey (glob("*"))
print STDERR "WARNING: pubkey files should end with \".pub\", ignoring $pubkey\n"; print STDERR "WARNING: pubkey files should end with \".pub\", ignoring $pubkey\n";
next; next;
} }
my $user = $pubkey; $user =~ s/(\@.+)?\.pub$//; my $user = $pubkey; $user =~ s/(\@[^.]+)?\.pub$//;
# lint check 2 # lint check 2
print STDERR "WARNING: pubkey $pubkey exists but user $user not in config\n" print STDERR "WARNING: pubkey $pubkey exists but user $user not in config\n"
unless $user_list{$user}; unless $user_list{$user};