merge "allow full email addresses as usernames"

Merge branch 'pu'
2009-12-08 15:14:29 +05:30 · 2009-12-08 15:14:29 +05:30 · 38255e4096
parent cdb7245d44 4441ed82e4
commit 38255e4096
4 changed files with 39 additions and 12 deletions
--- a/conf/example.conf
+++ b/conf/example.conf
@ -6,9 +6,13 @@
 #       the description string for gitweb)
 #     - comments in the normal shell-ish style; no surprises there
 #     - there are NO continuation lines of any kind
-#     - user/repo names as simple as possible
-#       (usernames: only alphanumerics, ".", "_", "-";
-#       reponames: same, plus "/", but not at the start)
+#     - user/repo names as simple as possible; they must start with an
+#       alphanumeric, but after that they can also contain ".", "_", "-".
+#         - usernames can optionally be followed by an "@" and a domainname
+#           containing at least one "." (this allows you to use an email
+#           address as someone's username)
+#         - reponames can contain "/" characters (this allows you to
+#           put your repos in a tree-structure for convenience)

 # objectives, over and above gitosis:
 #     - simpler syntax
--- a/doc/3-faq-tips-etc.mkd
+++ b/doc/3-faq-tips-etc.mkd
@ -344,12 +344,36 @@ gitolite knows these two keys belong to the same person.

 Note that you don't say "sitaram@laptop" and so on in the **config** file --
 as far as the config file is concerned there's just **one** user called
-"sitaram" -- so you only say "sitaram" there.  Only the **pubkey files** have
-the extra "@" stuff.
+"sitaram" -- so you only say "sitaram" there.

 I think this is easier to maintain if you have to delete or change one of
 those keys.

+However, now that `sitaramc@gmail.com` is also a valid username, we need to
+distinguish between `sitaramc@gmail.com.pub` and `sitaramc@desktop.pub`.  We
+do that by requiring that the multi-key suffix you use (like "desktop" and
+"laptop") should not have a `"."` in it.  If it does, it looks like an email
+address.  The following table lists sample pubkey filenames and the
+corresponding derived usernames (which is what goes into the
+`conf/gitolite.conf` file):
+
+  * old style multikeys; not mistaken for emails because there is no "." in
+    hostname part
+
+        sitaramc.pub                            sitaramc
+        sitaramc@laptop.pub                     sitaramc
+        sitaramc@desktop.pub                    sitaramc
+
+  * new style, email keys; there is a "." in hostname part; so it's an email
+    address
+
+        sitaramc@gmail.com.pub                  sitaramc@gmail.com
+
+  * multikeys *with* email address
+
+        sitaramc@gmail.com@laptop.pub           sitaramc@gmail.com
+        sitaramc@gmail.com@desktop.pub          sitaramc@gmail.com
+
 #### support for git installed outside default PATH

 The normal solution is to add to the system default PATH somehow, either by
--- a/src/gitolite.pm
+++ b/src/gitolite.pm
@ -24,9 +24,9 @@ $WARN = "\n\t\t***** WARNING *****\n       ";
 $R_COMMANDS=qr/^(git[ -]upload-pack|git[ -]upload-archive)$/;
 $W_COMMANDS=qr/^git[ -]receive-pack$/;

-# note that REPONAME_PATT allows a "/" also, which USERNAME_PATT doesn't
+# note that REPONAME_PATT allows "/", while USERNAME_PATT allows "@"
 $REPONAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._/-]*$);    # very simple pattern
-$USERNAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._-]*$);      # very simple pattern
+$USERNAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._\@-]*$);   # very simple pattern

 # ----------------------------------------------------------------------------
 #       convenience subs
--- a/src/gl-compile-conf
+++ b/src/gl-compile-conf
@ -121,7 +121,7 @@ sub expand_list
    {
        # we test with the slightly more relaxed pattern here; we'll catch the
        # "/" in user name thing later; it doesn't affect security anyway
-        die "$ABRT bad user or repo name $item\n" unless $item =~ $REPONAME_PATT;
+        die "$ABRT bad user or repo name $item\n" unless $item =~ $REPONAME_PATT or $item =~ $USERNAME_PATT;
        if ($item =~ /^@/)      # nested group
        {
            die "$ABRT undefined group $item\n" unless $groups{$item};
@ -174,7 +174,6 @@ sub parse_conf_file
            # store the members of each group as hash key.  Keep track of when
            # the group was *first* created by using $fragment as the *value*
            do { $groups{$1}{$_} ||= $fragment } for ( expand_list( split(' ', $2) ) );
-            # again, we take the more "relaxed" pattern
            die "$ABRT bad group $1\n" unless $1 =~ $REPONAME_PATT;
        }
        # repo(s)
@ -200,7 +199,7 @@ sub parse_conf_file
            # expand the user list, unless it is just "@all"
            @users = expand_list ( @users )
                unless (@users == 1 and $users[0] eq '@all');
-            do  { die "$ABRT bad username $_\n" unless $_ =~ $USERNAME_PATT } for @users;
+            do  { die "$ABRT bad username $_ PATT is $USERNAME_PATT,\n" unless $_ =~ $USERNAME_PATT } for @users;

            # ok, we can finally populate the %repos hash
            for my $repo (@repos)       # each repo in the current stanza
@ -408,7 +407,7 @@ for my $pubkey (glob("*"))
        print STDERR "WARNING: pubkey files should end with \".pub\", ignoring $pubkey\n";
        next;
    }
-    my $user = $pubkey; $user =~ s/(\@.+)?\.pub$//;
+    my $user = $pubkey; $user =~ s/(\@[^.]+)?\.pub$//;
    # lint check 2
    print STDERR "WARNING: pubkey $pubkey exists but user $user not in config\n"
        unless $user_list{$user};