added 'RW+CDM' perm function, including some test code for 'D'

2012-03-17 22:50:45 +05:30 · 2012-03-17 22:50:45 +05:30 · 3c5ae7f26b
parent 5ae9b4abab
commit 3c5ae7f26b
2 changed files with 144 additions and 10 deletions
--- a/src/Gitolite/Hooks/Update.pm
+++ b/src/Gitolite/Hooks/Update.pm
@ -109,26 +109,24 @@ sub args {
    # non-ff push to ref (including ref delete)
    $aa = '+' if $oldsha ne $merge_base;
-    # XXX $aa = 'D' if ( $repos{$ENV{GL_REPO}}{DELETE_IS_D} or $repos{'@all'}{DELETE_IS_D} ) and $newsha eq '0' x 40;
+    $aa = 'D' if ( option( $ENV{GL_REPO}, 'DELETE_IS_D' ) ) and $newsha eq '0' x 40;
-    # XXX $aa = 'C' if ( $repos{$ENV{GL_REPO}}{CREATE_IS_C} or $repos{'@all'}{CREATE_IS_C} ) and $oldsha eq '0' x 40;
+    $aa = 'C' if ( option( $ENV{GL_REPO}, 'CREATE_IS_C' ) ) and $oldsha eq '0' x 40;
-    # and now "M" commits.  This presents a bit of a problem.  All the other
+    # and now "M" commits.  All the other accesses (W, +, C, D) were mutually
-    # accesses (W, +, C, D) were mutually exclusive in some sense.  Sure a W could
+    # exclusive in some sense.  Sure a W could be a C or a + could be a D but
-    # be a C or a + could be a D but that's by design.  A merge commit, however,
+    # that's by design.  A merge commit, however, could still be any of the
-    # could still be any of the others (except a "D").
+    # others (except a "D").
    # so we have to *append* 'M' to $aa (if the repo has MERGE_CHECK in
    # effect and this push contains a merge inside)
-=for XXX
+    if ( option( $ENV{GL_REPO}, 'MERGE_CHECK' ) ) {
    if ( $repos{ $ENV{GL_REPO} }{MERGE_CHECK} or $repos{'@all'}{MERGE_CHECK} ) {
        if ( $oldsha eq '0' x 40 or $newsha eq '0' x 40 ) {
-            warn "ref create/delete ignored for purposes of merge-check\n";
+            _warn "ref create/delete ignored for purposes of merge-check\n";
        } else {
            $aa .= 'M' if `git rev-list -n 1 --merges $oldsha..$newsha` =~ /./;
        }
    }
 =cut
    return ( $ref, $oldsha, $newsha, $oldtree, $newtree, $aa );
 }
--- a/t/branch-perms.t
+++ b/t/branch-perms.t
@ -0,0 +1,136 @@
 #!/usr/bin/perl
 use strict;
 use warnings;
 # this is hardcoded; change it if needed
 use lib "src";
 use Gitolite::Test;
 # branch permissions test
 # ----------------------------------------------------------------------
 try "plan 58";
 confreset;confadd '
    @g1 = u1
    @g2 = u2
    @g3 = u3
    @gaa = aa
    repo @gaa
        RW+                 =   @g1
        RW                  =   @g2
        RW+     master      =   @g3
        RW      master      =   u4
        -       master      =   u5
        RW+     dev         =   u5
        RW                  =   u5
 ';
 try "ADMIN_PUSH set1; !/FATAL/" or die text();
 try "
    cd ..;                          ok
    glt clone u1 file://aa;         ok
    cd aa;                          ok
    tc l-995 l-996 l-997 l-998 l-999 l-1000 l-1001 l-1002 l-1003;
                                    ok;     /master a788db9. l-1003/
    glt push u1 origin HEAD;        ok;     /To file://aa/
                                            /\\* \\[new branch\\]      HEAD -> master/
    git branch dev;                 ok
    git branch foo;                 ok
    # u1 rewind master succeed
    git reset --hard HEAD^;         ok;     /HEAD is now at 65d5f4a l-1002/
    tc v-865;                       ok;     /master 3053bb4. v-865/
    glt push u1 origin +master;     ok;     /\\+ a788db9...3053bb4 master -> master \\(forced update\\)/
    # u2 rewind master fail
    git reset --hard HEAD^;         ok;     /HEAD is now at 65d5f4a l-1002/
    tc s-361;                       ok;     /master b331651. s-361/
    glt push u2 file://aa +master;  !ok;    reject
                                            /\\+ refs/heads/master aa u2 DENIED by fallthru/
    # u3 rewind master succeed
    git reset --hard HEAD^
    tc m-508 
    glt push u3 file://aa +master
    /\\+ .* master -> master \\(forced update\\)/
    # u4 push master succeed
    tc f-526 
    glt push u4 file://aa master
    /master -> master/
    # u4 rewind master fail
    git reset --hard HEAD^
    glt push u4 file://aa +master
    /\\+ refs/heads/master aa u4 DENIED by fallthru/
    # u3 and u4 / dev foo -- all 4 fail
    glt push u3 file://aa dev
    /W refs/heads/dev aa u3 DENIED by fallthru/
    glt push u4 file://aa dev
    /W refs/heads/dev aa u4 DENIED by fallthru/
    glt push u3 file://aa foo
    /W refs/heads/foo aa u3 DENIED by fallthru/
    glt push u4 file://aa foo
    /W refs/heads/foo aa u4 DENIED by fallthru/
    # clean up for next set
    glt push u1 -f origin master dev foo
    # u5 push master fail
    tc l-417 
    glt push u5 file://aa master
    /W refs/heads/master aa u5 DENIED by refs/heads/master/
    # u5 rewind dev succeed
    glt push u5 file://aa +dev^:dev
    /\\+ .* dev\\^ -> dev \\(forced update\\)/
    # u5 rewind foo fail
    glt push u5 file://aa +foo^:foo
    /\\+ refs/heads/foo aa u5 DENIED by fallthru/
    # u5 tries to push foo; succeeds
    git checkout foo
    /Switched to branch 'foo'/
    # u5 push foo succeed
    tc e-530 
    glt push u5 file://aa foo
    /foo -> foo/
    # u1 delete branch dev succeed
    glt push u1 origin :dev
    / - \\[deleted\\] *dev/
    # quietly push it back again
    glt push u1 origin dev
    / * \\[new branch\\]      dev -> dev/
    ";
    confadd '
        repo @gaa
            RWD     dev         =   u4
    ';
 try "ADMIN_PUSH set2; !/FATAL/" or die text();
 try "
    cd ../aa
    # u1 tries to delete dev on a new setup
    /master -> master/
    # u1 delete branch dev fail
    glt push u1 origin :dev
    /D refs/heads/dev aa u1 DENIED by fallthru/
    # u4 delete branch dev succeed
    glt push u4 file://aa :dev
    / - \\[deleted\\] *dev/
 ";