From 4142be4e59f11c7ba6be612b86bba1e5cd3eb439 Mon Sep 17 00:00:00 2001
From: Sitaram Chamarty <sitaram@sita-wd.atc.tcs.com>
Date: Fri, 29 Jan 2010 14:39:03 +0530
Subject: [PATCH] auth: reporting changes for wildcard-created repos

  - see *all* wildcard repos you have access to (this uses line-anchored
    regexes as described in doc/4).  Examples:
        ssh git@server expand '.*'
        ssh git@server expand 'assignment.*'

  - show perms like the info command does

Please see comments against 02cee1d for more details and caveats.
---
 src/gitolite.pm     | 23 ++++++++++++++++++++---
 src/gl-auth-command |  3 ++-
 2 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/src/gitolite.pm b/src/gitolite.pm
index 950ad5e..cccd310 100644
--- a/src/gitolite.pm
+++ b/src/gitolite.pm
@@ -227,6 +227,10 @@ sub expand_wild
     # access report instead of having to manually change CREATER to his name
     $repo =~ s/\bCREAT[EO]R\b/$user/g;
 
+    # get the list of repo patterns
+    &parse_acl($GL_CONF_COMPILED, "", "NOBODY", "NOBODY", "NOBODY");
+    my @repopatts = grep { $_ !~ $REPONAME_PATT } sort keys %repos;
+
     # display matching repos (from *all* the repos in the system) that $user
     # has at least "R" access to
 
@@ -237,15 +241,28 @@ sub expand_wild
         $actual_repo =~ s/\.git$//;
         # it has to match the pattern being expanded
         next unless $actual_repo =~ /^$repo$/;
+        # it also has to match one of the repo patterns in %repos (which we
+        # already snarfed earlier)
+        my @patts = grep { $actual_repo =~ /^$_$/ } @repopatts;
+        # should be exactly one match
+        # (see reasoning in the "other issues" section of doc/4)
+        if (@patts != 1) {
+            # though if it's more than one we print an additional message
+            print "ignoring $actual_repo; has multiple matches\n(@patts)\n" if @patts > 1;
+            next;
+        }
 
         # find the creater and subsitute in repos
         my ($creater, $read, $write) = &repo_rights($repo_base_abs, $actual_repo, $user);
         # get access list with this
         &parse_acl($GL_CONF_COMPILED, "", $creater, $read || "NOBODY", $write || "NOBODY");
 
-        # you need a minimum of "R" access to the regex we're talking about
-        next unless $repos{$repo}{R}{'@all'} or $repos{$repo}{R}{$user};
-        print "($creater)\t$actual_repo\n";
+        my $perm = "";
+        $perm .= ($repos{$patts[0]}{C}{'@all'} or $repos{$patts[0]}{C}{$user}) ? " C" : "  ";
+        $perm .= ($repos{$patts[0]}{R}{'@all'} or $repos{$patts[0]}{R}{$user}) ? " R" : "  ";
+        $perm .= ($repos{$patts[0]}{W}{'@all'} or $repos{$patts[0]}{W}{$user}) ? " W" : "  ";
+        next if $perm eq "      ";
+        print "$perm\t($creater)\t$actual_repo\n";
     }
 }
 
diff --git a/src/gl-auth-command b/src/gl-auth-command
index a78c157..f6b2453 100755
--- a/src/gl-auth-command
+++ b/src/gl-auth-command
@@ -26,7 +26,7 @@ use warnings;
 # these are set by the "rc" file
 our ($GL_LOGT, $GL_CONF_COMPILED, $REPO_BASE, $GIT_PATH, $REPO_UMASK, $GL_ADMINDIR);
 # and these are set by gitolite.pm
-our ($R_COMMANDS, $W_COMMANDS, $REPONAME_PATT);
+our ($R_COMMANDS, $W_COMMANDS, $REPONAME_PATT, $REPOPATT_PATT);
 our %repos;
 
 # the common setup module is in the same directory as this running program is
@@ -101,6 +101,7 @@ if ($cmd =~ $CUSTOM_COMMANDS) {
     }
     elsif ($verb eq 'expand') {
         # with a wildcard, you can "expand" it to see what repos actually match
+        die "$repo has invalid characters" unless "x$repo" =~ $REPOPATT_PATT;
         expand_wild($GL_CONF_COMPILED, $repo_base_abs, $repo, $user);
     } else {
         die "$cmd doesn't make sense to me\n";