(adc) admin-defined commands

This commit series allows an admin to designate a set of commands that
users can run.  For example, he can allow users to delete a repo that
they have created:

    ssh git@server rmrepo foo/me/bar

or fork (to use github's terminology) a repo they have "R" access to,
into a new one they have "C" access to:

    ssh git@server fork foo/someone-else/bar foo/me/bar

Please see documentation for details

----

(this commit)

  - (rc) new variable $GL_ADC_PATH; without this none of this is enabled
  - (pm) new helper routine "cli_repo_rights" to get rights/ownership
    from outside
  - (auth) call $GL_ADC_PATH/$cmd if it exists

conf/example.gitolite.rc

@@ -170,6 +170,15 @@ $GL_WILDREPOS = 0;
 # $UPDATE_CHAINS_TO = "hooks/update.secondary";
 # $ADMIN_POST_UPDATE_CHAINS_TO = "hooks/post-update.secondary";
 
+# --------------------------------------
+# ADMIN DEFINED COMMANDS
+
+# WARNING: Use this feature only if (a) you really really know what you're
+# doing or (b) you really don't care too much about security.  Please read
+# doc/admin-defined-commands.mkd for details.
+
+# $GL_ADC_PATH = "";
+
 # --------------------------------------
 # per perl rules, this should be the last line in such a file:
 1;

src/gitolite.pm

@@ -397,6 +397,14 @@ sub expand_wild
     }
 }
 
+# helper/convenience routine to get rights and ownership from a shell command
+sub cli_repo_rights {
+    my ($perm, $creater) = &repo_rights($_[0]);
+    $perm =~ s/ /_/g;
+    $creater =~ s/^\(|\)$//g;
+    print "$perm $creater\n";
+}
+
 # ----------------------------------------------------------------------------
 #       S P E C I A L   C O M M A N D S
 # ----------------------------------------------------------------------------

src/gl-auth-command

@@ -24,7 +24,7 @@ use warnings;
 # ----------------------------------------------------------------------------
 
 # these are set by the "rc" file
-our ($GL_LOGT, $GL_CONF_COMPILED, $REPO_BASE, $GIT_PATH, $REPO_UMASK, $GL_ADMINDIR, $RSYNC_BASE, $HTPASSWD_FILE, $GL_WILDREPOS);
+our ($GL_LOGT, $GL_CONF_COMPILED, $REPO_BASE, $GIT_PATH, $REPO_UMASK, $GL_ADMINDIR, $RSYNC_BASE, $HTPASSWD_FILE, $GL_WILDREPOS, $GL_ADC_PATH);
 # and these are set by gitolite.pm
 our ($R_COMMANDS, $W_COMMANDS, $REPONAME_PATT, $REPOPATT_PATT);
 our %repos;
@@ -100,6 +100,20 @@ unless ($ENV{SSH_ORIGINAL_COMMAND}) {
     $ENV{SSH_ORIGINAL_COMMAND} = 'info';
 }
 
+# ----------------------------------------------------------------------------
+#       admin defined commands
+# ----------------------------------------------------------------------------
+
+# please see doc/admin-defined-commands.mkd for details
+if ($GL_ADC_PATH and -d $GL_ADC_PATH) {
+    my ($cmd, @args) = split ' ', $ENV{SSH_ORIGINAL_COMMAND};
+    if (-x "$GL_ADC_PATH/$cmd") {
+        # yes this is rather strict, sorry.
+        do { die "I don't like $_\n" unless $_ =~ $REPOPATT_PATT } for ($cmd, @args);
+        exec("$GL_ADC_PATH/$cmd", @args);
+    }
+}
+
 # ----------------------------------------------------------------------------
 #       get and set perms for actual repo created by wildcard-autoviv
 # ----------------------------------------------------------------------------