deac/gitolite
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

gitweb and daemon should now work even from within setperms

Browse source 
modifications:

  - call setup_gitweb_access and setup_daemon_access from with
    get_set_perms so when the user sets a perm explicitly it works
  - in setup_gitweb_access, do not delete description file or
    gitweb.owner if the repo is wild
  - make the "fork" adc set gitweb.owner *and* call setperms using
    GL_WILDREPOS_DEFPERMS
  - add tests

bug fixes:

  - gl-auth did not even *look* at GL_WILDREPOS_DEFPERMS when
    auto-"C"reating a wild repo; fixed
  - setup_gitweb_access did not delete the description file as
    consistently as it deleted the owner

what will NOT work:

  - removing gitweb permissions does not clear the name from
    "projects.list".  That's complicated, so just wait till the next
    "compile" to make this happen

(thanks to Jefferai for driving this...)

----

mildly puzzling:

    for some strange reason, after a "git ls-remote ...try3" in t58,
    instead of not creating a "description" file, we started seeing a
    73-byte file containing this message:

    Unnamed repository; edit this file 'description' to name the repository.
This commit is contained in:
Sitaram Chamarty 2010-08-20 20:55:23 +05:30
parent 0979f02927
commit 648676faec
5 changed files with 163 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
contrib/adc/fork
View file

@ -15,9 +15,12 @@ get_rights_and_owner $to
git clone --bare -l $GL_REPO_BASE_ABS/$from.git $GL_REPO_BASE_ABS/$to.git
[ $? -ne 0 ] && exit 1
# fix up creator, and hooks
# fix up creator, gitweb owner, and hooks
cd $GL_REPO_BASE_ABS/$to.git
echo $GL_USER > gl-creater
git config gitweb.owner "$GL_USER"
( cd $HOME;perl -e 'do ".gitolite.rc"; print $GL_WILDREPOS_DEFPERMS' ) |
SSH_ORIGINAL_COMMAND="setperms $to" $GL_BINDIR/gl-auth-command $GL_USER
cp -R $GL_REPO_BASE_ABS/$from.git/hooks/* $GL_REPO_BASE_ABS/$to.git/hooks
if [ -n "$GL_WILDREPOS_DEFPERMS" ]; then

48
src/gitolite.pm
View file

@ -38,7 +38,7 @@ our $USERNAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._\@+-]*$); # very simple patter
our $REPOPATT_PATT=qr(^\@?[0-9a-zA-Z[][\\^.$|()[\]*+?{}0-9a-zA-Z._\@/-]*$);
# these come from the RC file
our ($REPO_UMASK, $GL_WILDREPOS, $GL_PACKAGE_CONF, $GL_PACKAGE_HOOKS, $REPO_BASE, $GL_CONF_COMPILED, $GL_BIG_CONFIG, $GL_PERFLOGT);
our ($REPO_UMASK, $GL_WILDREPOS, $GL_PACKAGE_CONF, $GL_PACKAGE_HOOKS, $REPO_BASE, $GL_CONF_COMPILED, $GL_BIG_CONFIG, $GL_PERFLOGT, $PROJECTS_LIST);
our %repos;
our %groups;
our %repo_config;
@ -59,6 +59,13 @@ sub wrap_open {
return $fh;
}
sub wrap_print {
my ($file, $text) = @_;
my $fh = wrap_open(">", $file);
print $fh $text;
close($fh);
}
sub dbg {
for my $i (@_) {
print STDERR "DBG: $i\n";
@ -269,6 +276,10 @@ sub get_set_perms
system("cat > gl-perms");
print "New perms are:\n";
system("cat", "gl-perms");
# gitweb and daemon
setup_daemon_access($repo);
system("echo $repo.git >> $PROJECTS_LIST") if &setup_gitweb_access($repo, '', '');
}
}
@ -342,26 +353,22 @@ sub setup_gitweb_access
# this also sets "owner" for gitweb, by the way
{
my ($repo, $desc, $owner) = @_;
my $ret = 0;
my $is_wild = -f "gl-creater";
# we may override but we do not remove gitweb.owner and description
# for wild repos
# passing in a descr implies 'R = gitweb'
if ($desc or &can_read($repo, 'gitweb')) {
$ret = 1;
if ($desc) {
open(DESC, ">", $desc_file);
print DESC $desc . "\n";
close DESC;
}
if ($owner) {
# set the repository owner
system("git", "config", "gitweb.owner", $owner);
} else {
# remove the repository owner setting
system("git config --unset-all gitweb.owner 2>/dev/null");
}
if ($desc) {
open(DESC, ">", $desc_file);
print DESC $desc . "\n";
close DESC;
} else {
unlink $desc_file;
system("git config --unset-all gitweb.owner 2>/dev/null");
unlink $desc_file unless $is_wild;
}
if ($owner) {
system("git", "config", "gitweb.owner", $owner);
} else {
system("git config --unset-all gitweb.owner 2>/dev/null") unless $is_wild;
}
# if there are no gitweb.* keys set, remove the section to keep the config file clean
@ -370,7 +377,8 @@ sub setup_gitweb_access
system("git config --remove-section gitweb 2>/dev/null");
}
return $ret;
return ($desc or &can_read($repo, 'gitweb'));
# this return value is used by the caller to write to projects.list
}
# ----------------------------------------------------------------------------

2
src/gl-auth-command
View file

@ -195,6 +195,8 @@ if ($perm =~ /C/) {
# it was missing, and you have create perms
wrap_chdir("$ENV{GL_REPO_BASE_ABS}");
new_repo($repo, "$GL_ADMINDIR/hooks/common", $user);
# note pwd is not the bare "repo.git"; new_repo does that...
wrap_print("gl-perms", "$GL_WILDREPOS_DEFPERMS\n") if $GL_WILDREPOS_DEFPERMS;
&setup_repo_configs($repo, \%repo_config);
&setup_daemon_access($repo);
system("echo $repo.git >> $PROJECTS_LIST") if &setup_gitweb_access($repo, '', '');

2
t/t58-daemon-gitweb-wild
View file

@ -78,7 +78,7 @@ do
runremote cat repositories/bar/u1/try1.git/description
expect "this is bar/u1/try1"
runremote cat repositories/bar/u1/try3.git/description
expect "cat: repositories/bar/u1/try3.git/description: No such file or directory"
expect "Unnamed repository; edit this file 'description' to name the repository."
name "now compile and recheck try3 stuff"
echo "

128
t/t60-daemon-gitweb-via-setperms Normal file
View file

@ -0,0 +1,128 @@
# vim: syn=sh:
for bc in 0 1
do
cd $TESTDIR
$TESTDIR/rollback || die "rollback failed"
editrc GL_WILDREPOS 1
editrc GL_BIG_CONFIG $bc
name "INTERNAL"
echo "
@leads = u1 u2
@devs = u1 u2 u3 u4
@gbar = bar/CREATOR/..*
repo @gbar
C = @leads
RW+ = @leads
RW = WRITERS @devs
R = READERS
" | ugc
name "nothing set yet"
expect_push_ok "master -> master"
runlocal git ls-remote u1:bar/u1/try1
runremote ls -al repositories/bar/u1/try1.git/git-daemon-export-ok
expect "ls: cannot access repositories/bar/u1/try1.git/git-daemon-export-ok: No such file or directory"
runremote ls -al projects.list
expect "gitolite-test gitolite-test 12 .* projects.list"
runremote cat projects.list
notexpect "bar/u1/try1.git"
runlocal git ls-remote u1:bar/u1/try2
runremote ls -al repositories/bar/u1/try2.git/git-daemon-export-ok
expect "ls: cannot access repositories/bar/u1/try2.git/git-daemon-export-ok: No such file or directory"
runremote ls -al projects.list
expect "gitolite-test gitolite-test 12 .* projects.list"
runremote cat projects.list
notexpect "bar/u1/try2.git"
name "add daemon access to try1"
echo R daemon | runlocal ssh u1 setperms bar/u1/try1
expect "R daemon"
runremote ls -al repositories/bar/u1/try1.git/git-daemon-export-ok
expect "gitolite-test gitolite-test .* repositories/bar/u1/try1.git/git-daemon-export-ok"
runremote ls -al projects.list
expect "gitolite-test gitolite-test 12 .* projects.list"
runremote cat projects.list
notexpect "bar/u1/try1.git"
name "add gitweb access to try2"
echo R gitweb | runlocal ssh u1 setperms bar/u1/try2
expect "R gitweb"
runremote ls -al repositories/bar/u1/try2.git/git-daemon-export-ok
expect "ls: cannot access repositories/bar/u1/try2.git/git-daemon-export-ok: No such file or directory"
runremote ls -al projects.list
expect "gitolite-test gitolite-test 28 .* projects.list"
runremote cat projects.list
expect "bar/u1/try2.git"
echo "\$GL_WILDREPOS_DEFPERMS = 'R daemon';" | addrc
name "add default daemon access"
runlocal git ls-remote u1:bar/u1/try3
runremote ls -al repositories/bar/u1/try3.git/git-daemon-export-ok
expect "gitolite-test gitolite-test .* repositories/bar/u1/try3.git/git-daemon-export-ok"
runremote ls -al projects.list
expect "gitolite-test gitolite-test 28 .* projects.list"
runremote cat projects.list
notexpect "bar/u1/try3.git"
name "add default gitweb access"
echo "\$GL_WILDREPOS_DEFPERMS = 'R gitweb';" | addrc
runlocal git ls-remote u1:bar/u1/try4
runremote ls -al repositories/bar/u1/try4.git/git-daemon-export-ok
expect "ls: cannot access repositories/bar/u1/try4.git/git-daemon-export-ok: No such file or directory"
runremote ls -al projects.list
expect "gitolite-test gitolite-test 44 .* projects.list"
runremote cat projects.list
expect "bar/u1/try4.git"
name "add default both access"
echo "\$GL_WILDREPOS_DEFPERMS = 'R daemon gitweb';" | addrc
runlocal git ls-remote u1:bar/u1/try5
runremote ls -al repositories/bar/u1/try5.git/git-daemon-export-ok
expect "gitolite-test gitolite-test .* repositories/bar/u1/try5.git/git-daemon-export-ok"
runremote ls -al projects.list
expect "gitolite-test gitolite-test 60 .* projects.list"
runremote cat projects.list
expect "bar/u1/try5.git"
name "add default both access with @all also"
echo "\$GL_WILDREPOS_DEFPERMS = 'R @all daemon gitweb';" | addrc
runlocal git ls-remote u1:bar/u1/try6
runremote ls -al repositories/bar/u1/try6.git/git-daemon-export-ok
expect "gitolite-test gitolite-test .* repositories/bar/u1/try6.git/git-daemon-export-ok"
runremote ls -al projects.list
expect "gitolite-test gitolite-test 76 .* projects.list"
runremote cat projects.list
expect "bar/u1/try6.git"
name "remove all from u6"
< /dev/null runlocal ssh u1 setperms bar/u1/try6
runlocal git ls-remote u1:bar/u1/try6
runremote ls -al repositories/bar/u1/try6.git/git-daemon-export-ok
expect "ls: cannot access repositories/bar/u1/try6.git/git-daemon-export-ok: No such file or directory"
# projects.list currently does not get cleared until a compile, so you
# will still see the entry for .../try6
runremote ls -al projects.list
expect "gitolite-test gitolite-test 76 .* projects.list"
runremote cat projects.list
expect "bar/u1/try6.git"
echo | ugc
runremote ls -al projects.list
expect "gitolite-test gitolite-test 60 .* projects.list"
runremote cat projects.list
# but *now* it should be gone
notexpect "bar/u1/try6.git"
name "INTERNAL"
done