gitweb and daemon should now work even from within setperms
modifications: - call setup_gitweb_access and setup_daemon_access from with get_set_perms so when the user sets a perm explicitly it works - in setup_gitweb_access, do not delete description file or gitweb.owner if the repo is wild - make the "fork" adc set gitweb.owner *and* call setperms using GL_WILDREPOS_DEFPERMS - add tests bug fixes: - gl-auth did not even *look* at GL_WILDREPOS_DEFPERMS when auto-"C"reating a wild repo; fixed - setup_gitweb_access did not delete the description file as consistently as it deleted the owner what will NOT work: - removing gitweb permissions does not clear the name from "projects.list". That's complicated, so just wait till the next "compile" to make this happen (thanks to Jefferai for driving this...) ---- mildly puzzling: for some strange reason, after a "git ls-remote ...try3" in t58, instead of not creating a "description" file, we started seeing a 73-byte file containing this message: Unnamed repository; edit this file 'description' to name the repository.
This commit is contained in:
parent
0979f02927
commit
648676faec
|
@ -15,9 +15,12 @@ get_rights_and_owner $to
|
||||||
git clone --bare -l $GL_REPO_BASE_ABS/$from.git $GL_REPO_BASE_ABS/$to.git
|
git clone --bare -l $GL_REPO_BASE_ABS/$from.git $GL_REPO_BASE_ABS/$to.git
|
||||||
[ $? -ne 0 ] && exit 1
|
[ $? -ne 0 ] && exit 1
|
||||||
|
|
||||||
# fix up creator, and hooks
|
# fix up creator, gitweb owner, and hooks
|
||||||
cd $GL_REPO_BASE_ABS/$to.git
|
cd $GL_REPO_BASE_ABS/$to.git
|
||||||
echo $GL_USER > gl-creater
|
echo $GL_USER > gl-creater
|
||||||
|
git config gitweb.owner "$GL_USER"
|
||||||
|
( cd $HOME;perl -e 'do ".gitolite.rc"; print $GL_WILDREPOS_DEFPERMS' ) |
|
||||||
|
SSH_ORIGINAL_COMMAND="setperms $to" $GL_BINDIR/gl-auth-command $GL_USER
|
||||||
cp -R $GL_REPO_BASE_ABS/$from.git/hooks/* $GL_REPO_BASE_ABS/$to.git/hooks
|
cp -R $GL_REPO_BASE_ABS/$from.git/hooks/* $GL_REPO_BASE_ABS/$to.git/hooks
|
||||||
|
|
||||||
if [ -n "$GL_WILDREPOS_DEFPERMS" ]; then
|
if [ -n "$GL_WILDREPOS_DEFPERMS" ]; then
|
||||||
|
|
|
@ -38,7 +38,7 @@ our $USERNAME_PATT=qr(^\@?[0-9a-zA-Z][0-9a-zA-Z._\@+-]*$); # very simple patter
|
||||||
our $REPOPATT_PATT=qr(^\@?[0-9a-zA-Z[][\\^.$|()[\]*+?{}0-9a-zA-Z._\@/-]*$);
|
our $REPOPATT_PATT=qr(^\@?[0-9a-zA-Z[][\\^.$|()[\]*+?{}0-9a-zA-Z._\@/-]*$);
|
||||||
|
|
||||||
# these come from the RC file
|
# these come from the RC file
|
||||||
our ($REPO_UMASK, $GL_WILDREPOS, $GL_PACKAGE_CONF, $GL_PACKAGE_HOOKS, $REPO_BASE, $GL_CONF_COMPILED, $GL_BIG_CONFIG, $GL_PERFLOGT);
|
our ($REPO_UMASK, $GL_WILDREPOS, $GL_PACKAGE_CONF, $GL_PACKAGE_HOOKS, $REPO_BASE, $GL_CONF_COMPILED, $GL_BIG_CONFIG, $GL_PERFLOGT, $PROJECTS_LIST);
|
||||||
our %repos;
|
our %repos;
|
||||||
our %groups;
|
our %groups;
|
||||||
our %repo_config;
|
our %repo_config;
|
||||||
|
@ -59,6 +59,13 @@ sub wrap_open {
|
||||||
return $fh;
|
return $fh;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub wrap_print {
|
||||||
|
my ($file, $text) = @_;
|
||||||
|
my $fh = wrap_open(">", $file);
|
||||||
|
print $fh $text;
|
||||||
|
close($fh);
|
||||||
|
}
|
||||||
|
|
||||||
sub dbg {
|
sub dbg {
|
||||||
for my $i (@_) {
|
for my $i (@_) {
|
||||||
print STDERR "DBG: $i\n";
|
print STDERR "DBG: $i\n";
|
||||||
|
@ -269,6 +276,10 @@ sub get_set_perms
|
||||||
system("cat > gl-perms");
|
system("cat > gl-perms");
|
||||||
print "New perms are:\n";
|
print "New perms are:\n";
|
||||||
system("cat", "gl-perms");
|
system("cat", "gl-perms");
|
||||||
|
|
||||||
|
# gitweb and daemon
|
||||||
|
setup_daemon_access($repo);
|
||||||
|
system("echo $repo.git >> $PROJECTS_LIST") if &setup_gitweb_access($repo, '', '');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -342,26 +353,22 @@ sub setup_gitweb_access
|
||||||
# this also sets "owner" for gitweb, by the way
|
# this also sets "owner" for gitweb, by the way
|
||||||
{
|
{
|
||||||
my ($repo, $desc, $owner) = @_;
|
my ($repo, $desc, $owner) = @_;
|
||||||
my $ret = 0;
|
my $is_wild = -f "gl-creater";
|
||||||
|
# we may override but we do not remove gitweb.owner and description
|
||||||
|
# for wild repos
|
||||||
|
|
||||||
# passing in a descr implies 'R = gitweb'
|
|
||||||
if ($desc or &can_read($repo, 'gitweb')) {
|
|
||||||
$ret = 1;
|
|
||||||
if ($desc) {
|
if ($desc) {
|
||||||
open(DESC, ">", $desc_file);
|
open(DESC, ">", $desc_file);
|
||||||
print DESC $desc . "\n";
|
print DESC $desc . "\n";
|
||||||
close DESC;
|
close DESC;
|
||||||
|
} else {
|
||||||
|
unlink $desc_file unless $is_wild;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($owner) {
|
if ($owner) {
|
||||||
# set the repository owner
|
|
||||||
system("git", "config", "gitweb.owner", $owner);
|
system("git", "config", "gitweb.owner", $owner);
|
||||||
} else {
|
} else {
|
||||||
# remove the repository owner setting
|
system("git config --unset-all gitweb.owner 2>/dev/null") unless $is_wild;
|
||||||
system("git config --unset-all gitweb.owner 2>/dev/null");
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
unlink $desc_file;
|
|
||||||
system("git config --unset-all gitweb.owner 2>/dev/null");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# if there are no gitweb.* keys set, remove the section to keep the config file clean
|
# if there are no gitweb.* keys set, remove the section to keep the config file clean
|
||||||
|
@ -370,7 +377,8 @@ sub setup_gitweb_access
|
||||||
system("git config --remove-section gitweb 2>/dev/null");
|
system("git config --remove-section gitweb 2>/dev/null");
|
||||||
}
|
}
|
||||||
|
|
||||||
return $ret;
|
return ($desc or &can_read($repo, 'gitweb'));
|
||||||
|
# this return value is used by the caller to write to projects.list
|
||||||
}
|
}
|
||||||
|
|
||||||
# ----------------------------------------------------------------------------
|
# ----------------------------------------------------------------------------
|
||||||
|
|
|
@ -195,6 +195,8 @@ if ($perm =~ /C/) {
|
||||||
# it was missing, and you have create perms
|
# it was missing, and you have create perms
|
||||||
wrap_chdir("$ENV{GL_REPO_BASE_ABS}");
|
wrap_chdir("$ENV{GL_REPO_BASE_ABS}");
|
||||||
new_repo($repo, "$GL_ADMINDIR/hooks/common", $user);
|
new_repo($repo, "$GL_ADMINDIR/hooks/common", $user);
|
||||||
|
# note pwd is not the bare "repo.git"; new_repo does that...
|
||||||
|
wrap_print("gl-perms", "$GL_WILDREPOS_DEFPERMS\n") if $GL_WILDREPOS_DEFPERMS;
|
||||||
&setup_repo_configs($repo, \%repo_config);
|
&setup_repo_configs($repo, \%repo_config);
|
||||||
&setup_daemon_access($repo);
|
&setup_daemon_access($repo);
|
||||||
system("echo $repo.git >> $PROJECTS_LIST") if &setup_gitweb_access($repo, '', '');
|
system("echo $repo.git >> $PROJECTS_LIST") if &setup_gitweb_access($repo, '', '');
|
||||||
|
|
|
@ -78,7 +78,7 @@ do
|
||||||
runremote cat repositories/bar/u1/try1.git/description
|
runremote cat repositories/bar/u1/try1.git/description
|
||||||
expect "this is bar/u1/try1"
|
expect "this is bar/u1/try1"
|
||||||
runremote cat repositories/bar/u1/try3.git/description
|
runremote cat repositories/bar/u1/try3.git/description
|
||||||
expect "cat: repositories/bar/u1/try3.git/description: No such file or directory"
|
expect "Unnamed repository; edit this file 'description' to name the repository."
|
||||||
|
|
||||||
name "now compile and recheck try3 stuff"
|
name "now compile and recheck try3 stuff"
|
||||||
echo "
|
echo "
|
||||||
|
|
128
t/t60-daemon-gitweb-via-setperms
Normal file
128
t/t60-daemon-gitweb-via-setperms
Normal file
|
@ -0,0 +1,128 @@
|
||||||
|
# vim: syn=sh:
|
||||||
|
for bc in 0 1
|
||||||
|
do
|
||||||
|
cd $TESTDIR
|
||||||
|
$TESTDIR/rollback || die "rollback failed"
|
||||||
|
editrc GL_WILDREPOS 1
|
||||||
|
editrc GL_BIG_CONFIG $bc
|
||||||
|
|
||||||
|
name "INTERNAL"
|
||||||
|
echo "
|
||||||
|
@leads = u1 u2
|
||||||
|
@devs = u1 u2 u3 u4
|
||||||
|
|
||||||
|
@gbar = bar/CREATOR/..*
|
||||||
|
repo @gbar
|
||||||
|
C = @leads
|
||||||
|
RW+ = @leads
|
||||||
|
RW = WRITERS @devs
|
||||||
|
R = READERS
|
||||||
|
" | ugc
|
||||||
|
name "nothing set yet"
|
||||||
|
expect_push_ok "master -> master"
|
||||||
|
|
||||||
|
runlocal git ls-remote u1:bar/u1/try1
|
||||||
|
runremote ls -al repositories/bar/u1/try1.git/git-daemon-export-ok
|
||||||
|
expect "ls: cannot access repositories/bar/u1/try1.git/git-daemon-export-ok: No such file or directory"
|
||||||
|
runremote ls -al projects.list
|
||||||
|
expect "gitolite-test gitolite-test 12 .* projects.list"
|
||||||
|
runremote cat projects.list
|
||||||
|
notexpect "bar/u1/try1.git"
|
||||||
|
|
||||||
|
runlocal git ls-remote u1:bar/u1/try2
|
||||||
|
runremote ls -al repositories/bar/u1/try2.git/git-daemon-export-ok
|
||||||
|
expect "ls: cannot access repositories/bar/u1/try2.git/git-daemon-export-ok: No such file or directory"
|
||||||
|
runremote ls -al projects.list
|
||||||
|
expect "gitolite-test gitolite-test 12 .* projects.list"
|
||||||
|
runremote cat projects.list
|
||||||
|
notexpect "bar/u1/try2.git"
|
||||||
|
|
||||||
|
name "add daemon access to try1"
|
||||||
|
echo R daemon | runlocal ssh u1 setperms bar/u1/try1
|
||||||
|
expect "R daemon"
|
||||||
|
|
||||||
|
runremote ls -al repositories/bar/u1/try1.git/git-daemon-export-ok
|
||||||
|
expect "gitolite-test gitolite-test .* repositories/bar/u1/try1.git/git-daemon-export-ok"
|
||||||
|
runremote ls -al projects.list
|
||||||
|
expect "gitolite-test gitolite-test 12 .* projects.list"
|
||||||
|
runremote cat projects.list
|
||||||
|
notexpect "bar/u1/try1.git"
|
||||||
|
|
||||||
|
name "add gitweb access to try2"
|
||||||
|
echo R gitweb | runlocal ssh u1 setperms bar/u1/try2
|
||||||
|
expect "R gitweb"
|
||||||
|
|
||||||
|
runremote ls -al repositories/bar/u1/try2.git/git-daemon-export-ok
|
||||||
|
expect "ls: cannot access repositories/bar/u1/try2.git/git-daemon-export-ok: No such file or directory"
|
||||||
|
runremote ls -al projects.list
|
||||||
|
expect "gitolite-test gitolite-test 28 .* projects.list"
|
||||||
|
runremote cat projects.list
|
||||||
|
expect "bar/u1/try2.git"
|
||||||
|
|
||||||
|
echo "\$GL_WILDREPOS_DEFPERMS = 'R daemon';" | addrc
|
||||||
|
|
||||||
|
name "add default daemon access"
|
||||||
|
runlocal git ls-remote u1:bar/u1/try3
|
||||||
|
runremote ls -al repositories/bar/u1/try3.git/git-daemon-export-ok
|
||||||
|
expect "gitolite-test gitolite-test .* repositories/bar/u1/try3.git/git-daemon-export-ok"
|
||||||
|
runremote ls -al projects.list
|
||||||
|
expect "gitolite-test gitolite-test 28 .* projects.list"
|
||||||
|
runremote cat projects.list
|
||||||
|
notexpect "bar/u1/try3.git"
|
||||||
|
|
||||||
|
name "add default gitweb access"
|
||||||
|
echo "\$GL_WILDREPOS_DEFPERMS = 'R gitweb';" | addrc
|
||||||
|
|
||||||
|
runlocal git ls-remote u1:bar/u1/try4
|
||||||
|
runremote ls -al repositories/bar/u1/try4.git/git-daemon-export-ok
|
||||||
|
expect "ls: cannot access repositories/bar/u1/try4.git/git-daemon-export-ok: No such file or directory"
|
||||||
|
runremote ls -al projects.list
|
||||||
|
expect "gitolite-test gitolite-test 44 .* projects.list"
|
||||||
|
runremote cat projects.list
|
||||||
|
expect "bar/u1/try4.git"
|
||||||
|
|
||||||
|
name "add default both access"
|
||||||
|
echo "\$GL_WILDREPOS_DEFPERMS = 'R daemon gitweb';" | addrc
|
||||||
|
|
||||||
|
runlocal git ls-remote u1:bar/u1/try5
|
||||||
|
runremote ls -al repositories/bar/u1/try5.git/git-daemon-export-ok
|
||||||
|
expect "gitolite-test gitolite-test .* repositories/bar/u1/try5.git/git-daemon-export-ok"
|
||||||
|
runremote ls -al projects.list
|
||||||
|
expect "gitolite-test gitolite-test 60 .* projects.list"
|
||||||
|
runremote cat projects.list
|
||||||
|
expect "bar/u1/try5.git"
|
||||||
|
|
||||||
|
name "add default both access with @all also"
|
||||||
|
echo "\$GL_WILDREPOS_DEFPERMS = 'R @all daemon gitweb';" | addrc
|
||||||
|
|
||||||
|
runlocal git ls-remote u1:bar/u1/try6
|
||||||
|
runremote ls -al repositories/bar/u1/try6.git/git-daemon-export-ok
|
||||||
|
expect "gitolite-test gitolite-test .* repositories/bar/u1/try6.git/git-daemon-export-ok"
|
||||||
|
runremote ls -al projects.list
|
||||||
|
expect "gitolite-test gitolite-test 76 .* projects.list"
|
||||||
|
runremote cat projects.list
|
||||||
|
expect "bar/u1/try6.git"
|
||||||
|
|
||||||
|
name "remove all from u6"
|
||||||
|
< /dev/null runlocal ssh u1 setperms bar/u1/try6
|
||||||
|
|
||||||
|
runlocal git ls-remote u1:bar/u1/try6
|
||||||
|
runremote ls -al repositories/bar/u1/try6.git/git-daemon-export-ok
|
||||||
|
expect "ls: cannot access repositories/bar/u1/try6.git/git-daemon-export-ok: No such file or directory"
|
||||||
|
# projects.list currently does not get cleared until a compile, so you
|
||||||
|
# will still see the entry for .../try6
|
||||||
|
runremote ls -al projects.list
|
||||||
|
expect "gitolite-test gitolite-test 76 .* projects.list"
|
||||||
|
runremote cat projects.list
|
||||||
|
expect "bar/u1/try6.git"
|
||||||
|
|
||||||
|
echo | ugc
|
||||||
|
runremote ls -al projects.list
|
||||||
|
expect "gitolite-test gitolite-test 60 .* projects.list"
|
||||||
|
runremote cat projects.list
|
||||||
|
# but *now* it should be gone
|
||||||
|
notexpect "bar/u1/try6.git"
|
||||||
|
|
||||||
|
name "INTERNAL"
|
||||||
|
|
||||||
|
done
|
Loading…
Reference in a new issue