(rrq) gl-auth-command uses new repo_rights sub

This commit is contained in:
Sitaram Chamarty 2010-04-24 13:14:16 +05:30
parent 90e141cd61
commit 6be0946aee

View file

@ -168,32 +168,18 @@ $ENV{GL_REPO}=$repo;
# first level permissions check # first level permissions check
# ---------------------------------------------------------------------------- # ----------------------------------------------------------------------------
if ( -d "$repo_base_abs/$repo.git" ) { my ($perm, $creater) = &repo_rights($repo);
# existing repo if ($perm =~ /C/) {
my ($creater, $user_R, $user_W) = &wild_repo_rights($repo_base_abs, $repo, $user); # it was missing, and you have create perms
&parse_acl($GL_CONF_COMPILED, $repo, $creater, $user_R, $user_W); wrap_chdir("$repo_base_abs");
} else { new_repo($repo, "$GL_ADMINDIR/hooks/common", $user);
&parse_acl($GL_CONF_COMPILED, $repo, $user, "NOBODY", "NOBODY"); wrap_chdir($ENV{HOME});
# auto-vivify new repo if you have C access (and wildrepos is on)
if ( $GL_WILDREPOS and $repos{$repo}{C}{$user} || $repos{$repo}{C}{'@all'} ) {
wrap_chdir("$repo_base_abs");
new_repo($repo, "$GL_ADMINDIR/hooks/common", $user);
wrap_chdir($ENV{HOME});
} else {
# repo didn't exist, and you didn't have perms to create it. Delete
# the "convenience" copy of the ACL that parse_acl makes for us
delete $repos{$repo};
}
} }
# we know the user and repo; we just need to know what perm he's trying # we know the user and repo; we just need to know what perm he's trying
my $perm = ($verb =~ $R_COMMANDS ? 'R' : 'W'); # aa == attempted access
my $aa = ($verb =~ $R_COMMANDS ? 'R' : 'W');
die "$perm access for $repo DENIED to $user\n" die "$aa access for $repo DENIED to $user\n" unless $perm =~ /$aa/;
unless $repos{$repo}{$perm}{$user}
or $repos{'@all'}{$perm}{$user} # new: access to @all repos
or $repos{$repo}{$perm}{'@all'};
# ---------------------------------------------------------------------------- # ----------------------------------------------------------------------------
# over to git now # over to git now