(rrq) gl-auth-command uses new repo_rights sub
This commit is contained in:
parent
90e141cd61
commit
6be0946aee
|
@ -168,32 +168,18 @@ $ENV{GL_REPO}=$repo;
|
||||||
# first level permissions check
|
# first level permissions check
|
||||||
# ----------------------------------------------------------------------------
|
# ----------------------------------------------------------------------------
|
||||||
|
|
||||||
if ( -d "$repo_base_abs/$repo.git" ) {
|
my ($perm, $creater) = &repo_rights($repo);
|
||||||
# existing repo
|
if ($perm =~ /C/) {
|
||||||
my ($creater, $user_R, $user_W) = &wild_repo_rights($repo_base_abs, $repo, $user);
|
# it was missing, and you have create perms
|
||||||
&parse_acl($GL_CONF_COMPILED, $repo, $creater, $user_R, $user_W);
|
wrap_chdir("$repo_base_abs");
|
||||||
} else {
|
new_repo($repo, "$GL_ADMINDIR/hooks/common", $user);
|
||||||
&parse_acl($GL_CONF_COMPILED, $repo, $user, "NOBODY", "NOBODY");
|
wrap_chdir($ENV{HOME});
|
||||||
|
|
||||||
# auto-vivify new repo if you have C access (and wildrepos is on)
|
|
||||||
if ( $GL_WILDREPOS and $repos{$repo}{C}{$user} || $repos{$repo}{C}{'@all'} ) {
|
|
||||||
wrap_chdir("$repo_base_abs");
|
|
||||||
new_repo($repo, "$GL_ADMINDIR/hooks/common", $user);
|
|
||||||
wrap_chdir($ENV{HOME});
|
|
||||||
} else {
|
|
||||||
# repo didn't exist, and you didn't have perms to create it. Delete
|
|
||||||
# the "convenience" copy of the ACL that parse_acl makes for us
|
|
||||||
delete $repos{$repo};
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# we know the user and repo; we just need to know what perm he's trying
|
# we know the user and repo; we just need to know what perm he's trying
|
||||||
my $perm = ($verb =~ $R_COMMANDS ? 'R' : 'W');
|
# aa == attempted access
|
||||||
|
my $aa = ($verb =~ $R_COMMANDS ? 'R' : 'W');
|
||||||
die "$perm access for $repo DENIED to $user\n"
|
die "$aa access for $repo DENIED to $user\n" unless $perm =~ /$aa/;
|
||||||
unless $repos{$repo}{$perm}{$user}
|
|
||||||
or $repos{'@all'}{$perm}{$user} # new: access to @all repos
|
|
||||||
or $repos{$repo}{$perm}{'@all'};
|
|
||||||
|
|
||||||
# ----------------------------------------------------------------------------
|
# ----------------------------------------------------------------------------
|
||||||
# over to git now
|
# over to git now
|
||||||
|
|
Loading…
Reference in a new issue