the rarely-useful "@all users can access @all repos" thing...
This commit is contained in:
parent
696bffe605
commit
77f0b2da0e
3 changed files with 68 additions and 4 deletions
|
@ -58,6 +58,7 @@ my @allowed_refs;
|
|||
push @allowed_refs, @ { $repos{$ENV{GL_REPO}}{$ENV{GL_USER}} || [] };
|
||||
push @allowed_refs, @ { $repos{'@all'} {$ENV{GL_USER}} || [] };
|
||||
push @allowed_refs, @ { $repos{$ENV{GL_REPO}}{'@all'} || [] };
|
||||
push @allowed_refs, @ { $repos{'@all'} {'@all'} || [] };
|
||||
|
||||
# prepare the list of refs to be checked
|
||||
|
||||
|
|
|
@ -605,11 +605,13 @@ sub report_basic
|
|||
}
|
||||
# @all repos; meaning of read/write flags:
|
||||
# @R => @all users are allowed access to this repo
|
||||
# (Note: this now includes the rarely useful "@all users allowed
|
||||
# access to @all repos" case)
|
||||
# #R => you're a super user and can see @all repos
|
||||
# R => normal access
|
||||
my $perm .= ( $repos{$r}{C}{'@all'} ? ' @C' : ( $repos{$r}{C}{$user} ? ' C' : ' ' ) );
|
||||
$perm .= perm_code( $repos{$r}{R}{'@all'}, $repos{'@all'}{R}{$user}, $repos{$r}{R}{$user}, 'R');
|
||||
$perm .= perm_code( $repos{$r}{W}{'@all'}, $repos{'@all'}{W}{$user}, $repos{$r}{W}{$user}, 'W');
|
||||
$perm .= perm_code( $repos{$r}{R}{'@all'} || $repos{'@all'}{R}{'@all'}, $repos{'@all'}{R}{$user}, $repos{$r}{R}{$user}, 'R');
|
||||
$perm .= perm_code( $repos{$r}{W}{'@all'} || $repos{'@all'}{W}{'@all'}, $repos{'@all'}{W}{$user}, $repos{$r}{W}{$user}, 'W');
|
||||
print "$perm\t$r\r\n" if $perm =~ /\S/;
|
||||
}
|
||||
print "only $BIG_INFO_CAP out of $count candidate repos examined\r\nplease use a partial reponame or regex pattern to limit output\r\n" if $GL_BIG_CONFIG and $count > $BIG_INFO_CAP;
|
||||
|
@ -810,8 +812,8 @@ sub add_repo_conf
|
|||
delete $repos{$repo} if $perm !~ /C/ and $wild;
|
||||
$creator = "<notfound>";
|
||||
}
|
||||
$perm .= perm_code( $repos{$repo}{R}{'@all'}, $repos{'@all'}{R}{$ENV{GL_USER}}, $repos{$repo}{R}{$ENV{GL_USER}}, 'R' );
|
||||
$perm .= perm_code( $repos{$repo}{W}{'@all'}, $repos{'@all'}{W}{$ENV{GL_USER}}, $repos{$repo}{W}{$ENV{GL_USER}}, 'W' );
|
||||
$perm .= perm_code( $repos{$repo}{R}{'@all'} || $repos{'@all'}{R}{'@all'}, $repos{'@all'}{R}{$ENV{GL_USER}}, $repos{$repo}{R}{$ENV{GL_USER}}, 'R' );
|
||||
$perm .= perm_code( $repos{$repo}{W}{'@all'} || $repos{'@all'}{W}{'@all'}, $repos{'@all'}{W}{$ENV{GL_USER}}, $repos{$repo}{W}{$ENV{GL_USER}}, 'W' );
|
||||
|
||||
# set up for caching %repos
|
||||
$last_repo = $repo;
|
||||
|
@ -955,6 +957,7 @@ sub check_access
|
|||
push @allowed_refs, @ { $repos{$repo}{$ENV{GL_USER}} || [] };
|
||||
push @allowed_refs, @ { $repos{'@all'}{$ENV{GL_USER}} || [] };
|
||||
push @allowed_refs, @ { $repos{$repo}{'@all'} || [] };
|
||||
push @allowed_refs, @ { $repos{'@all'}{'@all'} || [] };
|
||||
|
||||
if ($dry_run) {
|
||||
return check_ref(\@allowed_refs, $repo, $ref, $aa, $dry_run);
|
||||
|
|
60
t/t10-all-yall
Normal file
60
t/t10-all-yall
Normal file
|
@ -0,0 +1,60 @@
|
|||
# vim: syn=sh:
|
||||
for bc in 0 1
|
||||
do
|
||||
for ais in 0 1
|
||||
do
|
||||
cd $TESTDIR
|
||||
$TESTDIR/rollback || die "rollback failed"
|
||||
editrc GL_WILDREPOS 1
|
||||
editrc GL_BIG_CONFIG $bc
|
||||
echo "\$GL_ALL_INCLUDES_SPECIAL = $ais;" | addrc
|
||||
|
||||
name "INTERNAL"
|
||||
echo "
|
||||
repo @all
|
||||
R = @all
|
||||
repo foo
|
||||
RW+ = u1
|
||||
repo bar
|
||||
RW+ = u2
|
||||
repo dev/..*
|
||||
C = u3 u4
|
||||
RW+ = CREATOR
|
||||
" | ugc
|
||||
name "setup"
|
||||
expect_push_ok "master -> master"
|
||||
|
||||
cd ~/td
|
||||
|
||||
runlocal git ls-remote u1:dev/wild1
|
||||
expect "fatal: '$TEST_BASE_FULL/dev/wild1.git' does not appear to be a git repository"
|
||||
expect "fatal: The remote end hung up unexpectedly"
|
||||
|
||||
runlocal git clone u3:dev/wild1
|
||||
expect "Cloning into wild1..."
|
||||
expect "Initialized empty Git repository in $TEST_BASE_FULL/dev/wild1.git/"
|
||||
expect "warning: You appear to have cloned an empty repository."
|
||||
|
||||
cd wild1
|
||||
mdc; mdc
|
||||
runlocal git push origin master:wild1
|
||||
expect "To u3:dev/wild1"
|
||||
expect "* \[new branch\] master -> wild1"
|
||||
runlocal git push u1:foo master:br-foo
|
||||
expect "To u1:foo"
|
||||
expect "* \[new branch\] master -> br-foo"
|
||||
runlocal git push u2:bar master:br-bar
|
||||
expect "To u2:bar"
|
||||
expect "* \[new branch\] master -> br-bar"
|
||||
|
||||
runlocal git ls-remote u6:foo
|
||||
expect refs/heads/br-foo
|
||||
|
||||
runlocal git ls-remote u6:bar
|
||||
expect refs/heads/br-bar
|
||||
|
||||
runlocal git ls-remote u6:dev/wild1
|
||||
expect refs/heads/wild1
|
||||
|
||||
done
|
||||
done
|
Loading…
Reference in a new issue