diff --git a/hooks/common/update b/hooks/common/update index 2065a04..0699540 100755 --- a/hooks/common/update +++ b/hooks/common/update @@ -58,6 +58,7 @@ my @allowed_refs; push @allowed_refs, @ { $repos{$ENV{GL_REPO}}{$ENV{GL_USER}} || [] }; push @allowed_refs, @ { $repos{'@all'} {$ENV{GL_USER}} || [] }; push @allowed_refs, @ { $repos{$ENV{GL_REPO}}{'@all'} || [] }; +push @allowed_refs, @ { $repos{'@all'} {'@all'} || [] }; # prepare the list of refs to be checked diff --git a/src/gitolite.pm b/src/gitolite.pm index 9bca279..10cfbef 100644 --- a/src/gitolite.pm +++ b/src/gitolite.pm @@ -605,11 +605,13 @@ sub report_basic } # @all repos; meaning of read/write flags: # @R => @all users are allowed access to this repo + # (Note: this now includes the rarely useful "@all users allowed + # access to @all repos" case) # #R => you're a super user and can see @all repos # R => normal access my $perm .= ( $repos{$r}{C}{'@all'} ? ' @C' : ( $repos{$r}{C}{$user} ? ' C' : ' ' ) ); - $perm .= perm_code( $repos{$r}{R}{'@all'}, $repos{'@all'}{R}{$user}, $repos{$r}{R}{$user}, 'R'); - $perm .= perm_code( $repos{$r}{W}{'@all'}, $repos{'@all'}{W}{$user}, $repos{$r}{W}{$user}, 'W'); + $perm .= perm_code( $repos{$r}{R}{'@all'} || $repos{'@all'}{R}{'@all'}, $repos{'@all'}{R}{$user}, $repos{$r}{R}{$user}, 'R'); + $perm .= perm_code( $repos{$r}{W}{'@all'} || $repos{'@all'}{W}{'@all'}, $repos{'@all'}{W}{$user}, $repos{$r}{W}{$user}, 'W'); print "$perm\t$r\r\n" if $perm =~ /\S/; } print "only $BIG_INFO_CAP out of $count candidate repos examined\r\nplease use a partial reponame or regex pattern to limit output\r\n" if $GL_BIG_CONFIG and $count > $BIG_INFO_CAP; @@ -810,8 +812,8 @@ sub add_repo_conf delete $repos{$repo} if $perm !~ /C/ and $wild; $creator = ""; } - $perm .= perm_code( $repos{$repo}{R}{'@all'}, $repos{'@all'}{R}{$ENV{GL_USER}}, $repos{$repo}{R}{$ENV{GL_USER}}, 'R' ); - $perm .= perm_code( $repos{$repo}{W}{'@all'}, $repos{'@all'}{W}{$ENV{GL_USER}}, $repos{$repo}{W}{$ENV{GL_USER}}, 'W' ); + $perm .= perm_code( $repos{$repo}{R}{'@all'} || $repos{'@all'}{R}{'@all'}, $repos{'@all'}{R}{$ENV{GL_USER}}, $repos{$repo}{R}{$ENV{GL_USER}}, 'R' ); + $perm .= perm_code( $repos{$repo}{W}{'@all'} || $repos{'@all'}{W}{'@all'}, $repos{'@all'}{W}{$ENV{GL_USER}}, $repos{$repo}{W}{$ENV{GL_USER}}, 'W' ); # set up for caching %repos $last_repo = $repo; @@ -955,6 +957,7 @@ sub check_access push @allowed_refs, @ { $repos{$repo}{$ENV{GL_USER}} || [] }; push @allowed_refs, @ { $repos{'@all'}{$ENV{GL_USER}} || [] }; push @allowed_refs, @ { $repos{$repo}{'@all'} || [] }; + push @allowed_refs, @ { $repos{'@all'}{'@all'} || [] }; if ($dry_run) { return check_ref(\@allowed_refs, $repo, $ref, $aa, $dry_run); diff --git a/t/t10-all-yall b/t/t10-all-yall new file mode 100644 index 0000000..74289b6 --- /dev/null +++ b/t/t10-all-yall @@ -0,0 +1,60 @@ +# vim: syn=sh: +for bc in 0 1 +do + for ais in 0 1 + do + cd $TESTDIR + $TESTDIR/rollback || die "rollback failed" + editrc GL_WILDREPOS 1 + editrc GL_BIG_CONFIG $bc + echo "\$GL_ALL_INCLUDES_SPECIAL = $ais;" | addrc + + name "INTERNAL" + echo " + repo @all + R = @all + repo foo + RW+ = u1 + repo bar + RW+ = u2 + repo dev/..* + C = u3 u4 + RW+ = CREATOR + " | ugc + name "setup" + expect_push_ok "master -> master" + + cd ~/td + + runlocal git ls-remote u1:dev/wild1 + expect "fatal: '$TEST_BASE_FULL/dev/wild1.git' does not appear to be a git repository" + expect "fatal: The remote end hung up unexpectedly" + + runlocal git clone u3:dev/wild1 + expect "Cloning into wild1..." + expect "Initialized empty Git repository in $TEST_BASE_FULL/dev/wild1.git/" + expect "warning: You appear to have cloned an empty repository." + + cd wild1 + mdc; mdc + runlocal git push origin master:wild1 + expect "To u3:dev/wild1" + expect "* \[new branch\] master -> wild1" + runlocal git push u1:foo master:br-foo + expect "To u1:foo" + expect "* \[new branch\] master -> br-foo" + runlocal git push u2:bar master:br-bar + expect "To u2:bar" + expect "* \[new branch\] master -> br-bar" + + runlocal git ls-remote u6:foo + expect refs/heads/br-foo + + runlocal git ls-remote u6:bar + expect refs/heads/br-bar + + runlocal git ls-remote u6:dev/wild1 + expect refs/heads/wild1 + + done +done