the rarely-useful "@all users can access @all repos" thing...

2011-10-07 09:17:38 +05:30 · 2011-10-07 09:17:38 +05:30 · 77f0b2da0e
parent 696bffe605
commit 77f0b2da0e
3 changed files with 68 additions and 4 deletions
--- a/hooks/common/update
+++ b/hooks/common/update
@ -58,6 +58,7 @@ my @allowed_refs;
 push @allowed_refs, @ { $repos{$ENV{GL_REPO}}{$ENV{GL_USER}} || [] };
 push @allowed_refs, @ { $repos{'@all'}       {$ENV{GL_USER}} || [] };
 push @allowed_refs, @ { $repos{$ENV{GL_REPO}}{'@all'} || [] };
+push @allowed_refs, @ { $repos{'@all'}       {'@all'} || [] };

 # prepare the list of refs to be checked

--- a/src/gitolite.pm
+++ b/src/gitolite.pm
@ -605,11 +605,13 @@ sub report_basic
        }
        # @all repos; meaning of read/write flags:
        # @R => @all users are allowed access to this repo
+        #   (Note: this now includes the rarely useful "@all users allowed
+        #   access to @all repos" case)
        # #R => you're a super user and can see @all repos
        #  R => normal access
        my $perm .= ( $repos{$r}{C}{'@all'} ? ' @C' :                                      ( $repos{$r}{C}{$user} ? '  C' : '   ' ) );
-        $perm .= perm_code( $repos{$r}{R}{'@all'}, $repos{'@all'}{R}{$user}, $repos{$r}{R}{$user}, 'R');
-        $perm .= perm_code( $repos{$r}{W}{'@all'}, $repos{'@all'}{W}{$user}, $repos{$r}{W}{$user}, 'W');
+        $perm .= perm_code( $repos{$r}{R}{'@all'} || $repos{'@all'}{R}{'@all'}, $repos{'@all'}{R}{$user}, $repos{$r}{R}{$user}, 'R');
+        $perm .= perm_code( $repos{$r}{W}{'@all'} || $repos{'@all'}{W}{'@all'}, $repos{'@all'}{W}{$user}, $repos{$r}{W}{$user}, 'W');
        print "$perm\t$r\r\n" if $perm =~ /\S/;
    }
    print "only $BIG_INFO_CAP out of $count candidate repos examined\r\nplease use a partial reponame or regex pattern to limit output\r\n" if $GL_BIG_CONFIG and $count > $BIG_INFO_CAP;
@ -810,8 +812,8 @@ sub add_repo_conf
            delete $repos{$repo} if $perm !~ /C/ and $wild;
            $creator = "<notfound>";
        }
-        $perm .= perm_code( $repos{$repo}{R}{'@all'}, $repos{'@all'}{R}{$ENV{GL_USER}}, $repos{$repo}{R}{$ENV{GL_USER}}, 'R' );
-        $perm .= perm_code( $repos{$repo}{W}{'@all'}, $repos{'@all'}{W}{$ENV{GL_USER}}, $repos{$repo}{W}{$ENV{GL_USER}}, 'W' );
+        $perm .= perm_code( $repos{$repo}{R}{'@all'} || $repos{'@all'}{R}{'@all'}, $repos{'@all'}{R}{$ENV{GL_USER}}, $repos{$repo}{R}{$ENV{GL_USER}}, 'R' );
+        $perm .= perm_code( $repos{$repo}{W}{'@all'} || $repos{'@all'}{W}{'@all'}, $repos{'@all'}{W}{$ENV{GL_USER}}, $repos{$repo}{W}{$ENV{GL_USER}}, 'W' );

        # set up for caching %repos
        $last_repo = $repo;
@ -955,6 +957,7 @@ sub check_access
    push @allowed_refs, @ { $repos{$repo}{$ENV{GL_USER}} || [] };
    push @allowed_refs, @ { $repos{'@all'}{$ENV{GL_USER}} || [] };
    push @allowed_refs, @ { $repos{$repo}{'@all'} || [] };
+    push @allowed_refs, @ { $repos{'@all'}{'@all'} || [] };

    if ($dry_run) {
        return check_ref(\@allowed_refs, $repo, $ref, $aa, $dry_run);
--- a/t/t10-all-yall
+++ b/t/t10-all-yall
@ -0,0 +1,60 @@
+# vim: syn=sh:
+for bc in 0 1
+do
+    for ais in 0 1
+    do
+        cd $TESTDIR
+        $TESTDIR/rollback || die "rollback failed"
+        editrc GL_WILDREPOS 1
+        editrc GL_BIG_CONFIG $bc
+        echo "\$GL_ALL_INCLUDES_SPECIAL = $ais;" | addrc
+
+        name "INTERNAL"
+        echo "
+            repo @all
+                R   =   @all
+            repo foo
+                RW+ =   u1
+            repo bar
+                RW+ =   u2
+            repo dev/..*
+                C   =   u3 u4
+                RW+ =   CREATOR
+        " | ugc
+        name "setup"
+        expect_push_ok "master -> master"
+
+        cd ~/td
+
+        runlocal git ls-remote u1:dev/wild1
+        expect "fatal: '$TEST_BASE_FULL/dev/wild1.git' does not appear to be a git repository"
+        expect "fatal: The remote end hung up unexpectedly"
+
+        runlocal git clone u3:dev/wild1
+        expect "Cloning into wild1..."
+        expect "Initialized empty Git repository in $TEST_BASE_FULL/dev/wild1.git/"
+        expect "warning: You appear to have cloned an empty repository."
+
+        cd wild1
+        mdc; mdc
+        runlocal git push origin master:wild1
+        expect "To u3:dev/wild1"
+        expect "* \[new branch\]      master -> wild1"
+        runlocal git push u1:foo master:br-foo
+        expect "To u1:foo"
+        expect "* \[new branch\]      master -> br-foo"
+        runlocal git push u2:bar master:br-bar
+        expect "To u2:bar"
+        expect "* \[new branch\]      master -> br-bar"
+
+        runlocal git ls-remote u6:foo
+        expect refs/heads/br-foo
+
+        runlocal git ls-remote u6:bar
+        expect refs/heads/br-bar
+
+        runlocal git ls-remote u6:dev/wild1
+        expect refs/heads/wild1
+
+    done
+done