From 84424e48b9a89fc9a3784dc4cd640c7420618318 Mon Sep 17 00:00:00 2001
From: Sitaram Chamarty <sitaram@atc.tcs.com>
Date: Sat, 29 Dec 2012 11:38:13 +0530
Subject: [PATCH] bug fix: perms propagation to slaves...

Sometime after v3.2, I fixed what looked like an information disclosure
issue, where a user could determine if an arbitrary repo existed or not,
even if he had no rights to see the repo.  This was:

    96cc2ea "new features relating to creating wild repos:"

Unfortunately, this appears to have broken gl-perms propagation to
slaves, because now running "perm -c" on an existing repo dies!

If you run

    git diff 96cc2ea^ <this commit> -- src/commands/perms

you'll see how simple the fix *should* have been :-(
---
 src/commands/perms | 24 ++++++++++++------------
 t/sequence.t       |  2 +-
 2 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/src/commands/perms b/src/commands/perms
index 6b61596..ffb4bd9 100755
--- a/src/commands/perms
+++ b/src/commands/perms
@@ -43,23 +43,23 @@ if ( $ARGV[0] eq '-l' ) {
     getperms(@ARGV);    # doesn't return
 }
 
+my $generic_error = "repo does not exist, or you are not authorised";
+
 # auto-create the repo if -c passed and repo doesn't exist
 if ( $ARGV[0] eq '-c' ) {
     shift;
     my $repo = $ARGV[0] or usage();
     _die "invalid repo '$repo'" unless $repo =~ $REPONAME_PATT;
 
-    my $d = "$rc{GL_REPO_BASE}/$repo.git";
-    my $errmsg = "repo already exists or you are not authorised to create it";
-    # use the same message in both places to prevent leaking repo existence info
-    _die $errmsg if -d $d;
-    my $ret = access( $repo, $ENV{GL_USER}, '^C', 'any' );
-    _die $errmsg if $ret =~ /DENIED/;
+    if (not -d "$rc{GL_REPO_BASE}/$repo.git") {
+        my $ret = access( $repo, $ENV{GL_USER}, '^C', 'any' );
+        _die $generic_error if $ret =~ /DENIED/;
 
-    require Gitolite::Conf::Store;
-    Gitolite::Conf::Store->import;
-    new_wild_repo( $repo, $ENV{GL_USER}, 'perms-c' );
-    gl_log( 'create', $repo, $ENV{GL_USER}, 'perms-c' );
+        require Gitolite::Conf::Store;
+        Gitolite::Conf::Store->import;
+        new_wild_repo( $repo, $ENV{GL_USER}, 'perms-c' );
+        gl_log( 'create', $repo, $ENV{GL_USER}, 'perms-c' );
+    }
 }
 
 my $repo = shift;
@@ -70,7 +70,7 @@ _system( "gitolite", "trigger", "POST_CREATE", $repo, $ENV{GL_USER}, 'perms' );
 
 sub getperms {
     my $repo = shift;
-    _die "sorry you are not authorised" if repo_missing($repo) or creator($repo) ne $ENV{GL_USER};
+    _die $generic_error if repo_missing($repo) or creator($repo) ne $ENV{GL_USER};
     my $pf = "$rc{GL_REPO_BASE}/$repo.git/gl-perms";
 
     print slurp($pf) if -f $pf;
@@ -79,7 +79,7 @@ sub getperms {
 }
 
 sub setperms {
-    _die "sorry you are not authorised" if repo_missing($repo) or creator($repo) ne $ENV{GL_USER};
+    _die $generic_error if repo_missing($repo) or creator($repo) ne $ENV{GL_USER};
     my $pf = "$rc{GL_REPO_BASE}/$repo.git/gl-perms";
 
     if ( not @_ ) {
diff --git a/t/sequence.t b/t/sequence.t
index a42b6b6..87f3731 100755
--- a/t/sequence.t
+++ b/t/sequence.t
@@ -100,7 +100,7 @@ try "
     # auto-create using perms fail
     echo READERS u5 | glt perms u4 -c foo/u4/baz
         !/Initialized empty Git repository in .*/foo/u4/baz.git/
-        /FATAL: repo already exists or you are not authorised to create it/
+        /FATAL: repo does not exist, or you are not authorised/
 
     # auto-create using perms
     echo READERS u2 | glt perms u1 -c foo/u1/baz