bug fix: perms propagation to slaves...

Sometime after v3.2, I fixed what looked like an information disclosure
issue, where a user could determine if an arbitrary repo existed or not,
even if he had no rights to see the repo.  This was:

    96cc2ea "new features relating to creating wild repos:"

Unfortunately, this appears to have broken gl-perms propagation to
slaves, because now running "perm -c" on an existing repo dies!

If you run

    git diff 96cc2ea^ <this commit> -- src/commands/perms

you'll see how simple the fix *should* have been :-(
This commit is contained in:
Sitaram Chamarty 2012-12-29 11:38:13 +05:30
parent b303694882
commit 84424e48b9
2 changed files with 13 additions and 13 deletions

View file

@ -43,23 +43,23 @@ if ( $ARGV[0] eq '-l' ) {
getperms(@ARGV); # doesn't return
}
my $generic_error = "repo does not exist, or you are not authorised";
# auto-create the repo if -c passed and repo doesn't exist
if ( $ARGV[0] eq '-c' ) {
shift;
my $repo = $ARGV[0] or usage();
_die "invalid repo '$repo'" unless $repo =~ $REPONAME_PATT;
my $d = "$rc{GL_REPO_BASE}/$repo.git";
my $errmsg = "repo already exists or you are not authorised to create it";
# use the same message in both places to prevent leaking repo existence info
_die $errmsg if -d $d;
if (not -d "$rc{GL_REPO_BASE}/$repo.git") {
my $ret = access( $repo, $ENV{GL_USER}, '^C', 'any' );
_die $errmsg if $ret =~ /DENIED/;
_die $generic_error if $ret =~ /DENIED/;
require Gitolite::Conf::Store;
Gitolite::Conf::Store->import;
new_wild_repo( $repo, $ENV{GL_USER}, 'perms-c' );
gl_log( 'create', $repo, $ENV{GL_USER}, 'perms-c' );
}
}
my $repo = shift;
@ -70,7 +70,7 @@ _system( "gitolite", "trigger", "POST_CREATE", $repo, $ENV{GL_USER}, 'perms' );
sub getperms {
my $repo = shift;
_die "sorry you are not authorised" if repo_missing($repo) or creator($repo) ne $ENV{GL_USER};
_die $generic_error if repo_missing($repo) or creator($repo) ne $ENV{GL_USER};
my $pf = "$rc{GL_REPO_BASE}/$repo.git/gl-perms";
print slurp($pf) if -f $pf;
@ -79,7 +79,7 @@ sub getperms {
}
sub setperms {
_die "sorry you are not authorised" if repo_missing($repo) or creator($repo) ne $ENV{GL_USER};
_die $generic_error if repo_missing($repo) or creator($repo) ne $ENV{GL_USER};
my $pf = "$rc{GL_REPO_BASE}/$repo.git/gl-perms";
if ( not @_ ) {

View file

@ -100,7 +100,7 @@ try "
# auto-create using perms fail
echo READERS u5 | glt perms u4 -c foo/u4/baz
!/Initialized empty Git repository in .*/foo/u4/baz.git/
/FATAL: repo already exists or you are not authorised to create it/
/FATAL: repo does not exist, or you are not authorised/
# auto-create using perms
echo READERS u2 | glt perms u1 -c foo/u1/baz