access() with a missing repo
when a real repo (i.e., not a groupname or such) doesn't exist, checking
any permission other than ^C will give invalid results unless ^C is ok
for the user in question.
Take a look at this:
repo foo/CREATOR/a[0-9][0-9]
C = u2 u3
RW+ = CREATOR
R = READERS u1
u1 looking for R access on foo/u1/a11 will otherwise result in
success.
This commit is contained in:
Sitaram Chamarty
parent
c79f9d2381
commit
8dcc051e64
|
|
@ -65,6 +65,14 @@ sub access {
|
||||||
my ( $repo, $user, $aa, $ref ) = @_;
|
my ( $repo, $user, $aa, $ref ) = @_;
|
||||||
load($repo);
|
load($repo);
|
||||||
|
|
||||||
|
# when a real repo doesn't exist, ^C is a pre-requisite for any other
|
||||||
|
# check to give valid results.
|
||||||
|
if ( $aa ne '^C' and $repo !~ /^\@/ and $repo =~ $REPONAME_PATT and repo_missing($repo) ) {
|
||||||
|
my $iret = access( $repo, $user, '^C', $ref );
|
||||||
|
$iret =~ s/\^C/$aa/;
|
||||||
|
return $iret if $iret =~ /DENIED/;
|
||||||
|
}
|
||||||
|
|
||||||
my @rules = rules( $repo, $user );
|
my @rules = rules( $repo, $user );
|
||||||
trace( 2, scalar(@rules) . " rules found" );
|
trace( 2, scalar(@rules) . " rules found" );
|
||||||
for my $r (@rules) {
|
for my $r (@rules) {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue