From 9a85f5d0d6dea071bf8322069325379338d12f92 Mon Sep 17 00:00:00 2001 From: Sitaram Chamarty Date: Wed, 25 Nov 2009 09:15:36 +0530 Subject: [PATCH] auth: print permissions for @all also I don't have a use for "@all" at all (pun not intended!) other than the "testing" repo, but sent in a patch to mark those repos with "R" and "W" in the permissions list, and I started thinking about it. This could actually be useful if we *differentiated* such access from normal (explicit username) access. From the "corporate environment" angle, it would be nice if a project manager could quickly check if any of his projects have erroneously been made accessible by @all. So what we do now is print "@" in the corresponding column if "@all" has the corresponding access. Also, when someone has access both as himself *and* via @all, we print the "@"; printing the "R" or "W" would hide the "@", and wouldn't correctly satisfy the use case described above. --- doc/3-faq-tips-etc.mkd | 1 + src/gl-auth-command | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/doc/3-faq-tips-etc.mkd b/doc/3-faq-tips-etc.mkd index 5dcd935..6147e95 100644 --- a/doc/3-faq-tips-etc.mkd +++ b/doc/3-faq-tips-etc.mkd @@ -389,6 +389,7 @@ shell: R W gitolite-admin R W indic_web_input R W proxy + @ @ testing R W vkc Note that until this version, we used to put out an ugly `need diff --git a/src/gl-auth-command b/src/gl-auth-command index 5da4878..31d1fa8 100755 --- a/src/gl-auth-command +++ b/src/gl-auth-command @@ -67,8 +67,8 @@ unless ($ENV{SSH_ORIGINAL_COMMAND}) { system("cat", "$GL_ADMINDIR/src/VERSION"); print "\ryou have the following permissions:\n\r"; for my $r (sort keys %repos) { - my $perm .= " R" if $repos{$r}{R}{$user}; - $perm .= " W" if $repos{$r}{W}{$user}; + my $perm .= ( $repos{$r}{R}{'@all'} ? ' @' : ( $repos{$r}{R}{$user} ? ' R' : '' ) ); + $perm .= ( $repos{$r}{W}{'@all'} ? ' @' : ( $repos{$r}{W}{$user} ? ' W' : '' ) ); print "$perm\t$r\n\r" if $perm; } exit 1;