auth, doc/3: print useful information when no command given

doc/3-faq-tips-etc.mkd

@@ -16,7 +16,7 @@ In this document:
       * better logging
       * one user, many keys
       * support for git installed outside default PATH
-      * who am I?
+      * what repos do I have access to?
   * other cool things
       * "personal" branches
   * design choices
@@ -348,24 +348,35 @@ attempting to run git stuff.
 
 Very easy, very simple, and completely transparent to the users :-)
 
-#### who am I?
+<a name="myrights"></a>
 
-As a developer, I send a file called `id_rsa.pub` to the gitolite admin.  He
-would rename it to "sitaram.pub" and put it in the key directory.  Then he'd
-add "sitaram" to the config file for the repos which I have access to.
+#### what repos do I have access to?
 
-But he could have called me "foobar" instead of "sitaram" -- as long as he
-uses it consistently, it'll all work the same and look the same to me, because
-the public key is all that matters.
+Sometimes there are too many repos, maybe even named similarly, or with the
+potential for typos, confusion about hyphens/underscores or upper/lower case,
+etc.  You'd just like a simple way to know what repos you have access to.
 
-So do I have no reason to know what the admin named me?  Well -- maybe (see
-next section for one possible use).  Anyway how do I find out?
+Easy!  Just use ssh and try to log in as if you were attempting to get a
+shell:
 
-In gitolite, it's simple: just ask nicely :-)
-
-    $ ssh git@my.gitolite.server
+    $ ssh gitolite
     PTY allocation request failed on channel 0
-    no SSH_ORIGINAL_COMMAND?  I'm not a shell, sitaram!
+    hello sitaram, the gitolite version here is v0.6-17-g94ed189
+    you have the following permissions:
+      R  W  Anu-WSD
+      R     ROtest
+      R  W  SecureBrowse
+      R  W  entrans
+      R  W  git-notes
+      R  W  gitolite
+      R  W  gitolite-admin
+      R  W  indic_web_input
+      R  W  proxy
+      R  W  vkc
+
+Note that until this version, we used to put out an ugly `need
+SSH_ORIGINAL_COMMAND` error, just like gitosis used to.  All we did is put
+that code path to better use :-)
 
 ### other cool things
 

src/gl-auth-command

@@ -24,7 +24,7 @@ use warnings;
 # ----------------------------------------------------------------------------
 
 
-our ($GL_LOGT, $GL_CONF_COMPILED, $REPO_BASE, $GIT_PATH);
+our ($GL_LOGT, $GL_CONF_COMPILED, $REPO_BASE, $GIT_PATH, $GL_ADMINDIR);
 our %repos;
 
 # the common setup module is in the same directory as this running program is
@@ -60,11 +60,21 @@ my $user=$ENV{GL_USER}=shift;       # there; now that's available everywhere!
 #       sanity checks on SSH_ORIGINAL_COMMAND
 # ----------------------------------------------------------------------------
 
-# SSH_ORIGINAL_COMMAND must exist.  Since we also captured $user, we print
-# that in the message so people saying "ssh git@server" can see which gitolite
-# user he is being recognised as
-my $cmd = $ENV{SSH_ORIGINAL_COMMAND}
-    or die "no SSH_ORIGINAL_COMMAND?  I'm not a shell, $user!\n";
+# SSH_ORIGINAL_COMMAND must exist; if not, we die with a nice message
+unless ($ENV{SSH_ORIGINAL_COMMAND}) {
+    # send back some useful info if no command was given
+    print "hello $user, the gitolite version here is ";
+    system("cat", "$GL_ADMINDIR/src/VERSION");
+    print "\ryou have the following permissions:\n\r";
+    for my $r (sort keys %repos) {
+        my $perm .= "  R" if $repos{$r}{R}{$user};
+        $perm .= "  W" if $repos{$r}{W}{$user};
+        print "$perm\t$r\n\r" if $perm;
+    }
+    exit 1;
+}
+
+my $cmd = $ENV{SSH_ORIGINAL_COMMAND};
 
 # split into command and arguments; the pattern allows old style as well as
 # new style: "git-subcommand arg" or "git subcommand arg", just like gitosis