From a45d2d99128fcddf9f153312dfd1a7abc6f4044b Mon Sep 17 00:00:00 2001
From: Sitaram Chamarty <sitaram@atc.tcs.com>
Date: Sat, 27 Mar 2010 22:31:10 +0530
Subject: [PATCH] auth: do not implicitly assign RW access for creaters

a configuration like this:

    repo CREATER/.*
        C       =   CREATER
        RW+     =   WRITERS

was buggy; CREATER was implicitly part of WRITERS so he got RW
permissions implicitly, so the push went through
---
 src/gl-auth-command | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/gl-auth-command b/src/gl-auth-command
index df04167..0d618e9 100755
--- a/src/gl-auth-command
+++ b/src/gl-auth-command
@@ -173,7 +173,7 @@ if ( -d "$repo_base_abs/$repo.git" ) {
     my ($creater, $user_R, $user_W) = &repo_rights($repo_base_abs, $repo, $user);
     &parse_acl($GL_CONF_COMPILED, $repo, $creater, $user_R, $user_W);
 } else {
-    &parse_acl($GL_CONF_COMPILED, $repo, $user, $user, $user);
+    &parse_acl($GL_CONF_COMPILED, $repo, $user, "NOBODY", "NOBODY");
 
     # auto-vivify new repo if you have C access (and wildrepos is on)
     if ( $GL_WILDREPOS and $repos{$repo}{C}{$user} || $repos{$repo}{C}{'@all'} ) {