fork command, and some core changes to make it work...
- access command allows checking ^C - ^C check will fail when the repo exists
This commit is contained in:
parent
cf3dd885fc
commit
c3ec518cef
|
@ -18,6 +18,7 @@ bug to me if they don't.
|
||||||
Here's a list of remote commands that are shipped:
|
Here's a list of remote commands that are shipped:
|
||||||
|
|
||||||
* 'desc' -- get/set the 'description' file for a repo
|
* 'desc' -- get/set the 'description' file for a repo
|
||||||
|
* 'fork' -- fork a repo
|
||||||
* 'info' -- already documented [here][info]
|
* 'info' -- already documented [here][info]
|
||||||
* 'mirror' -- documented [here][sync]
|
* 'mirror' -- documented [here][sync]
|
||||||
* 'perms' -- get/set the gl-perms file; see [perms][] for more
|
* 'perms' -- get/set the gl-perms file; see [perms][] for more
|
||||||
|
|
|
@ -42,7 +42,7 @@ if ( $ARGV[0] eq '-q' ) { $quiet = 1; shift @ARGV; }
|
||||||
my ( $repo, $user, $aa, $ref ) = @ARGV;
|
my ( $repo, $user, $aa, $ref ) = @ARGV;
|
||||||
$aa ||= '+';
|
$aa ||= '+';
|
||||||
$ref ||= 'any';
|
$ref ||= 'any';
|
||||||
_die "invalid perm" if not( $aa and $aa =~ /^(R|W|\+|C|D|M)$/ );
|
_die "invalid perm" if not( $aa and $aa =~ /^(R|W|\+|C|D|M|\^C)$/ );
|
||||||
_die "invalid ref name" if not( $ref and $ref =~ $REPONAME_PATT );
|
_die "invalid ref name" if not( $ref and $ref =~ $REPONAME_PATT );
|
||||||
|
|
||||||
my $ret = '';
|
my $ret = '';
|
||||||
|
|
62
src/commands/fork
Executable file
62
src/commands/fork
Executable file
|
@ -0,0 +1,62 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# Usage: ssh git@host fork <repo1> <repo2>
|
||||||
|
#
|
||||||
|
# Forks repo1 to repo2. You must have read permissions on repo1, and create
|
||||||
|
# ("C") permissions for repo2, which of course must not exist.
|
||||||
|
#
|
||||||
|
# A fork is functionally the same as cloning repo1 to a client and pushing it
|
||||||
|
# to a new repo2. It's just a little more efficient, not just in network
|
||||||
|
# traffic but because it uses git clone's "-l" option to share the object
|
||||||
|
# store also, so it is likely to be almost instantaneous, regardless of how
|
||||||
|
# big the repo actually is.
|
||||||
|
#
|
||||||
|
# The only caveat is that the repo you cloned *from* must not later become
|
||||||
|
# unavailable in any way. If you cannot be sure of this, take the scenic
|
||||||
|
# route (clone repo1, push to repo2).
|
||||||
|
|
||||||
|
die() { echo "$@" >&2; exit 1; }
|
||||||
|
usage() { perl -lne 'print substr($_, 2) if /^# Usage/../^$/' < $0; exit 1; }
|
||||||
|
[ -z "$1" ] && usage
|
||||||
|
[ "$1" = "-h" ] && usage
|
||||||
|
[ -z "$GL_USER" ] && die GL_USER not set
|
||||||
|
|
||||||
|
# ----------------------------------------------------------------------
|
||||||
|
from=$1; shift
|
||||||
|
to=$1; shift
|
||||||
|
[ -z "$to" ] && usage
|
||||||
|
|
||||||
|
gitolite access -q "$from" $GL_USER R any || die "'$from' does not exist or you are not allowed to read it"
|
||||||
|
gitolite access -q "$to" $GL_USER ^C any || die "'$to' already exists or you are not allowed to create it"
|
||||||
|
|
||||||
|
# ----------------------------------------------------------------------
|
||||||
|
# IMPORTANT NOTE: checking whether someone can create a repo is done as above.
|
||||||
|
# However, make sure that the env var GL_USER is set, and that too to the same
|
||||||
|
# value as arg-2 of the access command), otherwise it won't work.
|
||||||
|
|
||||||
|
# Ideally, you'll leave such code to me. There's a reason ^C is not listed in
|
||||||
|
# the help message for 'gitolite access'.
|
||||||
|
# ----------------------------------------------------------------------
|
||||||
|
|
||||||
|
# clone $from to $to
|
||||||
|
git clone --bare -l $GL_REPO_BASE/$from.git $GL_REPO_BASE/$to.git
|
||||||
|
[ $? -ne 0 ] && exit 1
|
||||||
|
|
||||||
|
echo "$from forked to $to" >&2
|
||||||
|
|
||||||
|
# fix up creator, default role permissions (gl-perms), and hooks
|
||||||
|
cd $GL_REPO_BASE/$to.git
|
||||||
|
echo $GL_USER > gl-creator
|
||||||
|
|
||||||
|
if gitolite query-rc -q DEFAULT_ROLE_PERMS
|
||||||
|
then
|
||||||
|
gitolite query-rc DEFAULT_ROLE_PERMS > gl-perms
|
||||||
|
fi
|
||||||
|
|
||||||
|
ln -sf `gitolite query-rc GL_ADMIN_BASE`/hooks/common/* hooks
|
||||||
|
|
||||||
|
# record where you came from
|
||||||
|
echo "$from" > gl-forked-from
|
||||||
|
|
||||||
|
# trigger post_create
|
||||||
|
gitolite trigger POST_CREATE
|
|
@ -80,6 +80,11 @@ sub access {
|
||||||
$iret =~ s/\^C/$aa/;
|
$iret =~ s/\^C/$aa/;
|
||||||
return $iret if $iret =~ /DENIED/;
|
return $iret if $iret =~ /DENIED/;
|
||||||
}
|
}
|
||||||
|
# similarly, ^C must be denied if the repo exists
|
||||||
|
if ( $aa eq '^C' and not repo_missing($repo) ) {
|
||||||
|
trace( 2, "DENIED by existence" );
|
||||||
|
return "$aa $ref $repo $user DENIED by existence";
|
||||||
|
}
|
||||||
|
|
||||||
my @rules = rules( $repo, $user );
|
my @rules = rules( $repo, $user );
|
||||||
trace( 2, scalar(@rules) . " rules found" );
|
trace( 2, scalar(@rules) . " rules found" );
|
||||||
|
@ -367,7 +372,8 @@ sub generic_name {
|
||||||
# get the creator name. For not-yet-born repos this is $ENV{GL_USER},
|
# get the creator name. For not-yet-born repos this is $ENV{GL_USER},
|
||||||
# which should be set in all cases that we care about, viz., where we are
|
# which should be set in all cases that we care about, viz., where we are
|
||||||
# checking ^C permissions before new_wild_repo(), and the info command.
|
# checking ^C permissions before new_wild_repo(), and the info command.
|
||||||
# In particular, 'gitolite access' can't be used to check ^C perms.
|
# In particular, 'gitolite access' can't be used to check ^C perms on wild
|
||||||
|
# repos that contain "CREATOR" if GL_USER is not set.
|
||||||
$creator = creator($base);
|
$creator = creator($base);
|
||||||
|
|
||||||
$base2 = $base;
|
$base2 = $base;
|
||||||
|
|
|
@ -288,6 +288,7 @@ __DATA__
|
||||||
{
|
{
|
||||||
'help' => 1,
|
'help' => 1,
|
||||||
'desc' => 1,
|
'desc' => 1,
|
||||||
|
# 'fork' => 1,
|
||||||
'info' => 1,
|
'info' => 1,
|
||||||
# 'mirror' => 1,
|
# 'mirror' => 1,
|
||||||
'perms' => 1,
|
'perms' => 1,
|
||||||
|
|
71
t/fork.t
Executable file
71
t/fork.t
Executable file
|
@ -0,0 +1,71 @@
|
||||||
|
#!/usr/bin/perl
|
||||||
|
use strict;
|
||||||
|
use warnings;
|
||||||
|
|
||||||
|
# this is hardcoded; change it if needed
|
||||||
|
use lib "src/lib";
|
||||||
|
use Gitolite::Test;
|
||||||
|
|
||||||
|
# fork command
|
||||||
|
# ----------------------------------------------------------------------
|
||||||
|
|
||||||
|
try "plan 30";
|
||||||
|
|
||||||
|
my $rb = `gitolite query-rc -n GL_REPO_BASE`;
|
||||||
|
|
||||||
|
confreset;confadd '
|
||||||
|
|
||||||
|
repo foo/CREATOR/..*
|
||||||
|
C = u1 u2
|
||||||
|
RW+ = CREATOR
|
||||||
|
';
|
||||||
|
|
||||||
|
try "ADMIN_PUSH set1; !/FATAL/" or die text();
|
||||||
|
|
||||||
|
try "
|
||||||
|
cd ..
|
||||||
|
|
||||||
|
# make the initial repo
|
||||||
|
glt ls-remote u1 file:///foo/u1/u1a;ok; gsh
|
||||||
|
/Initialized empty Git repository in .*/foo/u1/u1a.git/
|
||||||
|
# vrc doesn't have the fork command
|
||||||
|
glt fork u1 foo/u1/u1a foo/u1/u1a2; !ok; /FATAL: unknown git/gitolite command: fork/
|
||||||
|
";
|
||||||
|
|
||||||
|
# allow fork as a valid command
|
||||||
|
$ENV{G3T_RC} = "$ENV{HOME}/g3trc";
|
||||||
|
put "$ENV{G3T_RC}", "\$rc{COMMANDS}{fork} = 1;\n\$rc{DEFAULT_ROLE_PERMS} = 'READERS \@all';\n";
|
||||||
|
|
||||||
|
try "
|
||||||
|
# now the fork succeeds
|
||||||
|
glt fork u1 foo/u1/u1a foo/u1/u1a2; ok; /Cloning into bare repository '.*/foo/u1/u1a2.git'/
|
||||||
|
/foo/u1/u1a forked to foo/u1/u1a2/
|
||||||
|
|
||||||
|
# now the actual testing starts
|
||||||
|
# read error
|
||||||
|
glt fork u1 foo/u1/u1c foo/u1/u1d; !ok; /'foo/u1/u1c' does not exist or you are not allowed to read it/
|
||||||
|
glt fork u2 foo/u1/u1a foo/u1/u1d; !ok; /'foo/u1/u1a' does not exist or you are not allowed to read it/
|
||||||
|
|
||||||
|
# write error
|
||||||
|
glt fork u1 foo/u1/u1a foo/u2/u1d; !ok; /'foo/u2/u1d' already exists or you are not allowed to create it/
|
||||||
|
|
||||||
|
# no error
|
||||||
|
glt fork u1 foo/u1/u1a foo/u1/u1e; ok; /Cloning into bare repository '.*/foo/u1/u1e.git'/
|
||||||
|
/warning: You appear to have cloned an empty repository/
|
||||||
|
/foo/u1/u1a forked to foo/u1/u1e/
|
||||||
|
# both exist
|
||||||
|
glt fork u1 foo/u1/u1a foo/u1/u1e; !ok; /'foo/u1/u1e' already exists or you are not allowed to create it/
|
||||||
|
";
|
||||||
|
|
||||||
|
# now check the various files that should have been produced
|
||||||
|
|
||||||
|
try "cd $rb; find . -name gl-perms | sort | xargs md5sum"; cmp
|
||||||
|
'59b3a74b4d33c7631f08e75e7b60c7ce ./foo/u1/u1a2.git/gl-perms
|
||||||
|
59b3a74b4d33c7631f08e75e7b60c7ce ./foo/u1/u1e.git/gl-perms
|
||||||
|
';
|
||||||
|
|
||||||
|
try "cd $rb; find . -name gl-creator | sort | xargs md5sum"; cmp
|
||||||
|
'346955ff2eadbf76e19373f07dd370a9 ./foo/u1/u1a2.git/gl-creator
|
||||||
|
e4774cdda0793f86414e8b9140bb6db4 ./foo/u1/u1a.git/gl-creator
|
||||||
|
346955ff2eadbf76e19373f07dd370a9 ./foo/u1/u1e.git/gl-creator
|
||||||
|
';
|
Loading…
Reference in a new issue