deac/gitolite
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

(minor) validate all role names, not just the first line!

Browse source 
If you use a role name that was not in GL_WILDREPOS_PERM_CATS, it will
get caught later when someone whom youhave given that role tries to
access the repo (look for another occurrence of the same error message
as this one).

So there's no access violation but it would be nice to be told upfront
that it won't work.
This commit is contained in:
Sitaram Chamarty 2012-01-26 06:12:15 +05:30
parent 7e81458f04
commit c59bf16942
3 changed files with 15 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/gitolite.pm
View file

@ -400,7 +400,7 @@ sub get_set_perms
# convert R and RW to the actual category names in the config file # convert R and RW to the actual category names in the config file
$perms =~ s/^\s*R /READERS /mg; $perms =~ s/^\s*R /READERS /mg;
$perms =~ s/^\s*RW /WRITERS /mg; $perms =~ s/^\s*RW /WRITERS /mg;
for my $g ($perms =~ /^\s*(\S+)/g) { for my $g ($perms =~ /^\s*(\S+)/gm) {
die "invalid permission category $g\n" unless $GL_WILDREPOS_PERM_CATS =~ /(^|\s)$g(\s|$)/; die "invalid permission category $g\n" unless $GL_WILDREPOS_PERM_CATS =~ /(^|\s)$g(\s|$)/;
} }
print "New perms are:\n"; print "New perms are:\n";

20
t/t63-perm-cats
View file

@ -1,5 +1,6 @@
# vim: syn=sh: # vim: ft=sh:
# test gl-perms categories # test gl-perms categories
tsh pwd || die '## tsh not installed?'
for bc in 0 1 for bc in 0 1
do do
@ -111,15 +112,20 @@ do
expect "W access for foo/u1/u1r1 DENIED to u2" expect "W access for foo/u1/u1r1 DENIED to u2"
name "add invalid category MANAGERS" name "add invalid category MANAGERS"
echo MANAGERS u2 | runlocal ssh u1 setperms foo/u1/u1r1 tsh "
expect "invalid permission category MANAGERS" ( echo READERS u6\; echo MANAGERS u2 ) | ssh u1 setperms foo/u1/u1r1;
!ok; /invalid permission category MANAGERS/
"
name "add u2 to now valid MANAGERS" name "add u2 to now valid MANAGERS"
echo "\$GL_WILDREPOS_PERM_CATS = 'READERS WRITERS MANAGERS';" | addrc echo "\$GL_WILDREPOS_PERM_CATS = 'READERS WRITERS MANAGERS';" | addrc
echo MANAGERS u2 | runlocal ssh u1 setperms foo/u1/u1r1 tsh "
notexpect "invalid permission category MANAGERS" ( echo READERS u6\; echo MANAGERS u2 ) | ssh u1 setperms foo/u1/u1r1;
expect "New perms are:" ok; !/invalid permission category MANAGERS/
expect "MANAGERS u2" /New perms are:/
/READERS u6/
/MANAGERS u2/
"
runlocal git fetch runlocal git fetch
runlocal git reset --hard origin/master runlocal git reset --hard origin/master

2
t/test-driver.sh
View file

@ -162,4 +162,4 @@ do
done done
# this keeps changing as we add tests # this keeps changing as we add tests
echo 1..3157 echo 1..3163