Commit graph

85 commits

Author SHA1 Message Date
Sitaram Chamarty 84424e48b9 bug fix: perms propagation to slaves...
Sometime after v3.2, I fixed what looked like an information disclosure
issue, where a user could determine if an arbitrary repo existed or not,
even if he had no rights to see the repo.  This was:

    96cc2ea "new features relating to creating wild repos:"

Unfortunately, this appears to have broken gl-perms propagation to
slaves, because now running "perm -c" on an existing repo dies!

If you run

    git diff 96cc2ea^ <this commit> -- src/commands/perms

you'll see how simple the fix *should* have been :-(
2012-12-29 13:40:13 +05:30
Sitaram Chamarty 96cc2eaf41 new features relating to creating wild repos:
- new 'create' command for explicit creation
  - new 'AutoCreate' trigger to prevent auto-creation on read operations
    or both read and write operations
  - a few related fixups to the perms command
2012-11-22 20:50:20 +05:30
Sitaram Chamarty d3d93961a0 Uggh; horrible inner loop screwing up all performance :-(
This might actually make the redis version unnecessary for most people!
And if it does, well shame on me for not instrumenting things at a more
granular level before going all "oh we need a cache!"

[In my defense, I blame redis for being such a sweet little tool that I
felt compelled to use it somehow!]

----

t/sequence failed because the test itself was in error; fixed.
2012-11-14 15:43:57 +05:30
Sitaram Chamarty be61cd2d66 make sure gl-perms exists, even if it is empty...
I expect this to help if we optimise the rule generation by caching.
2012-11-06 09:15:55 +05:30
Sitaram Chamarty a802071a5e (test suite) stop using 'ls' to test for presence/absence of files/directories
another of those "duh!  what was I thinking" moments, this specific one
being "why test that files/directories are created with the right user
and group IDs?  Shouldn't that be out of your control, as well as
totally unnecessary on a sane system?"
2012-10-27 13:20:55 +05:30
Sitaram Chamarty f636ce3ba3 (security) fix bug in pattern to detect path traversal
while we're about it, add the same check to some of the internal
routines, so that commands can also be protected.

finally, just to make sure we don't lose it again in some other fashion,
add a few tests for path traversal...
2012-10-05 12:28:20 +05:30
Olof Johansson ba67f6f9ca Bailout tests unless envvar $GITOLITE_TEST is 'y'
[committer made some changes to t/README]
2012-08-10 11:31:48 +05:30
Sitaram Chamarty cd37fe7c36 (test suite) changes in test suite due to upgrading to F17
- git version bumps up, causes minor change in t/merge-check.t
  - for some strange reason apache cannot see /tmp/gitolite-http-authuserfile
    (I thought private /tmp was only if you enabled selinux...)
2012-06-08 17:08:15 +05:30
Sitaram Chamarty 42e0bac48c 'perms' command learns to create repo if needed 2012-06-01 16:01:36 +05:30
Sitaram Chamarty d04e79d291 (minor) single quotes around variables in error messages
(plus a couple of other minor fixups)
2012-05-21 17:44:30 +05:30
Sitaram Chamarty 699bafa096 (minor fixup to t/info.t) 2012-05-06 19:06:11 +05:30
Sitaram Chamarty 196706c145 bugfix: smart http mode wasn't running pre_ and post_ git triggers
(while we're about it, we also steal Michael Brown's idea (patch #2 in
[1] and get rid of GIT_HTTP_BACKEND).

[1]: http://groups.google.com/group/gitolite/msg/adfae758dd28f2a8
2012-05-05 18:07:15 +05:30
Sitaram Chamarty 48ed4deb8f BSD compat changes
thanks to milki for all the efforts!

Details:

  - partial-copy fell afoul of BSD not having $RANDOM
  - test suite: fix bad GNU sort with good perl sort
  - test suite: fix md5sum dependency (which BSD doesn't have or can't
    easily have or requires extra options or whatever...), by doing it
    in perl.  (Requires Digest::MD5, which is probably available
    anyway, but since this is only for the test suite, meh!)
2012-04-28 22:58:09 +05:30
Sitaram Chamarty d74f596e23 make can_write() in Easy.pm more flexible 2012-04-23 17:27:00 +05:30
Sitaram Chamarty c3ec518cef fork command, and some core changes to make it work...
- access command allows checking ^C
  - ^C check will fail when the repo exists
2012-04-22 16:56:21 +05:30
Sitaram Chamarty 1dc68b540d (access.t) added a specific rule accum test 2012-04-18 06:26:53 +05:30
Sitaram Chamarty 2629d7f00a (minor) add remote tests for the 'writable' command 2012-04-18 06:23:21 +05:30
Sitaram Chamarty b5024027ca yaaay! http is finally done! 2012-04-15 21:14:56 +05:30
Sitaram Chamarty d3610191d3 supporting DOS and fake Unix...
I was very, very, tempted to say "sorry; not supported".  Sadly,
prudence won over juvenile glee...

PS: DOS == dominant operating system
2012-04-06 21:13:56 +05:30
Sitaram Chamarty e1c7e546aa cpu-time command -> CpuTime trigger module...
...now that triggers are not restricted to external programs and can be
perl code called by gitolite-shell (thus in the same PID), there's no
need to compute and pass along the times() array.

This also changes the arguments to POST_GIT; they're now the same as
PRE_GIT's.
2012-04-06 17:26:27 +05:30
Sitaram Chamarty 7c6728af89 (some minor changes)
- whitespace change to t/reset
  - remove dbg line accidentally left in in Load.pm
  - add a bit more explanation to 'writable'
2012-04-05 21:31:59 +05:30
gitolite tester 25bb1c00db mirroring without sausages
(or at least without showing the making of said sausages)
2012-04-02 13:18:30 +05:30
Sitaram Chamarty 2c1f46c055 %HOSTNAME and new subconf enhancement 2012-03-30 23:08:53 +05:30
Sitaram Chamarty 906ed4cbe2 logging, tracing, and perltidy, ...
...plus renamed a couple of log events for consistency
2012-03-30 23:07:46 +05:30
Sitaram Chamarty dfb9844dfb info command simplified
(thanks to Eli for the back-and-forth that led to this)
2012-03-30 22:57:06 +05:30
Sitaram Chamarty 5db29062f5 try: info command header enhanced 2012-03-28 15:31:31 +05:30
Sitaram Chamarty 2bec551009 'writes' -> 'writable', order of arguments changed 2012-03-27 19:42:30 +05:30
Sitaram Chamarty 61f6967f67 partial-copy fixed...
...there was one real bug, plus I had forgotten to put a comented out
line in the rc file, but most of the rest of the effort was moving the
test script over.

oh and I'd also forgotten to move this from 'commands' to 'triggers' :-)
2012-03-26 21:27:49 +05:30
Sitaram Chamarty 07cf7fedfe move triggers into their own subdir...
...otherwise 'gitolite help' was getting too confusing, mixing up stuff
that users should not be running directly (even on the server)

----

implementation notes:

those who are worried about the '../triggers/' in various parts of the
code here, remember you can only do that from a command line on the
server.  Remote users can only use commands that have been explicitly
listed in the COMMANDS hash in the rc file.  This means they can't even
access other commands in the same directory as, say, the 'info' command,
so a '../' is definitely not going to work.
2012-03-26 11:02:57 +05:30
Sitaram Chamarty 96ccbf0c1c make standalone config entries work
For example, in

    repo foo/..*
        C   =   u1 u2 u3
        RW+ =   CREATOR
        RW  =   WRITERS
        R   =   READERS

        config hooks.emailprefix = '[%GL_REPO] '
        config foo.bar  = bar one

    repo foo/u1/..*
        config bar.baz  = frob nitz

make that last config also work!
2012-03-26 05:54:17 +05:30
Sitaram Chamarty 2845de74ea Easy.pm learns config(), acquires a test script 2012-03-25 19:31:01 +05:30
Sitaram Chamarty cb9794d55b warn about test suite clobbering lots of stuff
(not just ~/.ssh!)
2012-03-25 11:07:11 +05:30
Sitaram Chamarty 35ec0cf927 renamed ssh tests to prevent accidents to ~/.ssh 2012-03-24 10:30:46 +05:30
Sitaram Chamarty 1c590e633f run compat checks when old rc found
(also removed legacy-delegation sugar script)
2012-03-24 10:30:45 +05:30
Sitaram Chamarty 8dc43affdb minor changes to testing setup 2012-03-24 10:30:45 +05:30
Sitaram Chamarty 938acc589f test daemon/gitweb updates by setting perms 2012-03-24 10:30:45 +05:30
Sitaram Chamarty 320356d66c cleaned up logging quite a bit; details:
- a remote "id" (usually the IP) is generated and logged on the first
    log message in a "transaction"

  - speaking of which, a new "transaction ID" is logged that stays the
    same for each input command/invocation, tying together all the
    spawned commands

  - so now time stamps can be generated each time they are needed,
    rather than re-use the one at the beginning

  - log messages have a keyword at the start now
        remote, (create), check1 -- from gitolite-shell
        update, check2 -- from update
        post-up -- from post-update
        command -- from gitolite
        die, system -- from anywhere
2012-03-24 10:30:45 +05:30
Sitaram Chamarty bb9f045ec3 trigger POST_CREATE from user actions
- uncomment the POST_CREATE section in rc by default now
  - have perms call 'gitolite trigger POST_CREATE'
2012-03-24 10:30:45 +05:30
Sitaram Chamarty 98a6b08ff4 'desc' command added (manually smoke tested only; no test script) 2012-03-24 10:30:45 +05:30
Sitaram Chamarty 80a234c0f6 upgraded the basic test a bit for quicker turnaround on some experiments 2012-03-24 10:30:45 +05:30
Sitaram Chamarty 661fefbd0e added more personal branch tests 2012-03-24 10:30:45 +05:30
Sitaram Chamarty 139c08d3a1 abort on suspicious ref names
(and the other Dan Carpenter finding too, while we're about it!)

Note that neither of these is an actual issue, (and even less likely now
that gitolite is pure perl and no shell metas used) but it's just
playing safe.
2012-03-24 10:30:45 +05:30
Sitaram Chamarty 999f9cd39d make site-local scripts easier to write
- new Gitolite::Easy module hides all the other stuff
  - (put GL_ADMIN_BASE and GL_REPO_BASE into %ENV)
  - new 'gitolite creator' shell command
  - 'writes' command modified to use Gitolite::Easy.  It is also the
    only dual mode command -- it can be invoked remotely as well as
    locally.  I deem that the required trick to make other remote-only
    commands work locally is too much trouble for what is probably a
    rarely used command.
2012-03-24 10:30:45 +05:30
Sitaram Chamarty 5deafb6823 fix some "this specific user" dependencies for testing 2012-03-24 10:30:45 +05:30
Sitaram Chamarty 43f95f9b22 (minor) help command usage message changed 2012-03-24 10:30:45 +05:30
Sitaram Chamarty f0355d749b 'gitolite writes off/on...' done 2012-03-24 10:30:45 +05:30
Sitaram Chamarty 1ec8be663e (test infrastructure) CLONE/PUSH macros redefined 2012-03-24 10:30:45 +05:30
Sitaram Chamarty 1de773ab8e perm-roles.t 2012-03-24 10:30:44 +05:30
Sitaram Chamarty a6d8184a56 rule sequences test 2012-03-24 10:30:44 +05:30
Sitaram Chamarty 545c00aa26 perms with groups test 2012-03-24 10:30:44 +05:30