Commit graph

173 commits

Author SHA1 Message Date
Sitaram Chamarty
80b50f3be8 added delegation tests
(although one seems almost the same as the other...)
2012-03-24 10:30:44 +05:30
Sitaram Chamarty
4c1017a529 new sugar 'legacy-delegation-abort', enabled by default 2012-03-24 10:30:44 +05:30
Sitaram Chamarty
20fd0d0c19 (minor) test reformatting 2012-03-24 10:30:44 +05:30
Sitaram Chamarty
2069156c6b wild repos test #2 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
8dcc051e64 access() with a missing repo
when a real repo (i.e., not a groupname or such) doesn't exist, checking
any permission other than ^C will give invalid results unless ^C is ok
for the user in question.

Take a look at this:

    repo    foo/CREATOR/a[0-9][0-9]
        C   =   u2 u3
        RW+ =   CREATOR
        R   =   READERS u1

u1 looking for R access on foo/u1/a11 will otherwise result in
success.
2012-03-24 10:30:43 +05:30
Sitaram Chamarty
c79f9d2381 glt learns to deal better with non-git commands 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
e743cab1a3 perms command done (smoke tested) 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
1b31c21440 wildrepos almost done (except setperms etc)
implementation notes

  - new sugar role_names() to prefix an "@" to CREATOR, and any role
    names listed in the rc file.

  - invalidate the cache in rules() if the repo was missing.  Without
    this, an auto-create operation succeeds the ^C check and calls
    new_wild_repo(), but then -- due to the cached rules not containing
    a rule for CREATOR, the actual read/write fails.

  - treat roles (READERS, WRITERS, etc.) as group names that apply only
    to that particular repo.  Don't add them to %groups, because that
    would screw up caching, but add them in when memberships() is called
    for the user.

    This is why the membership call for the user also has a reponame
    tacked on -- i.e., a user's membership list varied depending on
    which repo you're talking about.

  - while we're about it, pretend we added "CREATOR = <content of
    gl-creator>" as another "role".  Makes things so much easier dealing
    with "RW+ = CREATOR"

  - searching for rules pertaining to foo/CREATOR/bar when looking at
    repo foo/sitaram/bar is done backwards from what g2 used to do.  G2
    used to play tricks with the do-eval'd file using global variables
    so that what you get after the do may not even contain 'CREATOR'.

    We go the other way.  We replace sitaram with CREATOR and start
    looking for memberships of *both* foo/sitaram/bar and
    foo/CREATOR/bar.

  - this doesn't work (because we don't know *what* to replace) for
    missing repos if GL_USER is not set.  This means that 'gitolite
    access ...' queries (which do not set GL_USER) cannot be used
    reliably for non-existant repos.

    Since a ^C check is the only meaningful one for a non-existent repo,
    this means you cannot do that from 'gitolite access'.

    'GL_USER=luser gitolite info' will still work though ;-)

all in all, much cleaner and simpler than g2.
2012-03-24 10:30:43 +05:30
Sitaram Chamarty
3c5ae7f26b added 'RW+CDM' perm function, including some test code for 'D' 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
5ae9b4abab new sugar function to help with RW+CDM 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
a6a666af78 new option() function in load.pm to quickly test conf options
reminder: these are enabled by 'option foo = bar' keyword in conf and
apply only to the repo
2012-03-24 10:30:43 +05:30
Sitaram Chamarty
d5ddf6c68d wip test suite 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
44e6bc4bb2 logging (but see below)
The logging is both for paranoia and parsing/automated processing.  The
ones you're probably interested in parsing should be easy to pick out
and are very likely to have tab-delimited fields already.
2012-03-24 10:30:43 +05:30
Sitaram Chamarty
5b93dd4b53 minor changes to the testing infrastructure 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
941de722da gl-perms handling and roles, first cut
(additional memberships that user has when accessing a specific repo)
2012-03-24 10:30:43 +05:30
Sitaram Chamarty
9650d2fb3f (minor)
trace rationalisation plus perltidy again
2012-03-24 10:30:43 +05:30
Sitaram Chamarty
89a1857d56 auto-create repo on 'C' perm done 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
a014d2ffd5 "memberships()" can now deal with most everything except roles 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
f21d17e086 git_configs almost done, but
real testing can only happen after wildrepos is finished (specifically,
when memberships() can return regex repo names also)
2012-03-24 10:30:43 +05:30
Sitaram Chamarty
45348a4225 access() learned a new trick :) 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
876b554fb5 changes to custom command invocation etc.; see below
- 'post-compile' subdir moved under 'commands/' but only for
    sanity; has no real significance now

  - new, internal use only, gitolite command run-all, as in

        gitolite run-all POST_COMPILE

    which runs all the commands in @{ $rc{POST_COMPILE} } in sequence.
    You can sdo this for any section of course, though this is the only
    one in the rc right now.

    (Future candidates: PRE_GIT, POST_GIT, PRE_CREATE, POST_CREATE)
2012-03-24 10:30:43 +05:30
Sitaram Chamarty
efe37fb8a3 honor umask 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
db8dc8ca2d allow trace mode from remote client
just say (for example):

    git push git@server:reponame.git1

for trace level 1, and similarly for 2 and 3
2012-03-24 10:30:43 +05:30
Sitaram Chamarty
38cb9bfda9 trace messages rationalised to 3 levels 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
8714b77eae (perltidy) 2012-03-24 10:30:43 +05:30
Sitaram Chamarty
afcd974afa record and maintain a 'version' (for info and elsewhere) 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
5e2563bb8c setup was over-engineered... 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
9780ddab9d (!!) personal branches -- 1 line of code, 50 lines of test!
(and by the way even in g2 this was not so easy as just ONE line of
code!)
2012-03-24 10:30:42 +05:30
Sitaram Chamarty
876f6517f5 (testing help) allow a *testing* rc to override the normal one 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
8b8d3ef484 new test 'listers' 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
446bd19de7 tsh/test learn the cmp() function to make full output compares easier 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
fb332a6c76 (!!) neat little 'access' command...
...makes it sooo much eaier to check access rights from external scripts
2012-03-24 10:30:42 +05:30
Sitaram Chamarty
9a8a86306b _system() is less verbose
otherwise things like 'gitolite access' print extra junk that is
confusing.
2012-03-24 10:30:42 +05:30
Sitaram Chamarty
6624d35cf9 info command deals with groups 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
5ebb981efa new sugar -- keysubdirs as groups. TODO: add appropriate commented entry to Gitolite::Rc.pm also 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
4e25a8acd1 ssh-basic tests (and that's all we will ever do; see below)
ssh tests are meant to ensure that basic authENTICATION is happening.
AuthORISATION is checked all over the rest of the test suite and these
two are quite orthogonal operations so there is no need to test all of
authZ with ssh.
2012-03-24 10:30:42 +05:30
Sitaram Chamarty
141b2ce897 more tests 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
89cc3a303d Test.pm learned confreset() and confadd() 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
356ff2b757 store got a few more validations
(a full scan of all input data is pending; this is just for diagnostics)
2012-03-24 10:30:42 +05:30
Sitaram Chamarty
7f8020adc5 'info' command, plus lots more changes:
- usage() gets a little smarter; it now knows what function it was called
    from and tries to find a '=for function_name' chunk of data in the script

  - the various list-* functions now work off a dispatcher in Load.pm
  - (...and they all use the new usage() magic to print their helps!)

  - src/gitolite got a lot leaner due to this dispatcher

  - src/gitolite-shell became a lot more easier to read/flow

  - rc acquired '{COMMANDS}', which gitolite-shell now refers to
  - comments in the default rc file changed a bit
  - rc got a new REMOTE_COMMAND_PATT (in place of ADC_CMD_ARGS_PATT)

the rest is perltidy and stuff like that
2012-03-24 10:30:42 +05:30
Sitaram Chamarty
0aeb0cd5e2 ssh-authkeys done! 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
cbd4d43687 (minor) usage() sub can handle multiple usage sections in the same script 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
84422ccf30 (rc) prefix GL_BINDIR to PATH
Needed when the user didn't actually "install" but is just running it by
using the full path to "gitolite".  Without this, every time my code
runs "gitolite <some sub-command>" I have to prefix "gitolite" with
$ENV{GL_BINDIR}, which is kinda painful...
2012-03-24 10:30:42 +05:30
Sitaram Chamarty
428485086f query-rc learned '-n' to avoid the need to chomp() the result 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
ef476f0d32 common: slurp() learns to look at wantarray 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
c19f75e119 (subconf) add the warning message
(not as prominent as in g2 though...)
2012-03-24 10:30:42 +05:30
Sitaram Chamarty
d64663d12e COUNT VREF and tests 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
16d17def2a VREF code 2012-03-24 10:30:42 +05:30
Sitaram Chamarty
ef021ee293 (test) forgot to set user.email/name to the standard value
caused old test scripts to fail (wherever I was checking the actual SHA
anyway)
2012-03-24 10:30:41 +05:30
Sitaram Chamarty
fb69f6e328 (test setup) make Test.pm do a bit more 2012-03-24 10:30:41 +05:30