Commit graph

69 commits

Author SHA1 Message Date
Sitaram Chamarty 8dcc051e64 access() with a missing repo
when a real repo (i.e., not a groupname or such) doesn't exist, checking
any permission other than ^C will give invalid results unless ^C is ok
for the user in question.

Take a look at this:

    repo    foo/CREATOR/a[0-9][0-9]
        C   =   u2 u3
        RW+ =   CREATOR
        R   =   READERS u1

u1 looking for R access on foo/u1/a11 will otherwise result in
success.
2012-03-24 10:30:43 +05:30
Sitaram Chamarty c79f9d2381 glt learns to deal better with non-git commands 2012-03-24 10:30:43 +05:30
Sitaram Chamarty e743cab1a3 perms command done (smoke tested) 2012-03-24 10:30:43 +05:30
Sitaram Chamarty 1b31c21440 wildrepos almost done (except setperms etc)
implementation notes

  - new sugar role_names() to prefix an "@" to CREATOR, and any role
    names listed in the rc file.

  - invalidate the cache in rules() if the repo was missing.  Without
    this, an auto-create operation succeeds the ^C check and calls
    new_wild_repo(), but then -- due to the cached rules not containing
    a rule for CREATOR, the actual read/write fails.

  - treat roles (READERS, WRITERS, etc.) as group names that apply only
    to that particular repo.  Don't add them to %groups, because that
    would screw up caching, but add them in when memberships() is called
    for the user.

    This is why the membership call for the user also has a reponame
    tacked on -- i.e., a user's membership list varied depending on
    which repo you're talking about.

  - while we're about it, pretend we added "CREATOR = <content of
    gl-creator>" as another "role".  Makes things so much easier dealing
    with "RW+ = CREATOR"

  - searching for rules pertaining to foo/CREATOR/bar when looking at
    repo foo/sitaram/bar is done backwards from what g2 used to do.  G2
    used to play tricks with the do-eval'd file using global variables
    so that what you get after the do may not even contain 'CREATOR'.

    We go the other way.  We replace sitaram with CREATOR and start
    looking for memberships of *both* foo/sitaram/bar and
    foo/CREATOR/bar.

  - this doesn't work (because we don't know *what* to replace) for
    missing repos if GL_USER is not set.  This means that 'gitolite
    access ...' queries (which do not set GL_USER) cannot be used
    reliably for non-existant repos.

    Since a ^C check is the only meaningful one for a non-existent repo,
    this means you cannot do that from 'gitolite access'.

    'GL_USER=luser gitolite info' will still work though ;-)

all in all, much cleaner and simpler than g2.
2012-03-24 10:30:43 +05:30
Sitaram Chamarty 3c5ae7f26b added 'RW+CDM' perm function, including some test code for 'D' 2012-03-24 10:30:43 +05:30
Sitaram Chamarty 5ae9b4abab new sugar function to help with RW+CDM 2012-03-24 10:30:43 +05:30
Sitaram Chamarty a6a666af78 new option() function in load.pm to quickly test conf options
reminder: these are enabled by 'option foo = bar' keyword in conf and
apply only to the repo
2012-03-24 10:30:43 +05:30
Sitaram Chamarty d5ddf6c68d wip test suite 2012-03-24 10:30:43 +05:30
Sitaram Chamarty 44e6bc4bb2 logging (but see below)
The logging is both for paranoia and parsing/automated processing.  The
ones you're probably interested in parsing should be easy to pick out
and are very likely to have tab-delimited fields already.
2012-03-24 10:30:43 +05:30
Sitaram Chamarty 5b93dd4b53 minor changes to the testing infrastructure 2012-03-24 10:30:43 +05:30
Sitaram Chamarty 941de722da gl-perms handling and roles, first cut
(additional memberships that user has when accessing a specific repo)
2012-03-24 10:30:43 +05:30
Sitaram Chamarty 9650d2fb3f (minor)
trace rationalisation plus perltidy again
2012-03-24 10:30:43 +05:30
Sitaram Chamarty 89a1857d56 auto-create repo on 'C' perm done 2012-03-24 10:30:43 +05:30
Sitaram Chamarty a014d2ffd5 "memberships()" can now deal with most everything except roles 2012-03-24 10:30:43 +05:30
Sitaram Chamarty f21d17e086 git_configs almost done, but
real testing can only happen after wildrepos is finished (specifically,
when memberships() can return regex repo names also)
2012-03-24 10:30:43 +05:30
Sitaram Chamarty 45348a4225 access() learned a new trick :) 2012-03-24 10:30:43 +05:30
Sitaram Chamarty 876b554fb5 changes to custom command invocation etc.; see below
- 'post-compile' subdir moved under 'commands/' but only for
    sanity; has no real significance now

  - new, internal use only, gitolite command run-all, as in

        gitolite run-all POST_COMPILE

    which runs all the commands in @{ $rc{POST_COMPILE} } in sequence.
    You can sdo this for any section of course, though this is the only
    one in the rc right now.

    (Future candidates: PRE_GIT, POST_GIT, PRE_CREATE, POST_CREATE)
2012-03-24 10:30:43 +05:30
Sitaram Chamarty efe37fb8a3 honor umask 2012-03-24 10:30:43 +05:30
Sitaram Chamarty db8dc8ca2d allow trace mode from remote client
just say (for example):

    git push git@server:reponame.git1

for trace level 1, and similarly for 2 and 3
2012-03-24 10:30:43 +05:30
Sitaram Chamarty 38cb9bfda9 trace messages rationalised to 3 levels 2012-03-24 10:30:43 +05:30
Sitaram Chamarty 8714b77eae (perltidy) 2012-03-24 10:30:43 +05:30
Sitaram Chamarty afcd974afa record and maintain a 'version' (for info and elsewhere) 2012-03-24 10:30:42 +05:30
Sitaram Chamarty 5e2563bb8c setup was over-engineered... 2012-03-24 10:30:42 +05:30
Sitaram Chamarty 9780ddab9d (!!) personal branches -- 1 line of code, 50 lines of test!
(and by the way even in g2 this was not so easy as just ONE line of
code!)
2012-03-24 10:30:42 +05:30
Sitaram Chamarty 876f6517f5 (testing help) allow a *testing* rc to override the normal one 2012-03-24 10:30:42 +05:30
Sitaram Chamarty 8b8d3ef484 new test 'listers' 2012-03-24 10:30:42 +05:30
Sitaram Chamarty 446bd19de7 tsh/test learn the cmp() function to make full output compares easier 2012-03-24 10:30:42 +05:30
Sitaram Chamarty fb332a6c76 (!!) neat little 'access' command...
...makes it sooo much eaier to check access rights from external scripts
2012-03-24 10:30:42 +05:30
Sitaram Chamarty 9a8a86306b _system() is less verbose
otherwise things like 'gitolite access' print extra junk that is
confusing.
2012-03-24 10:30:42 +05:30
Sitaram Chamarty 6624d35cf9 info command deals with groups 2012-03-24 10:30:42 +05:30
Sitaram Chamarty 5ebb981efa new sugar -- keysubdirs as groups. TODO: add appropriate commented entry to Gitolite::Rc.pm also 2012-03-24 10:30:42 +05:30
Sitaram Chamarty 4e25a8acd1 ssh-basic tests (and that's all we will ever do; see below)
ssh tests are meant to ensure that basic authENTICATION is happening.
AuthORISATION is checked all over the rest of the test suite and these
two are quite orthogonal operations so there is no need to test all of
authZ with ssh.
2012-03-24 10:30:42 +05:30
Sitaram Chamarty 141b2ce897 more tests 2012-03-24 10:30:42 +05:30
Sitaram Chamarty 89cc3a303d Test.pm learned confreset() and confadd() 2012-03-24 10:30:42 +05:30
Sitaram Chamarty 356ff2b757 store got a few more validations
(a full scan of all input data is pending; this is just for diagnostics)
2012-03-24 10:30:42 +05:30
Sitaram Chamarty 7f8020adc5 'info' command, plus lots more changes:
- usage() gets a little smarter; it now knows what function it was called
    from and tries to find a '=for function_name' chunk of data in the script

  - the various list-* functions now work off a dispatcher in Load.pm
  - (...and they all use the new usage() magic to print their helps!)

  - src/gitolite got a lot leaner due to this dispatcher

  - src/gitolite-shell became a lot more easier to read/flow

  - rc acquired '{COMMANDS}', which gitolite-shell now refers to
  - comments in the default rc file changed a bit
  - rc got a new REMOTE_COMMAND_PATT (in place of ADC_CMD_ARGS_PATT)

the rest is perltidy and stuff like that
2012-03-24 10:30:42 +05:30
Sitaram Chamarty 0aeb0cd5e2 ssh-authkeys done! 2012-03-24 10:30:42 +05:30
Sitaram Chamarty cbd4d43687 (minor) usage() sub can handle multiple usage sections in the same script 2012-03-24 10:30:42 +05:30
Sitaram Chamarty 84422ccf30 (rc) prefix GL_BINDIR to PATH
Needed when the user didn't actually "install" but is just running it by
using the full path to "gitolite".  Without this, every time my code
runs "gitolite <some sub-command>" I have to prefix "gitolite" with
$ENV{GL_BINDIR}, which is kinda painful...
2012-03-24 10:30:42 +05:30
Sitaram Chamarty 428485086f query-rc learned '-n' to avoid the need to chomp() the result 2012-03-24 10:30:42 +05:30
Sitaram Chamarty ef476f0d32 common: slurp() learns to look at wantarray 2012-03-24 10:30:42 +05:30
Sitaram Chamarty c19f75e119 (subconf) add the warning message
(not as prominent as in g2 though...)
2012-03-24 10:30:42 +05:30
Sitaram Chamarty d64663d12e COUNT VREF and tests 2012-03-24 10:30:42 +05:30
Sitaram Chamarty 16d17def2a VREF code 2012-03-24 10:30:42 +05:30
Sitaram Chamarty ef021ee293 (test) forgot to set user.email/name to the standard value
caused old test scripts to fail (wherever I was checking the actual SHA
anyway)
2012-03-24 10:30:41 +05:30
Sitaram Chamarty fb69f6e328 (test setup) make Test.pm do a bit more 2012-03-24 10:30:41 +05:30
Sitaram Chamarty 17476318b9 (trace) formatting changed when more than one arg passed 2012-03-24 10:30:41 +05:30
Sitaram Chamarty 56cda99edd fixup CWD in access(); see below
Calling access() changes the CWD to $GL_REPO_BASE!

This causes a problem in the update script -- you're suddenly in the
wrong directory after calling access()!

This is actually happening inside load_1(), so fix that.
2012-03-24 10:30:41 +05:30
Sitaram Chamarty 877f6eb31b catch older gitolite.rc and die gracefully 2012-03-24 10:30:41 +05:30
Sitaram Chamarty a9d5adcd10 example sugar script 'continuation-lines' added 2012-03-24 10:30:41 +05:30