#!/bin/sh # please make sure this file is NOT chmod +x # this file contains settings for all ADCs at the top, then functions that you # can call from shell scripts. Other files in this directory have examples. # all uses require you to "source" this file, like so: # # at the top of your ADC # . $(dirname $0)/adc.common-functions # then you use one of the following functions, like so: # can_create reponame || die "you can't create reponame" # can_write reponame || die "you can't write reponame" # can_read reponame || die "you can't read reponame" # is_admin || die "you're not an admin" # IMPORTANT NOTE: all the can_* functions set $repo to the normalised reponame # (i.e., with '.git' extension removed if it was supplied). # ------------------------------------------------------------------------------ # settings for various ADCs, collected in one place for ease of keeping local # settings intact during upgrades (you only have to worry about this file # now). Documentation for the variables, however, is in the respective ADC # settings for 'rm' ADC ARE_YOU_SURE=1 USE_LOCK_UNLOCK=1 # settings for 'trash' ADC TRASH_CAN=$GL_REPO_BASE_ABS/deleted TRASH_SUFFIX=`date +%Y-%m-%d_%H:%M:%S` # settings for 'hub' ADC BASE_FETCH_URL="git://gl.example.com" GL_FORKED_FROM="gl-forked-from" # KDE may set this to kde-cloned-from for historical reasons # Change to 1 to make -list the default action for the 'help' command HELP_LIST_DEFAULT=0 # name of "admin" group (see is_admin() below before uncommenting) # ADMIN_GROUPNAME=admins # ------------------------------------------------------------------------------ die() { echo "$@"; exit 1; } # test an option value more concisely opt() { [ "$1" = "1" ] && return 0 return 1 } valid_owned_repo() { # check that an arg passed is a valid repo and the current user owns it [ -z "$1" ] && die need a repo name get_rights_and_owner $1 [ "$owner" = "$GL_USER" ] || die "$repo does not exist or is not yours!" # and we sneak this in too, quietly :) cd $GL_REPO_BASE_ABS } # NOTE: this also sets $repo to the normalised (without .git suffix) reponame get_rights_and_owner() { local ans repo=${1%.git} ans=$(perl -I$GL_BINDIR -Mgitolite -e "cli_repo_rights('"$repo"')") # set shell variables as needed owner=${ans#* } rights=${ans% *} echo $rights | grep C >/dev/null 2>&1 && perm_create=yes || perm_create= echo $rights | grep R >/dev/null 2>&1 && perm_read=yes || perm_read= echo $rights | grep W >/dev/null 2>&1 && perm_write=yes || perm_write= } can_create() { get_rights_and_owner ${1%.git} [ -z "$perm_create" ] && return 1 return 0 } can_write() { get_rights_and_owner ${1%.git} [ -z "$perm_write" ] && return 1 return 0 } can_read() { get_rights_and_owner ${1%.git} [ -z "$perm_read" ] && return 1 return 0 } # ------------------------------------------------------------------------------ # check if current user is an admin is_admin() { # there are two ways to check if someone is an admin. The default (if # ADMIN_GROUPNAME is not defined) is to check if they have write access to # the admin repo if [ -z "$ADMIN_GROUPNAME" ] then can_write gitolite-admin || return 1 return 0 fi # the alternative way is to check membership in $ADMIN_GROUPNAME; please # remember this method requires GL_BIG_CONFIG to be set # TODO, pending the code to allow an external query of a user's "group" # affiliations in_group $ADMIN_GROUPNAME } # ------------------------------------------------------------------------------ grouplist() { perl -I$GL_BINDIR -Mgitolite -e "cli_grouplist()" } in_group() { local g=$1 grouplist | egrep "(^| )$g( |$)" >/dev/null && return 0 return 1 }