gitolite/contrib/adc/adc.common-functions

#!/bin/sh

# please make sure this file is NOT chmod +x

# this file contains settings for all ADCs at the top, then functions that you
# can call from shell scripts.  Other files in this directory have examples.

# all uses require you to "source" this file, like so:

#       # at the top of your ADC
#       . $(dirname $0)/adc.common-functions

# then you use one of the following functions, like so:

#       can_create reponame || die "you can't create reponame"
#       can_write reponame || die "you can't write reponame"
#       can_read reponame || die "you can't read reponame"
#       is_admin || die "you're not an admin"

# IMPORTANT NOTE: all the can_* functions set $repo to the normalised reponame
# (i.e., with '.git' extension removed if it was supplied).

# ------------------------------------------------------------------------------

# settings for various ADCs, collected in one place for ease of keeping local
# settings intact during upgrades (you only have to worry about this file
# now).  Documentation for the variables, however, is in the respective ADC

# settings for 'rm' ADC
ARE_YOU_SURE=1
USE_LOCK_UNLOCK=1

# settings for 'trash' ADC
TRASH_CAN=$GL_REPO_BASE_ABS/deleted
TRASH_SUFFIX=`date +%Y-%m-%d_%H:%M:%S`

# settings for 'hub' ADC
BASE_FETCH_URL="git://gl.example.com"
GL_FORKED_FROM="gl-forked-from"
    # KDE may set this to kde-cloned-from for historical reasons

# Change to 1 to make -list the default action for the 'help' command
HELP_LIST_DEFAULT=0

# name of "admin" group (see is_admin() below before uncommenting)
# ADMIN_GROUPNAME=admins

# ------------------------------------------------------------------------------

die() { echo "$@"; exit 1; }

# test an option value more concisely
opt() {
    [ "$1" = "1" ] && return 0
    return 1
}

valid_owned_repo() {
    # check that an arg passed is a valid repo and the current user owns it
    [ -z "$1" ] && die need a repo name
    get_rights_and_owner $1
    [ "$owner" = "$GL_USER" ] || die "$repo does not exist or is not yours!"

    # and we sneak this in too, quietly :)
    cd $GL_REPO_BASE_ABS
}

# NOTE: this also sets $repo to the normalised (without .git suffix) reponame
get_rights_and_owner() {
    local ans
    repo=${1%.git}
    ans=$(perl -I$GL_BINDIR -Mgitolite -e "cli_repo_rights('"$repo"')")

    # set shell variables as needed
    owner=${ans#* }
    rights=${ans% *}
    echo $rights | grep C >/dev/null 2>&1 && perm_create=yes  || perm_create=
    echo $rights | grep R >/dev/null 2>&1 && perm_read=yes    || perm_read=
    echo $rights | grep W >/dev/null 2>&1 && perm_write=yes   || perm_write=
}

can_create() {
    get_rights_and_owner ${1%.git}
    [ -z "$perm_create" ] && return 1
    return 0
}

can_write() {
    get_rights_and_owner ${1%.git}
    [ -z "$perm_write" ] && return 1
    return 0
}

can_read() {
    get_rights_and_owner ${1%.git}
    [ -z "$perm_read" ] && return 1
    return 0
}

# ------------------------------------------------------------------------------

# check if current user is an admin
is_admin() {
    # there are two ways to check if someone is an admin.  The default (if
    # ADMIN_GROUPNAME is not defined) is to check if they have write access to
    # the admin repo

    if [ -z "$ADMIN_GROUPNAME" ]
    then
        can_write gitolite-admin || return 1
        return 0
    fi

    # the alternative way is to check membership in $ADMIN_GROUPNAME; please
    # remember this method requires GL_BIG_CONFIG to be set

    # TODO, pending the code to allow an external query of a user's "group"
    # affiliations
    in_group $ADMIN_GROUPNAME
}

# ------------------------------------------------------------------------------

grouplist() {
    perl -I$GL_BINDIR -Mgitolite -e "cli_grouplist()"
}

in_group() {
    local g=$1
    grouplist | egrep "(^| )$g( |$)" >/dev/null && return 0
    return 1
}