Permalink
Browse files

added whitelist for alternative pushers

  • Loading branch information...
1 parent 544a616 commit afb1014fca3cf92dba7800b3c9ad2332cd6c8a02 @anoopsinha committed Apr 26, 2012
Showing with 35 additions and 4 deletions.
  1. +3 −0 README.md
  2. +27 −0 app.js
  3. +4 −3 tests/README.md
  4. +1 −1 tests/node-sample
View
@@ -35,6 +35,9 @@ You will need to pick your own a unique name for the service hook.
vmc env-add node-vmc-pusher CF_USER=<username>
vmc env-add node-vmc-pusher CF_PWD=<password>
+#### Authorization: the code checks that the github pusher email address is the same as the cloudfoundry user specified. Optionally you can whitelist other addresses to use the pusher.
+
+ vmc env-add node-vmc-pusher CF_WHITELIST=<emailaddress>,<emailaddress>
In a future version of cloudfoundry, this mechanism will need to be re-written to use CF's oauth functionality.
View
27 app.js
@@ -9,6 +9,7 @@ var vmcjs = require('vmcjs');
var target = (process.env.CF_TARGET);
var user = (process.env.CF_USER);
var pwd = (process.env.CF_PWD);
+var whitelist = (process.env.CF_WHITELIST);
var fs = require('fs');
@@ -26,10 +27,36 @@ app.post('/pusher', function(req, res){
console.log('post received');
try {
p = req.body.payload;
+
+ console.log(p);
+
obj = JSON.parse(p);
obj.repository.url = obj.repository.url.replace("https", "git") + ".git"
console.log(obj.repository.url + " " + obj.repository.name);
+ console.log(obj.pusher.email + " vs. " + user);
+
+ if (obj.pusher.email != user) {
+ if (typeof whitelist == 'undefined') {
+ // exit here
+ console.log(obj.pusher.email + " doesn't match " + user + ". not authorized to push");
+ res.send('Not authorized to push.');
+ return;
+ } else {
+ if (whitelist.indexOf(obj.pusher.email) == -1) {
+ console.log(obj.pusher.email + " not in whitelist: " + whitelist + ". not authorized to push");
+ res.send('Not authorized to push.');
+ return;
+ } else {
+ console.log(obj.pusher.email + " in whitelist: " + whitelist + ". valid to push");
+ }
+ }
+ } else {
+ console.log(obj.pusher.email + " matches " + user + ". valid to push");
+ }
+
+
+
var cmd = "cd fixtures; ls; chmod +x git; rm -rf " + obj.repository.name + "; ./git clone " + obj.repository.url +"; ls; cd ..";
console.log(cmd);
View
@@ -1,9 +1,10 @@
To run tests
+============
-### Clone a repository here
+Clone a repository here
-### Set the github service hook
+Set the github service hook
-### Run test checkins and see if the app gets deployed to CF
+Run test checkins and see if the app gets deployed to CF
Submodule node-sample updated from 1d890a to 6ffcf0

0 comments on commit afb1014

Please sign in to comment.