Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fix .gem file permissions problem.

Tempfile.new makes files with permissions of 0600[1]. This means that if
the webserver is running as a different user, the newly uploaded .gem
file won't be readable. This patch adds a chmod to the atomicwrite
function.

1: http://www.ruby-doc.org/stdlib-1.9.3/libdoc/tempfile/rdoc/Tempfile.html#method-c-new
  • Loading branch information...
commit 8701560b4164414081d8a106676b1671185a3384 1 parent 3039992
@sw17ch sw17ch authored cwninja committed
Showing with 9 additions and 1 deletion.
  1. +2 −0  lib/geminabox.rb
  2. +7 −1 test/test_support/geminabox_test_case.rb
View
2  lib/geminabox.rb
@@ -18,6 +18,7 @@ class Geminabox < Sinatra::Base
set :incremental_updates, false
set :views, File.join(File.dirname(__FILE__), *%w[.. views])
set :allow_replace, false
+ set :gem_permissions, 0644
use Hostess
class << self
@@ -215,6 +216,7 @@ def atomic_write(file_name)
yield temp_file
temp_file.close
File.rename(temp_file.path, file_name)
+ File.chmod(settings.gem_permissions, file_name)
end
helpers do
View
8 test/test_support/geminabox_test_case.rb
@@ -30,6 +30,10 @@ def data(data = nil)
@data ||= data || "/tmp/geminabox-test-data"
end
+ def gem_permissions
+ 0644
+ end
+
def app(&block)
@app = block || @app || lambda{|builder| run Geminabox }
end
@@ -41,7 +45,9 @@ def to_app
def should_push_gem(gemname = :example, *args)
test("can push #{gemname}") do
assert_can_push(gemname, *args)
- assert File.exists?( File.join(config.data, "gems", File.basename(gem_file(gemname, *args)) ) ), "Gemfile not in data dir."
+ gem_path = File.join(config.data, "gems", File.basename(gem_file(gemname, *args)) )
+ assert File.exists?( gem_path ), "Gemfile not in data dir."
+ assert File.stat(gem_path).mode.to_s(8).match(/#{config.gem_permissions.to_s(8)}$/), "Gemfile has incorrect permissions."
end
end
Please sign in to comment.
Something went wrong with that request. Please try again.