Permalink
Browse files

Explicitly authorize .env files.

Explicit authorization is required the first time for each new .env
file, and also every time the .env file's contents have been modified.
  • Loading branch information...
nvie committed Feb 15, 2012
1 parent 6263e14 commit 94bf47d41683ecf9d715fda8dd1c4ae0ebff9d7c
Showing with 74 additions and 2 deletions.
  1. +74 −2 activate.sh
View
@@ -1,4 +1,5 @@
#!/usr/bin/env bash
+AUTOENV_AUTH_FILE=~/.autoenv_authorized
if [[ -n "${ZSH_VERSION}" ]]
then __array_offset=0
@@ -26,12 +27,79 @@ autoenv_init()
_file=${#_files[@]}
while (( _file > 0 ))
do
- source "${_files[_file-__array_offset]}"
+ envfile=${_files[_file-__array_offset]}
+ autoenv_check_authz_and_run "$envfile"
: $(( _file -= 1 ))
done
}
-cd()
+autoenv_env() {
+ builtin echo "autoenv:" "$@"
+}
+
+autoenv_printf() {
+ builtin printf "autoenv: "
+ builtin printf "$@"
+}
+
+autoenv_indent() {
+ sed 's/.*/autoenv: &/' $@
+}
+
+autoenv_hashline()
+{
+ typeset envfile hash
+ envfile=$1
+ hash=$(shasum "$envfile" | cut -d' ' -f 1)
+ echo "$envfile:$hash"
+}
+
+autoenv_check_authz()
+{
+ typeset envfile hash
+ envfile=$1
+ hash=$(autoenv_hashline "$envfile")
+ touch $AUTOENV_AUTH_FILE
+ grep -Gq "$hash" $AUTOENV_AUTH_FILE
+}
+
+autoenv_check_authz_and_run()
+{
+ typeset envfile
+ envfile=$1
+ if ! autoenv_check_authz "$envfile"; then
+ autoenv_env
+ autoenv_env "WARNING:"
+ autoenv_env "This is the first time you are about to source $envfile":
+ autoenv_env
+ autoenv_env " --- (begin contents) ---------------------------------------"
+ autoenv_indent "$envfile"
+ autoenv_env " --- (end contents) -----------------------------------------"
+ autoenv_env
+ autoenv_printf "Are you sure you want to allow this? (y/N) "
+ read answer
+ if [[ "$answer" == "y" ]]; then
+ autoenv_authorize_env "$envfile"
+ source "$envfile"
+ fi
+ fi
+}
+
+autoenv_deauthorize_env() {
+ typeset envfile
+ envfile=$1
+ cp "$AUTOENV_AUTH_FILE" "$AUTOENV_AUTH_FILE.tmp"
+ grep -Gv "$envfile:" "$AUTOENV_AUTH_FILE.tmp" > $AUTOENV_AUTH_FILE
+}
+
+autoenv_authorize_env() {
+ typeset envfile
+ envfile=$1
+ autoenv_deauthorize_env "$envfile"
+ autoenv_hashline "$envfile" >> $AUTOENV_AUTH_FILE
+}
+
+autoenv_cd()
{
if builtin cd "$@"
then
@@ -41,3 +109,7 @@ cd()
return $?
fi
}
+
+cd() {
+ autoenv_cd "$@"
+}

0 comments on commit 94bf47d

Please sign in to comment.