Permalink
Browse files

new features relating to creating wild repos:

  - new 'create' command for explicit creation
  - new 'AutoCreate' trigger to prevent auto-creation on read operations
    or both read and write operations
  - a few related fixups to the perms command
  • Loading branch information...
1 parent 96be950 commit 96cc2eaf41aa9c313e56cfb3ddf25899cfa08f53 @sitaramc committed Nov 22, 2012
Showing with 52 additions and 11 deletions.
  1. +15 −0 src/commands/create
  2. +12 −10 src/commands/perms
  3. +24 −0 src/lib/Gitolite/Triggers/AutoCreate.pm
  4. +1 −1 t/sequence.t
View
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+# Usage: ssh git@host create <repo>
+#
+# Create wild repo.
+
+die() { echo "$@" >&2; exit 1; }
+usage() { perl -lne 'print substr($_, 2) if /^# Usage/../^$/' < $0; exit 1; }
+[ -z "$1" ] && usage
+[ -z "$2" ] || usage
+[ "$1" = "-h" ] && usage
+[ -z "$GL_USER" ] && die GL_USER not set
+
+# ----------------------------------------------------------------------
+exec $GL_BINDIR/commands/perms -c "$@" < /dev/null
View
@@ -46,18 +46,20 @@ if ( $ARGV[0] eq '-l' ) {
# auto-create the repo if -c passed and repo doesn't exist
if ( $ARGV[0] eq '-c' ) {
shift;
- my $repo = $ARGV[0];
+ my $repo = $ARGV[0] or usage();
_die "invalid repo '$repo'" unless $repo =~ $REPONAME_PATT;
- if (not -d "$rc{GL_REPO_BASE}/$repo.git") {
- my $ret = access( $repo, $ENV{GL_USER}, '^C', 'any' );
- _die $ret if $ret =~ /DENIED/;
-
- require Gitolite::Conf::Store;
- Gitolite::Conf::Store->import;
- new_wild_repo( $repo, $ENV{GL_USER}, 'perms-c' );
- gl_log( 'create', $repo, $ENV{GL_USER}, 'perms-c' );
- }
+ my $d = "$rc{GL_REPO_BASE}/$repo.git";
+ my $errmsg = "repo already exists or you are not authorised to create it";
+ # use the same message in both places to prevent leaking repo existence info
+ _die $errmsg if -d $d;
+ my $ret = access( $repo, $ENV{GL_USER}, '^C', 'any' );
+ _die $errmsg if $ret =~ /DENIED/;
+
+ require Gitolite::Conf::Store;
+ Gitolite::Conf::Store->import;
+ new_wild_repo( $repo, $ENV{GL_USER}, 'perms-c' );
+ gl_log( 'create', $repo, $ENV{GL_USER}, 'perms-c' );
}
my $repo = shift;
@@ -0,0 +1,24 @@
+package Gitolite::Triggers::AutoCreate;
+
+use strict;
+use warnings;
+
+# perl trigger set for stuff to do with auto-creating repos
+# ----------------------------------------------------------------------
+
+# to deny auto-create on read access, add 'AutoCreate::deny_R' to the
+# PRE_CREATE trigger list
+sub deny_R {
+ die "autocreate denied\n" if $_[3] and $_[3] eq 'R';
+ return;
+}
+
+# to deny auto-create on read *and* write access, add 'AutoCreate::deny_RW' to
+# the PRE_CREATE trigger list. This means you can only create repos using the
+# 'create' command, (which needs to be enabled in the COMMANDS list).
+sub deny_RW {
+ die "autocreate denied\n" if $_[3] and ( $_[3] eq 'R' or $_[3] eq 'W' );
+ return;
+}
+
+1;
View
@@ -100,7 +100,7 @@ try "
# auto-create using perms fail
echo READERS u5 | glt perms u4 -c foo/u4/baz
!/Initialized empty Git repository in .*/foo/u4/baz.git/
- /FATAL: .C any foo/u4/baz u4 DENIED by fallthru/
+ /FATAL: repo already exists or you are not authorised to create it/
# auto-create using perms
echo READERS u2 | glt perms u1 -c foo/u1/baz

0 comments on commit 96cc2ea

Please sign in to comment.