Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
prevent access to repos which are in the process of bring migrated
Björn Kautler pointed out that, when a repo is being migrated into gitolite as per the documentation [1], there is a gap between the actual move of the repo and the rest of the process where a user can gain read or write access to the repo, which he would *not* have had after the completion of the process. My first thought was to document this, and advise people to use the 'writable' command to disable writes, but there is nothing as simple and painless to prevent reads. (On the plus side, this kind of racy read access can only happen if the conf is using the "deny-rules" option to restrict reads; without that, it makes no difference -- i.e., he gets no access that he would not have got later anyway). But eventually I realised that documentation was frustrating, for various reasons, and that at least in this case there is a way to fix it in the code -- just block all access to a repo that is in ~/repositories, but which does not yet have the update hook setup correctly. Plus, the code does not impact anything else, and is basically just an extra check. [1]: http://gitolite.com/gitolite/basic-admin/index.html#appendix-1-bringing-existing-repos-into-gitolite
- Loading branch information