Permalink
Browse files

Fix .gem file permissions problem.

Tempfile.new makes files with permissions of 0600[1]. This means that if
the webserver is running as a different user, the newly uploaded .gem
file won't be readable. This patch adds a chmod to the atomicwrite
function.

1: http://www.ruby-doc.org/stdlib-1.9.3/libdoc/tempfile/rdoc/Tempfile.html#method-c-new
  • Loading branch information...
sw17ch authored and tomlea committed Sep 28, 2012
1 parent 3039992 commit 8701560b4164414081d8a106676b1671185a3384
Showing with 9 additions and 1 deletion.
  1. +2 −0 lib/geminabox.rb
  2. +7 −1 test/test_support/geminabox_test_case.rb
View
@@ -18,6 +18,7 @@ class Geminabox < Sinatra::Base
set :incremental_updates, false
set :views, File.join(File.dirname(__FILE__), *%w[.. views])
set :allow_replace, false
+ set :gem_permissions, 0644
use Hostess
class << self
@@ -215,6 +216,7 @@ def atomic_write(file_name)
yield temp_file
temp_file.close
File.rename(temp_file.path, file_name)
+ File.chmod(settings.gem_permissions, file_name)
end
helpers do
@@ -30,6 +30,10 @@ def data(data = nil)
@data ||= data || "/tmp/geminabox-test-data"
end
+ def gem_permissions
+ 0644
+ end
+
def app(&block)
@app = block || @app || lambda{|builder| run Geminabox }
end
@@ -41,7 +45,9 @@ def to_app
def should_push_gem(gemname = :example, *args)
test("can push #{gemname}") do
assert_can_push(gemname, *args)
- assert File.exists?( File.join(config.data, "gems", File.basename(gem_file(gemname, *args)) ) ), "Gemfile not in data dir."
+ gem_path = File.join(config.data, "gems", File.basename(gem_file(gemname, *args)) )
+ assert File.exists?( gem_path ), "Gemfile not in data dir."
+ assert File.stat(gem_path).mode.to_s(8).match(/#{config.gem_permissions.to_s(8)}$/), "Gemfile has incorrect permissions."
end
end

0 comments on commit 8701560

Please sign in to comment.