Ejemplo n.º 1
0
def cacheAccess(config, mode, cache):
    """
    Computes access lists for all repositories in one pass.
    """
    for sectname in config.sections():
        GROUP_PREFIX = 'group '
        USER_PREFIX  = 'user '
        REPO_PREFIX  = 'repo '
        if sectname.startswith(USER_PREFIX):
            idx = 0
            name = sectname[len(USER_PREFIX):]
        elif sectname.startswith(GROUP_PREFIX):
            idx = 1
            name = sectname[len(GROUP_PREFIX):]
        elif sectname.startswith(REPO_PREFIX):
            # Single repository: handle owner
            name = sectname[len(REPO_PREFIX):]
            if (mode,name) not in cache:
                cache[mode,name] = (set(),set())

            continue

        else:
            continue

        repos = util.getConfigList(config, sectname, mode)
        for (iname, ivalue) in config.items(sectname):
            if iname.startswith('map %s ' % mode):
                repos.append(ivalue)

        for path in repos:
            if (mode,path) not in cache:
                cache[mode,path] = (set(),set())

            cache[mode,path][idx].add(name)
Ejemplo n.º 2
0
def _getMembership(config, user, seen):
    log = logging.getLogger('gitosis.group.getMembership')

    for section in config.sections():
        GROUP_PREFIX = 'group '
        if not section.startswith(GROUP_PREFIX):
            continue
        group = section[len(GROUP_PREFIX):]
        if group in seen:
            continue

        members = util.getConfigList(config, section, 'members')

        # @all is the only group where membership needs to be
        # bootstrapped like this, anything else gets started from the
        # username itself
        if (user in members
            or '@all' in members):
            log.debug('found %(user)r in %(group)r' % dict(
                user=user,
                group=group,
                ))
            seen.add(group)
            yield group

            for member_of in _getMembership(
                config, '@%s' % group, seen,
                ):
                yield member_of
Ejemplo n.º 3
0
def listMembers(config, group, mset):
    """
    Generate a list of members of a group

    :type config: RawConfigParser
    :type group: str
    :param mset: Set of members to amend
    """

    if group <> 'all':
        members = util.getConfigList(config, 'group %s' % group, 'members')

        for user in members:
            mset.add(user)
            if user.startswith('@'):
                listMembers(config, user[1:], mset)
Ejemplo n.º 4
0
def haveAccess(config, user, mode, path):
    """
    Map request for write access to allowed path.

    Note for read-only access, the caller should check for write
    access too.

    Returns ``None`` for no access, or a tuple of toplevel directory
    containing repositories and a relative path to the physical repository.
    """
    log = logging.getLogger('gitosis.access.haveAccess')

    log.debug(
        'Access check for %(user)r as %(mode)r on %(path)r...'
        % dict(
        user=user,
        mode=mode,
        path=path,
        ))

    basename, ext = os.path.splitext(path)
    if ext == '.git':
        log.debug(
            'Stripping .git suffix from %(path)r, new value %(basename)r'
            % dict(
            path=path,
            basename=basename,
            ))
        path = basename

    sections = ['group %s' % item for item in
                 group.getMembership(config=config, user=user)]
    sections.insert(0, 'user %s' % user)

    for sectname in sections:
        repos = util.getConfigList(config, sectname, mode)

        mapping = None

        if pathMatchPatterns(path, repos):
            log.debug(
                'Access ok for %(user)r as %(mode)r on %(path)r'
                % dict(
                user=user,
                mode=mode,
                path=path,
                ))
            mapping = path
        else:
            mapping = util.getConfigDefault(config,
                                            sectname,
                                            'map %s %s' % (mode, path),
                                            None)
            if mapping:
                log.debug(
                    'Access ok for %(user)r as %(mode)r on %(path)r=%(mapping)r'
                    % dict(
                    user=user,
                    mode=mode,
                    path=path,
                    mapping=mapping,
                    ))

        if mapping is not None:
            prefix = util.getConfigDefault(config,
                                           sectname,
                                           'repositories',
                                           'repositories',
                                           'gitosis')

            log.debug(
                'Using prefix %(prefix)r for %(path)r'
                % dict(
                prefix=prefix,
                path=mapping,
                ))
            return (prefix, mapping)