cgiroot: move out from under webroot
[girocco.git] / Girocco / ProjPerm.pm
blob72716b85f14022d6a4dd83c2f998a53d12d97bd5
1 package Girocco::ProjPerm;
3 # This is base class for various permission models; these control updating
4 # permissions of appropriate files in push-enabled repositories.
5 # The /etc/group file is maintained by Girocco::Project itself.
7 # The chosen subclass of this class is used as base class of Girocco::Project.
9 use strict;
10 use warnings;
12 use Girocco::Config;
14 BEGIN {
15 our @interesting = qw(refs info objects);
18 sub perm_initialize {
19 my ($proj) = @_;
20 die "unimplemented";
23 sub perm_user_add {
24 my ($proj, $username, $uid) = @_;
25 die "unimplemented";
28 sub perm_user_del {
29 my ($proj, $username, $uid) = @_;
30 die "unimplemented";
33 sub shared_mode {
34 my ($proj) = @_;
35 # The --shared= argument for git init
36 die "unimplemented";
42 package Girocco::ProjPerm::Group;
44 # This is the naive permission model: on init, we just chgrp the relevant
45 # pieces to our group and make them group-writable. But oh, we cannot do that
46 # since we are not root; so we just sit happily and do nothing else.
47 # Then, we can just sit happily and do nothing else either.
49 use strict;
50 use warnings;
52 BEGIN {
53 use base qw(Girocco::ProjPerm);
56 sub perm_initialize {
57 my ($proj) = @_;
59 # adjust group and other permissions
60 system("chmod", "-R", "ug+rw,o+r", $proj->{path}) == 0 or die "Running chmod failed: $!";
65 sub perm_user_add {
66 my ($proj, $username, $uid) = @_;
70 sub perm_user_del {
71 my ($proj, $username, $uid) = @_;
75 sub shared_mode {
76 my ($proj) = @_;
77 "group";
80 sub can_user_push {
81 my ($proj, $username) = @_;
82 grep { $_ eq $username } @{$proj->{users}};
88 package Girocco::ProjPerm::Hooks;
90 # This is the "soft-security" permission model: we keep the repository
91 # world-writable and check if the user is allowed to push only within
92 # the update hook that will call our can_user_push() method.
94 use strict;
95 use warnings;
97 BEGIN {
98 use base qw(Girocco::ProjPerm);
101 sub perm_initialize {
102 my ($proj) = @_;
106 sub perm_user_add {
107 my ($proj, $username, $uid) = @_;
111 sub perm_user_del {
112 my ($proj, $username, $uid) = @_;
116 sub shared_mode {
117 my ($proj) = @_;
118 "0777";
121 sub can_user_push {
122 my ($proj, $username) = @_;
123 grep { $_ eq $username } @{$proj->{users}};