search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
tagproj.cgi: behave more robustly with peculiar input
[girocco.git] / hooks / update
blobf9e250bdec51d62625da49a324bd99f2e7a01b21
1 #!/bin/sh
2 #
3 # Currently, we just confine the mob user to the mob branch here.
4 #
5 # TODO: Generalized branches push permissions support.
6
7 set -e
8
9 if ! [ -x /usr/bin/perl ]; then
10 # We are INSIDE the chroot
11
12 reporoot=/@jailreporoot@
13 webadmurl=@webadmurl@
14 mob=@mob@
15 proj="$(pwd)"; proj="${proj#$reporoot/}"
16 mobdir=
17 case "$proj" in *?/mob)
18 mobdir=1
19 proj="${proj%/mob}"
20 esac
21 projbare="${proj%.git}"
22
23 if ! [ -f "$reporoot/$proj/.nofetch" ]; then
24 echo "The $proj project is a mirror and may not be pushed to, sorry" >&2
25 exit 3
26 fi
27
28 if [ -n "$mobdir" -a "$mob" != "mob" ]; then
29 # Should only get here if there's a misconfiguration
30 echo "Personal mob branches are not supported" >&2
31 exit 3
32 fi
33 if [ -n "$mobdir" -a "$LOGNAME" = "mob" ]; then
34 # Should only get here if there's a misconfiguration
35 echo "The mob user may not use personal mob branches" >&2
36 exit 3
37 fi
38 if [ -n "$mobdir" -a ! -d "$reporoot/$proj/mob" ]; then
39 # Should only get here if there's a misconfiguration
40 echo "The project '$proj' does not support personal mob branches" >&2
41 exit 3
42 fi
43 if [ -n "$mobdir" ] && ! can_user_push "$projbare" mob; then
44 # Should only get here if there's a misconfiguration
45 echo "The user 'mob' does not have push permissions for project '$proj'" >&2
46 echo "You may adjust push permissions at $webadmurl/editproj.cgi?name=$proj" >&2
47 exit 3
48 fi
49 if [ -n "$mobdir" ]; then
50 # All personal mob refs must start with refs/heads/mob.$USER,
51 # refs/heads/mob_$USER/, refs/mob/mob.$USER or refs/mob/mob_$USER/
52 case "$1" in
53 "refs/heads/mob.$LOGNAME" | \
54 "refs/heads/mob_$LOGNAME/"?* | \
55 "refs/mob/mob.$LOGNAME" | \
56 "refs/mob/mob_$LOGNAME/"?* ) :;;
57 *)
58 echo "The user '$LOGNAME' does not have push permissions for project '$proj'." >&2
59 echo "However '$proj' allows pushes to personal mob branches w/o push perms." >&2
60 echo "The ref '$1' is not a valid personal mob branch ref name." >&2
61 echo "Valid personal mob branch ref names are one of the following:" >&2
62 echo " refs/heads/mob.$LOGNAME or refs/mob/mob.$LOGNAME" >&2
63 echo "or refs that start with one of the following:" >&2
64 echo " refs/heads/mob_$LOGNAME/ or refs/mob/mob_$LOGNAME/" >&2
65 echo "No other personal mob branch ref names may be pushed to, sorry." >&2
66 echo "You may adjust push permissions at $webadmurl/editproj.cgi?name=$proj" >&2
67 exit 3
68 esac
69 exit 0
70 fi
71
72 if ! can_user_push "$projbare"; then
73 echo "The user '$LOGNAME' does not have push permissions for project '$proj'" >&2
74 echo "You may adjust push permissions at $webadmurl/editproj.cgi?name=$proj" >&2
75 exit 3
76 fi
77
78 if [ "$mob" = "mob" -a "$LOGNAME" = "mob" ]; then
79 if [ x"$1" != x"refs/heads/mob" ]; then
80 echo "The mob user may push only to the 'mob' branch, sorry" >&2
81 exit 1
82 fi
83 if [ x"$2" = x"0000000000000000000000000000000000000000" ]; then
84 echo "The mob user may not _create_ the 'mob' branch, sorry" >&2
85 exit 2
86 fi
87 if [ x"$3" = x"0000000000000000000000000000000000000000" ]; then
88 echo "The mob user may not _delete_ the 'mob' branch, smch, sorry"
89 exit 3
90 fi
91 fi
92
93 if [ "$mob" = "mob" ]; then
94 case "$1" in
95 "refs/heads/mob."?* | "refs/heads/mob_"?*)
96 echo "Use of the ref '$1' is reserved for personal mob branch" >&2
97 echo "users who do not have push permission to project '$proj'." >&2
98 echo "Users with push permission may only access the personal" >&2
99 echo "mob branches using refs that start with 'refs/mob/'." >&2
100 exit 3
101 esac
102 fi
103
104 exit 0
105 fi
106
107 # We are NOT inside the chroot
108
109 . @basedir@/shlib.sh
110
111 if [ "$cfg_permission_control" = "Hooks" ]; then
112 # We have some permission control to do!
113 proj="$(pwd)"; proj="${proj#$cfg_reporoot/}"; projbare="${proj%.git}"
114 # XXX: Sanity check on project name and $USER here? Seems superfluous.
115 if ! "$cfg_basedir/bin/can_user_push_http" "$projbare" "$USER"; then
116 echo "The user '$USER' does not have push permissions for project '$proj'" >&2
117 echo "You may adjust push permissions at $cfg_webadmurl/editproj.cgi?name=$proj" >&2
118 exit 3
119 fi
120 fi
121
122 if [ -n "$GIT_PROJECT_ROOT" ]; then
123 # We are doing a smart HTTP push
124
125 proj="$(pwd)"; proj="${proj#$cfg_reporoot/}"
126 mobdir=
127 case "$proj" in *?/mob)
128 mobdir=1
129 proj="${proj%/mob}"
130 esac
131 projbare="${proj%.git}"
132
133 if ! [ -f "$cfg_reporoot/$proj/.nofetch" ]; then
134 echo "The $proj project is a mirror and may not be pushed to, sorry" >&2
135 exit 3
136 fi
137
138 authuser="${REMOTE_USER#/UID=}"
139 authuuid="${authuser}"
140 authuser="${authuser%/dnQualifier=*}"
141 authuuid="${authuuid#$authuser}"
142 authuuid="${authuuid#/dnQualifier=}"
143 if [ -z "$authuser" ]; then
144 echo "Only authenticated users may push, sorry" >&2
145 exit 3
146 fi
147 if [ "$authuser" != "mob" -o "$cfg_mob" != "mob" ]; then
148 if ! useruuid="$("$cfg_basedir/bin/get_user_uuid" "$authuser")" || [ "$useruuid" != "$authuuid" ]; then
149 echo "The user '$authuser' certificate being used is no longer valid."
150 echo "You may download a new user certificate at $cfg_webadmurl/edituser.cgi"
151 exit 3
152 fi
153 fi
154
155 if [ -n "$mobdir" -a "$cfg_mob" != "mob" ]; then
156 # Should only get here if there's a misconfiguration
157 echo "Personal mob branches are not supported" >&2
158 exit 3
159 fi
160 if [ -n "$mobdir" -a "$authuser" = "mob" ]; then
161 # Should only get here if there's a misconfiguration
162 echo "The mob user may not use personal mob branches" >&2
163 exit 3
164 fi
165 if [ -n "$mobdir" -a ! -d "$cfg_reporoot/$proj/mob" ]; then
166 # Should only get here if there's a misconfiguration
167 echo "The project '$proj' does not support personal mob branches" >&2
168 exit 3
169 fi
170 if [ -n "$mobdir" ] && ! "$cfg_basedir/bin/can_user_push_http" "$projbare" "mob"; then
171 # Should only get here if there's a misconfiguration
172 echo "The user 'mob' does not have push permissions for project '$proj'" >&2
173 echo "You may adjust push permissions at $cfg_webadmurl/editproj.cgi?name=$proj" >&2
174 exit 3
175 fi
176 if [ -n "$mobdir" ]; then
177 # All personal mob refs must start with refs/heads/mob.$USER,
178 # refs/heads/mob_$USER/, refs/mob/mob.$USER or refs/mob/mob_$USER/
179 case "$1" in
180 "refs/heads/mob.$authuser" | \
181 "refs/heads/mob_$authuser/"?* | \
182 "refs/mob/mob.$authuser" | \
183 "refs/mob/mob_$authuser/"?* ) :;;
184 *)
185 echo "The user '$authuser' does not have push permissions for project '$proj'." >&2
186 echo "However '$proj' allows pushes to personal mob branches w/o push perms." >&2
187 echo "The ref '$1' is not a valid personal mob branch ref name." >&2
188 echo "Valid personal mob branch ref names are one of the following:" >&2
189 echo " refs/heads/mob.$authuser or refs/mob/mob.$authuser" >&2
190 echo "or refs that start with one of the following:" >&2
191 echo " refs/heads/mob_$authuser/ or refs/mob/mob_$authuser/" >&2
192 echo "No other personal mob branch ref names may be pushed to, sorry." >&2
193 echo "You may adjust push permissions at $cfg_webadmurl/editproj.cgi?name=$proj" >&2
194 exit 3
195 esac
196 exit 0
197 fi
198
199 if ! "$cfg_basedir/bin/can_user_push_http" "$projbare" "$authuser"; then
200 echo "The user '$authuser' does not have push permissions for project '$proj'" >&2
201 echo "You may adjust push permissions at $cfg_webadmurl/editproj.cgi?name=$proj" >&2
202 exit 3
203 fi
204
205 if [ "$cfg_mob" = "mob" -a "$authuser" = "mob" ]; then
206 if [ x"$1" != x"refs/heads/mob" ]; then
207 echo "The mob user may push only to the 'mob' branch, sorry" >&2
208 exit 1
209 fi
210 if [ x"$2" = x"0000000000000000000000000000000000000000" ]; then
211 echo "The mob user may not _create_ the 'mob' branch, sorry" >&2
212 exit 2
213 fi
214 if [ x"$3" = x"0000000000000000000000000000000000000000" ]; then
215 echo "The mob user may not _delete_ the 'mob' branch, smch, sorry"
216 exit 3
217 fi
218 fi
219
220 if [ "$cfg_mob" = "mob" ]; then
221 case "$1" in
222 "refs/heads/mob."?* | "refs/heads/mob_"?*)
223 echo "Use of the ref '$1' is reserved for personal mob branch" >&2
224 echo "users who do not have push permission to project '$proj'." >&2
225 echo "Users with push permission may only access the personal" >&2
226 echo "mob branches using refs that start with 'refs/mob/'." >&2
227 exit 3
228 esac
229 fi
230 fi
231
232 exit 0
The repo.or.cz duct tape "Girocco"