update-hook

   1 #!/bin/sh
   2 #
   3 # Currently, we just confine the mob user to the mob branch here.
   4 #
   5 # TODO: CIA support. Mailing list notifications support. Generalized
   6 # branches push permissions support.
   7 #
   8
   9 ## Girocco::Config::basedir
  10 basedir=/home/repo/repomgr
  11
  12 set -e
  13
  14 if ! [ -x /usr/bin/perl ]; then
  15         # We are INSIDE the chroot
  16
  17         if [ -O /var/run/mob ]; then
  18                 if [ x"$1" != x"refs/heads/mob" ]; then
  19                         echo "The mob user can push only to the 'mob' branch, sorry" >&2
  20                         exit 1
  21                 fi
  22                 if [ x"$2" = x"0000000000000000000000000000000000000000" ]; then
  23                         echo "The mob user cannot _create_ the 'mob' branch, sorry" >&2
  24                         exit 2
  25                 fi
  26         fi
  27
  28         exit 0
  29 fi
  30
  31 # We are NOT inside the chroot
  32
  33 # Import all the variables from Girocco::Config to the local environment,
  34 # prefixing them with 'cfg_'. E.g. $cfg_admin is admin's mail address now.
  35 eval $(perl -I"$basedir" -MGirocco::Config -le 'foreach (keys %Girocco::Config::) { print "cfg_$_=\"".quotemeta(${$Girocco::Config::{$_}})."\""; }')
  36
  37 if [ "$cfg_permission_control" = "Hooks" ]; then
  38         # We have some permission control to do!
  39         proj="$(pwd)"
  40         proj="${proj#$cfg_reporoot}"
  41         # XXX: Sanity check on project name and $USER here? Seems superfluous.
  42         if ! perl -I"$basedir" -MGirocco::Project -le 'exit(1) unless Girocco::Project->load("'$proj'")->can_user_push("'$USER'")'; then
  43                 echo "The user '$USER' does not have push permissions for project '$proj'" >&2
  44                 echo "You can adjust push permissions at $cfg_webadmurl/editproj.cgi?name=$proj" >&2
  45                 exit 3
  46         fi
  47 fi
  48
  49 exit 0