Introduce Girocco::ProjPerm::Hooks
[girocco/mytab.git] / update-hook
blob9e8294950eb4caee089b98bad1b15e9f7875ed45
1 #!/bin/sh
3 # Currently, we just confine the mob user to the mob branch here.
5 # TODO: CIA support. Mailing list notifications support. Generalized
6 # branches push permissions support.
9 ## Girocco::Config::basedir
10 basedir=/home/repo/repomgr
12 set -e
14 if ! [ -x /usr/bin/perl ]; then
15 # We are INSIDE the chroot
17 if [ -O /var/run/mob ]; then
18 if [ x"$1" != x"refs/heads/mob" ]; then
19 echo "The mob user can push only to the 'mob' branch, sorry" >&2
20 exit 1
22 if [ x"$2" = x"0000000000000000000000000000000000000000" ]; then
23 echo "The mob user cannot _create_ the 'mob' branch, sorry" >&2
24 exit 2
28 exit 0
31 # We are NOT inside the chroot
33 # Import all the variables from Girocco::Config to the local environment,
34 # prefixing them with 'cfg_'. E.g. $cfg_admin is admin's mail address now.
35 eval $(perl -I"$basedir" -MGirocco::Config -le 'foreach (keys %Girocco::Config::) { print "cfg_$_=\"".quotemeta(${$Girocco::Config::{$_}})."\""; }')
37 if [ "$cfg_permission_control" = "Hooks" ]; then
38 # We have some permission control to do!
39 proj="$(pwd)"
40 proj="${proj#$cfg_reporoot}"
41 # XXX: Sanity check on project name and $USER here? Seems superfluous.
42 if ! perl -I"$basedir" -MGirocco::Project -le 'exit(1) unless Girocco::Project->load("'$proj'")->can_user_push("'$USER'")'; then
43 echo "The user '$USER' does not have push permissions for project '$proj'" >&2
44 echo "You can adjust push permissions at $cfg_webadmurl/editproj.cgi?name=$proj" >&2
45 exit 3
49 exit 0