This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository maintenancescripts. commit 23e75682cc785e621b2f1ec46d1b59e6fb2da4a5 Author: Mihai Moldovan <ionic@ionic.de> Date: Tue Feb 24 00:01:19 2015 +0100 git/hooks/update-script._acl_: use more quoting, curly braces and replace ...)-style case-switches with (...)-style case-switches. Add FIXME's. --- git/hooks/update-script._acl_ | 110 ++++++++++++++++++++--------------------- 1 file changed, 54 insertions(+), 56 deletions(-) diff --git a/git/hooks/update-script._acl_ b/git/hooks/update-script._acl_ index 3669e95..86ab4c6 100755 --- a/git/hooks/update-script._acl_ +++ b/git/hooks/update-script._acl_ @@ -3,86 +3,84 @@ . hooks/update-script._check_ # Implement per-branch controls based on username -allowed_users_file=$GIT_DIR/info/allowed-users -username=$(id -u -n) -info "The user is: '$username'" +allowed_users_file="${GIT_DIR}/info/allowed-users" +username="$(id -u -n)" +info "The user is: '${username}'" -if test -f "$allowed_users_file" -then - granted=1 - rc=$(cat $allowed_users_file | grep -v '^#' | grep -v '^$' | + +## FIXME ## This looks slightly weird. Rework this. +## FIXME ## noff was removed when replacing the duplicated check with calling update-script._check_. Need that back! +if [ -f "${allowed_users_file}" ]; then + granted="0" + rc="$(cat "${allowed_users_file}" | grep -v '^#' | grep -v '^$' | while read heads user_patterns do # does this rule apply to us? - head_pattern=${heads#+} - matchlen=$(expr "$1" : "${head_pattern#+}") - test "$matchlen" = ${#1} || continue + head_pattern="${heads#+}" + matchlen="$(expr "${1}" : "${head_pattern#+}")" + [ "${matchlen}" = ${#1} ] || continue - # if non-ff, $heads must be with the '+' prefix - test -n "$noff" && - test "$head_pattern" = "$heads" && continue + # if non-ff, ${heads} must be with the '+' prefix + [ -n "${noff}" ] && \ + [ "${head_pattern}" = "${heads}" ] && continue - info "Found matching head pattern: '$head_pattern'" - for user_pattern in $user_patterns; do - info "Checking user: '$username' against pattern: '$user_pattern'" - matchlen=$(expr "$username" : "$user_pattern") - if test "$matchlen" = "${#username}" - then - grant "Allowing user: '$username' with pattern: '$user_pattern'" - granted=0 + info "Found matching head pattern: '${head_pattern}'" + for user_pattern in ${user_patterns}; do + info "Checking user: '${username}' against pattern: '${user_pattern}'" + matchlen="$(expr "${username}" : "${user_pattern}")" + if [ "${matchlen}" = "${#username}" ]; then + grant "Allowing user: '${username}' with pattern: '${user_pattern}'" + granted="1" fi done done - test $granted || deny "The user is not in the access list for this branch" - ) - case "$rc" in - grant) grant >/dev/null "Granting access based on $allowed_users_file" ;; - deny) deny >/dev/null "Denying access based on $allowed_users_file" ;; - *) ;; + [ "${granted}" = "1" ] || deny "The user is not in the access list for this branch" + )" + case "${rc}" in + (grant) grant >/dev/null "Granting access based on ${allowed_users_file}" ;; + (deny) deny >/dev/null "Denying access based on ${allowed_users_file}" ;; + (*) ;; esac fi -allowed_groups_file=$GIT_DIR/info/allowed-groups -groups=$(id -G -n) +allowed_groups_file="${GIT_DIR}/info/allowed-groups" +groups="$(id -G -n)" info "The user belongs to the following groups:" -info "'$groups'" +info "'${groups}'" -if test -f "$allowed_groups_file" -then - granted=1 - rc=$(cat $allowed_groups_file | grep -v '^#' | grep -v '^$' | +if [ -f "${allowed_groups_file}" ]; then + granted="0" + rc="$(cat "${allowed_groups_file}" | grep -v '^#' | grep -v '^$' | while read heads group_patterns do # does this rule apply to us? - head_pattern=${heads#+} - matchlen=$(expr "$1" : "${head_pattern#+}") - test "$matchlen" = ${#1} || continue + head_pattern="${heads#+}" + matchlen="$(expr "${1}" : "${head_pattern#+}")" + [ "${matchlen}" = "${#1}" ] || continue - # if non-ff, $heads must be with the '+' prefix - test -n "$noff" && - test "$head_pattern" = "$heads" && continue + # if non-ff, ${heads} must be with the '+' prefix + [ -n "${noff}" ] && \ + [ "${head_pattern}" = "${heads}" ] && continue - info "Found matching head pattern: '$head_pattern'" - for group_pattern in $group_patterns; do - for groupname in $groups; do - info "Checking group: '$groupname' against pattern: '$group_pattern'" - matchlen=$(expr "$groupname" : "$group_pattern") - if test "$matchlen" = "${#groupname}" - then - grant "Allowing group: '$groupname' with pattern: '$group_pattern'" - granted=0 + info "Found matching head pattern: '${head_pattern}'" + for group_pattern in ${group_patterns}; do + for groupname in ${groups}; do + info "Checking group: '${groupname}' against pattern: '${group_pattern}'" + matchlen="$(expr "${groupname}" : "${group_pattern}")" + if [ "${matchlen}" = "${#groupname}" ]; then + grant "Allowing group: '${groupname}' with pattern: '${group_pattern}'" + granted="1" fi done done done - test $granted || deny "None of the user's groups are in the access list for this branch" - ) - case "$rc" in - grant) grant >/dev/null "Granting access based on $allowed_groups_file" ;; - deny) deny >/dev/null "Denying access based on $allowed_groups_file" ;; - *) ;; + [ "${granted}" = "1" ] || deny "None of the user's groups are in the access list for this branch" + )" + case "${rc}" in + (grant) grant >/dev/null "Granting access based on ${allowed_groups_file}" ;; + (deny) deny >/dev/null "Denying access based on ${allowed_groups_file}" ;; + (*) ;; esac fi deny >/dev/null "There are no more rules to check. Denying access" - -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/maintenancescripts.git