1. BoldProgressives
  2. Untitled project
  3. trac-gitolite-plugin

Commits

ejucovy  committed 723af64

Refactor:

* utils no longer requires trac
* read_config finds all permissions, not just read perm
:

  • Participants
  • Parent commits 712523c
  • Branches default

Comments (0)

Files changed (2)

File perm_policy.py

View file
             resource = resource.parent
 
     def read_config(self):
-        return utils.read_config(self.env, self.gitolite_admin_reponame)
+        repo = self.env.get_repository(reponame=self.gitolite_admin_reponame)
+        node = repo.get_node("conf/gitolite.conf")
+        fp = node.get_content()
+        return utils.read_config(fp)
 
     def check_repository_permission(self, action, username, repository, resource, perm):
         repos = self.read_config()
-        if username != 'anonymous' and username in repos.get(repository.id, []):
+
+        ## If the repo is not known in the config, we defer to the supersystem's decisions,
+        ## unless our configuration says otherwise.
+        if repository.id not in repos:
+            if self.default_to_private:
+                return False
+            else:
+                return None
+
+        perms = repos[repository.id]
+
+        if username == 'anonymous':
+            if self.all_includes_anonymous:
+                if '@all' in perms.get('R', []):
+                    return True
+            ## If the repo is known in the config then we assume that anonymous users can't see it
+            ## unless the @all-check in the previous stanza was triggered.
+            return False
+
+        if username in perms.get('R', []):
             return True
-        if '@all' in repos.get(repository.id, []):
-            if username != 'anonymous':
-                return True
-            elif self.all_includes_anonymous:
-                return True
+
+        if '@all' in perms.get('R', []):
+            return True
 
         ## If the repo is known in the config but the user isn't explicitly granted access there,
         ## then the user does not have access.
-        if repository.id in repos:
-            return False
+        return False
 
-        ## If the repo is not known in the config, we defer to the supersystem's decisions,
-        ## unless our configuration says otherwise.
-        if self.default_to_private:
-            return False
-        return None
 
     ## IPermissionPolicy methods
             

File utils.py

View file
-def read_config(env, reponame):
-    repo = self.env.get_repository(reponame=self.gitolite_admin_reponame)
-    node = repo.get_node("conf/gitolite.conf")
-
-    fp = node.get_content()
+def read_config(fp):
     repos = dict()
     this_repo = None
-    info = []
+    info = {}
     for line in fp:
         line = line.strip()
         if line.startswith("repo"):
             if this_repo is not None and len(info) > 0:
                 repos[this_repo] = info
             this_repo = line[len("repo"):].strip()
-            info = []
+            info = {}
         elif '=' in line:
             perms, users = line.split("=")
-            perms = perms.strip()
+            perms = perms.strip().upper()
             users = [i.strip() for i in users.split()]
-            if 'R' not in perms.upper():
-                continue
-            info.extend(users)
-        pass
+            for perm in perms:
+                if perm in info:
+                    info[perm].extend(users)
+                else:
+                    info[perm] = users
+
     if this_repo is not None and len(info) > 0:
         repos[this_repo] = info