jakob/gitosis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Accept "git upload-pack" etc, for future compatibility.

Browse source
This commit is contained in:
Tommi Virtanen 2008-06-26 11:33:48 +03:00
parent 38561aa6a5
commit 72c754b2f0
2 changed files with 107 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
gitosis/serve.py
View file

@ -21,10 +21,12 @@ ALLOW_RE = re.compile("^'/*(?P<path>[a-zA-Z0-9][a-zA-Z0-9@._-]*(/[a-zA-Z0-9][a-z
COMMANDS_READONLY = [ COMMANDS_READONLY = [
'git-upload-pack', 'git-upload-pack',
'git upload-pack',
] ]
COMMANDS_WRITE = [ COMMANDS_WRITE = [
'git-receive-pack', 'git-receive-pack',
'git receive-pack',
] ]
class ServingError(Exception): class ServingError(Exception):
@ -62,9 +64,19 @@ def serve(
try: try:
verb, args = command.split(None, 1) verb, args = command.split(None, 1)
except ValueError: except ValueError:
# all known commands take one argument; improve if/when needed # all known "git-foo" commands take one argument; improve
# if/when needed
raise UnknownCommandError() raise UnknownCommandError()
if verb == 'git':
try:
subverb, args = args.split(None, 1)
except ValueError:
# all known "git foo" commands take one argument; improve
# if/when needed
raise UnknownCommandError()
verb = '%s %s' % (verb, subverb)
if (verb not in COMMANDS_WRITE if (verb not in COMMANDS_WRITE
and verb not in COMMANDS_READONLY): and verb not in COMMANDS_READONLY):
raise UnknownCommandError() raise UnknownCommandError()

100
gitosis/test/test_serve.py
View file

@ -23,7 +23,7 @@ def test_bad_newLine():
eq(str(e), 'Command may not contain newline') eq(str(e), 'Command may not contain newline')
assert isinstance(e, serve.ServingError) assert isinstance(e, serve.ServingError)
def test_bad_nospace(): def test_bad_dash_noargs():
cfg = RawConfigParser() cfg = RawConfigParser()
e = assert_raises( e = assert_raises(
serve.UnknownCommandError, serve.UnknownCommandError,
@ -35,6 +35,18 @@ def test_bad_nospace():
eq(str(e), 'Unknown command denied') eq(str(e), 'Unknown command denied')
assert isinstance(e, serve.ServingError) assert isinstance(e, serve.ServingError)
def test_bad_space_noargs():
cfg = RawConfigParser()
e = assert_raises(
serve.UnknownCommandError,
serve.serve,
cfg=cfg,
user='jdoe',
command='git upload-pack',
)
eq(str(e), 'Unknown command denied')
assert isinstance(e, serve.ServingError)
def test_bad_command(): def test_bad_command():
cfg = RawConfigParser() cfg = RawConfigParser()
e = assert_raises( e = assert_raises(
@ -83,7 +95,7 @@ def test_bad_unsafeArguments_dotdot():
eq(str(e), 'Arguments to command look dangerous') eq(str(e), 'Arguments to command look dangerous')
assert isinstance(e, serve.ServingError) assert isinstance(e, serve.ServingError)
def test_bad_forbiddenCommand_read(): def test_bad_forbiddenCommand_read_dash():
cfg = RawConfigParser() cfg = RawConfigParser()
e = assert_raises( e = assert_raises(
serve.ReadAccessDenied, serve.ReadAccessDenied,
@ -96,7 +108,20 @@ def test_bad_forbiddenCommand_read():
assert isinstance(e, serve.AccessDenied) assert isinstance(e, serve.AccessDenied)
assert isinstance(e, serve.ServingError) assert isinstance(e, serve.ServingError)
def test_bad_forbiddenCommand_write_noAccess(): def test_bad_forbiddenCommand_read_space():
cfg = RawConfigParser()
e = assert_raises(
serve.ReadAccessDenied,
serve.serve,
cfg=cfg,
user='jdoe',
command="git upload-pack 'foo'",
)
eq(str(e), 'Repository read access denied')
assert isinstance(e, serve.AccessDenied)
assert isinstance(e, serve.ServingError)
def test_bad_forbiddenCommand_write_noAccess_dash():
cfg = RawConfigParser() cfg = RawConfigParser()
e = assert_raises( e = assert_raises(
serve.ReadAccessDenied, serve.ReadAccessDenied,
@ -111,7 +136,22 @@ def test_bad_forbiddenCommand_write_noAccess():
assert isinstance(e, serve.AccessDenied) assert isinstance(e, serve.AccessDenied)
assert isinstance(e, serve.ServingError) assert isinstance(e, serve.ServingError)
def test_bad_forbiddenCommand_write_readAccess(): def test_bad_forbiddenCommand_write_noAccess_space():
cfg = RawConfigParser()
e = assert_raises(
serve.ReadAccessDenied,
serve.serve,
cfg=cfg,
user='jdoe',
command="git receive-pack 'foo'",
)
# error message talks about read in an effort to make it more
# obvious that jdoe doesn't have *even* read access
eq(str(e), 'Repository read access denied')
assert isinstance(e, serve.AccessDenied)
assert isinstance(e, serve.ServingError)
def test_bad_forbiddenCommand_write_readAccess_dash():
cfg = RawConfigParser() cfg = RawConfigParser()
cfg.add_section('group foo') cfg.add_section('group foo')
cfg.set('group foo', 'members', 'jdoe') cfg.set('group foo', 'members', 'jdoe')
@ -127,7 +167,23 @@ def test_bad_forbiddenCommand_write_readAccess():
assert isinstance(e, serve.AccessDenied) assert isinstance(e, serve.AccessDenied)
assert isinstance(e, serve.ServingError) assert isinstance(e, serve.ServingError)
def test_simple_read(): def test_bad_forbiddenCommand_write_readAccess_space():
cfg = RawConfigParser()
cfg.add_section('group foo')
cfg.set('group foo', 'members', 'jdoe')
cfg.set('group foo', 'readonly', 'foo')
e = assert_raises(
serve.WriteAccessDenied,
serve.serve,
cfg=cfg,
user='jdoe',
command="git receive-pack 'foo'",
)
eq(str(e), 'Repository write access denied')
assert isinstance(e, serve.AccessDenied)
assert isinstance(e, serve.ServingError)
def test_simple_read_dash():
tmp = util.maketemp() tmp = util.maketemp()
repository.init(os.path.join(tmp, 'foo.git')) repository.init(os.path.join(tmp, 'foo.git'))
cfg = RawConfigParser() cfg = RawConfigParser()
@ -143,7 +199,23 @@ def test_simple_read():
) )
eq(got, "git-upload-pack '%s/foo.git'" % tmp) eq(got, "git-upload-pack '%s/foo.git'" % tmp)
def test_simple_write(): def test_simple_read_space():
tmp = util.maketemp()
repository.init(os.path.join(tmp, 'foo.git'))
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
cfg.add_section('group foo')
cfg.set('group foo', 'members', 'jdoe')
cfg.set('group foo', 'readonly', 'foo')
got = serve.serve(
cfg=cfg,
user='jdoe',
command="git upload-pack 'foo'",
)
eq(got, "git upload-pack '%s/foo.git'" % tmp)
def test_simple_write_dash():
tmp = util.maketemp() tmp = util.maketemp()
repository.init(os.path.join(tmp, 'foo.git')) repository.init(os.path.join(tmp, 'foo.git'))
cfg = RawConfigParser() cfg = RawConfigParser()
@ -159,6 +231,22 @@ def test_simple_write():
) )
eq(got, "git-receive-pack '%s/foo.git'" % tmp) eq(got, "git-receive-pack '%s/foo.git'" % tmp)
def test_simple_write_space():
tmp = util.maketemp()
repository.init(os.path.join(tmp, 'foo.git'))
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
cfg.add_section('group foo')
cfg.set('group foo', 'members', 'jdoe')
cfg.set('group foo', 'writable', 'foo')
got = serve.serve(
cfg=cfg,
user='jdoe',
command="git receive-pack 'foo'",
)
eq(got, "git receive-pack '%s/foo.git'" % tmp)
def test_push_inits_if_needed(): def test_push_inits_if_needed():
# a push to a non-existent repository (but where config authorizes # a push to a non-existent repository (but where config authorizes
# you to do that) will create the repository on the fly # you to do that) will create the repository on the fly