From 72c754b2f03a139122dc4a3877b05704fa88f751 Mon Sep 17 00:00:00 2001 From: Tommi Virtanen Date: Thu, 26 Jun 2008 11:33:48 +0300 Subject: Accept "git upload-pack" etc, for future compatibility. --- gitosis/serve.py | 14 ++++++- gitosis/test/test_serve.py | 100 ++++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 107 insertions(+), 7 deletions(-) diff --git a/gitosis/serve.py b/gitosis/serve.py index c0b7135..9a91fcb 100644 --- a/gitosis/serve.py +++ b/gitosis/serve.py @@ -21,10 +21,12 @@ ALLOW_RE = re.compile("^'/*(?P[a-zA-Z0-9][a-zA-Z0-9@._-]*(/[a-zA-Z0-9][a-z COMMANDS_READONLY = [ 'git-upload-pack', + 'git upload-pack', ] COMMANDS_WRITE = [ 'git-receive-pack', + 'git receive-pack', ] class ServingError(Exception): @@ -62,9 +64,19 @@ def serve( try: verb, args = command.split(None, 1) except ValueError: - # all known commands take one argument; improve if/when needed + # all known "git-foo" commands take one argument; improve + # if/when needed raise UnknownCommandError() + if verb == 'git': + try: + subverb, args = args.split(None, 1) + except ValueError: + # all known "git foo" commands take one argument; improve + # if/when needed + raise UnknownCommandError() + verb = '%s %s' % (verb, subverb) + if (verb not in COMMANDS_WRITE and verb not in COMMANDS_READONLY): raise UnknownCommandError() diff --git a/gitosis/test/test_serve.py b/gitosis/test/test_serve.py index 56d50b0..f1c1930 100644 --- a/gitosis/test/test_serve.py +++ b/gitosis/test/test_serve.py @@ -23,7 +23,7 @@ def test_bad_newLine(): eq(str(e), 'Command may not contain newline') assert isinstance(e, serve.ServingError) -def test_bad_nospace(): +def test_bad_dash_noargs(): cfg = RawConfigParser() e = assert_raises( serve.UnknownCommandError, @@ -35,6 +35,18 @@ def test_bad_nospace(): eq(str(e), 'Unknown command denied') assert isinstance(e, serve.ServingError) +def test_bad_space_noargs(): + cfg = RawConfigParser() + e = assert_raises( + serve.UnknownCommandError, + serve.serve, + cfg=cfg, + user='jdoe', + command='git upload-pack', + ) + eq(str(e), 'Unknown command denied') + assert isinstance(e, serve.ServingError) + def test_bad_command(): cfg = RawConfigParser() e = assert_raises( @@ -83,7 +95,7 @@ def test_bad_unsafeArguments_dotdot(): eq(str(e), 'Arguments to command look dangerous') assert isinstance(e, serve.ServingError) -def test_bad_forbiddenCommand_read(): +def test_bad_forbiddenCommand_read_dash(): cfg = RawConfigParser() e = assert_raises( serve.ReadAccessDenied, @@ -96,7 +108,20 @@ def test_bad_forbiddenCommand_read(): assert isinstance(e, serve.AccessDenied) assert isinstance(e, serve.ServingError) -def test_bad_forbiddenCommand_write_noAccess(): +def test_bad_forbiddenCommand_read_space(): + cfg = RawConfigParser() + e = assert_raises( + serve.ReadAccessDenied, + serve.serve, + cfg=cfg, + user='jdoe', + command="git upload-pack 'foo'", + ) + eq(str(e), 'Repository read access denied') + assert isinstance(e, serve.AccessDenied) + assert isinstance(e, serve.ServingError) + +def test_bad_forbiddenCommand_write_noAccess_dash(): cfg = RawConfigParser() e = assert_raises( serve.ReadAccessDenied, @@ -111,7 +136,22 @@ def test_bad_forbiddenCommand_write_noAccess(): assert isinstance(e, serve.AccessDenied) assert isinstance(e, serve.ServingError) -def test_bad_forbiddenCommand_write_readAccess(): +def test_bad_forbiddenCommand_write_noAccess_space(): + cfg = RawConfigParser() + e = assert_raises( + serve.ReadAccessDenied, + serve.serve, + cfg=cfg, + user='jdoe', + command="git receive-pack 'foo'", + ) + # error message talks about read in an effort to make it more + # obvious that jdoe doesn't have *even* read access + eq(str(e), 'Repository read access denied') + assert isinstance(e, serve.AccessDenied) + assert isinstance(e, serve.ServingError) + +def test_bad_forbiddenCommand_write_readAccess_dash(): cfg = RawConfigParser() cfg.add_section('group foo') cfg.set('group foo', 'members', 'jdoe') @@ -127,7 +167,23 @@ def test_bad_forbiddenCommand_write_readAccess(): assert isinstance(e, serve.AccessDenied) assert isinstance(e, serve.ServingError) -def test_simple_read(): +def test_bad_forbiddenCommand_write_readAccess_space(): + cfg = RawConfigParser() + cfg.add_section('group foo') + cfg.set('group foo', 'members', 'jdoe') + cfg.set('group foo', 'readonly', 'foo') + e = assert_raises( + serve.WriteAccessDenied, + serve.serve, + cfg=cfg, + user='jdoe', + command="git receive-pack 'foo'", + ) + eq(str(e), 'Repository write access denied') + assert isinstance(e, serve.AccessDenied) + assert isinstance(e, serve.ServingError) + +def test_simple_read_dash(): tmp = util.maketemp() repository.init(os.path.join(tmp, 'foo.git')) cfg = RawConfigParser() @@ -143,7 +199,23 @@ def test_simple_read(): ) eq(got, "git-upload-pack '%s/foo.git'" % tmp) -def test_simple_write(): +def test_simple_read_space(): + tmp = util.maketemp() + repository.init(os.path.join(tmp, 'foo.git')) + cfg = RawConfigParser() + cfg.add_section('gitosis') + cfg.set('gitosis', 'repositories', tmp) + cfg.add_section('group foo') + cfg.set('group foo', 'members', 'jdoe') + cfg.set('group foo', 'readonly', 'foo') + got = serve.serve( + cfg=cfg, + user='jdoe', + command="git upload-pack 'foo'", + ) + eq(got, "git upload-pack '%s/foo.git'" % tmp) + +def test_simple_write_dash(): tmp = util.maketemp() repository.init(os.path.join(tmp, 'foo.git')) cfg = RawConfigParser() @@ -159,6 +231,22 @@ def test_simple_write(): ) eq(got, "git-receive-pack '%s/foo.git'" % tmp) +def test_simple_write_space(): + tmp = util.maketemp() + repository.init(os.path.join(tmp, 'foo.git')) + cfg = RawConfigParser() + cfg.add_section('gitosis') + cfg.set('gitosis', 'repositories', tmp) + cfg.add_section('group foo') + cfg.set('group foo', 'members', 'jdoe') + cfg.set('group foo', 'writable', 'foo') + got = serve.serve( + cfg=cfg, + user='jdoe', + command="git receive-pack 'foo'", + ) + eq(got, "git receive-pack '%s/foo.git'" % tmp) + def test_push_inits_if_needed(): # a push to a non-existent repository (but where config authorizes # you to do that) will create the repository on the fly -- cgit v1.2.3