1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
import os, logging
from ConfigParser import NoSectionError, NoOptionError
from gitosis import group
def haveAccess(config, user, mode, path):
"""
Map request for write access to allowed path.
Note for read-only access, the caller should check for write
access too.
Returns ``None`` for no access, or a tuple of toplevel directory
containing repositories and a relative path to the physical repository.
"""
log = logging.getLogger('gitosis.access.haveAccess')
log.debug(
'Access check for %(user)r as %(mode)r on %(path)r...'
% dict(
user=user,
mode=mode,
path=path,
))
basename, ext = os.path.splitext(path)
if ext == '.git':
log.debug(
'Stripping .git suffix from %(path)r, new value %(basename)r'
% dict(
path=path,
basename=basename,
))
path = basename
for groupname in group.getMembership(config=config, user=user):
try:
repos = config.get('group %s' % groupname, mode)
except (NoSectionError, NoOptionError):
repos = []
else:
repos = repos.split()
mapping = None
if path in repos:
log.debug(
'Access ok for %(user)r as %(mode)r on %(path)r'
% dict(
user=user,
mode=mode,
path=path,
))
mapping = path
else:
try:
mapping = config.get('group %s' % groupname,
'map %s %s' % (mode, path))
except (NoSectionError, NoOptionError):
pass
else:
log.debug(
'Access ok for %(user)r as %(mode)r on %(path)r=%(mapping)r'
% dict(
user=user,
mode=mode,
path=path,
mapping=mapping,
))
if mapping is not None:
prefix = None
try:
prefix = config.get(
'group %s' % groupname, 'repositories')
except (NoSectionError, NoOptionError):
try:
prefix = config.get('gitosis', 'repositories')
except (NoSectionError, NoOptionError):
prefix = 'repositories'
log.debug(
'Using prefix %(prefix)r for %(path)r'
% dict(
prefix=prefix,
path=mapping,
))
return (prefix, mapping)
|