diff options
author | Sitaram Chamarty <sitaram@atc.tcs.com> | 2014-04-16 19:32:00 +0530 |
---|---|---|
committer | Sitaram Chamarty <sitaram@atc.tcs.com> | 2014-04-17 10:16:17 +0530 |
commit | 5d1119c210ba930b7b315bf22f9075352c2a4760 (patch) | |
tree | 24518a4b155ac9568734eb258e6197319d98ffbd /src/lib/Gitolite/Conf/Load.pm | |
parent | info: learns -json option (diff) | |
download | gitolite-gentoo-5d1119c210ba930b7b315bf22f9075352c2a4760.tar.gz gitolite-gentoo-5d1119c210ba930b7b315bf22f9075352c2a4760.tar.bz2 gitolite-gentoo-5d1119c210ba930b7b315bf22f9075352c2a4760.zip |
(experimental) trace rules using access command
Diffstat (limited to 'src/lib/Gitolite/Conf/Load.pm')
-rw-r--r-- | src/lib/Gitolite/Conf/Load.pm | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/lib/Gitolite/Conf/Load.pm b/src/lib/Gitolite/Conf/Load.pm index 47cda99..5d4766c 100644 --- a/src/lib/Gitolite/Conf/Load.pm +++ b/src/lib/Gitolite/Conf/Load.pm @@ -102,17 +102,24 @@ sub access { } trace( 3, scalar(@rules) . " rules found" ); + + $rc{RULE_TRACE} = ''; for my $r (@rules) { + $rc{RULE_TRACE} .= " " . $r->[0] . " "; + my $perm = $r->[1]; my $refex = $r->[2]; $refex =~ s(/USER/)(/$user/); trace( 3, "perm=$perm, refex=$refex" ); + $rc{RULE_TRACE} .= "d"; # skip 'deny' rules if the ref is not (yet) known next if $perm eq '-' and $ref eq 'any' and not $deny_rules; + $rc{RULE_TRACE} .= "r"; # rule matches if ref matches or ref is any (see gitolite-shell) next unless $ref =~ /^$refex/ or $ref eq 'any'; + $rc{RULE_TRACE} .= "D"; trace( 2, "DENIED by $refex" ) if $perm eq '-'; return "$aa $safe_ref $repo $user DENIED by $refex" if $perm eq '-'; @@ -120,9 +127,16 @@ sub access { # any of these followed by "M". ( my $aaq = $aa ) =~ s/\+/\\+/; $aaq =~ s/M/.*M/; + + $rc{RULE_TRACE} .= "A"; + # as far as *this* ref is concerned we're ok return $refex if ( $perm =~ /$aaq/ ); + + $rc{RULE_TRACE} .= "p"; } + $rc{RULE_TRACE} .= " F"; + trace( 2, "DENIED by fallthru" ); return "$aa $safe_ref $repo $user DENIED by fallthru"; } |