Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
Hi Glen, John and Tony
I ended up implementing the commitinfo script in Perl (my first), and it works like a charm, thanks!
Just in case anyone else wants to implement a similar cvs chacl - like feature using the commitinfo hook I have some sample code here, which I guess can be adjusted quite easily for other needs or tasks:
######################################################################
#
# UsersAllowedHeadCommit.pl
#
# Precommit script to restrict access for commits to head
# for specific files for all users except especilally priviledged ones.
#
# Must be called from commitinfo with the following arguments:
#
# ARGV[0] = Current User
# ARGV[1] = Colon seperated list of priviledged users
# ARGV[2..n-1] = List of files in Module to restrict head commits on
# ARGV[n] = Module (automatically passed as the last arg by cvsnt)
#
# $Id: UsersAllowedHeadCommit.pl,v 1.25 2004/08/12 23:34:41 kha Exp $
#
######################################################################
# Eat the first two left-hand args.
$currentuser = shift(@ARGV);
@allowedusers = split(/:/,shift(@ARGV));
# The right most is the module
$module = pop(@ARGV);
# The remaining args are the list of files
@restrictedfiles = @ARGV;
@committedfiles = <STDIN>;
# Trim line feeds, superfluous spaces etc..
foreach (@committedfiles)
{
chomp($_);
}
# Check if the list of committed files contains any of the restricted files.
# If yes, generate a list of files to cehck afterwards.
# If no, allow the commit.
$restrictedfound=0;
foreach $committedfile (@committedfiles)
{
foreach (@restrictedfiles)
{
if ($_ eq $committedfile)
{
$restrictedfound = 1;
push(@filestocheck, $committedfile);
}
last if (@restrictedfound)
}
}
if (!$restrictedfound)
{
# print "None of the commited files were restricted to commits on head. Proceed!\n";
exit(0);
}
# Load the CVS/Entries (which is a temp copy residing on the server at this stage)
# Go through the list and compare it with the files to check. If a match is found,
# check, if the commit attempt is done on the main branch. If that is so add the file to
# a list of restricted files on which commits to head is attempted.
$comittingonhead=0;
$ENTRIES = 'CVS/Entries';
open(ENTRIES, $ENTRIES) || die("Cannot open $ENTRIES.\n");
while (<ENTRIES>) {
chomp;
# /file/ver/timestamp/options/tag_or_date
my($filename, $version,$ts,$opt,$tag) = split('/', substr($_, 1));
foreach (@filestocheck)
{
if ($filename eq $_)
{
if ($tag eq '')
{
$committingonhead = 1;
push(@restrictedcommittingonhead,$filename);
}
}
}
}
close(ENTRIES);
if (!$committingonhead) {
# print "Commit attempts on the restricted file(s): @filestocheck are not done on main branch. Proceed!\n";
exit(0);
}
#Check if current user is one of the allowed users.
#If yes, allow the commit of the restricted files on the main branch.
foreach (@allowedusers)
{
if ($currentuser eq $_)
{
# print "$currentuser is priviledged and may commit @restrictedcommittingonhead on head without further checks.\n";
exit(0);
}
}
# And finally, judgement day for the unlucky...
print "You have tried to commit the restricted file(s): @restrictedcommittingonhead on the main branch.\n";
print "Only the priviledged user(s): @allowedusers are allowed to do this.\n";
print "Contact this user/these users to resolve the problem, or convince your release manager";
print " that you should be granted the same priviledges (cf. CVSROOT/commitinfo).\n";
exit(1);
Cheers,
Kim
-----Oprindelig meddelelse-----
Fra: cvsnt-bounces at cvsnt.org [mailto:cvsnt-bounces at cvsnt.org]På vegne af
Kim Hansen
Sendt: 12. august 2004 21:20
Til: cvsnt at cvsnt.org cvsnt downloads at march-hare.com @CVSNT on Twitter CVSNT on Facebook
Emne: Re: [cvsnt] Re: Any possibility to control branch acl on
aper-filelevel using a "cvs chacl" -like command?
John Kinson wrote:
>You're right Glen, the commitinfo hook could be used for this. The
>script is invoked with the first parameter containing
>"/repository/module[/subdirectory/...]", and a list of files being
>committed within that directory is supplied on stdin.
>
>Kim, you need to write a commitinfo script as discussed in the cvsnt
>documentation that checks whether the CVS_USER environment variable
>matches one of your two authorised users, and if not, checks whether the
>restricted files are present in the supplied data. If they are, then
>your script should return a non-zero value to prevent the commit from
>proceding, and return 0 otherwise.
I still can't get this right.... For testing purposes I have tried to insert a
line like this in commitinfo:
Testmodules/kha/testacl AllowCommitOnHead -user:$USER -allowedusers:kha -restrictedfiles:OnlyKHACommitOnHead.txt
where the cmd line arguments are some I parse to the AllowCommitOnHead batch file, which use the arguemnts to determine whether a commit is allowed. In addition to these arguments,
cvsnt adds the module, that is Testmodules/kha/testacl to the script, but how do I get hold of the list of files that are being committed to that folder?
I need those as weel in the script.
As John wrote, these files are supplied on stdin, but how do I parse that to the script as an additional argument?
Had it only been in a file like loginfo, where %s, could have been used easily.....
Cheers,
Kim
_______________________________________________
cvsnt mailing list
cvsnt at cvsnt.org cvsnt downloads at march-hare.com @CVSNT on Twitter CVSNT on Facebook
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt https://www.march-hare.com/cvspro/en.asp#downcvs