Package: gitosis
Version: 0.2+20090917-14.1
Severity: wishlist
Tags: upstream, patch
Hello,
I've written a patch that enables per-{user,group} subdirectory
delegation. Simply end the name of a repo with a / and that group has
now automatic read-only or read-write access to a whole subtree of the
repositories hierarchy.
I've sent my patch upstream with no reply so far.
Patch attached, or get them from
https://github.com/lfousse/gitosis/tree/topic/subtree
Laurent.
>From ea7d1c8c8cd8d8e125ef8a36f567aab69459e4e5 Mon Sep 17 00:00:00 2001
From: Laurent Fousse <[email protected]>
Date: Tue, 3 May 2011 17:03:47 +0200
Subject: [PATCH 1/2] Repository specified in gitosis.conf can now end in '/'.
In this case, it means the whole subtree is writable/readable,
with the nice feature that a user can have a private subtree
of git repositories, created on the spot.
---
gitosis/access.py | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/gitosis/access.py b/gitosis/access.py
index c95c842..cf716d6 100644
--- a/gitosis/access.py
+++ b/gitosis/access.py
@@ -42,8 +42,14 @@ def haveAccess(config, user, mode, path):
repos = repos.split()
mapping = None
+
+ # Check if the requested path starts with a valid prefix.
+ isvalidprefix = False
+ for r in repos:
+ if r[-1] == '/' and path.find(r) == 0:
+ isvalidprefix = True
- if path in repos:
+ if (path in repos) or isvalidprefix:
log.debug(
'Access ok for %(user)r as %(mode)r on %(path)r'
% dict(
--
1.7.5.1
>From c1a910807f131acff6233845e49caf20fb684099 Mon Sep 17 00:00:00 2001
From: Laurent Fousse <[email protected]>
Date: Tue, 3 May 2011 17:27:18 +0200
Subject: [PATCH 2/2] Document the new '/' trick.
---
README.rst | 16 ++++++++++++++++
1 files changed, 16 insertions(+), 0 deletions(-)
diff --git a/README.rst b/README.rst
index 9204776..25ec5f4 100644
--- a/README.rst
+++ b/README.rst
@@ -129,6 +129,22 @@ it::
That's it. If you now add others to ``members``, they can use that
repository too.
+Delegating repositories creation in a subtree
+=============================================
+
+If the name of a repository ends in '/', it means the whole subtree
+(starting with this prefix) will be readable (resp. writable) by the
+corresponding group members. This is useful to allow creation of
+repositories on the spot by users without admin privilege in a
+specific subtree. For example::
+
+ [group myself]
+ members = jdoe
+ writable = jdoerealm/
+
+Now the user ``jdoe`` can push to any path beneath the ``jdoerealm``
+prefix and create his whole subtree of repositories without
+administrator intervention.
Example configuration
=====================
--
1.7.5.1