On Tue, Mar 21, 2000 at 09:33:35AM -0000, Mike Little wrote:
> On 20 Mar 2000, at 14:38, Adam Bidema wrote:
>
> >
> > I am trying to make it so I can lock a branch. I have searched through the
> > code to find a centralized place where I can determine the branch a user is
> > using on the server side, but can not find where I would add this code.
> >
> > Any help in finding this place, or another way to lock a branch would be
> > much appreciated.
> >
> > Thanks,
> > --Adam
> >
>
> I recently installed the Alternate Info patch by John P Cavanaugh
> <[EMAIL PROTECTED]>. Which you should be able to find in the
> archives of this mailing list.
Well I always had promised to post our deny script that we use in
conjunction with the patch. Here it is...
#!/hped/builds/bin/perl
##################################################################################
#
# Allow list looks like
# '<tag>' => {
# '<project_name>' => '<users>'
# }
#
# Example:
# %AllowProjList=(
# 'main' => {
# 'foo' => "all", # Allow all users in project foo
# # on the main tag
# 'junk/bar' => "cavanaug", # Allow only cavanaug in project
# # junk/bar on the main tag
# },
# 'rel10' => {
# 'foobar' => "cavanaug,garywh", # Allow "cavanaugh,garywh" in
# # project foobar on the rel10
# # tag
# }
# );
#
#
##################################################################################
$debuglevel=0;
$DenyMaster=q[[EMAIL PROTECTED]]; # the guy who modifies this file
#
# Note: It is VITAL that you include all tags you want to lock in the
# AllowProjList even if there are no exceptions!!!!
#
%AllowProjList=(
'r1_10' => {
},
'r1_10_200' => { },
'r1_10_300' => { },
'r1_30' => {
'genfun' => "dbjornba,build",
'geminiui' => "build",
'gemini' => "build,boris",
},
'r1_30_100' => { },
'r1_30_200' => { },
'r1_30_300' => { },
);
#$AllowProjList{'main'}=$AllowProjList{'r1_30'}; # This is a hack....
@DenyTagList=keys(%AllowProjList);
@DenyTypes=( "C_MOD", "C_ADD", "C_DEL", "BT_MOV", "BT_ADD",
"BT_DEL", "RT_MOV", "RT_ADD", "RT_DEL" );
##################################################################################
# DONT EDIT ANYTHING BELOW THIS LINE!!!
##################################################################################
#
# commitinfo passed parameters:
# $ARGV[0] is dirname
# $ARGV[1]+ is project data of the form "project,commit_type,tag,revision"
# commit_type={C_MOD, C_ADD, C_DEL}
# Example "hpads:C_MOD:main:100.20"
#
# taginfo passed parameters:
# $ARGV[0] is dirname
# $ARGV[1] is tagname
# $ARGV[2]+ is project data of the form "project,tag_type,revision"
# tag_type={BT_ADD, BT_MOV, BT_DEL, RT_ADD, RT_MOV, RT_DEL}
# BT=TagTag, RT=RevisionTag
# Example "hpads:BT_MOV:100.20"
#
print "Arguments $#ARGV\n" if $debuglevel ;
if ($debuglevel)
{
print "\nDebug Mode\n";
for ($i=0; $i<=$#ARGV; $i++ )
{
print " ARGV[$i]=$ARGV[$i]\n";
}
}
unless ( $ARGV[$#ARGV]=~ m/:/ ) # AlternateInfo!=yes (ie. Old Client)
{
print "\n!!! You need to use the lastest version of the cvs executable\n" .
" located at /hped/builds/bin or s:\\hped\\builds\\bin !!!\n \n" ;
exit 1;
}
# ($proj_path, $proj_file, $proj_type, $proj_tag, $proj_rev)=@_;
if ( $ARGV[1]=~ m/^TAG:/ ) # Taginfo "personality"
{
print "\nTaginfo personality\n\n" if $debuglevel>0;
@projData=split(/:/, $ARGV[2]);
@projTag=split(/:/,$ARGV[1]);
authorizationCheck($ARGV[0], @projData[0..1], @projTag[1], @projData[2]);
}
else # Commitinfo "personality"
{
print "\nCommitinfo personality\n\n" if $debuglevel>0;
authorizationCheck($ARGV[0], split(/:/,$ARGV[1]));
}
#
# authorizationCheck
#
# It probably wont matter much, but I used multiple exits as a possible
# speed improvement since this is going to get executed all the time...
#
sub authorizationCheck
{
($proj_path, $proj_file, $proj_type, $proj_tag, $proj_rev)=@_;
print "authorizationCheck($proj_path, $proj_file, $proj_type, $proj_tag,
$proj_rev)\n" if $debuglevel>1;
$logname=getpwuid($<);
$cvsroot=$0; $cvsroot=~s#CVSROOT/[^/]+$##;
$proj_path.="/"; $proj_path=~s#^$cvsroot/?##;
print "authorizationCheck($proj_path, $proj_file, $proj_type, $proj_tag,
$proj_rev)\n" if $debuglevel>0;
print "\tlogname=$logname\n" if $debuglevel>1;
print "\tcvsroot=$cvsroot\n\n" if $debuglevel>1;
#
# If its not a closed tag, let it pass
#
unless ( exists($AllowProjList{$proj_tag}) )
{ exit 0; }
print "\t\"$proj_tag\" is a closed tag\n" if $debuglevel>1;
#
# If its not a deny type, let it pass
#
unless ( grep($proj_type, @DenyTypes) )
{ exit 0; }
print "\t\"$proj_type\" is a deny type operation\n" if $debuglevel>1;
#
# Unless their are project/dir exceptions, deny passage
#
$deny=1;
print "\tSearching for a project/dir exception\n" if $debuglevel>1;
foreach $i ( keys(%{ $AllowProjList{$proj_tag} }) )
{
if ( $proj_path =~ m#^$i/# )
{
$deny=0;
$proj_name=$i;
print "\t\t$i PASS\n" if $debuglevel>2;
}
else
{
print "\t\t$i FAIL\n" if $debuglevel>2;
}
}
if ( $deny eq 1 )
{
print "\tNo project/dir exceptions found\n" if $debuglevel>1;
print "\n\"$proj_tag\"" ;Deny();
}
#
# If "all" is the list, let it pass
#
print "\tSearching for a username exception\n" if $debuglevel>1;
if ($AllowProjList{$proj_tag}{$proj_name} eq "all")
{
print "\t\tall PASS\n" if $debuglevel>2;
exit 0;
}
print "\t\tall FAIL\n" if $debuglevel>2;
#
# Unless their name is on the exceptions list, deny passage
#
$deny=1;
foreach $i (split(/,/,$AllowProjList{$proj_tag}{$proj_name}))
{
if ($i eq $logname)
{
$deny=0;
print "\t\t$i PASS\n" if $debuglevel>2;
}
else
{
print "\t\t$i FAIL\n" if $debuglevel>2;
}
}
if ( $deny eq 1 )
{
print "\tNo username exceptions found\n" if $debuglevel>1;
print "\n\"$proj_tag\"" ;Deny();
}
print "\tPhew... You passed all the criteria\n" if $debuglevel>0;
exit 0;
}
#
# Output the deny message, but tell them who does have access
#
sub Deny {
$DenyMesg=" is administratively locked and you are not authorized
to make any modifications.
Current Authorization List for \"$proj_tag\"
";
foreach $i ( keys(%{ $AllowProjList{$proj_tag} }) )
{
foreach $j ( split(/,/, $AllowProjList{$proj_tag}{$i}) )
{ $AllowUserList{$j}.="$i "; }
}
foreach $i ( keys(%AllowUserList) )
{ $DenyMesg .= sprintf(" %8s : $AllowUserList{$i}\n",$i); }
$DenyMesg .= " None\n" unless keys(%AllowUserList)>0;
print "$DenyMesg\nContact $DenyMaster for changes\n\n";
exit(1);
}
