Show More
| @@ -1,176 +1,176 | |||||
| 1 | #!/bin/sh |
|
1 | #!/bin/sh | |
| 2 |
|
2 | |||
| 3 | do_push() |
|
3 | do_push() | |
| 4 | { |
|
4 | { | |
| 5 | user=$1 |
|
5 | user=$1 | |
| 6 | shift |
|
6 | shift | |
| 7 |
|
7 | |||
| 8 | echo "Pushing as user $user" |
|
8 | echo "Pushing as user $user" | |
| 9 | echo 'hgrc = """' |
|
9 | echo 'hgrc = """' | |
| 10 | sed -e 1,2d b/.hg/hgrc | grep -v fakegroups.py |
|
10 | sed -e 1,2d b/.hg/hgrc | grep -v fakegroups.py | |
| 11 | echo '"""' |
|
11 | echo '"""' | |
| 12 | if test -f acl.config; then |
|
12 | if test -f acl.config; then | |
| 13 | echo 'acl.config = """' |
|
13 | echo 'acl.config = """' | |
| 14 | cat acl.config |
|
14 | cat acl.config | |
| 15 | echo '"""' |
|
15 | echo '"""' | |
| 16 | fi |
|
16 | fi | |
| 17 | # On AIX /etc/profile sets LOGNAME read-only. So |
|
17 | # On AIX /etc/profile sets LOGNAME read-only. So | |
| 18 | # LOGNAME=$user hg --cws a --debug push ../b |
|
18 | # LOGNAME=$user hg --cws a --debug push ../b | |
| 19 | # fails with "This variable is read only." |
|
19 | # fails with "This variable is read only." | |
| 20 | # Use env to work around this. |
|
20 | # Use env to work around this. | |
| 21 | env LOGNAME=$user hg --cwd a --debug push ../b |
|
21 | env LOGNAME=$user hg --cwd a --debug push ../b | |
| 22 | hg --cwd b rollback |
|
22 | hg --cwd b rollback | |
| 23 | hg --cwd b --quiet tip |
|
23 | hg --cwd b --quiet tip | |
| 24 | echo |
|
24 | echo | |
| 25 | } |
|
25 | } | |
| 26 |
|
26 | |||
| 27 | init_config() |
|
27 | init_config() | |
| 28 | { |
|
28 | { | |
| 29 | cat > fakegroups.py <<EOF |
|
29 | cat > fakegroups.py <<EOF | |
| 30 | from hgext import acl |
|
30 | from hgext import acl | |
| 31 | def fakegetusers(ui, group): |
|
31 | def fakegetusers(ui, group): | |
| 32 | try: |
|
32 | try: | |
| 33 | return acl._getusersorig(ui, group) |
|
33 | return acl._getusersorig(ui, group) | |
| 34 | except: |
|
34 | except: | |
| 35 | return ["fred", "betty"] |
|
35 | return ["fred", "betty"] | |
| 36 | acl._getusersorig = acl._getusers |
|
36 | acl._getusersorig = acl._getusers | |
| 37 | acl._getusers = fakegetusers |
|
37 | acl._getusers = fakegetusers | |
| 38 | EOF |
|
38 | EOF | |
| 39 |
|
39 | |||
| 40 | rm -f acl.config |
|
40 | rm -f acl.config | |
| 41 | cat > $config <<EOF |
|
41 | cat > $config <<EOF | |
| 42 | [hooks] |
|
42 | [hooks] | |
| 43 | pretxnchangegroup.acl = python:hgext.acl.hook |
|
43 | pretxnchangegroup.acl = python:hgext.acl.hook | |
| 44 | [acl] |
|
44 | [acl] | |
| 45 | sources = push |
|
45 | sources = push | |
| 46 | [extensions] |
|
46 | [extensions] | |
| 47 |
f= |
|
47 | f=`pwd`/fakegroups.py | |
| 48 | EOF |
|
48 | EOF | |
| 49 | } |
|
49 | } | |
| 50 |
|
50 | |||
| 51 | hg init a |
|
51 | hg init a | |
| 52 | cd a |
|
52 | cd a | |
| 53 | mkdir foo foo/Bar quux |
|
53 | mkdir foo foo/Bar quux | |
| 54 | echo 'in foo' > foo/file.txt |
|
54 | echo 'in foo' > foo/file.txt | |
| 55 | echo 'in foo/Bar' > foo/Bar/file.txt |
|
55 | echo 'in foo/Bar' > foo/Bar/file.txt | |
| 56 | echo 'in quux' > quux/file.py |
|
56 | echo 'in quux' > quux/file.py | |
| 57 | hg add -q |
|
57 | hg add -q | |
| 58 | hg ci -m 'add files' -d '1000000 0' |
|
58 | hg ci -m 'add files' -d '1000000 0' | |
| 59 | echo >> foo/file.txt |
|
59 | echo >> foo/file.txt | |
| 60 | hg ci -m 'change foo/file' -d '1000001 0' |
|
60 | hg ci -m 'change foo/file' -d '1000001 0' | |
| 61 | echo >> foo/Bar/file.txt |
|
61 | echo >> foo/Bar/file.txt | |
| 62 | hg ci -m 'change foo/Bar/file' -d '1000002 0' |
|
62 | hg ci -m 'change foo/Bar/file' -d '1000002 0' | |
| 63 | echo >> quux/file.py |
|
63 | echo >> quux/file.py | |
| 64 | hg ci -m 'change quux/file' -d '1000003 0' |
|
64 | hg ci -m 'change quux/file' -d '1000003 0' | |
| 65 | hg tip --quiet |
|
65 | hg tip --quiet | |
| 66 |
|
66 | |||
| 67 | cd .. |
|
67 | cd .. | |
| 68 | hg clone -r 0 a b |
|
68 | hg clone -r 0 a b | |
| 69 |
|
69 | |||
| 70 | echo '[extensions]' >> $HGRCPATH |
|
70 | echo '[extensions]' >> $HGRCPATH | |
| 71 | echo 'acl =' >> $HGRCPATH |
|
71 | echo 'acl =' >> $HGRCPATH | |
| 72 |
|
72 | |||
| 73 | config=b/.hg/hgrc |
|
73 | config=b/.hg/hgrc | |
| 74 |
|
74 | |||
| 75 | echo |
|
75 | echo | |
| 76 |
|
76 | |||
| 77 | echo 'Extension disabled for lack of a hook' |
|
77 | echo 'Extension disabled for lack of a hook' | |
| 78 | do_push fred |
|
78 | do_push fred | |
| 79 |
|
79 | |||
| 80 | echo '[hooks]' >> $config |
|
80 | echo '[hooks]' >> $config | |
| 81 | echo 'pretxnchangegroup.acl = python:hgext.acl.hook' >> $config |
|
81 | echo 'pretxnchangegroup.acl = python:hgext.acl.hook' >> $config | |
| 82 |
|
82 | |||
| 83 | echo 'Extension disabled for lack of acl.sources' |
|
83 | echo 'Extension disabled for lack of acl.sources' | |
| 84 | do_push fred |
|
84 | do_push fred | |
| 85 |
|
85 | |||
| 86 | echo 'No [acl.allow]/[acl.deny]' |
|
86 | echo 'No [acl.allow]/[acl.deny]' | |
| 87 | echo '[acl]' >> $config |
|
87 | echo '[acl]' >> $config | |
| 88 | echo 'sources = push' >> $config |
|
88 | echo 'sources = push' >> $config | |
| 89 | do_push fred |
|
89 | do_push fred | |
| 90 |
|
90 | |||
| 91 | echo 'Empty [acl.allow]' |
|
91 | echo 'Empty [acl.allow]' | |
| 92 | echo '[acl.allow]' >> $config |
|
92 | echo '[acl.allow]' >> $config | |
| 93 | do_push fred |
|
93 | do_push fred | |
| 94 |
|
94 | |||
| 95 | echo 'fred is allowed inside foo/' |
|
95 | echo 'fred is allowed inside foo/' | |
| 96 | echo 'foo/** = fred' >> $config |
|
96 | echo 'foo/** = fred' >> $config | |
| 97 | do_push fred |
|
97 | do_push fred | |
| 98 |
|
98 | |||
| 99 | echo 'Empty [acl.deny]' |
|
99 | echo 'Empty [acl.deny]' | |
| 100 | echo '[acl.deny]' >> $config |
|
100 | echo '[acl.deny]' >> $config | |
| 101 | do_push barney |
|
101 | do_push barney | |
| 102 |
|
102 | |||
| 103 | echo 'fred is allowed inside foo/, but not foo/bar/ (case matters)' |
|
103 | echo 'fred is allowed inside foo/, but not foo/bar/ (case matters)' | |
| 104 | echo 'foo/bar/** = fred' >> $config |
|
104 | echo 'foo/bar/** = fred' >> $config | |
| 105 | do_push fred |
|
105 | do_push fred | |
| 106 |
|
106 | |||
| 107 | echo 'fred is allowed inside foo/, but not foo/Bar/' |
|
107 | echo 'fred is allowed inside foo/, but not foo/Bar/' | |
| 108 | echo 'foo/Bar/** = fred' >> $config |
|
108 | echo 'foo/Bar/** = fred' >> $config | |
| 109 | do_push fred |
|
109 | do_push fred | |
| 110 |
|
110 | |||
| 111 | echo 'barney is not mentioned => not allowed anywhere' |
|
111 | echo 'barney is not mentioned => not allowed anywhere' | |
| 112 | do_push barney |
|
112 | do_push barney | |
| 113 |
|
113 | |||
| 114 | echo 'barney is allowed everywhere' |
|
114 | echo 'barney is allowed everywhere' | |
| 115 | echo '[acl.allow]' >> $config |
|
115 | echo '[acl.allow]' >> $config | |
| 116 | echo '** = barney' >> $config |
|
116 | echo '** = barney' >> $config | |
| 117 | do_push barney |
|
117 | do_push barney | |
| 118 |
|
118 | |||
| 119 | echo 'wilma can change files with a .txt extension' |
|
119 | echo 'wilma can change files with a .txt extension' | |
| 120 | echo '**/*.txt = wilma' >> $config |
|
120 | echo '**/*.txt = wilma' >> $config | |
| 121 | do_push wilma |
|
121 | do_push wilma | |
| 122 |
|
122 | |||
| 123 | echo 'file specified by acl.config does not exist' |
|
123 | echo 'file specified by acl.config does not exist' | |
| 124 | echo '[acl]' >> $config |
|
124 | echo '[acl]' >> $config | |
| 125 | echo 'config = ../acl.config' >> $config |
|
125 | echo 'config = ../acl.config' >> $config | |
| 126 | do_push barney |
|
126 | do_push barney | |
| 127 |
|
127 | |||
| 128 | echo 'betty is allowed inside foo/ by a acl.config file' |
|
128 | echo 'betty is allowed inside foo/ by a acl.config file' | |
| 129 | echo '[acl.allow]' >> acl.config |
|
129 | echo '[acl.allow]' >> acl.config | |
| 130 | echo 'foo/** = betty' >> acl.config |
|
130 | echo 'foo/** = betty' >> acl.config | |
| 131 | do_push betty |
|
131 | do_push betty | |
| 132 |
|
132 | |||
| 133 | echo 'acl.config can set only [acl.allow]/[acl.deny]' |
|
133 | echo 'acl.config can set only [acl.allow]/[acl.deny]' | |
| 134 | echo '[hooks]' >> acl.config |
|
134 | echo '[hooks]' >> acl.config | |
| 135 | echo 'changegroup.acl = false' >> acl.config |
|
135 | echo 'changegroup.acl = false' >> acl.config | |
| 136 | do_push barney |
|
136 | do_push barney | |
| 137 |
|
137 | |||
| 138 | # asterisk |
|
138 | # asterisk | |
| 139 |
|
139 | |||
| 140 | init_config |
|
140 | init_config | |
| 141 |
|
141 | |||
| 142 | echo 'asterisk test' |
|
142 | echo 'asterisk test' | |
| 143 | echo '[acl.allow]' >> $config |
|
143 | echo '[acl.allow]' >> $config | |
| 144 | echo "** = fred" >> $config |
|
144 | echo "** = fred" >> $config | |
| 145 | echo "fred is always allowed" |
|
145 | echo "fred is always allowed" | |
| 146 | do_push fred |
|
146 | do_push fred | |
| 147 |
|
147 | |||
| 148 | echo '[acl.deny]' >> $config |
|
148 | echo '[acl.deny]' >> $config | |
| 149 | echo "foo/Bar/** = *" >> $config |
|
149 | echo "foo/Bar/** = *" >> $config | |
| 150 | echo "no one is allowed inside foo/Bar/" |
|
150 | echo "no one is allowed inside foo/Bar/" | |
| 151 | do_push fred |
|
151 | do_push fred | |
| 152 |
|
152 | |||
| 153 | # Groups |
|
153 | # Groups | |
| 154 |
|
154 | |||
| 155 | init_config |
|
155 | init_config | |
| 156 |
|
156 | |||
| 157 | echo 'OS-level groups' |
|
157 | echo 'OS-level groups' | |
| 158 | echo '[acl.allow]' >> $config |
|
158 | echo '[acl.allow]' >> $config | |
| 159 | echo "** = @group1" >> $config |
|
159 | echo "** = @group1" >> $config | |
| 160 | echo "@group1 is always allowed" |
|
160 | echo "@group1 is always allowed" | |
| 161 | do_push fred |
|
161 | do_push fred | |
| 162 |
|
162 | |||
| 163 | echo '[acl.deny]' >> $config |
|
163 | echo '[acl.deny]' >> $config | |
| 164 | echo "foo/Bar/** = @group1" >> $config |
|
164 | echo "foo/Bar/** = @group1" >> $config | |
| 165 | echo "@group is allowed inside anything but foo/Bar/" |
|
165 | echo "@group is allowed inside anything but foo/Bar/" | |
| 166 | do_push fred |
|
166 | do_push fred | |
| 167 |
|
167 | |||
| 168 | echo 'Invalid group' |
|
168 | echo 'Invalid group' | |
| 169 | # Disable the fakegroups trick to get real failures |
|
169 | # Disable the fakegroups trick to get real failures | |
| 170 | grep -v fakegroups $config > config.tmp |
|
170 | grep -v fakegroups $config > config.tmp | |
| 171 | mv config.tmp $config |
|
171 | mv config.tmp $config | |
| 172 | echo '[acl.allow]' >> $config |
|
172 | echo '[acl.allow]' >> $config | |
| 173 | echo "** = @unlikelytoexist" >> $config |
|
173 | echo "** = @unlikelytoexist" >> $config | |
| 174 | do_push fred 2>&1 | grep unlikelytoexist |
|
174 | do_push fred 2>&1 | grep unlikelytoexist | |
| 175 |
|
175 | |||
| 176 | true |
|
176 | true | |
General Comments 0
You need to be logged in to leave comments.
Login now