diff options
| author | Karen Arutyunov <karen@codesynthesis.com> | 2022-04-04 20:34:20 +0300 |
|---|---|---|
| committer | Karen Arutyunov <karen@codesynthesis.com> | 2022-04-04 22:48:11 +0300 |
| commit | b8f351516e4c8cabe808c13e3e47e35ccddc4571 (patch) | |
| tree | 3246ba5cca9b8fba20e74ec810658d00b172f14f /brep/handler | |
| parent | 92ce9a3681fa939f1b39326abad62bb264bcd6ac (diff) | |
Fix submit-pub handler to deny submission of older package version revision
Diffstat (limited to 'brep/handler')
| -rw-r--r-- | brep/handler/submit/submit-git.bash.in | 15 | ||||
| -rw-r--r-- | brep/handler/submit/submit-pub.in | 17 | ||||
| -rw-r--r-- | brep/handler/submit/submit.bash.in | 15 |
3 files changed, 32 insertions, 15 deletions
diff --git a/brep/handler/submit/submit-git.bash.in b/brep/handler/submit/submit-git.bash.in index 1c50adb..cf7300d 100644 --- a/brep/handler/submit/submit-git.bash.in +++ b/brep/handler/submit/submit-git.bash.in @@ -56,21 +56,6 @@ function owners_dir () # <repo-dir> echo "$r" } -# Extract the revision part from the package version. Return 0 if the version -# doesn't contain revision. -# -function version_revision () # version -{ - local r - r="$(sed -n -re 's%^(\+?[^+]+)(\+([0-9]+))?$%\3%p' <<<"$1")" - - if [ -z "$r" ]; then - r="0" - fi - - echo "$r" -} - # Check if a repository already contains the package. Respond with the # 'duplicate submission' result manifest and exit if that's the case. # diff --git a/brep/handler/submit/submit-pub.in b/brep/handler/submit/submit-pub.in index ea12a29..f4a3c2d 100644 --- a/brep/handler/submit/submit-pub.in +++ b/brep/handler/submit/submit-pub.in @@ -257,6 +257,8 @@ else message_suffix=": $name/$version" fi +revision="$(version_revision "$version")" + # Open the reading file descriptor and lock the repository. Fail if unable to # lock before timeout. # @@ -330,9 +332,24 @@ run rsync -rtO --exclude 'packages.manifest' --link-dest="$repo_old" \ # Remove the package version revision archives that may exist in the # repository. # +# But first check if the repository contains newer revision of this package +# version. Respond with the 'newer revision is present' result manifest and +# exit if that's the case. +# run pkg_find_archives "$name" "$version*" "$repo_new/1" | readarray -t arcs for f in "${arcs[@]}"; do + pkg_verify_archive "$f" | readarray -t p + + v="${p[1]}" + rv="$(version_revision "$v")" + + if [ "$rv" -gt "$revision" ]; then + exit_with_manifest 422 "newer revision $name/$v is present" + fi +done + +for f in "${arcs[@]}"; do run rm "$f" done diff --git a/brep/handler/submit/submit.bash.in b/brep/handler/submit/submit.bash.in index f7e5124..30a09f8 100644 --- a/brep/handler/submit/submit.bash.in +++ b/brep/handler/submit/submit.bash.in @@ -63,3 +63,18 @@ function extract_package_manifest () # <archive> <manifest> exit_with_manifest 400 "archive is not a valid package (run bpkg pkg-verify for details)" fi } + +# Extract the revision part from the package version. Return 0 if the version +# doesn't contain revision. +# +function version_revision () # version +{ + local r + r="$(sed -n -re 's%^(\+?[^+]+)(\+([0-9]+))?$%\3%p' <<<"$1")" + + if [ -z "$r" ]; then + r="0" + fi + + echo "$r" +} |