From 6dff80b189a649f64a885a553ceefe1055cdb21e Mon Sep 17 00:00:00 2001 From: Karen Arutyunov Date: Wed, 22 Aug 2018 16:14:11 +0300 Subject: Fix project ownership authentication in submit-git handler --- brep/submit/submit-git.bash.in | 12 ++++++------ brep/submit/submit-git.in | 12 ++++++------ tests/submit/submit-git.test | 19 +++++++++++-------- 3 files changed, 23 insertions(+), 20 deletions(-) diff --git a/brep/submit/submit-git.bash.in b/brep/submit/submit-git.bash.in index 8d5cc84..d19caaf 100644 --- a/brep/submit/submit-git.bash.in +++ b/brep/submit/submit-git.bash.in @@ -118,6 +118,7 @@ function create_owner_manifest () # } # Strip the query part and the leaf path component from the repository URL. +# The resulting URL contains the trailing slash. # function repository_base () # { @@ -125,7 +126,7 @@ function repository_base () # # sed -n \ -e 's%^\([^?]*\).*$%\1%' \ --e 's%^\(.*\)/[^/]\{1,\}/\{0,1\}$%\1%p' \ +-e 's%^\(.*/\)[^/]\{1,\}/\{0,1\}$%\1%p' \ <<<"$1" } @@ -146,7 +147,7 @@ function auth_project () # trace_func "$@" local prj="$1" - local ctl="${2%/}" + local ctl="$2" local rep="$3" local d @@ -168,7 +169,6 @@ function auth_project () # # the submitter as the project owner. # if [ -f "$m" ]; then - ctl="$(repository_base "$ctl")" # Parse the project owner manifest. # @@ -176,7 +176,7 @@ function auth_project () # local n v while IFS=: read -ru "$manifest_parser_ofd" -d '' n v; do - if [ "$n" == "control" -a "${v%/}" == "$ctl" ]; then + if [[ "$n" == "control" && "$ctl" == "$v"* ]]; then r="project" break fi @@ -211,7 +211,7 @@ function auth_package () # local prj="$1" local pkg="$2" - local ctl="${3%/}" + local ctl="$3" local rep="$4" local d @@ -240,7 +240,7 @@ function auth_package () # local n v while IFS=: read -ru "$manifest_parser_ofd" -d '' n v; do - if [ "$n" == "control" -a "${v%/}" == "$ctl" ]; then + if [ "$n" == "control" -a "$v" == "$ctl" ]; then r="package" break fi diff --git a/brep/submit/submit-git.in b/brep/submit/submit-git.in index 839771a..2f90217 100644 --- a/brep/submit/submit-git.in +++ b/brep/submit/submit-git.in @@ -265,12 +265,12 @@ simulate= while IFS=: read -ru "$manifest_parser_ofd" -d '' n v; do case "$n" in - archive) archive="$v" ;; - sha256sum) sha256sum="$v" ;; - section) section="$v" ;; - email) email="$v" ;; - control) control="${v%/}" ;; - simulate) simulate="$v" ;; + archive) archive="$v" ;; + sha256sum) sha256sum="$v" ;; + section) section="$v" ;; + email) email="$v" ;; + control) control="$v" ;; + simulate) simulate="$v" ;; esac done diff --git a/tests/submit/submit-git.test b/tests/submit/submit-git.test index cf499b9..5a73d65 100644 --- a/tests/submit/submit-git.test +++ b/tests/submit/submit-git.test @@ -251,7 +251,7 @@ pkg_ctl="$prj_ctl/hello.git" : 1 name: hello email: user@example.org - control: $prj_ctl + control: $prj_ctl/ EOI $g -C ref add owners; @@ -287,6 +287,9 @@ pkg_ctl="$prj_ctl/hello.git" : Test that the project and package ownership is authenticated by the : reference repository. : + : Note that here we also test that the project control URL value may not be + : an immediate "parent" of the package control URL. + : { $clone_root_data; @@ -299,7 +302,7 @@ pkg_ctl="$prj_ctl/hello.git" : 1 name: hello email: user@example.org - control: $prj_ctl + control: $regex.replace("$prj_ctl", '(.*/)[^/]*', '\1') EOI cat <<"EOI" >=ref/owners/hello/libhello/package-owner.manifest; @@ -340,7 +343,7 @@ pkg_ctl="$prj_ctl/hello.git" : 1 name: hello email: user@example.org - control: $prj_ctl + control: $prj_ctl/ EOI $g -C ref add owners; @@ -462,7 +465,7 @@ pkg_ctl="$prj_ctl/hello.git" : 1 name: hi email: user@example.org - control: $prj_ctl + control: $prj_ctl/ EOI cat <<"EOI" >=ref/owners/hi/libhello/package-owner.manifest; @@ -530,7 +533,7 @@ pkg_ctl="$prj_ctl/hello.git" : 1 name: hello email: user@example.org - control: $prj_ctl + control: $prj_ctl/ EOI cat <<"EOI" >=ref/owners/hello/libhello/package-owner.manifest; @@ -592,7 +595,7 @@ pkg_ctl="$prj_ctl/hello.git" : 1 name: hello email: user@example.org - control: $prj_ctl + control: $prj_ctl/ EOI cat <<"EOI" >=tgt/owners/hello/libhello/package-owner.manifest; @@ -661,7 +664,7 @@ pkg_ctl="$prj_ctl/hello.git" : 1 name: hello email: user@example.org - control: $prj_ctl + control: $prj_ctl/ EOI $g -C ref add owners; @@ -706,7 +709,7 @@ pkg_ctl="$prj_ctl/hello.git" : 1 name: hi email: user@example.org - control: $prj_ctl + control: $prj_ctl/ EOI cat <<"EOI" >=tgt/owners/hi/libhello/package-owner.manifest; -- cgit v1.1