From b8f351516e4c8cabe808c13e3e47e35ccddc4571 Mon Sep 17 00:00:00 2001 From: Karen Arutyunov Date: Mon, 4 Apr 2022 20:34:20 +0300 Subject: Fix submit-pub handler to deny submission of older package version revision --- brep/handler/submit/submit-git.bash.in | 15 ----------- brep/handler/submit/submit-pub.in | 17 +++++++++++++ brep/handler/submit/submit.bash.in | 15 +++++++++++ tests/submit/submit-pub.testscript | 46 +++++++++++++++++++++++++++------- 4 files changed, 69 insertions(+), 24 deletions(-) diff --git a/brep/handler/submit/submit-git.bash.in b/brep/handler/submit/submit-git.bash.in index 1c50adb..cf7300d 100644 --- a/brep/handler/submit/submit-git.bash.in +++ b/brep/handler/submit/submit-git.bash.in @@ -56,21 +56,6 @@ function owners_dir () # echo "$r" } -# Extract the revision part from the package version. Return 0 if the version -# doesn't contain revision. -# -function version_revision () # version -{ - local r - r="$(sed -n -re 's%^(\+?[^+]+)(\+([0-9]+))?$%\3%p' <<<"$1")" - - if [ -z "$r" ]; then - r="0" - fi - - echo "$r" -} - # Check if a repository already contains the package. Respond with the # 'duplicate submission' result manifest and exit if that's the case. # diff --git a/brep/handler/submit/submit-pub.in b/brep/handler/submit/submit-pub.in index ea12a29..f4a3c2d 100644 --- a/brep/handler/submit/submit-pub.in +++ b/brep/handler/submit/submit-pub.in @@ -257,6 +257,8 @@ else message_suffix=": $name/$version" fi +revision="$(version_revision "$version")" + # Open the reading file descriptor and lock the repository. Fail if unable to # lock before timeout. # @@ -330,9 +332,24 @@ run rsync -rtO --exclude 'packages.manifest' --link-dest="$repo_old" \ # Remove the package version revision archives that may exist in the # repository. # +# But first check if the repository contains newer revision of this package +# version. Respond with the 'newer revision is present' result manifest and +# exit if that's the case. +# run pkg_find_archives "$name" "$version*" "$repo_new/1" | readarray -t arcs for f in "${arcs[@]}"; do + pkg_verify_archive "$f" | readarray -t p + + v="${p[1]}" + rv="$(version_revision "$v")" + + if [ "$rv" -gt "$revision" ]; then + exit_with_manifest 422 "newer revision $name/$v is present" + fi +done + +for f in "${arcs[@]}"; do run rm "$f" done diff --git a/brep/handler/submit/submit.bash.in b/brep/handler/submit/submit.bash.in index f7e5124..30a09f8 100644 --- a/brep/handler/submit/submit.bash.in +++ b/brep/handler/submit/submit.bash.in @@ -63,3 +63,18 @@ function extract_package_manifest () # exit_with_manifest 400 "archive is not a valid package (run bpkg pkg-verify for details)" fi } + +# Extract the revision part from the package version. Return 0 if the version +# doesn't contain revision. +# +function version_revision () # version +{ + local r + r="$(sed -n -re 's%^(\+?[^+]+)(\+([0-9]+))?$%\3%p' <<<"$1")" + + if [ -z "$r" ]; then + r="0" + fi + + echo "$r" +} diff --git a/tests/submit/submit-pub.testscript b/tests/submit/submit-pub.testscript index 07517be..c5d435f 100644 --- a/tests/submit/submit-pub.testscript +++ b/tests/submit/submit-pub.testscript @@ -84,14 +84,8 @@ clone_root_rep = cp --no-cleanup -r $root_rep ./ &pkg-1/*** &?pkg.lock $clone_root_rep; ln -s pkg-1 pkg; - # Add the libhello/0.1.0+1 package revision to the repository. + # Initial submission. # - mkdir --no-cleanup pkg-1/1/hello; - tar -xf $~/$data_dir/libhello-0.1.0.tar.gz &libhello-0.1.0/***; - sed -i -e 's/(version: 0.1.0)/\1+1/' libhello-0.1.0/manifest; - mv libhello-0.1.0 libhello-0.1.0+1; - tar cfz pkg-1/1/hello/libhello-0.1.0+1.tar.gz libhello-0.1.0+1; - $* $~/pkg $~/$data_dir &!pkg-1/*** &pkg-*/*** >>"EOO"; : 1 status: 200 @@ -99,7 +93,6 @@ clone_root_rep = cp --no-cleanup -r $root_rep ./ &pkg-1/*** &?pkg.lock reference: $checksum EOO - test -f pkg/1/hello/libhello-0.1.0+1.tar.gz == 1; test -f pkg/1/hello/libhello-0.1.0.tar.gz; # While at it, test the duplicate submission. @@ -113,7 +106,42 @@ clone_root_rep = cp --no-cleanup -r $root_rep ./ &pkg-1/*** &?pkg.lock reference: $checksum EOO - test -f pkg/1/hello/libhello-0.1.0.tar.gz + test -f pkg/1/hello/libhello-0.1.0.tar.gz; + + # Revision submission. + # + # Here we test that the handler removes the previous revision. + # + tar -xf $~/$data_dir/libhello-0.1.0.tar.gz; + sed -i -e 's/(version: 0.1.0)/\1+1/' libhello-0.1.0/manifest; + mv libhello-0.1.0 libhello-0.1.0+1; + tar cfz $~/$data_dir/libhello-0.1.0+1.tar.gz libhello-0.1.0+1; + rm -r libhello-0.1.0+1; + rm $~/$data_dir/libhello-0.1.0.tar.gz; + sed -i -e 's/(archive: libhello-0.1.0)(.tar.gz)/\1+1\2/' $data_dir/request.manifest; + + $* $~/pkg $~/$data_dir >>"EOO"; + : 1 + status: 200 + message: package is published: libhello/0.1.0+1 + reference: $checksum + EOO + + test -f pkg/1/hello/libhello-0.1.0.tar.gz == 1; + test -f pkg/1/hello/libhello-0.1.0+1.tar.gz; + + # While at it, test the older revision submission. + # + $clone_root_data_clean; + + $* $~/pkg $~/$data_dir >>"EOO"; + : 1 + status: 422 + message: newer revision libhello/0.1.0+1 is present + reference: $checksum + EOO + + test -f pkg/1/hello/libhello-0.1.0+1.tar.gz } : result-url -- cgit v1.1