From b8f351516e4c8cabe808c13e3e47e35ccddc4571 Mon Sep 17 00:00:00 2001
From: Karen Arutyunov <karen@codesynthesis.com>
Date: Mon, 4 Apr 2022 20:34:20 +0300
Subject: Fix submit-pub handler to deny submission of older package version
 revision

---
 brep/handler/submit/submit-pub.in | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'brep/handler/submit/submit-pub.in')

diff --git a/brep/handler/submit/submit-pub.in b/brep/handler/submit/submit-pub.in
index ea12a29..f4a3c2d 100644
--- a/brep/handler/submit/submit-pub.in
+++ b/brep/handler/submit/submit-pub.in
@@ -257,6 +257,8 @@ else
   message_suffix=": $name/$version"
 fi
 
+revision="$(version_revision "$version")"
+
 # Open the reading file descriptor and lock the repository. Fail if unable to
 # lock before timeout.
 #
@@ -330,9 +332,24 @@ run rsync -rtO --exclude 'packages.manifest' --link-dest="$repo_old" \
 # Remove the package version revision archives that may exist in the
 # repository.
 #
+# But first check if the repository contains newer revision of this package
+# version. Respond with the 'newer revision is present' result manifest and
+# exit if that's the case.
+#
 run pkg_find_archives "$name" "$version*" "$repo_new/1" | readarray -t arcs
 
 for f in "${arcs[@]}"; do
+  pkg_verify_archive "$f" | readarray -t p
+
+  v="${p[1]}"
+  rv="$(version_revision "$v")"
+
+  if [ "$rv" -gt "$revision" ]; then
+    exit_with_manifest 422 "newer revision $name/$v is present"
+  fi
+done
+
+for f in "${arcs[@]}"; do
   run rm "$f"
 done
 
-- 
cgit v1.1