From b8f351516e4c8cabe808c13e3e47e35ccddc4571 Mon Sep 17 00:00:00 2001 From: Karen Arutyunov Date: Mon, 4 Apr 2022 20:34:20 +0300 Subject: Fix submit-pub handler to deny submission of older package version revision --- brep/handler/submit/submit-git.bash.in | 15 --------------- brep/handler/submit/submit-pub.in | 17 +++++++++++++++++ brep/handler/submit/submit.bash.in | 15 +++++++++++++++ 3 files changed, 32 insertions(+), 15 deletions(-) (limited to 'brep/handler/submit') diff --git a/brep/handler/submit/submit-git.bash.in b/brep/handler/submit/submit-git.bash.in index 1c50adb..cf7300d 100644 --- a/brep/handler/submit/submit-git.bash.in +++ b/brep/handler/submit/submit-git.bash.in @@ -56,21 +56,6 @@ function owners_dir () # echo "$r" } -# Extract the revision part from the package version. Return 0 if the version -# doesn't contain revision. -# -function version_revision () # version -{ - local r - r="$(sed -n -re 's%^(\+?[^+]+)(\+([0-9]+))?$%\3%p' <<<"$1")" - - if [ -z "$r" ]; then - r="0" - fi - - echo "$r" -} - # Check if a repository already contains the package. Respond with the # 'duplicate submission' result manifest and exit if that's the case. # diff --git a/brep/handler/submit/submit-pub.in b/brep/handler/submit/submit-pub.in index ea12a29..f4a3c2d 100644 --- a/brep/handler/submit/submit-pub.in +++ b/brep/handler/submit/submit-pub.in @@ -257,6 +257,8 @@ else message_suffix=": $name/$version" fi +revision="$(version_revision "$version")" + # Open the reading file descriptor and lock the repository. Fail if unable to # lock before timeout. # @@ -330,9 +332,24 @@ run rsync -rtO --exclude 'packages.manifest' --link-dest="$repo_old" \ # Remove the package version revision archives that may exist in the # repository. # +# But first check if the repository contains newer revision of this package +# version. Respond with the 'newer revision is present' result manifest and +# exit if that's the case. +# run pkg_find_archives "$name" "$version*" "$repo_new/1" | readarray -t arcs for f in "${arcs[@]}"; do + pkg_verify_archive "$f" | readarray -t p + + v="${p[1]}" + rv="$(version_revision "$v")" + + if [ "$rv" -gt "$revision" ]; then + exit_with_manifest 422 "newer revision $name/$v is present" + fi +done + +for f in "${arcs[@]}"; do run rm "$f" done diff --git a/brep/handler/submit/submit.bash.in b/brep/handler/submit/submit.bash.in index f7e5124..30a09f8 100644 --- a/brep/handler/submit/submit.bash.in +++ b/brep/handler/submit/submit.bash.in @@ -63,3 +63,18 @@ function extract_package_manifest () # exit_with_manifest 400 "archive is not a valid package (run bpkg pkg-verify for details)" fi } + +# Extract the revision part from the package version. Return 0 if the version +# doesn't contain revision. +# +function version_revision () # version +{ + local r + r="$(sed -n -re 's%^(\+?[^+]+)(\+([0-9]+))?$%\3%p' <<<"$1")" + + if [ -z "$r" ]; then + r="0" + fi + + echo "$r" +} -- cgit v1.1