aboutsummaryrefslogtreecommitdiff
path: root/brep/handler/submit/submit-git.bash.in
blob: cf7300df5e569564552aaf4cf875500d9c4f450e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
# file      : brep/handler/submit/submit-git.bash.in
# license   : MIT; see accompanying LICENSE file

# Utility functions for the submit-git handler.

if [ "$brep_handler_submit_git" ]; then
  return 0
else
  brep_handler_submit_git=true
fi

@import brep/handler/handler@
@import brep/handler/submit/submit@

# If the section is mapped to a directory in the repository configuration then
# return this directory path and empty string otherwise.
#
function section_dir () # <section> <repo-dir>
{
  trace_func "$@"

  local sec="$1"
  local rep="$2"

  local owners # Unused but is declared to avoid polluting the global space.
  local -A sections

  run source "$rep/submit.config.bash"

  local r="${sections[$sec]}"
  if [ -z "$r" ]; then
    r="${sections['*']}"
  fi

  echo "$r"
}

# If the owners directory is set in the repository configuration then return
# this directory path prefixed with the repository directory path and the
# empty string otherwise.
#
function owners_dir () # <repo-dir>
{
  local rep="$1"

  local owners
  local -A sections # Is declared to avoid polluting the global space.

  run source "$rep/submit.config.bash"

  local r=
  if [ -n "$owners" ]; then
    r="$rep/$owners"
  fi

  echo "$r"
}

# Check if a repository already contains the package. Respond with the
# 'duplicate submission' result manifest and exit if that's the case.
#
# Also check if the repository contains newer revision of this package
# version. Respond with the 'newer revision is present' result manifest and
# exit if that's the case.
#
function check_package_duplicate () # <name> <version> <repo-dir>
{
  trace_func "$@"

  local nam="$1"
  local ver="$2"
  local rep="$3"

  local owners # Unused but is declared to avoid polluting the global space.
  local -A sections

  run source "$rep/submit.config.bash"

  local rev
  rev="$(version_revision "$ver")"

  # Check for duplicate package and its newer revisions in all sections. Use
  # <name>-<version>.* without .tar.gz in case we want to support more archive
  # types later.
  #
  local s
  for s in "${!sections[@]}"; do
    local d="$rep/${sections[$s]}"

    # Check for duplicate.
    #
    local p
    run pkg_find_archive "$nam-$ver.*" "$d" | readarray -t p

    if [ "${#p[@]}" -ne 0 ]; then
      local n="${p[1]}"
      local v="${p[2]}"

      trace "found: $n/$v in ${p[0]}"

      if [ "$n" == "$nam" ]; then
        exit_with_manifest 422 "duplicate submission"
      else
        exit_with_manifest 422 "submission conflicts with $n/$v"
      fi
    fi

    # Check for newer revision.
    #
    local arcs
    run pkg_find_archives "$nam" "$ver*" "$d" | readarray -t arcs

    local f
    for f in "${arcs[@]}"; do
      local p
      pkg_verify_archive "$f" | readarray -t p

      local v="${p[1]}"

      local rv
      rv="$(version_revision "$v")"

      if [ "$rv" -gt "$rev" ]; then
        exit_with_manifest 422 "newer revision $nam/$v is present"
      fi
    done
  done
}

# Serialize the project or package owner manifest (they have the same set of
# values) to the specified manifest file.
#
function create_owner_manifest () # <name> <author-name> <author-email>
{                                 # <control> <file>
  trace_func "$@"

  local nam="$1"
  local anm="$2"
  local aem="$3"
  local ctl="$4"
  local man="$5"

  if [ -f "$man" ]; then
    error "'$man' already exists"
  fi

  manifest_serializer_start "$man"

  manifest_serialize ""             "1"    # Start of manifest.
  manifest_serialize "name"         "$nam"
  manifest_serialize "author-name"  "$anm"
  manifest_serialize "author-email" "$aem"
  manifest_serialize "control"      "$ctl"

  manifest_serializer_finish
}

# Strip the query part and the leaf path component from the repository URL.
# The resulting URL contains the trailing slash.
#
function repository_base () # <repo-url>
{
  # First, strip the URL query part, then component.
  #
  sed -n -r -e 's%^([^?]*).*$%\1%' -e 's%^(.*/)[^/]+/?$%\1%p' <<<"$1"
}

# Authenticate the project name owner. Make sure that the control manifest
# value is specified unless authentication is disabled.
#
# Possible return values:
#
# - 'project'  if the project belongs to the submitter
# - 'unknown'  if the project name is not yet known
# - 'disabled' if the owners directory is not configured
# - <manifest> result manifest describing the authentication error
#
# Note that the authentication error result always starts with ':'.
#
function auth_project () # <project> <control> <repo-dir>
{
  trace_func "$@"

  local prj="$1"
  local ctl="$2"
  local rep="$3"

  local d
  d="$(owners_dir "$rep")"

  if [ -z "$d" ]; then
    echo "disabled"
    return
  fi

  if [ -z "$ctl" ]; then
    exit_with_manifest 400 "control manifest value expected"
  fi

  local r="unknown"
  local m="$d/$prj/project-owner.manifest"
  local info=

  # If the project owner manifest exists then parse it and try to authenticate
  # the submitter as the project owner.
  #
  if [ -f "$m" ]; then

    # Parse the project owner manifest.
    #
    manifest_parser_start "$m"

    local n v
    while IFS=: read -ru "$manifest_parser_ofd" -d '' n v; do
      if [[ "$n" == "control" ]]; then
        if [[ "$ctl" == "$v"* ]]; then
          r="project"
          break
        fi

        # If the control URLs don't match, then compare them case-
        # insensitively, converting them to the lower case. If they match
        # case-insensitively, then still fail the authentication but provide
        # additional information in the manifest message value.
        #
        if [[ "${ctl,,}" == "${v,,}"* ]]; then
          info="
  info: control repository URL differs only in character case
  info: submitted URL:       $ctl
  info: project owner's URL: $v
  info: consider using --control to specify exact URL"
        fi
      fi
    done

    manifest_parser_finish

    if [ "$r" != "project" ]; then
      exit_with_manifest 401 "project owner authentication failed$info"
    fi
  fi

  echo "$r"
}

# Authenticate the package name owner. Make sure that the control manifest
# value is specified unless authentication is disabled. It is assumed that the
# project ownership is already authenticated (possibly by another repository).
#
# Possible return values:
#
# - 'package'  if the package belongs to the submitter
# - 'unknown'  if the package name is not taken in the project
# - 'disabled' if the owners directory is not configured
# - <manifest> result manifest describing the authentication error
#
# Note that the authentication error result always starts with ':'.
#
function auth_package () # <project> <package> <control> <repo-dir>
{
  trace_func "$@"

  local prj="$1"
  local pkg="$2"
  local ctl="${3%.git}" # For comparison strip the potential .git extension.
  local ctl_orig="$3"   # For diagnostics use the original URL.
  local rep="$4"

  local d
  d="$(owners_dir "$rep")"

  if [ -z "$d" ]; then
    echo "disabled"
    return
  fi

  if [ -z "$ctl" ]; then
    exit_with_manifest 400 "control manifest value expected"
  fi

  local r="unknown"
  local m="$d/$prj/$pkg/package-owner.manifest"
  local info=

  # If the package owner manifest exists then parse it and try to authenticate
  # the submitter as the package owner.
  #
  if [ -f "$m" ]; then

    # Parse the package owner manifest.
    #
    manifest_parser_start "$m"

    # Match the control URL without regards to the potential .git extension.
    #
    local n v
    while IFS=: read -ru "$manifest_parser_ofd" -d '' n v; do
      if [ "$n" == "control" ]; then
        local u="${v%.git}"

        if [ "$u" == "$ctl" ]; then
          r="package"
          break
        fi

        # If the control URLs don't match, then compare them case-
        # insensitively (see auth_project() for details).
        #
        if [ "${u,,}" == "${ctl,,}" ]; then
          info="
  info: control repository URL differs only in character case
  info: submitted URL:       $ctl_orig
  info: package owner's URL: $v
  info: consider using --control to specify exact URL"
        fi
      fi
    done

    manifest_parser_finish

    if [ "$r" != "package" ]; then
      exit_with_manifest 401 "package owner authentication failed$info"
    fi
  fi

  echo "$r"
}

# Check that the package name is unknown to the repository. Owners directory
# is expected to be configured.
#
function auth_package_unknown () # <package> <repo-dir>
{
  trace_func "$@"

  local pkg="$1"
  local rep="$2"

  local d
  d="$(owners_dir "$rep")"

  # Sanity check that the owners directory configured for the repository.
  #
  if [ -z "$d" ]; then
    error "no owners directory configured for '$rep'"
  fi

  # While configured, the owners directory may not yet exist.
  #
  if [ -d "$d" ]; then
    local f
    f="$(run find "$d" -path "$d/*/$pkg/package-owner.manifest")"

    if [ -n "$f" ]; then
      trace "found: $f"
      exit_with_manifest 401 "package owner authentication failed"
    fi
  fi
}

# Return lower-case URL scheme or empty string if the argument doesn't look
# like a URL.
#
function url_scheme () # <url>
{
  sed -n -re 's%^(.*)://.*$%\L\1%p' <<<"$1"
}

# Check that the repository properly responds to the probing request before
# the timeout (in seconds). Noop for protocols other than HTTP(S).
#
# If the repository is other than ours (e.g., control) then don't log a
# failure and respond with the 422 (client) rather than 503 (server) HTTP
# error.
#
function check_connectivity () # <repo-url> <timeout> <ours>
{
  trace_func "$@"

  local url="$1"
  local tmo="$2"
  local our="$3"

  local s
  s="$(url_scheme "$url")"

  if [ "$s" == "http" -o "$s" == "https" ]; then
    local u q

    u="$(sed -n -re 's%^([^?]*).*$%\1%p' <<<"$url")" # Strips query part.
    q="$(sed -n -re 's%^[^?]*(.*)$%\1%p' <<<"$url")" # Query part.

    if [ -z "$q" ]; then
      u="$u/info/refs?service=git-upload-pack"
    else
      u="$u/info/refs$q&service=git-upload-pack"
    fi

    local cmd=(curl -S -s --max-time "$tmo" "$u")

    if [ "$our" ]; then
      if ! run "${cmd[@]}" >/dev/null; then
        exit_with_manifest 503 "submission service temporarily unavailable"
      fi
    elif ! run_silent "${cmd[@]}" >/dev/null; then
      exit_with_manifest 422 "repository $url unavailable"
    fi
  fi
}