diff options
Diffstat (limited to 'lib/gitano/config.lua')
| -rw-r--r-- | lib/gitano/config.lua | 139 |
1 files changed, 70 insertions, 69 deletions
diff --git a/lib/gitano/config.lua b/lib/gitano/config.lua index 865e222..afa9072 100644 --- a/lib/gitano/config.lua +++ b/lib/gitano/config.lua @@ -82,32 +82,31 @@ local function parse_admin_config(commit) for filename, obj in pairs(flat_tree) do local prefix, username = filename:match("^(users/.-)([a-z][a-z0-9_-]+)/user%.conf$") if prefix and username then - if not is_blob(obj) then - return nil, prefix .. username .. "/user.conf is not a blob?" - end - if users[username] then - return nil, "Duplicate user name: " .. username - end - -- Found a user, fill them out - local user_clod, err = - clod.parse(obj.obj.content, - commit.sha .. ":" .. prefix .. username .. "/user.conf") - - if not user_clod then - return nil, err - end - - if type(user_clod.settings.real_name) ~= "string" then - return nil, "gitano-admin:" .. commit.sha .. ":" .. prefix .. username .. "/user.conf missing real_name" - end - if (user_clod.settings.email_address and - type(user_clod.settings.email_address) ~= "string") then - return nil, "gitano-admin:" .. commit.sha .. ":" .. prefix .. username .. "/user.conf email_address is bad" - end - users[username] = setmetatable({ clod = user_clod, - keys = {}, - meta = { prefix = prefix }, - }, user_mt) + if not is_blob(obj) then + return nil, prefix .. username .. "/user.conf is not a blob?" + end + if users[username] then + return nil, "Duplicate user name: " .. username + end + + -- Found a user, fill them out + local user_clod, err = clod.parse(obj.obj.content, + commit.sha .. ":" .. prefix .. username .. "/user.conf") + + if not user_clod then + return nil, err + end + + if type(user_clod.settings.real_name) ~= "string" then + return nil, "gitano-admin:" .. commit.sha .. ":" .. prefix .. username .. "/user.conf missing real_name" + end + if (user_clod.settings.email_address and + type(user_clod.settings.email_address) ~= "string") then + return nil, "gitano-admin:" .. commit.sha .. ":" .. prefix .. username .. "/user.conf email_address is bad" + end + + users[username] = setmetatable({ clod = user_clod, keys = {}, + meta = { prefix = prefix }, }, user_mt) end end @@ -116,41 +115,41 @@ local function parse_admin_config(commit) for filename, obj in pairs(flat_tree) do local prefix, username, keyname = filename:match("^(users/.-)([a-z][a-z0-9_-]+)/([a-z][a-z0-9_-]+)%.key$") if prefix and username and keyname then - if not users[username] then - return nil, "Found a key (" .. keyname .. ") for " .. username .. " which lacks a user.conf" - end - local this_key = obj.obj.content - - this_key = this_key:gsub("\n*$", "") - - if this_key:match("\n") then - return nil, "Key " .. filename .. " has newlines in it -- is it in the wrong format?" - end - - local keytype, keydata, keytag = this_key:match("^([^ ]+) ([^ ]+) ([^ ].*)$") - if not (keytype and keydata and keytag) then - return nil, "Unable to parse key, " .. filename .. " did not smell like an OpenSSH v2 key" - end - if (keytype ~= "ssh-rsa") and (keytype ~= "ssh-dss") and - (keytype ~= "ecdsa-sha2-nistp256") and - (keytype ~= "ecdsa-sha2-nistp384") and - (keytype ~= "ecdsa-sha2-nistp521") then - return nil, "Unknown key type " .. keytype .. " in " .. filename - end - - if all_keys[this_key] then - return nil, ("Duplicate key found at (" .. keyname .. - ") for " .. username .. ". Previously found as (" .. - all_keys[this_key].keyname .. ") for " .. - all_keys[this_key].username) - end - all_keys[this_key] = { keyname = keyname, username = username } - users[username].keys[keyname] = { - data = this_key, - keyname = keyname, - username = username, - keytag = keytag, - } + if not users[username] then + return nil, "Found a key (" .. keyname .. ") for " .. username .. " which lacks a user.conf" + end + local this_key = obj.obj.content + + this_key = this_key:gsub("\n*$", "") + + if this_key:match("\n") then + return nil, "Key " .. filename .. " has newlines in it -- is it in the wrong format?" + end + + local keytype, keydata, keytag = this_key:match("^([^ ]+) ([^ ]+) ([^ ].*)$") + if not (keytype and keydata and keytag) then + return nil, "Unable to parse key, " .. filename .. " did not smell like an OpenSSH v2 key" + end + if (keytype ~= "ssh-rsa") and (keytype ~= "ssh-dss") and + (keytype ~= "ecdsa-sha2-nistp256") and + (keytype ~= "ecdsa-sha2-nistp384") and + (keytype ~= "ecdsa-sha2-nistp521") then + return nil, "Unknown key type " .. keytype .. " in " .. filename + end + + if all_keys[this_key] then + return nil, ("Duplicate key found at (" .. keyname .. ") for " .. + username .. ". Previously found as (" .. + all_keys[this_key].keyname .. ") for " .. + all_keys[this_key].username) + end + all_keys[this_key] = { keyname = keyname, username = username } + users[username].keys[keyname] = { + data = this_key, + keyname = keyname, + username = username, + keytag = keytag, + } end end @@ -369,30 +368,32 @@ local function commit_config_changes(conf, desc, username) -- write out everything we have here, and then prepare -- and write out a commit. local newtree = {} + -- Shallow copy the tree ready for mods, skipping users and groups for k,v in pairs(conf.content) do if not (k:match("^users/") or - k:match("^groups/")) then - newtree[k] = v + k:match("^groups/")) then + newtree[k] = v end end + -- Write out the site.conf - local obj = conf.repo.git:hash_object("blob", - conf.clod:serialise(), - true) + local obj = conf.repo.git:hash_object("blob", conf.clod:serialise(), true) newtree["site.conf"] = conf.repo.git:get(obj) + -- Construct all the users and write them out. for u, utab in pairs(conf.users) do local str = utab.clod:serialise() local obj = conf.repo.git:hash_object("blob", str, true) newtree[utab.meta.prefix .. u .. "/user.conf"] = conf.repo.git:get(obj) + -- Now the keys for k, ktab in pairs(utab.keys) do - obj = conf.repo.git:hash_object("blob", ktab.data .. "\n", true) - newtree[utab.meta.prefix .. u .. "/" .. k .. ".key"] = - conf.repo.git:get(obj) + obj = conf.repo.git:hash_object("blob", ktab.data .. "\n", true) + newtree[utab.meta.prefix .. u .. "/" .. k .. ".key"] = conf.repo.git:get(obj) end end + -- Do the same for the groups for g, gtab in pairs(conf.groups) do obj = conf.repo.git:hash_object("blob", gtab.clod:serialise(), true) |