search

wingrunr21 / gitolite

A Ruby interface for the gitolite git backend system
https://github.com/wingrunr21/gitolite
MIT License
82 stars 37 forks source link

Adding new permission to a user #24

Closed albertoleal closed 12 years ago

albertoleal commented 12 years ago

When I try add a permission to a user, RW+, and want to replace that to R I get the following:

repo alberto RW+ = @all R = @all

instead of: repo alberto R = @all

wingrunr21 commented 12 years ago

Can you show me the code you are using?

albertoleal commented 12 years ago

I've just figure out what the problem is:

I was getting the repo with repo = @conf.get_repo(repo_name) and then adding the permission into this repo. I could achieve what I wanted with repo = ::Gitolite::Config::Repo.new(repo_name).

Why I cannot use the other approach to run some changes on my repo? Is it a bug ?

wingrunr21 commented 12 years ago

No it is not a bug. In the first example you are getting the existing repo and adding a permission to it. Since that repo already has a permission, adding another permission does not replace the existing one. Thus, the repo now has two permissions.

In the second example you are creating a new repo and adding the permission. The new repo will have no permissions in it, so adding the R permission will be the only permission in the repo. Creating a new repo with the same name is not the same as fetching an existing repo by that name.

So, your use case is you have a repo with the following declaration:

repo alberto
  RW+ = @all

and you want to change it to the following:

repo alberto
  R = @all

correct?

albertoleal commented 12 years ago

Yes, that's exactly what I want to do. Change the permission for an specific user.

wingrunr21 commented 12 years ago

Right now you have three options:

  1. clear all permissions on the existing repo:

    repo = @conf.get_repo(repo_name)
repo.clean_permissions
repo.add_permission('R', '', '@all')

  2. make a new repo and add permissions as you see fit

    repo = ::Gitolite::Config::Repo.new(repo_name)
repo.add_permission('R', '', '@all')
  3. iterate over the tt>@perms</tt hash and update the permission manually. This involves deleting the rule you are looking for and updating/adding the rule you want. I highly recommend not doing it this way. It is very possible for a repo declaration to have multiple RW+ declarations or even already have a R declaration in which case the existing rule could be smashed.

You have brought to my attention that the Repo object is missing functionality for conveniently removing/updating perms. I will open an issue to try and address this.

wingrunr21 commented 12 years ago

25 deals with the missing functionality

albertoleal commented 12 years ago

What are the side effects on the # 2? (I'm using this now)

I tried the first option before opening this issue, but with that approach I lost the others permissions, and I do not want this.

wingrunr21 commented 12 years ago

You will just have to make sure you update the new repo object inside your config object:

# code to create new repo
@conf.rm_repo(repo_name)
@conf.add_repo(new_repo)

Otherwise there shouldn't be any side effects.

albertoleal commented 12 years ago

I think I got it. Gonna run some tests and let you know.