diff options
| author | Nicolas Vigier <boklm@mageia.org> | 2011-06-01 14:20:47 +0000 |
|---|---|---|
| committer | Nicolas Vigier <boklm@mageia.org> | 2011-06-01 14:20:47 +0000 |
| commit | 2c790ac36382c26f73ec7848bed8106512cf754e (patch) | |
| tree | 783600812513d77b4b4feba78055ad7251679baf /modules/subversion | |
| parent | 4db68d197baf6230fbdfd9b4d7a03f3127e53340 (diff) | |
| download | puppet-2c790ac36382c26f73ec7848bed8106512cf754e.tar puppet-2c790ac36382c26f73ec7848bed8106512cf754e.tar.gz puppet-2c790ac36382c26f73ec7848bed8106512cf754e.tar.bz2 puppet-2c790ac36382c26f73ec7848bed8106512cf754e.tar.xz puppet-2c790ac36382c26f73ec7848bed8106512cf754e.zip | |
allow restricting commits to a user
Diffstat (limited to 'modules/subversion')
| -rw-r--r-- | modules/subversion/manifests/init.pp | 12 | ||||
| -rw-r--r-- | modules/subversion/templates/restricted_to_user | 12 |
2 files changed, 24 insertions, 0 deletions
diff --git a/modules/subversion/manifests/init.pp b/modules/subversion/manifests/init.pp index a79092e9..f7acbbe7 100644 --- a/modules/subversion/manifests/init.pp +++ b/modules/subversion/manifests/init.pp @@ -139,6 +139,7 @@ class subversion { # cia_module : name of the module to send to cia.vc # cia_ignore_author : a regexp to ignore commits from some authors # no_binary : do not accept files with common binary extentions on this repository + # restricted_to_user : restrict commits to select user # syntax_check : array of pre-commit script with syntax check to add # extract_dir : hash of directory to update upon commit ( with svn update ), # initial checkout is not handled, nor the permission @@ -152,6 +153,7 @@ class subversion { $cia_module = 'default', $cia_ignore_author = '', $no_binary = false, + $restricted_to_user = false, $syntax_check = '', $extract_dir = '') { # check permissions @@ -201,6 +203,16 @@ class subversion { group => root, mode => 755, } + + if $restricted_to_user { + file { "$name/hooks/pre-commit.d/restricted_to_user": + ensure => present, + owner => root, + group => root, + mode => 755, + content => template("subversion/restricted_to_user"), + } + } if $commit_mail { file { "$name/hooks/post-commit.d/send_mail": diff --git a/modules/subversion/templates/restricted_to_user b/modules/subversion/templates/restricted_to_user new file mode 100644 index 00000000..5c70132e --- /dev/null +++ b/modules/subversion/templates/restricted_to_user @@ -0,0 +1,12 @@ +#!/bin/sh + +REP="$1" +TXN="$2" + +author=$(svnlook author -t "$TXN" "$REP") + +if [ "$author" != '<%= restricted_to_user %>' ]; then + echo "this repository is restrected to user <%= restricted_to_user %>" >&2 + exit 1 +fi + |