diff options
Diffstat (limited to 'modules/subversion')
| -rw-r--r-- | modules/subversion/manifests/init.pp | 12 | ||||
| -rw-r--r-- | modules/subversion/templates/restricted_to_user | 12 |
2 files changed, 24 insertions, 0 deletions
diff --git a/modules/subversion/manifests/init.pp b/modules/subversion/manifests/init.pp index a79092e9..f7acbbe7 100644 --- a/modules/subversion/manifests/init.pp +++ b/modules/subversion/manifests/init.pp @@ -139,6 +139,7 @@ class subversion { # cia_module : name of the module to send to cia.vc # cia_ignore_author : a regexp to ignore commits from some authors # no_binary : do not accept files with common binary extentions on this repository + # restricted_to_user : restrict commits to select user # syntax_check : array of pre-commit script with syntax check to add # extract_dir : hash of directory to update upon commit ( with svn update ), # initial checkout is not handled, nor the permission @@ -152,6 +153,7 @@ class subversion { $cia_module = 'default', $cia_ignore_author = '', $no_binary = false, + $restricted_to_user = false, $syntax_check = '', $extract_dir = '') { # check permissions @@ -201,6 +203,16 @@ class subversion { group => root, mode => 755, } + + if $restricted_to_user { + file { "$name/hooks/pre-commit.d/restricted_to_user": + ensure => present, + owner => root, + group => root, + mode => 755, + content => template("subversion/restricted_to_user"), + } + } if $commit_mail { file { "$name/hooks/post-commit.d/send_mail": diff --git a/modules/subversion/templates/restricted_to_user b/modules/subversion/templates/restricted_to_user new file mode 100644 index 00000000..5c70132e --- /dev/null +++ b/modules/subversion/templates/restricted_to_user @@ -0,0 +1,12 @@ +#!/bin/sh + +REP="$1" +TXN="$2" + +author=$(svnlook author -t "$TXN" "$REP") + +if [ "$author" != '<%= restricted_to_user %>' ]; then + echo "this repository is restrected to user <%= restricted_to_user %>" >&2 + exit 1 +fi + |