Change namespace for the configuration variables: hooks.acl.*

author: Sergey Poznyakoff <gray@gnu.org.ua> 2014-07-29 17:08:50 +0300
committer: Sergey Poznyakoff <gray@gnu.org.ua> 2014-07-29 18:16:23 +0300
commit: d745c522f462e01aa576c6f93b94cbad6c631f73 (patch)
tree: 854738e411b0f993ecaea3d5d3fb05280a621642
parent: ba7a48a2b88b33c6c49511fd4422d255264fac98 (diff)
download: gitaclhook-d745c522f462e01aa576c6f93b94cbad6c631f73.tar.gz
gitaclhook-d745c522f462e01aa576c6f93b94cbad6c631f73.tar.bz2
4 files changed, 24 insertions, 24 deletions
diff --git a/gitaclhook b/gitaclhook
index f9b5974..b88adf3 100755
--- a/gitaclhook
+++ b/gitaclhook
@@ -44,20 +44,20 @@ the update depending on their settings.  If no storage engine is
 defined update is allowed unconditionally.  If it is defined, but
 is not available (e.g. the disk file does not exist or the LDAP
 server cannot be reached, the update is denied.
 
 Two storage engines are supported: B<File>, which reads access control
 lists from a disk file, and B<LDAP>, which obtains them from LDAP.
-The engine to use is defined by the B<hooks.acltype> configuration keyword.    
+The engine to use is defined by the B<hooks.acl.type> configuration keyword.    
 The default is B<File>.    
     
 =head1 ACL FILE
 
 The ACL file is used when the B<File> storage engine is requested.  The
-path to the file must be given via the B<hooks.aclfile> configuration
-keyword.  If B<hooks.aclfile> is not defined, update is allowed
+path to the file must be given via the B<hooks.acl.file> configuration
+keyword.  If B<hooks.acl.file> is not defined, update is allowed
 unconditionally.
     
 The ACL file has the usual line-oriented syntax.  Comments are introduced
 by the # sign and extend to the end of the physical line.  Comments and
 empty lines are ignored.
 
@@ -140,13 +140,13 @@ Otherwise, it must match exactly the affected ref.
 The rule applies only if its I<PROJECT> and I<USER> parts match the project
 which is being updated and the user who requests the update, its I<OP>
 contains the opcode of the requested operation and I<REF> matches the affected
 ref.  Missing I<REF> and/or I<OP> are treated as a match.
 
 If no rule applies, the operation is denied.  This can be changed by setting
-B<hooks.acldefault = allow> in Git configuration file.
+B<hooks.acl.default = allow> in Git configuration file.
 
 For example, assume you have the following ACL file:
 
     allow myprog %devel   U    heads/master
     allow myprog %pm      CDUR heads/
     allow myprog %pm      C    ^heads/tags/v\\d+$
@@ -165,13 +165,13 @@ update that repository.
 The LDAP storage engine is requested by the following configuration statement:
 
     [hooks]
             acltype = LDAP
 
 The URI of the LDAP server to use and other data necessary to access it
-are read from the file name given in the B<hooks.aclldapconf> variable,
+are read from the file name given in the B<hooks.acl.ldapconf> variable,
 or from B</etc/ldap.conf>, if it is not defined.  LDAP access control
 entries are similar to the plaintext file ACLs.  Each entry has the
 following attrubutes:
 
 =over 4
 
@@ -218,44 +218,44 @@ all project names.
 If no matching entry is found, the update is allowed.
     
 =head1 CONFIGURATION SETTINGS
 
 =over 4
 
-=item B<hooks.acltype>    STRING
+=item B<hooks.acl.type>    STRING
 
 Type of the storage engine.  Valid values are B<File> (default) and B<LDAP>.
     
-=item B<hooks.aclfile>    STRING
+=item B<hooks.acl.file>    STRING
 
 For the B<File> storage engine, name of the ACL file.
 
-=item B<hooks.aclldapconf> STRING
+=item B<hooks.acl.ldapconf> STRING
 
 For the B<LDAP> storage engine, the name of the configuration file to use
 instead of B</etc/ldap.conf>.    
 
-=item B<hooks.acllog>     STRING
+=item B<hooks.acl.log>     STRING
 
 Send log info to this file.
 
-=item B<hooks.acldebug>   NUMBER
+=item B<hooks.acl.debug>   NUMBER
 
 Enable debugging.  The bigger the number, the more debugging info will
 be displayed.    
 
-=item B<hooks.aclquiet>   BOOL
+=item B<hooks.acl.quiet>   BOOL
 
 Suppress diagnostics on stderr.
 
-=item B<hooks.acldefault> B<allow>|B<deny>
+=item B<hooks.acl.default> B<allow>|B<deny>
 
 Sets the default rule, i.e. the one that will be executed if no other
 rule matched the request.  Unless defined, B<deny> is assumed.
     
-=item B<hooks.httpd-user> STRING
+=item B<hooks.acl.httpd-user> STRING
 
 Name of the user httpd runs as.  Define it if the repository can be
 accessed via HTTP(S).  If B<gitaclhook> is run as this user, it will
 get the name of the user on behalf of which the update is performed
 from the environment variable B<REMOTE_USER>.
 
@@ -282,22 +282,22 @@ Optional B<--debug> (B<-d>) options increment the debugging level.
 The program uses following environment variables:
 
 =over 4
 
 =item B<GIT_UPDATE_DEBUG>
 
-When set to 1, enables debugging mode.  The B<hooks.acldebug>
+When set to 1, enables debugging mode.  The B<hooks.acl.debug>
 configuration variable overrides this setting.
     
 =item B<GIT_DIR>
 
 Path to the affected repository.    
 
 =back
 
-If updates are performed via HTTP or HTTPS and the B<hooks.httpd-user>
+If updates are performed via HTTP or HTTPS and the B<hooks.acl.httpd-user>
 configuration variable is set, the following two variables are used
 to determine the identity of the user:
     
 =over 4    
 
 =item B<AUTH_TYPE>
diff --git a/lib/GitACL.pm b/lib/GitACL.pm
index 9cd381d..cde9624 100644
--- a/lib/GitACL.pm
+++ b/lib/GitACL.pm
@@ -70,13 +70,13 @@ sub allow($$) {
     $self->debug(1, "allow $loc");
     exit 0;
 }
 
 sub default_rule($) {
     my $self = shift;
-    my $def = GitACL::git_value('config', 'hooks.acldefault');
+    my $def = GitACL::git_value('config', 'hooks.acl.default');
     my $msg = "default rule";
     if (defined($def)) {
         if ($def eq "allow") {
             $self->allow($msg);
         } elsif ($def ne "deny") {
             $msg .= " (warning: hooks.acldefault has invalid value)";
@@ -107,13 +107,13 @@ sub git_value(@) {
     close($fd);
     return $_;
 }
 
 sub match_primary_group($$) {
     my ($user_name,$group_name) = @_;
-    my ($name,$passwd,$uid,$gid,$members) = getpwnam($user_name) or return 0;
+    my ($name,$passwd,$uid,$gid) = getpwnam($user_name) or return 0;
     ($name) = getgrgid($gid) or return 0;
     return 1 if $name eq $group_name;
     return 0;
 }
 
 sub match_user($$) {
@@ -187,39 +187,39 @@ sub new {
 	$obj->deny("no GIT_DIR");
     }
 	
     if (defined($args{debug})) {
 	$obj->{debug} = $args{debug};
     } else {
-	$obj->{debug} = git_value('config', '--bool', 'hooks.acldebug') ||
+	$obj->{debug} = git_value('config', '--bool', 'hooks.acl.debug') ||
 	                $ENV{GIT_UPDATE_DEBUG} > 0;
     }
 
     if (defined($args{logfile})) {
 	$obj->{logfile} = $args{logfile};
     } else {
-	$obj->{logfile} = git_value('config', 'hooks.acllog');
+	$obj->{logfile} = git_value('config', 'hooks.acl.log');
     }
     if ($obj->{logfile} && $obj->{logfile} !~ /[>|]/) {
 	$obj->{logfile} = ">>$obj->{logfile}";
     }
 
     if (defined($args{quiet})) {
 	$obj->{quiet} = $args{quiet};
     } elsif (!$obj->{debug}) {
-	$obj->{quiet} = git_value('config', 'hooks.aclquiet');
+	$obj->{quiet} = git_value('config', 'hooks.acl.quiet');
     }
     
     if (defined($args{user})) {
 	$obj->{user_name} = $args{user};
     } else {
 	my ($u) = getpwuid $<;
 	$obj->{user_name} = $u;
     }
     $obj->deny("no such user") unless $obj->{user_name};
-    my $httpdusr = git_value('config', 'hooks.httpd-user');
+    my $httpdusr = git_value('config', 'hooks.acl.httpd-user');
     if (defined($httpdusr) and $obj->{user_name} eq $httpdusr) {
 	$obj->deny("need authenticated user") unless $ENV{AUTH_TYPE};
 	$obj->{user_name} = $ENV{REMOTE_USER};
     }
 
     $obj->{project_name} = get_project_name($obj->{git_dir});
@@ -258,13 +258,13 @@ sub new {
 sub check {
     my $self = shift;
 
     $self->info("$self->{user_name} requested $opstr{$self->{op}} ".
 		"on $self->{ref} in $self->{project_name}");
     
-    my $type = git_value('config', 'hooks.acltype');
+    my $type = git_value('config', 'hooks.acl.type');
     $type = "File" unless $type;
     
     my $r = eval("use GitACL::$type; GitACL::$type->new(\$self);");
     $self->deny("unsupported acltype: $@") unless $r;
 
     $r->check_acl;
diff --git a/lib/GitACL/File.pm b/lib/GitACL/File.pm
index efabfd4..f72c16d 100644
--- a/lib/GitACL/File.pm
+++ b/lib/GitACL/File.pm
@@ -20,13 +20,13 @@ use parent 'GitACL';
 sub check_acl {
     my $self = shift;
     my $fd;
     my $line = 0;
     my @ret;
     
-    my $filename = GitACL::git_value('config', 'hooks.aclfile');
+    my $filename = GitACL::git_value('config', 'hooks.acl.file');
     $self->allow("no ACL configured for ".$self->{project_name})
 	unless defined($filename);
 
     open($fd, "<", $filename)
 	or $self->deny("cannot open configuration file: $!");
     while (<$fd>) {
diff --git a/lib/GitACL/LDAP.pm b/lib/GitACL/LDAP.pm
index 22bfd8d..ac8fd06 100644
--- a/lib/GitACL/LDAP.pm
+++ b/lib/GitACL/LDAP.pm
@@ -18,13 +18,13 @@ package GitACL::LDAP;
 use parent 'GitACL';
 use strict;
 use Net::LDAP;
 
 sub parse_ldap_conf {
     my $self = shift;
-    my $filename = GitACL::git_value('config', 'hooks.aclldapconf') ||
+    my $filename = GitACL::git_value('config', 'hooks.acl.ldapconf') ||
 	           "/etc/ldap.conf";
 
     my $fd;
     open($fd, "<", $filename) or
 	$self->deny("cannot open file $filename: $!");
     while (<$fd>) {
author	Sergey Poznyakoff <gray@gnu.org.ua>	2014-07-29 17:08:50 +0300
committer	Sergey Poznyakoff <gray@gnu.org.ua>	2014-07-29 18:16:23 +0300
commit	d745c522f462e01aa576c6f93b94cbad6c631f73 (patch)
tree	854738e411b0f993ecaea3d5d3fb05280a621642
parent	ba7a48a2b88b33c6c49511fd4422d255264fac98 (diff)
download	gitaclhook-d745c522f462e01aa576c6f93b94cbad6c631f73.tar.gz gitaclhook-d745c522f462e01aa576c6f93b94cbad6c631f73.tar.bz2