mirror of https://git.sr.ht/~sircmpwn/git.sr.ht
Update git-srht-keys to use access module
This commit is contained in:
parent
b87bec255c
commit
4a13112868
|
@ -103,6 +103,7 @@ def shell():
|
|||
from srht.database import DbSession
|
||||
db = DbSession(cfg("sr.ht", "connection-string"))
|
||||
from gitsrht.types import User, Repository, RepoVisibility
|
||||
from gitsrht.access import has_access, UserAccess
|
||||
db.init()
|
||||
|
||||
user = User.query.filter(User.id == user_id).first()
|
||||
|
@ -129,14 +130,11 @@ def shell():
|
|||
if not repo:
|
||||
sys.exit(128)
|
||||
|
||||
# TODO: ACLs
|
||||
if cmd[0] == "git-receive-pack":
|
||||
# needs write access
|
||||
if user.id != repo.owner_id:
|
||||
if not has_access(repo, UserAccess.write, user):
|
||||
sys.exit(128)
|
||||
else:
|
||||
# needs read access
|
||||
if repo.visibility == RepoVisibility.private and user.id != repo.owner_id:
|
||||
if not has_access(repo, UserAccess.read, user):
|
||||
sys.exit(128)
|
||||
|
||||
log("Executing {}", _cmd)
|
||||
|
|
|
@ -21,7 +21,9 @@ def get_repo(owner_name, repo_name):
|
|||
# TODO: organizations
|
||||
return None, None
|
||||
|
||||
def get_access(repo):
|
||||
def get_access(repo, user=None):
|
||||
if not user:
|
||||
user = current_user
|
||||
# TODO: ACLs
|
||||
if not repo:
|
||||
return UserAccess.none
|
||||
|
@ -35,8 +37,10 @@ def get_access(repo):
|
|||
return UserAccess.none
|
||||
return UserAccess.read
|
||||
|
||||
def has_access(repo, access):
|
||||
return access in get_access(repo)
|
||||
def has_access(repo, access, user=None):
|
||||
if not user:
|
||||
user = current_user
|
||||
return access in get_access(repo, user)
|
||||
|
||||
def check_access(owner_name, repo_name, access):
|
||||
owner, repo = get_repo(owner_name, repo_name)
|
||||
|
|
Loading…
Reference in New Issue