Problems with a gitosis port

Adam Olsen arolsen at gmail.com
Wed Nov 26 18:34:50 GMT 2008 

On Mon, Nov 24, 2008 at 6:10 PM, Andrew Bennetts
<andrew.bennetts at canonical.com> wrote:
> So enforcing the restrictions at connection time is too soon.  Michael's
> suggestion to do it inside bzr with a plugin delays worrying about the
> restrictions until the client actually tries to access files.  You can use
> the same SSH configuration that you use to start gitosis or bzr_access to
> run your plugin, say "bzr restricted-serve ...", which implements a custom
> bzrlib transport with your policies.  This can work quite well I think, but
> is probably more complicated than how gitosis works.

Ok, I got something working, but it's probably some sort of
abomination.  Currently I do have a bzr serve wrapper, which basically
runs "bzr serve --inet --directory=/[username] --allow-writes" - I
figure I can override directory here with a custom value because the
base directory will always be the same in this case.  I then wrote a
plugin containing a custom transport that looks something like this:

from bzrlib.transport import local

class BazLocalTransport(local.LocalTransport):
    def __init__(self, base):
        self.user = base.replace('file:///', '')
        base = "file://%s" % os.path.join(os.getenv('HOME'), 'repositories'
        local.LocalTransport.__init__(self, base)

    def get(self, path):
        self.ensure_perms(self.cfg, self.user, path)
        return local.LocalTransport.get(self, path)

    def put_file(self, relpath, f, mode=None):
        self.ensure_perms(self.cfg, self.user, relpath)
        local.LocalTransport.put_file(self, relpath, f, mode)

    def mkdir(self, relpath, mode=None):
        self.ensure_perms(self.cfg, self.user, relpath)
        local.LocalTransport.mkdir(self, relpath, mode)

    def ensure_perms(self, cfg, user, path, mode):
        # permissions checks are done here


To register the transport, I run:
transport.register_transport('file://', BazLocalTransport) - which
appears to work because in bzrlib/transport/__init__.py, every time
you register a transport it's inserted into the 0 index of the list of
transports.

I imagine this probably won't work with shared repositories, but it
does appear to work otherwise.  Is there a better way to register the
transport?

-- 
Adam Olsen
SendOutCards.com
http://www.vimtips.org
http://last.fm/user/synic

More information about the bazaar mailing list