bug-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] - Allow lock for non-admin users.


From: Eric Dumas
Subject: [PATCH] - Allow lock for non-admin users.
Date: Tue, 04 Nov 2003 16:03:11 +0200
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007


Hello,

The current lock feature usable by admins, cvs admin -l and
cvs admin -u, seems to not be available to end users - which
makes sense when using CVS for product development. We are
using CVS not only for application development, but as well
for documents and this require to have people being able
to lock their documents.

Patch is bellow.


Thank you.

--
           Eric Dumas (address@hidden) @Sofia
         Tel: (Sofia) +359 89.216.732 (US) +1 650.216.2030

===================================================================
RCS file: /opt/cvsroot/CvsTools/CVSServerDev/cvs-1.11.5/src/admin.c,v
retrieving revision 1.1.1.1
diff -a -u -r1.1.1.1 admin.c
--- admin.c     18 Feb 2003 15:06:39 -0000      1.1.1.1
+++ admin.c     20 Feb 2003 10:27:25 -0000
@@ -15,6 +15,10 @@
 #endif
 #include <assert.h>

+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+char *userLockDirectory = "weednet";
+#endif
+
 static Dtype admin_dirproc PROTO ((void *callerdat, char *dir,
                                   char *repos, char *update_dir,
                                   List *entries));
@@ -154,6 +158,16 @@
     int i;
     int only_k_option;

+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+    /*
+      In the case we are not part of the admin group, only a lock or
+      an unlock operation is allowded.
+    */
+    int lock_option = 0;
+    int unlock_option = 0;
+    int other_option = 0;
+#endif
+
     if (argc <= 1)
        usage (admin_usage);

@@ -175,6 +189,9 @@
        switch (c)
        {
            case 'i':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                /* This has always been documented as useless in cvs.texinfo
                   and it really is--admin_fileproc silently does nothing
                   if vers->vn_user is NULL. */
@@ -183,6 +200,9 @@
                goto usage_error;

            case 'b':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                if (admin_data.branch != NULL)
                {
                    error (0, 0, "duplicate 'b' option");
@@ -199,6 +219,9 @@
                break;

            case 'c':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                if (admin_data.comment != NULL)
                {
                    error (0, 0, "duplicate 'c' option");
@@ -210,10 +233,16 @@
                break;

            case 'a':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                arg_add (&admin_data, 'a', optarg);
                break;

            case 'A':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                /* In the client/server case, this is cheesy because
                   we just pass along the name of the RCS file, which
                   then will want to exist on the server.  This is
@@ -223,20 +252,32 @@
                break;

            case 'e':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                arg_add (&admin_data, 'e', optarg);
                break;

            case 'l':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        lock_option = 1;
+#endif
                /* Note that multiple -l options are legal.  */
                arg_add (&admin_data, 'l', optarg);
                break;

            case 'u':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        unlock_option = 1;
+#endif
                /* Note that multiple -u options are legal.  */
                arg_add (&admin_data, 'u', optarg);
                break;

            case 'L':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                /* Probably could also complain if -L is specified multiple
                   times, although RCS doesn't and I suppose it is reasonable
                   just to have it mean the same as a single -L.  */
@@ -249,6 +290,9 @@
                break;

            case 'U':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                /* Probably could also complain if -U is specified multiple
                   times, although RCS doesn't and I suppose it is reasonable
                   just to have it mean the same as a single -U.  */
@@ -261,6 +305,9 @@
                break;

            case 'n':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                /* Mostly similar to cvs tag.  Could also be parsing
                   the syntax of optarg, although for now we just pass
                   it to rcs as-is.  Note that multiple -n options are
@@ -269,6 +316,9 @@
                break;

            case 'N':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                /* Mostly similar to cvs tag.  Could also be parsing
                   the syntax of optarg, although for now we just pass
                   it to rcs as-is.  Note that multiple -N options are
@@ -277,6 +327,9 @@
                break;

            case 'm':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                /* Change log message.  Could also be parsing the syntax
                   of optarg, although for now we just pass it to rcs
                   as-is.  Note that multiple -m options are legal.  */
@@ -284,6 +337,9 @@
                break;

            case 'o':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                /* Delete revisions.  Probably should also be parsing the
                   syntax of optarg, so that the client can give errors
                   rather than making the server take care of that.
@@ -304,11 +360,17 @@
                break;

            case 's':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                /* Note that multiple -s options are legal.  */
                arg_add (&admin_data, 's', optarg);
                break;

            case 't':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                if (admin_data.desc != NULL)
                {
                    error (0, 0, "duplicate 't' option");
@@ -327,12 +389,18 @@
                break;

            case 'I':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                /* At least in RCS this can be specified several times,
                   with the same meaning as being specified once.  */
                admin_data.interactive = 1;
                break;

            case 'q':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                /* Silently set the global really_quiet flag.  This keeps admin 
in
                 * sync with the RCS man page and allows us to silently support
                 * older servers when necessary.
@@ -355,6 +423,9 @@
                break;

            case 'k':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+        other_option = 1;
+#endif
                if (admin_data.kflag != NULL)
                {
                    error (0, 0, "duplicate '-k' option");
@@ -407,20 +478,42 @@
        for (i = 0; i <= n; i++)
            if (grps[i] == grp->gr_gid) break;
        free (grps);
-       if (i > n)
+
+       if (i > n) {
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+      if ( ( other_option ) ||
+           ( lock_option && unlock_option ) ||
+           ( !lock_option && !unlock_option ) ) {
            error (1, 0, "usage is restricted to members of the group %s",
                   CVS_ADMIN_GROUP);
+      }
+#else
+           error (1, 0, "usage is restricted to members of the group %s",
+                  CVS_ADMIN_GROUP);
+#endif
+    }
 #else
        char *me = getcaller();
        char **grnam;
        
        for (grnam = grp->gr_mem; *grnam; grnam++)
            if (strcmp (*grnam, me) == 0) break;
-       if (!*grnam && getgid() != grp->gr_gid)
+       if (!*grnam && getgid() != grp->gr_gid) {
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+      if ( ( other_option ) ||
+           ( lock_option && unlock_option ) ||
+           ( !lock_option && !unlock_option ) ) {
+           error (1, 0, "usage is restricted to members of the group %s",
+                  CVS_ADMIN_GROUP);
+      }
+#else
            error (1, 0, "usage is restricted to members of the group %s",
                   CVS_ADMIN_GROUP);
 #endif
     }
+
+#endif
+    }
 #endif /* defined CVS_ADMIN_GROUP */

     for (i = 0; i < admin_data.ac; ++i)
@@ -857,6 +950,7 @@
                    status = 1;
                    continue;
                }
+
                *p++ = ':';
                msg = p;

@@ -873,10 +967,36 @@
                break;

            case 'l':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+          // Check that the RCS->path contains the directory
+          // allowed.
+          if ( strstr( rcs->path, userLockDirectory ) == NULL ) {
+            error(0,0, "Trying to lock file not in the allowed zone",
+                  rcs->path );
+            status = 1;
+          } else {
                status |= RCS_lock (rcs, arg[2] ? arg + 2 : NULL, 0);
+          }
+#else
+          status |= RCS_lock (rcs, arg[2] ? arg + 2 : NULL, 0);
+#endif
+
+
                break;
            case 'u':
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+          // Check that the RCS->path contains the directory
+          // allowed.
+          if ( strstr( rcs->path, userLockDirectory ) == NULL ) {
+            error(0,0, "Trying to lock file not in the allowed zone",
+                  rcs->path );
+            status = 1;
+          } else {
+            status |= RCS_unlock (rcs, arg[2] ? arg + 2 : NULL, 0);
+          }
+#else
                status |= RCS_unlock (rcs, arg[2] ? arg + 2 : NULL, 0);
+#endif
                break;
            default: assert(0); /* can't happen */
        }
Index: parseinfo.c
===================================================================
RCS file: /opt/cvsroot/CvsTools/CVSServerDev/cvs-1.11.5/src/parseinfo.c,v
retrieving revision 1.1.1.1
diff -a -u -r1.1.1.1 parseinfo.c
--- parseinfo.c 18 Feb 2003 15:07:08 -0000      1.1.1.1
+++ parseinfo.c 20 Feb 2003 10:27:27 -0000
@@ -12,6 +12,10 @@

 extern char *logHistory;

+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+extern char *userLockDirectory;
+#endif
+
 /*
  * Parse the INFOFILE file for the specified REPOSITORY.  Invoke
CALLPROC for
  * the first line in the file that matches the REPOSITORY, or if ALL
!= 0, any lines
@@ -398,8 +402,14 @@
            else if (strcmp (p, "stat") == 0)
              RereadLogAfterVerify = LOGMSG_REREAD_STAT;
        }
-       else
-       {
+#ifdef SUPPORT_LOCKING_FROM_OTHER_USERS
+       else if (strcmp (line, "UserLockDirectory" ) == 0 ) {
+      userLockDirectory = xmalloc( strlen(p) + 1 );
+      strcpy( userLockDirectory, p );
+    }
+#endif
+    else
+    {
            /* We may be dealing with a keyword which was added in a
               subsequent version of CVS.  In that case it is a good idea
               to complain, as (1) the keyword might enable a behavior like









reply via email to

[Prev in Thread] Current Thread [Next in Thread]