summaryrefslogtreecommitdiff
path: root/usr/local/sbin/addaccess
blob: b1b291612d151f9c16f6c8ee7a21a75bb34c2b6d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
#!/usr/bin/perl

use strict;
use warnings;

my( $reponame, $uid, $gitowner);

if ( ( ! scalar $ARGV[1] ) or ( scalar $ARGV[2] ) ) { # must have exactly two arguments
  print( "Usage: addaccess USER REPONAME\n" );
  exit( 1 );
} elsif ( ( $ARGV[0] !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/ ) or ( $ARGV[1] !~ /^[a-z0-9][a-z0-9-]+$/ ) ) { # Extra paranoid sanity checking
  print( "Usage: addaccess USER REPONAME\n" );
  print( "  USER must consist only of letters, digits, underscores, periods, and dashes, and not start with a dash.\n" );
  print( "  REPONAME must consist only of lower case letters (a-z), digits (0-9), and minus (-) signs.\n" );
  print( "  REPONAME must be at least two characters long and must start with an alphanumeric character.\n" );
  exit( 1 );
} else {
  $reponame = $ARGV[1];
};

open (PASSWD, '/etc/passwd');
while(<PASSWD>) {
  if( $_ =~ /^$ENV{SUDO_USER}:.+?:(.+?):/ ) { $uid = $1; }; # grabbing uid.
};
close(PASSWD);

unless( -d "/srv/git/$reponame.git" ) {
  print( "/srv/git/$reponame.git doesn't exist!\n" );
  exit( 2 );
};

$gitowner = (stat( "/srv/git/$reponame.git" ))[4]; # grab owner uid of repository

if( ( $gitowner != $uid ) and ( $gitowner != 65534 ) ) {
  print( "$reponame is not owned by you!\n" );
  exit( 3 );
};

system( "/usr/sbin/adduser $ARGV[0] git-$reponame" );