aboutsummaryrefslogtreecommitdiff
path: root/brep/handler/submit/submit-git.bash.in
diff options
context:
space:
mode:
Diffstat (limited to 'brep/handler/submit/submit-git.bash.in')
-rw-r--r--brep/handler/submit/submit-git.bash.in102
1 files changed, 85 insertions, 17 deletions
diff --git a/brep/handler/submit/submit-git.bash.in b/brep/handler/submit/submit-git.bash.in
index 56cce33..cf7300d 100644
--- a/brep/handler/submit/submit-git.bash.in
+++ b/brep/handler/submit/submit-git.bash.in
@@ -1,5 +1,4 @@
# file : brep/handler/submit/submit-git.bash.in
-# copyright : Copyright (c) 2014-2019 Code Synthesis Ltd
# license : MIT; see accompanying LICENSE file
# Utility functions for the submit-git handler.
@@ -60,6 +59,10 @@ function owners_dir () # <repo-dir>
# Check if a repository already contains the package. Respond with the
# 'duplicate submission' result manifest and exit if that's the case.
#
+# Also check if the repository contains newer revision of this package
+# version. Respond with the 'newer revision is present' result manifest and
+# exit if that's the case.
+#
function check_package_duplicate () # <name> <version> <repo-dir>
{
trace_func "$@"
@@ -73,22 +76,54 @@ function check_package_duplicate () # <name> <version> <repo-dir>
run source "$rep/submit.config.bash"
- # Check for duplicate package in all sections. Use <name>-<version>.*
- # without .tar.gz in case we want to support more archive types later.
+ local rev
+ rev="$(version_revision "$ver")"
+
+ # Check for duplicate package and its newer revisions in all sections. Use
+ # <name>-<version>.* without .tar.gz in case we want to support more archive
+ # types later.
#
local s
for s in "${!sections[@]}"; do
local d="$rep/${sections[$s]}"
- if [ -d "$d" ]; then
- local f
- f="$(run find "$d" -name "$nam-$ver.*")"
+ # Check for duplicate.
+ #
+ local p
+ run pkg_find_archive "$nam-$ver.*" "$d" | readarray -t p
+
+ if [ "${#p[@]}" -ne 0 ]; then
+ local n="${p[1]}"
+ local v="${p[2]}"
- if [ -n "$f" ]; then
- trace "found: $f"
+ trace "found: $n/$v in ${p[0]}"
+
+ if [ "$n" == "$nam" ]; then
exit_with_manifest 422 "duplicate submission"
+ else
+ exit_with_manifest 422 "submission conflicts with $n/$v"
fi
fi
+
+ # Check for newer revision.
+ #
+ local arcs
+ run pkg_find_archives "$nam" "$ver*" "$d" | readarray -t arcs
+
+ local f
+ for f in "${arcs[@]}"; do
+ local p
+ pkg_verify_archive "$f" | readarray -t p
+
+ local v="${p[1]}"
+
+ local rv
+ rv="$(version_revision "$v")"
+
+ if [ "$rv" -gt "$rev" ]; then
+ exit_with_manifest 422 "newer revision $nam/$v is present"
+ fi
+ done
done
}
@@ -164,6 +199,7 @@ function auth_project () # <project> <control> <repo-dir>
local r="unknown"
local m="$d/$prj/project-owner.manifest"
+ local info=
# If the project owner manifest exists then parse it and try to authenticate
# the submitter as the project owner.
@@ -176,16 +212,31 @@ function auth_project () # <project> <control> <repo-dir>
local n v
while IFS=: read -ru "$manifest_parser_ofd" -d '' n v; do
- if [[ "$n" == "control" && "$ctl" == "$v"* ]]; then
- r="project"
- break
+ if [[ "$n" == "control" ]]; then
+ if [[ "$ctl" == "$v"* ]]; then
+ r="project"
+ break
+ fi
+
+ # If the control URLs don't match, then compare them case-
+ # insensitively, converting them to the lower case. If they match
+ # case-insensitively, then still fail the authentication but provide
+ # additional information in the manifest message value.
+ #
+ if [[ "${ctl,,}" == "${v,,}"* ]]; then
+ info="
+ info: control repository URL differs only in character case
+ info: submitted URL: $ctl
+ info: project owner's URL: $v
+ info: consider using --control to specify exact URL"
+ fi
fi
done
manifest_parser_finish
if [ "$r" != "project" ]; then
- exit_with_manifest 401 "project owner authentication failed"
+ exit_with_manifest 401 "project owner authentication failed$info"
fi
fi
@@ -211,7 +262,8 @@ function auth_package () # <project> <package> <control> <repo-dir>
local prj="$1"
local pkg="$2"
- local ctl="${3%.git}" # Strip the potential .git extension.
+ local ctl="${3%.git}" # For comparison strip the potential .git extension.
+ local ctl_orig="$3" # For diagnostics use the original URL.
local rep="$4"
local d
@@ -228,6 +280,7 @@ function auth_package () # <project> <package> <control> <repo-dir>
local r="unknown"
local m="$d/$prj/$pkg/package-owner.manifest"
+ local info=
# If the package owner manifest exists then parse it and try to authenticate
# the submitter as the package owner.
@@ -242,16 +295,31 @@ function auth_package () # <project> <package> <control> <repo-dir>
#
local n v
while IFS=: read -ru "$manifest_parser_ofd" -d '' n v; do
- if [ "$n" == "control" -a "${v%.git}" == "$ctl" ]; then
- r="package"
- break
+ if [ "$n" == "control" ]; then
+ local u="${v%.git}"
+
+ if [ "$u" == "$ctl" ]; then
+ r="package"
+ break
+ fi
+
+ # If the control URLs don't match, then compare them case-
+ # insensitively (see auth_project() for details).
+ #
+ if [ "${u,,}" == "${ctl,,}" ]; then
+ info="
+ info: control repository URL differs only in character case
+ info: submitted URL: $ctl_orig
+ info: package owner's URL: $v
+ info: consider using --control to specify exact URL"
+ fi
fi
done
manifest_parser_finish
if [ "$r" != "package" ]; then
- exit_with_manifest 401 "package owner authentication failed"
+ exit_with_manifest 401 "package owner authentication failed$info"
fi
fi