From b8e5cace94e06be0c32a27872faec4b881e6b9ab Mon Sep 17 00:00:00 2001
From: Alexander Gavrilov <angavrilov@gmail.com>
Date: Fri, 17 Oct 2008 20:39:19 +0400
Subject: [PATCH] Allow specifying blanket read access for groups and users.

An allow-read-all option allows creating 'administrator'
groups and users, who can read any repository.

Signed-off-by: Alexander Gavrilov <angavrilov@gmail.com>
---
 gitosis/access.py           | 18 ++++++++++++++++++
 gitosis/test/test_access.py | 13 ++++++++++++-
 2 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/gitosis/access.py b/gitosis/access.py
index bd86bb4..d7141b0 100644
--- a/gitosis/access.py
+++ b/gitosis/access.py
@@ -99,6 +99,16 @@ def haveAccess(config, user, mode, path):
                     mapping=mapping,
                     ))
 
+        if mapping is None and mode == 'readonly':
+            try:
+                if config.getboolean(sectname, 'allow-read-all'):
+                    log.debug(
+                        'Access ok for %(user)r as %(mode)r on %(path)r via allow-read-all'
+                        % dict(user=user,mode=mode,path=path))
+                    mapping = path
+            except (NoSectionError, NoOptionError):
+                pass
+
         if mapping is not None:
             prefix = None
             try:
@@ -170,6 +180,14 @@ def listAccess(config, mode, path, users, groups):
                 if ivalue == path and iname.startswith('map %s ' % mode):
                     out_set.add(name)
 
+        if mode == 'readonly':
+            try:
+                if config.getboolean(sectname, 'allow-read-all'):
+                    out_set.add(name)
+            except (NoSectionError, NoOptionError):
+                pass
+
+
     owner = getOwnerAccess(config, mode, path)
     if owner is not None:
         users.add(owner)
diff --git a/gitosis/test/test_access.py b/gitosis/test/test_access.py
index 813e4b1..ac24e5f 100644
--- a/gitosis/test/test_access.py
+++ b/gitosis/test/test_access.py
@@ -159,6 +159,15 @@ def test_bad_owner():
         config=cfg, user='jdoe', mode='readonly', path='xyzzy'),
        None)
 
+def test_allow_all():
+    cfg = RawConfigParser()
+    cfg.add_section('user jdoe')
+    cfg.set('user jdoe', 'allow-read-all', 'yes')
+    cfg.add_section('repo xyzzy')
+    eq(access.haveAccess(
+        config=cfg, user='jdoe', mode='readonly', path='xyzzy'),
+       ('repositories', 'xyzzy'))
+
 def test_base_local():
     cfg = RawConfigParser()
     cfg.add_section('group fooers')
@@ -194,13 +203,15 @@ def test_list_read():
     cfg.add_section('user jdoe')
     cfg.set('user jdoe', 'readonly', 'baz/quux/thud')
     cfg.add_section('user master')
+    cfg.add_section('user admin')
+    cfg.set('user admin', 'allow-read-all', 'yes')
     cfg.add_section('repo baz/quux/thud')
     cfg.set('repo baz/quux/thud', 'owner', 'master')
     users = set()
     groups = set()
     access.listAccess(cfg,'readonly','baz/quux/thud',users,groups)
     eq(sorted(groups), ['mooers'])
-    eq(sorted(users), ['jdoe','master'])
+    eq(sorted(users), ['admin','jdoe','master'])
 
 def test_list_all():
     cfg = RawConfigParser()
-- 
2.11.4.GIT