#include "stra.h"
#include "git_acl.h"
+#define ANYID "*"
+
enum {
DFLT_IDS_SZ = 32
};
char *p = my_strtok(&s, " \t\n");
while (p) {
- if (!strcmp(p, word)) {
+ if (!strcmp(p, word) || !strcmp(p, ANYID)) {
free(_s);
return true;
}
if (!repo || my_strtok(&p, " \t\n"))
die("acl_handler: badly formatted section '%s'", section);
/* repo is repo name, name is userid, value is permission */
- if (stra_find(&acl->repoids, repo) >= 0 &&
- stra_find(&acl->userids, name) >= 0) {
+ if ((!strcmp(repo, ANYID) || stra_find(&acl->repoids, repo) >= 0) &&
+ (!strcmp(name, ANYID) || stra_find(&acl->userids, name) >= 0)) {
acl->perms = perms_from_str(value);
set_lm_repoid(repo);
set_lm_userid(name);
# and repo for which permissions are requested will satisfy the request. Any
# other possible matches later in the configuration file are irrelevant.
#
+# The asterisk ('*') used as a userid means any user. Similarly, an asterisk
+# used as a repoid means any repo.
+#
# A user/repo combination that has no match in the git_acl.cfg file is reported
# as the separate NOTFOUND permission, but is effectively treated the same as
# the NONE permission.
[user_groups]
-devs = steve dave jobu
-qa = frank bill ted mike
+devs = steve dave mike
+qa = frank bill
+allusers = *
[repo_groups]
-mirrors = mirrors/tinyos.git mirrors/chibios.git
public = oss-web.git repo_shell.git cp210x.git
private = redmine.git nesc.git
[repo nesc.git]
-steve =
-ted = rw
-qa = r
+steve = r
+devs = rw
+* = r
[repo oss-web.git]
steve = rw
devs = r
-[repo mirrors/tinyos.git]
-jobu = rw
-steve = r
-devs = -
-qa = r
-
[repo public]
-dave = rw
-devs = -
-qa = r
+devs = rw
+allusers = r
[repo private]
-steve = rw
-dave = rw
-devs =
+devs = rw
+qa = r
-[repo mirrors]
-jobu = r
+[repo *]
devs = rw
+* = r