From e2c005b490df6762e23da3223944151c17d1de80 Mon Sep 17 00:00:00 2001
From: Pierre Schmitz <pierre@archlinux.de>
Date: Fri, 13 Aug 2010 08:20:27 +0200
Subject: Check permission before any action

Added a function to check if user has permission to alter the repos
and db files.
---
 db-functions        | 29 ++++++++++++++++++++++++++++-
 db-move             |  5 +++++
 db-remove           |  5 +++++
 db-update           | 10 +---------
 test/lib/common.inc | 49 +++++++++++++++++++++++++++++++++----------------
 5 files changed, 72 insertions(+), 26 deletions(-)

diff --git a/db-functions b/db-functions
index c4fc8f3..f22567b 100644
--- a/db-functions
+++ b/db-functions
@@ -73,7 +73,7 @@ die() {
 	cleanup 1
 }
 
-trap abort INT QUIT TERM
+trap abort INT QUIT TERM HUP
 trap cleanup EXIT
 
 
@@ -274,3 +274,30 @@ pkgver_from_src() {
 	tmp=${tmp%-any}
 	echo $tmp | sed 's|.*-\(.*-.*\)$|\1|g'
 }
+
+check_repo_permission() {
+	local repo=$1
+
+	local repos="$(get_repos_for_host)"
+	local found=false
+	local r
+	for r in $repos; do
+		if [ "$r" = "$repo" ]; then
+			found=true
+		fi
+	done
+	[ $found ] || return 1
+
+	[ -w "$FTP_BASE/$(get_pkgpool_for_host)" ] || return 1
+
+	local arch
+	for arch in ${ARCHES} any; do
+		local w
+		local ws=("${FTP_BASE}/${repo}/os/${arch}/"{,${repo}${DBEXT}})
+		for w in ws; do
+			[ -w ] || return 1
+		done
+	done
+
+	return 0
+}
diff --git a/db-move b/db-move
index d18a4fa..41b360d 100755
--- a/db-move
+++ b/db-move
@@ -23,6 +23,11 @@ ftppath_to="$FTP_BASE/$repoto/os/"
 svnrepo_from="$repofrom-$arch"
 svnrepo_to="$repoto-$arch"
 
+if ! check_repo_permission $repoto || ! check_repo_permission $repofrom; then
+	echo "Error: You don't have permission to move packages from ${repofrom} to ${repoto}"
+	exit 1
+fi
+
 repo_lock $repoto $arch || exit 1
 repo_lock $repofrom $arch || exit 1
 
diff --git a/db-remove b/db-remove
index 5a55849..1492d18 100755
--- a/db-remove
+++ b/db-remove
@@ -15,6 +15,11 @@ arch="$3"
 ftppath="$FTP_BASE/$reponame/os"
 svnrepo="$reponame-$arch"
 
+if ! check_repo_permission $reponame; then
+	echo "Error: You don't have permission to remove packages from ${reponam}"
+	exit 1
+fi
+
 repo_lock $reponame $arch || exit 1
 
 echo -n "Removing $packagebase from $reponame..."
diff --git a/db-update b/db-update
index 46becac..c049714 100755
--- a/db-update
+++ b/db-update
@@ -11,15 +11,7 @@ fi
 reponame="$1"
 current_arch=""
 
-# ensure we should be playing with this DB on this server
-repos="$(get_repos_for_host)"
-found=0
-for r in $repos; do
-	if [ "$r" = "$reponame" ]; then
-		found=1
-	fi
-done
-if [ $found -ne 1 ]; then
+if ! check_repo_permission "$reponame"; then
 	echo "error: you shouldn't be updating $reponame on this server!"
 	exit 1
 fi
diff --git a/test/lib/common.inc b/test/lib/common.inc
index 89155c7..795d01a 100644
--- a/test/lib/common.inc
+++ b/test/lib/common.inc
@@ -1,3 +1,5 @@
+set -E
+
 . "${curdir}/../db-functions"
 
 oneTimeSetUp() {
@@ -8,7 +10,9 @@ oneTimeSetUp() {
 	for p in "${pkgdir}"/*; do
 		pushd $p >/dev/null
 		linux32 makepkg -cf --config ${curdir}/lib/makepkg-i686.conf >/dev/null 2>&1 || die 'makepkg failed'
-		[ -f *-any.pkg.tar.* ] || linux64 makepkg -cf --config ${curdir}/lib/makepkg-x86_64.conf >/dev/null 2>&1 || die 'makepkg failed'
+		[ -f *-any.pkg.tar.* ] \
+			|| linux64 makepkg -cf --config ${curdir}/lib/makepkg-x86_64.conf >/dev/null 2>&1 \
+			|| die 'makepkg failed'
 		popd >/dev/null
 	done
 	echo 'done'
@@ -23,7 +27,7 @@ setUp() {
 	local p
 	local pkg
 
-	[ -f "${curdir}/../config.local" ] && die "${curdir}/../config.local exists"
+	#[ -f "${curdir}/../config.local" ] && die "${curdir}/../config.local exists"
 	TMP="$(mktemp -d /dev/shm/$(basename $0).XXXXXXXXXX)"
 	#echo "Using ${TMP}"
 
@@ -82,17 +86,20 @@ checkAnyPackage() {
 	local pkg=$2
 	local arch
 
-	[ -f "${FTP_BASE}/$(get_pkgpool_for_host)/${pkg}" ] || fail "$(get_pkgpool_for_host)/${pkg} not found"
+	[ -r "${FTP_BASE}/$(get_pkgpool_for_host)/${pkg}" ] || fail "$(get_pkgpool_for_host)/${pkg} not found"
 
 	for arch in i686 x86_64; do
 		[ -L "${FTP_BASE}/${repo}/os/${arch}/${pkg}" ] || fail "${repo}/os/${arch}/${pkg} not a symlink"
-		[ "$(readlink -e "${FTP_BASE}/${repo}/os/${arch}/${pkg}")" == "${FTP_BASE}/$(get_pkgpool_for_host)/${pkg}" ] || fail "${repo}/os/${arch}/${pkg} does not link to $(get_pkgpool_for_host)/${pkg}"
+		[ "$(readlink -e "${FTP_BASE}/${repo}/os/${arch}/${pkg}")" == "${FTP_BASE}/$(get_pkgpool_for_host)/${pkg}" ] \
+			|| fail "${repo}/os/${arch}/${pkg} does not link to $(get_pkgpool_for_host)/${pkg}"
 	done
-	[ -f "${STAGING}"/${repo}/${pkg} ] && fail "${repo}/${pkg} found in staging dir"
+	[ -r "${STAGING}"/${repo}/${pkg} ] && fail "${repo}/${pkg} found in staging dir"
 
-	bsdtar -xf "${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT%.tar.*}" -O | grep -q ${pkg} || fail "${pkg} not in ${repo}/os/${arch}/${repo}${DBEXT%.tar.*}"
+	( [ -r "${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT%.tar.*}" ] \
+		&& bsdtar -xf "${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT%.tar.*}" -O | grep -q ${pkg}) \
+		|| fail "${pkg} not in ${repo}/os/${arch}/${repo}${DBEXT%.tar.*}"
 
-	[ -f "${FTP_BASE}/${repo}/os/any/${pkg}" ] && fail "${repo}/os/any/${pkg} should not exist"
+	[ -r "${FTP_BASE}/${repo}/os/any/${pkg}" ] && fail "${repo}/os/any/${pkg} should not exist"
 }
 
 checkPackage() {
@@ -100,17 +107,21 @@ checkPackage() {
 	local pkg=$2
 	local arch=$3
 
-	[ -f "${FTP_BASE}/$(get_pkgpool_for_host)/${pkg}" ] || fail "$(get_pkgpool_for_host)/${pkg} not found"
+	[ -r "${FTP_BASE}/$(get_pkgpool_for_host)/${pkg}" ] || fail "$(get_pkgpool_for_host)/${pkg} not found"
 	[ -L "${FTP_BASE}/${repo}/os/${arch}/${pkg}" ] || fail "${repo}/os/${arch}/${pkg} not a symlink"
-	[ -f "${STAGING}"/${repo}/${pkg} ] && fail "${repo}/${pkg} found in staging dir"
+	[ -r "${STAGING}"/${repo}/${pkg} ] && fail "${repo}/${pkg} found in staging dir"
 
-	[ "$(readlink -e "${FTP_BASE}/${repo}/os/${arch}/${pkg}")" == "${FTP_BASE}/$(get_pkgpool_for_host)/${pkg}" ] || fail "${repo}/os/${arch}/${pkg} does not link to $(get_pkgpool_for_host)/${pkg}"
+	[ "$(readlink -e "${FTP_BASE}/${repo}/os/${arch}/${pkg}")" == "${FTP_BASE}/$(get_pkgpool_for_host)/${pkg}" ] \
+		|| fail "${repo}/os/${arch}/${pkg} does not link to $(get_pkgpool_for_host)/${pkg}"
 
-	bsdtar -xf "${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT%.tar.*}" -O | grep -q ${pkg} || fail "${pkg} not in ${repo}/os/${arch}/${repo}${DBEXT%.tar.*}"
+	( [ -r "${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT%.tar.*}" ] \
+		&& bsdtar -xf "${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT%.tar.*}" -O | grep -q ${pkg}) \
+		|| fail "${pkg} not in ${repo}/os/${arch}/${repo}${DBEXT%.tar.*}"
 
 	local pkgbase=$(getpkgbase "${FTP_BASE}/$(get_pkgpool_for_host)/${pkg}")
 	svn up -q "${TMP}/svn-packages-copy/${pkgbase}"
-	[ -d "${TMP}/svn-packages-copy/${pkgbase}/repos/${repo}-${arch}" ] || fail "svn-packages-copy/${pkgbase}/repos/${repo}-${arch} does not exist"
+	[ -d "${TMP}/svn-packages-copy/${pkgbase}/repos/${repo}-${arch}" ] \
+		|| fail "svn-packages-copy/${pkgbase}/repos/${repo}-${arch} does not exist"
 }
 
 checkRemovedPackage() {
@@ -118,10 +129,13 @@ checkRemovedPackage() {
 	local pkgbase=$2
 	local arch=$3
 
-	bsdtar -xf "${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT%.tar.*}" -O | grep -q ${pkgbase} && fail "${pkgbase} should not be in ${repo}/os/${arch}/${repo}${DBEXT%.tar.*}"
+	( [ -r "${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT%.tar.*}" ] \
+		&& bsdtar -xf "${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT%.tar.*}" -O | grep -q ${pkgbase}) \
+		&& fail "${pkgbase} should not be in ${repo}/os/${arch}/${repo}${DBEXT%.tar.*}"
 
 	svn up -q "${TMP}/svn-packages-copy/${pkgbase}"
-	[ -d "${TMP}/svn-packages-copy/${pkgbase}/repos/${repo}-${arch}" ] && fail "svn-packages-copy/${pkgbase}/repos/${repo}-${arch} should not exist"
+	[ -d "${TMP}/svn-packages-copy/${pkgbase}/repos/${repo}-${arch}" ] \
+		&& fail "svn-packages-copy/${pkgbase}/repos/${repo}-${arch} should not exist"
 }
 
 checkRemovedAnyPackage() {
@@ -130,9 +144,12 @@ checkRemovedAnyPackage() {
 	local arch
 
 	for arch in i686 x86_64; do
-		bsdtar -xf "${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT%.tar.*}" -O | grep -q ${pkgbase} && fail "${pkgbase} should not be in ${repo}/os/${arch}/${repo}${DBEXT%.tar.*}"
+		( [ -r "${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT%.tar.*}" ] \
+			&& bsdtar -xf "${FTP_BASE}/${repo}/os/${arch}/${repo}${DBEXT%.tar.*}" -O | grep -q ${pkgbase}) \
+			&& fail "${pkgbase} should not be in ${repo}/os/${arch}/${repo}${DBEXT%.tar.*}"
 	done
 
 	svn up -q "${TMP}/svn-packages-copy/${pkgbase}"
-	[ -d "${TMP}/svn-packages-copy/${pkgbase}/repos/${repo}-any" ] && fail "svn-packages-copy/${pkgbase}/repos/${repo}-any should not exist"
+	[ -d "${TMP}/svn-packages-copy/${pkgbase}/repos/${repo}-any" ] \
+		&& fail "svn-packages-copy/${pkgbase}/repos/${repo}-any should not exist"
 }
\ No newline at end of file
-- 
cgit v1.2.3-24-g4f1b