/usr/lib/obs/server/BSAccess.pm is in obs-server 2.7.4-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 | #
# Copyright (c) 2010, Novell Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program (see the file COPYING); if not, write to the
# Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
#
################################################################
package BSAccess;
use BSUtil;
use BSXML;
use strict;
our $projectsdir;
sub set_projectsdir {
$projectsdir = $_[0];
}
sub has_role {
my ($userid, $d, $role) = @_;
return 0 unless $d;
for (@{$d->{'person'} || []}) {
next if $_->{'userid'} ne $userid;
return 1 if !defined($role) || $_->{'role'} eq $role;
}
return 0;
}
sub may_read {
die("projectsdir not set\n") unless $projectsdir;
return;
}
sub may_write {
my ($userid, $projid, $packid) = @_;
die("projectsdir not set\n") unless $projectsdir;
if (defined $packid) {
my $pack = readxml("$projectsdir/$projid.pkg/$packid.xml", $BSXML::pack, 1);
return if has_role($userid, $pack, 'maintainer');
}
my $p = $projid;
while ($p ne '') {
my $proj = readxml("$projectsdir/$p.xml", $BSXML::proj, 1);
return if has_role($userid, $proj, 'maintainer');
last unless $p =~ s/:[^:]*$//s;
}
my $proj = readxml("$projectsdir/:master.xml", $BSXML::proj, 1);
return if has_role($userid, $proj, 'maintainer');
die("no write access to package $packid in project $projid\n") if defined $packid;
die("no write access to project $projid\n");
}
1;
|