Added readonlyusers.pl per bug 369013

git-svn-id: svn://10.0.0.236/trunk@226094 18797224-902f-48f8-a5cc-f745e15eee43
2007-05-08 00:17:32 +00:00 · 2007-05-08 00:17:32 +00:00 · 070a77ff9e
commit 070a77ff9e
parent a46388ac06
3 changed files with 46 additions and 0 deletions
--- a/CVSROOT/checkoutlist
+++ b/CVSROOT/checkoutlist
@ -18,3 +18,4 @@ dolog.pl
 FilesToNotExport
 cvsmailfilter.pl
 sendnotification.pl
+readonlyusers.pl
--- a/CVSROOT/commitinfo
+++ b/CVSROOT/commitinfo
@ -14,3 +14,4 @@
 # If the name "ALL" appears as a regular expression it is always used
 # in addition to the first matching regex or "DEFAULT".
 ALL		$CVSROOT/CVSROOT/commitcheck.pl
+ALL		$CVSROOT/CVSROOT/readonlyusers.pl
--- a/CVSROOT/readonlyusers.pl
+++ b/CVSROOT/readonlyusers.pl
@ -0,0 +1,44 @@
+#!/usr/bin/perl
+#
+# This is a simple script that forces specified users to
+# have read-only access to the CVS repository when using SSH.
+# This must be done in a pre-commit check script, as SSH users
+# must have an account on the server with access to the repository.
+# Returning "0" means the account is allowed to check-in. Any other
+# return type will stop the commit from occurring.
+#
+# Authors: Reed Loden <reed@mozilla.com>
+#          Aravind Gottipati <aravind@mozilla.com> 
+#
+# To make it work, you need to add the script name to
+# CVSROOT/checkoutlist so that the script is checked out correctly
+# on the CVS server.
+# Also, you need to add a line to your
+# CVSROOT/commitinfo file that says something like:
+#
+#      ALL	$CVSROOT/CVSROOT/readonlyusers.pl
+
+use strict;
+use warnings;
+
+# Hash of read-only users
+my %read_only_users = (
+                       'calbld'    => 1,
+                       'caminobld' => 1,
+                       'ffxbld'    => 1,
+                       'seabld'    => 1,
+                       'tbirdbld'  => 1,
+                       'nobody'    => 1,
+                       'xrbld'     => 1
+                      );
+
+my $username = $ENV{"CVS_USER"} || getlogin || (getpwuid($<))[0] || "nobody";
+
+if (exists $read_only_users{$username}) {
+    print STDERR "The $username account is not permitted to check-in to this CVS repository.\n";
+    print STDERR "If you think it should be allowed to do so, please contact\n";
+    print STDERR "the system administrators at sysadmins\@mozilla.org.\n";
+    exit 1;
+}
+
+exit 0;