| # Copyright (C) all contributors <meta@public-inbox.org> |
| # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt> |
| |
| # base class to ensures Xapian||SQLite files respect core.sharedRepository |
| # of git repos |
| package PublicInbox::Umask; |
| use v5.12; |
| use PublicInbox::OnDestroy; |
| |
| use constant { |
| PERM_UMASK => 0, |
| OLD_PERM_GROUP => 1, |
| OLD_PERM_EVERYBODY => 2, |
| PERM_GROUP => 0660, |
| PERM_EVERYBODY => 0664, |
| }; |
| |
| sub _read_git_config_perm { |
| my ($self) = @_; |
| chomp(my $perm = $self->git->qx('config', 'core.sharedRepository')); |
| $perm; |
| } |
| |
| sub _git_config_perm { |
| my $self = shift; |
| my $perm = scalar @_ ? $_[0] : _read_git_config_perm($self); |
| $perm //= ''; |
| return PERM_UMASK if $perm eq '' || $perm eq 'umask'; |
| return PERM_GROUP if $perm eq 'group'; |
| return PERM_EVERYBODY if $perm =~ /\A(?:all|world|everybody)\z/; |
| return PERM_GROUP if ($perm =~ /\A(?:true|yes|on|1)\z/); |
| return PERM_UMASK if ($perm =~ /\A(?:false|no|off|0)\z/); |
| |
| my $i = oct($perm); |
| return PERM_UMASK if $i == PERM_UMASK; |
| return PERM_GROUP if $i == OLD_PERM_GROUP; |
| return PERM_EVERYBODY if $i == OLD_PERM_EVERYBODY; |
| |
| if (($i & 0600) != 0600) { |
| die "core.sharedRepository mode invalid: ". |
| sprintf('%.3o', $i) . "\nOwner must have permissions\n"; |
| } |
| ($i & 0666); |
| } |
| |
| sub _umask_for { |
| my ($perm) = @_; # _git_config_perm return value |
| my $rv = $perm; |
| return umask if $rv == 0; |
| |
| # set +x bit if +r or +w were set |
| $rv |= 0100 if ($rv & 0600); |
| $rv |= 0010 if ($rv & 0060); |
| $rv |= 0001 if ($rv & 0006); |
| (~$rv & 0777); |
| } |
| |
| sub with_umask { |
| my ($self, $cb, @arg) = @_; |
| my $old = umask($self->{umask} //= umask_prepare($self)); |
| my $restore = on_destroy \&CORE::umask, $old; |
| $cb ? $cb->(@arg) : $restore; |
| } |
| |
| sub umask_prepare { |
| my ($self) = @_; |
| _umask_for(_git_config_perm($self)); |
| } |
| |
| 1; |
