Closed
Bug 670781
Opened 13 years ago
Closed 13 years ago
Ability to check branch commit permissions
Categories
(mozilla.org Graveyard :: Server Operations, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: mjessome, Assigned: nmeyerhans)
Details
We are looking for a way to automate the checking of commit permissions on specific branches. From what has been explained to me, these permissions are stored solely on the Unix filesystem, so this request is to ask for some sort of access so that we can check those permissions. The thought that we've had is to simply ssh in and query the filesystem for group permissions. bug 661629 gave us the ability to find who has certain levels of access, and now we need to know which levels of access correspond to which repositories. Thanks
Updated•13 years ago
|
Assignee: server-ops → nmeyerhans
OS: Mac OS X → Linux
Reporter | ||
Comment 1•13 years ago
|
||
Is there any update available as to what can be done to resolve this? Thanks.
OS: Linux → Mac OS X
Comment 2•13 years ago
|
||
We're working on a pretty tight deadline for this because of Marc's internship duration so an eta on this would be great for us to plan with. Thanks.
Severity: normal → major
Assignee | ||
Comment 3•13 years ago
|
||
So, my proposal would be to implement this as a simple CGI. E.g. http://hg.mozilla.org/repo-group?repo=/mozilla-central which would return a text/plain response containing the group ownership for the given repository. (e.g. scm_level_3) This information is public and documented on the mozilla wiki, so I don't see any reason to restrict access to this interface (though I also wouldn't go out of my way to advertise it) Does this work? If so, it should be a pretty simple thing to implement, and I should be able to do it in the next day or so.
Comment 4•13 years ago
|
||
(In reply to comment #3) > So, my proposal would be to implement this as a simple CGI. E.g. > http://hg.mozilla.org/repo-group?repo=/mozilla-central > which would return a text/plain response containing the group ownership for > the given repository. (e.g. scm_level_3) This information is public and > documented on the mozilla wiki, so I don't see any reason to restrict access > to this interface (though I also wouldn't go out of my way to advertise it) > > Does this work? If so, it should be a pretty simple thing to implement, and > I should be able to do it in the next day or so. This works very well for our purposes, thank you.
Comment 5•13 years ago
|
||
When doing this can we please have the urls match the repo location by relative path to hg.m.o? You might have already been planning to do it this way but I just wanted to make sure. eg: mozilla-central try integration/mozilla-inbound projects/jaegermonkey
Assignee | ||
Comment 6•13 years ago
|
||
Here's an example run: $ curl -s http://hg.mozilla.org/repo-group?repo=/releases/mozilla-aurora scm_level_3 The varnish cache that sits in front of hg.m.o will cache the results, which I don't think we really want, but this should only matter for short-lived repositories. Other than that, have at it.
Reporter | ||
Comment 7•13 years ago
|
||
Perfect, and that caching issue, as you said, shouldn't be a problem for our uses at all. I can't thank you enough Noah!
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Updated•9 years ago
|
Product: mozilla.org → mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•