| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 |
- #!/bin/sh
- # START-COMMIT HOOK
- #
- # The start-commit hook is invoked immediately after a Subversion txn is
- # created and populated with initial revprops in the process of doing a
- # commit. Subversion runs this hook by invoking a program (script,
- # executable, binary, etc.) named 'start-commit' (for which this file
- # is a template) with the following ordered arguments:
- #
- # [1] REPOS-PATH (the path to this repository)
- # [2] USER (the authenticated user attempting to commit)
- # [3] CAPABILITIES (a colon-separated list of capabilities reported
- # by the client; see note below)
- # [4] TXN-NAME (the name of the commit txn just created)
- #
- # Note: The CAPABILITIES parameter is new in Subversion 1.5, and 1.5
- # clients will typically report at least the "mergeinfo" capability.
- # If there are other capabilities, then the list is colon-separated,
- # e.g.: "mergeinfo:some-other-capability" (the order is undefined).
- #
- # Note: The TXN-NAME parameter is new in Subversion 1.8. Prior to version
- # 1.8, the start-commit hook was invoked before the commit txn was even
- # created, so the ability to inspect the commit txn and its metadata from
- # within the start-commit hook was not possible.
- #
- # The list is self-reported by the client. Therefore, you should not
- # make security assumptions based on the capabilities list, nor should
- # you assume that clients reliably report every capability they have.
- #
- # If the hook program exits with success, the commit continues; but
- # if it exits with failure (non-zero), the commit is stopped before
- # a Subversion txn is created, and STDERR is returned to the client.
- #
- # The default working directory for the invocation is undefined, so
- # the program should set one explicitly if it cares.
- #
- # On a Unix system, the normal procedure is to have 'start-commit'
- # invoke other programs to do the real work, though it may do the
- # work itself too.
- #
- # Note that 'start-commit' must be executable by the user(s) who will
- # invoke it (typically the user httpd runs as), and that user must
- # have filesystem-level permission to access the repository.
- #
- # On a Windows system, you should name the hook program
- # 'start-commit.bat' or 'start-commit.exe',
- # but the basic idea is the same.
- #
- # The hook program runs in an empty environment, unless the server is
- # explicitly configured otherwise. For example, a common problem is for
- # the PATH environment variable to not be set to its usual value, so
- # that subprograms fail to launch unless invoked via absolute path.
- # If you're having unexpected problems with a hook program, the
- # culprit may be unusual (or missing) environment variables.
- #
- # CAUTION:
- # For security reasons, you MUST always properly quote arguments when
- # you use them, as those arguments could contain whitespace or other
- # problematic characters. Additionally, you should delimit the list
- # of options with "--" before passing the arguments, so malicious
- # clients cannot bootleg unexpected options to the commands your
- # script aims to execute.
- # For similar reasons, you should also add a trailing @ to URLs which
- # are passed to SVN commands accepting URLs with peg revisions.
- #
- # Here is an example hook script, for a Unix /bin/sh interpreter.
- # For more examples and pre-written hooks, see those in
- # the Subversion repository at
- # http://svn.apache.org/repos/asf/subversion/trunk/tools/hook-scripts/ and
- # http://svn.apache.org/repos/asf/subversion/trunk/contrib/hook-scripts/
- REPOS="$1"
- USER="$2"
- commit-allower.pl --repository "$REPOS" --user "$USER" || exit 1
- special-auth-check.py --user "$USER" --auth-level 3 || exit 1
- # All checks passed, so allow the commit.
- exit 0
|
