forked from dokku-community/dokku-acl
-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
pre-build
executable file
·41 lines (31 loc) · 1.2 KB
/
pre-build
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/usr/bin/env bash
set -eo pipefail
[[ $DOKKU_TRACE ]] && set -x
source "$PLUGIN_CORE_AVAILABLE_PATH/common/functions"
APP="$1"
ACL="$DOKKU_ROOT/$APP/acl"
DOKKU_SUPER_USER="${DOKKU_SUPER_USER:-}"
DOKKU_ACL_ALLOW_COMMAND_LINE="${DOKKU_ACL_ALLOW_COMMAND_LINE:-}"
if [[ -z "$NAME" ]]; then
# Command line usage doesn't set $NAME.
if [[ -z "$DOKKU_ACL_ALLOW_COMMAND_LINE" ]]; then
# Preserve legacy behaviour by default for safety, even though it's weird.
[[ -z "$DOKKU_SUPER_USER" ]] && exit 0
dokku_log_fail "It appears that you're running this command from the command" \
"line. The \"dokku-acl\" plugin disables this by default for" \
"safety. Please check the \"dokku-acl\" documentation for how" \
"to enable command line usage."
fi
exit 0
fi
if [[ ! -d "$ACL" ]]; then
if [[ -n "$DOKKU_SUPER_USER" ]] && [[ "$NAME" != "$DOKKU_SUPER_USER" ]]; then
dokku_log_fail "Only $DOKKU_SUPER_USER can modify a repository if the ACL is empty"
fi
exit 0 # all good, there are no restrictions
fi
ACL_FILE="$ACL/$NAME"
if [[ ! -f "$ACL_FILE" ]] && [[ "$NAME" != "$DOKKU_SUPER_USER" ]]; then
echo "User $NAME does not have permissions to modify this repository" >&2
exit 2
fi