| | |
| 1 | module Gitorious |
| 2 | module Gitto |
| 3 | |
| 4 | class BadShaError < StandardError; end # :nodoc: |
| 5 | |
| 6 | # The point of this class is primary to prevent dangerous/malicious arguments |
| 7 | # to be passed down to the underlying Git library, since it shells out to |
| 8 | # the git binary. |
| 9 | class Gitto |
| 10 | def initialize(repository_path) |
| 11 | @repository_path = repository_path |
| 12 | @git = Git.bare(@repository_path) |
| 13 | end |
| 14 | attr_reader :repository_path, :git |
| 15 | |
| 16 | def log(num, skip=nil) |
| 17 | @git.log(num, skip) |
| 18 | end |
| 19 | |
| 20 | def tree(sha) |
| 21 | check_sha(sha) |
| 22 | @git.gtree(sha) |
| 23 | end |
| 24 | |
| 25 | def commit(sha) |
| 26 | check_sha(sha) |
| 27 | @git.gcommit(sha) |
| 28 | end |
| 29 | |
| 30 | def diff(old_sha, new_sha) |
| 31 | check_sha(old_sha) |
| 32 | check_sha(new_sha) |
| 33 | @git.diff(old_sha, new_sha) |
| 34 | end |
| 35 | |
| 36 | def blob(sha) |
| 37 | check_sha(sha) |
| 38 | @git.gblob(sha) |
| 39 | end |
| 40 | |
| 41 | def branches |
| 42 | @git.branches |
| 43 | end |
| 44 | |
| 45 | def tags |
| 46 | @git.tags |
| 47 | end |
| 48 | |
| 49 | def remotes |
| 50 | @git.remotes |
| 51 | end |
| 52 | |
| 53 | def check_sha(objectish) |
| 54 | if /^[a-z0-9~\{\}\^\.]*$/i !~ objectish.to_s |
| 55 | raise BadShaError |
| 56 | end |
| 57 | end |
| 58 | |
| 59 | end |
| 60 | |
| 61 | end |
| 62 | end |
| toggle raw diff |
--- /dev/null
+++ b/lib/gitorious/gitto/gitto.rb
@@ -0,0 +1,62 @@
+module Gitorious
+ module Gitto
+
+ class BadShaError < StandardError; end # :nodoc:
+
+ # The point of this class is primary to prevent dangerous/malicious arguments
+ # to be passed down to the underlying Git library, since it shells out to
+ # the git binary.
+ class Gitto
+ def initialize(repository_path)
+ @repository_path = repository_path
+ @git = Git.bare(@repository_path)
+ end
+ attr_reader :repository_path, :git
+
+ def log(num, skip=nil)
+ @git.log(num, skip)
+ end
+
+ def tree(sha)
+ check_sha(sha)
+ @git.gtree(sha)
+ end
+
+ def commit(sha)
+ check_sha(sha)
+ @git.gcommit(sha)
+ end
+
+ def diff(old_sha, new_sha)
+ check_sha(old_sha)
+ check_sha(new_sha)
+ @git.diff(old_sha, new_sha)
+ end
+
+ def blob(sha)
+ check_sha(sha)
+ @git.gblob(sha)
+ end
+
+ def branches
+ @git.branches
+ end
+
+ def tags
+ @git.tags
+ end
+
+ def remotes
+ @git.remotes
+ end
+
+ def check_sha(objectish)
+ if /^[a-z0-9~\{\}\^\.]*$/i !~ objectish.to_s
+ raise BadShaError
+ end
+ end
+
+ end
+
+ end
+end
\ No newline at end of file |
| | |
| 1 | require File.dirname(__FILE__) + '/../../../spec_helper' |
| 2 | |
| 3 | describe Gitorious::Gitto::Gitto do |
| 4 | Gitto = Gitorious::Gitto::Gitto |
| 5 | |
| 6 | before(:each) do |
| 7 | @path = "/home/repositories/foo" |
| 8 | @git_mock = mock("Git mock") |
| 9 | Git.should_receive(:bare).with(@path).and_return(@git_mock) |
| 10 | @gitto = Gitto.new(@path) |
| 11 | end |
| 12 | |
| 13 | def some_sha(char = "a") |
| 14 | char * 40 |
| 15 | end |
| 16 | |
| 17 | it "should return Git#log(10)" do |
| 18 | @git_mock.should_receive(:log).with(10, nil).and_return([]) |
| 19 | @gitto.log(10) |
| 20 | end |
| 21 | |
| 22 | it "returns Git#log(10,20)" do |
| 23 | @git_mock.should_receive(:log).with(10, 20).and_return([]) |
| 24 | @gitto.log(10, 20) |
| 25 | end |
| 26 | |
| 27 | it "returns Git#gtre" do |
| 28 | @git_mock.should_receive(:gtree).with(some_sha).and_return(mock("tree")) |
| 29 | @gitto.should_receive(:check_sha).with(some_sha) |
| 30 | @gitto.tree(some_sha) |
| 31 | end |
| 32 | |
| 33 | it "return Git#gcommit" do |
| 34 | @git_mock.should_receive(:gcommit).with(some_sha).and_return(mock("commit")) |
| 35 | @gitto.should_receive(:check_sha).with(some_sha) |
| 36 | @gitto.commit(some_sha) |
| 37 | end |
| 38 | |
| 39 | it "return Git#diff" do |
| 40 | @git_mock.should_receive(:diff).with(some_sha("a"), some_sha("b")).and_return(mock("diff")) |
| 41 | @gitto.should_receive(:check_sha).with(some_sha("a")) |
| 42 | @gitto.should_receive(:check_sha).with(some_sha("b")) |
| 43 | @gitto.diff(some_sha("a"), some_sha("b")) |
| 44 | end |
| 45 | |
| 46 | it "return Git#gblob" do |
| 47 | @git_mock.should_receive(:gblob).with(some_sha).and_return(mock("blob")) |
| 48 | @gitto.should_receive(:check_sha).with(some_sha) |
| 49 | @gitto.blob(some_sha) |
| 50 | end |
| 51 | |
| 52 | it "return Git#gblob" do |
| 53 | @git_mock.should_receive(:gblob).with(some_sha).and_return(mock("blob")) |
| 54 | @gitto.should_receive(:check_sha).with(some_sha) |
| 55 | @gitto.blob(some_sha) |
| 56 | end |
| 57 | |
| 58 | it "returns Git#tags" do |
| 59 | @git_mock.should_receive(:tags).and_return([]) |
| 60 | @gitto.tags |
| 61 | end |
| 62 | |
| 63 | it "returns Git#branches" do |
| 64 | @git_mock.should_receive(:branches).and_return([]) |
| 65 | @gitto.branches |
| 66 | end |
| 67 | |
| 68 | it "returns Git#remotes" do |
| 69 | @git_mock.should_receive(:remotes).and_return([]) |
| 70 | @gitto.remotes |
| 71 | end |
| 72 | |
| 73 | describe "objectish validation" do |
| 74 | it "accepts good objectish" do |
| 75 | proc{ |
| 76 | @gitto.check_sha(some_sha) |
| 77 | }.should_not raise_error(Gitorious::Gitto::BadShaError) |
| 78 | proc{ |
| 79 | @gitto.check_sha( ("a"*20) + ("2"*20) ) |
| 80 | }.should_not raise_error(Gitorious::Gitto::BadShaError) |
| 81 | proc{ |
| 82 | @gitto.check_sha("HEAD") |
| 83 | }.should_not raise_error(Gitorious::Gitto::BadShaError) |
| 84 | proc{ |
| 85 | @gitto.check_sha("HEAD~1") |
| 86 | }.should_not raise_error(Gitorious::Gitto::BadShaError) |
| 87 | proc{ |
| 88 | @gitto.check_sha("HEAD^{1}") # valid chars at least |
| 89 | }.should_not raise_error(Gitorious::Gitto::BadShaError) |
| 90 | proc{ |
| 91 | @gitto.check_sha("v0.1^{tree}") |
| 92 | }.should_not raise_error(Gitorious::Gitto::BadShaError) |
| 93 | end |
| 94 | |
| 95 | it "raises on bad objectish" do |
| 96 | proc{ |
| 97 | @gitto.check_sha("asd;rm -rf") |
| 98 | }.should raise_error(Gitorious::Gitto::BadShaError) |
| 99 | proc{ |
| 100 | @gitto.check_sha("asd;cat /etc/foo") |
| 101 | }.should raise_error(Gitorious::Gitto::BadShaError) |
| 102 | |
| 103 | proc{ |
| 104 | @gitto.check_sha("%3B++%2Ffoo") |
| 105 | }.should raise_error(Gitorious::Gitto::BadShaError) |
| 106 | end |
| 107 | end |
| 108 | |
| 109 | end |
| toggle raw diff |
--- /dev/null
+++ b/spec/lib/gitorious/gitto/gitto_spec.rb
@@ -0,0 +1,109 @@
+require File.dirname(__FILE__) + '/../../../spec_helper'
+
+describe Gitorious::Gitto::Gitto do
+ Gitto = Gitorious::Gitto::Gitto
+
+ before(:each) do
+ @path = "/home/repositories/foo"
+ @git_mock = mock("Git mock")
+ Git.should_receive(:bare).with(@path).and_return(@git_mock)
+ @gitto = Gitto.new(@path)
+ end
+
+ def some_sha(char = "a")
+ char * 40
+ end
+
+ it "should return Git#log(10)" do
+ @git_mock.should_receive(:log).with(10, nil).and_return([])
+ @gitto.log(10)
+ end
+
+ it "returns Git#log(10,20)" do
+ @git_mock.should_receive(:log).with(10, 20).and_return([])
+ @gitto.log(10, 20)
+ end
+
+ it "returns Git#gtre" do
+ @git_mock.should_receive(:gtree).with(some_sha).and_return(mock("tree"))
+ @gitto.should_receive(:check_sha).with(some_sha)
+ @gitto.tree(some_sha)
+ end
+
+ it "return Git#gcommit" do
+ @git_mock.should_receive(:gcommit).with(some_sha).and_return(mock("commit"))
+ @gitto.should_receive(:check_sha).with(some_sha)
+ @gitto.commit(some_sha)
+ end
+
+ it "return Git#diff" do
+ @git_mock.should_receive(:diff).with(some_sha("a"), some_sha("b")).and_return(mock("diff"))
+ @gitto.should_receive(:check_sha).with(some_sha("a"))
+ @gitto.should_receive(:check_sha).with(some_sha("b"))
+ @gitto.diff(some_sha("a"), some_sha("b"))
+ end
+
+ it "return Git#gblob" do
+ @git_mock.should_receive(:gblob).with(some_sha).and_return(mock("blob"))
+ @gitto.should_receive(:check_sha).with(some_sha)
+ @gitto.blob(some_sha)
+ end
+
+ it "return Git#gblob" do
+ @git_mock.should_receive(:gblob).with(some_sha).and_return(mock("blob"))
+ @gitto.should_receive(:check_sha).with(some_sha)
+ @gitto.blob(some_sha)
+ end
+
+ it "returns Git#tags" do
+ @git_mock.should_receive(:tags).and_return([])
+ @gitto.tags
+ end
+
+ it "returns Git#branches" do
+ @git_mock.should_receive(:branches).and_return([])
+ @gitto.branches
+ end
+
+ it "returns Git#remotes" do
+ @git_mock.should_receive(:remotes).and_return([])
+ @gitto.remotes
+ end
+
+ describe "objectish validation" do
+ it "accepts good objectish" do
+ proc{
+ @gitto.check_sha(some_sha)
+ }.should_not raise_error(Gitorious::Gitto::BadShaError)
+ proc{
+ @gitto.check_sha( ("a"*20) + ("2"*20) )
+ }.should_not raise_error(Gitorious::Gitto::BadShaError)
+ proc{
+ @gitto.check_sha("HEAD")
+ }.should_not raise_error(Gitorious::Gitto::BadShaError)
+ proc{
+ @gitto.check_sha("HEAD~1")
+ }.should_not raise_error(Gitorious::Gitto::BadShaError)
+ proc{
+ @gitto.check_sha("HEAD^{1}") # valid chars at least
+ }.should_not raise_error(Gitorious::Gitto::BadShaError)
+ proc{
+ @gitto.check_sha("v0.1^{tree}")
+ }.should_not raise_error(Gitorious::Gitto::BadShaError)
+ end
+
+ it "raises on bad objectish" do
+ proc{
+ @gitto.check_sha("asd;rm -rf")
+ }.should raise_error(Gitorious::Gitto::BadShaError)
+ proc{
+ @gitto.check_sha("asd;cat /etc/foo")
+ }.should raise_error(Gitorious::Gitto::BadShaError)
+
+ proc{
+ @gitto.check_sha("%3B++%2Ffoo")
+ }.should raise_error(Gitorious::Gitto::BadShaError)
+ end
+ end
+
+end
\ No newline at end of file |
