Update of /cvsroot/sandweb/sandweb/lib/SandWeb/Repository
In directory sc8-pr-cvs1:/tmp/cvs-serv8043/lib/SandWeb/Repository
Modified Files:
cvs.pm
Log Message:
ah, another standalone binary that SandWeb depends on :)
This is a shell script that acts as CVSEDITOR.
So, instead of dealing with the security nightmare of passing the
commit message on the command line (cvs commit -m "$message"), now
we can just (CVSEDITOR=/usr/bin/sandweb-editor && export CVSEDITOR ) first,
and write the commit message to $sandweb_dir/commitmsg
This is very similar to the way we pass the VCS password to sandweb-expect
(that's where I got the inspiration from).
Index: cvs.pm
===================================================================
RCS file: /cvsroot/sandweb/sandweb/lib/SandWeb/Repository/cvs.pm,v
retrieving revision 1.42
retrieving revision 1.43
diff -U2 -r1.42 -r1.43
--- cvs.pm 11 Feb 2003 06:37:24 -0000 1.42
+++ cvs.pm 4 Mar 2003 07:19:45 -0000 1.43
@@ -41,5 +41,5 @@
=head1
-uses SandWeb::Diff, SandWeb::Shell, SandWeb::Security
+uses SandWeb::Diff, SandWeb::Shell, SandWeb::Security, SandWeb::File
=cut
@@ -48,4 +48,5 @@
use SandWeb::Shell;
use SandWeb::Security;
+use SandWeb::File;
=head1
@@ -669,7 +670,8 @@
my $log = $self->get_log();
+ my $users_dir = $self->get_users_dir();
my %params = @{ $args{'params'}[0] };
my $recurse = $params{'recurse'};
- my $unsafe_message = $params{'message'};
+ my $message = $params{'message'};
my $rev = $params{'rev'};
my $date = $params{'date'};
@@ -685,24 +687,27 @@
my %return;
- if (!$unsafe_message) {
+ if (!$message) {
$output = "There must be a commit message.\n";
} else {
-
- # Security check
- my $secure = SandWeb::Security->new();
+ my $file_obj = SandWeb::File->new(
+ 'log_obj' => $log,
+ 'filename' => "commitmsg",
+ 'location' => "$users_dir",
+ );
- my $message = $secure->shell(
- characters => "$unsafe_message"
+ $file_obj->file_write(
+ contents => "$message",
);
- push @param, " -m \\\"$message\\\"";
if ($log) {
$log->debug("Performing commit operation");
+ $log->debug("Writing commit msg to $users_dir/commitmsg (temporarily)");
$log->debug("Params: @param");
- $log->debug("File: $file");
+ $log->debug("File: " . $file_obj->get_filename() );
}
%return = $self->shell(
'param' => join('', @param),
'file' => "$file",
+ 'file_obj' => $file_obj,
);
};
@@ -2548,4 +2553,5 @@
my $file = $args{'file'};
my $param = $args{'param'};
+ my $file_obj = $args{'file_obj'};
if ( $connection eq 'SSH' ) {
@@ -2573,6 +2579,11 @@
my %return = $shell->execute(
- 'command' => "cd $sandbox && CVS_RSH=$ssh_bin && export CVS_RSH && $cvs_bin -q -d $root $param \'$file\'",
+ 'command' => "cd $sandbox && MESSAGE_FILE=\"$users_dir/commitmsg\" && export MESSAGE_FILE && CVSEDITOR=$bindir/sandweb-editor && export CVSEDITOR && CVS_RSH=$ssh_bin && export CVS_RSH && $cvs_bin -q -d $root $param \'$file\'",
);
+
+ if ($file_obj) {
+ $log->debug("Deleting temporary file");
+ $file_obj->delete();
+ }
return %return;
|
