smeserver-gitweb/contribs9/smeserver-gitweb-1.1.0-fix_group_check.patch

diff -Nur smeserver-gitweb-1.1.0.old/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook smeserver-gitweb-1.1.0/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook
--- smeserver-gitweb-1.1.0.old/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook      2016-06-22 12:44:06.965000000 -0400
+++ smeserver-gitweb-1.1.0/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook  2016-06-22 12:48:57.056000000 -0400
@@ -122,9 +122,16 @@
 
       # See who the effective users are for this repository. The AccountsDB needs
       # to have world read permissions to allow this to work.
-      my $effective_pull_users = $git_db->effective_users_list_from( $properties\{'pull_groups'\},
-                                                                     $properties\{'pull_users'\} );
-      if( @http_digest[0] ~~ split( / /,$effective_pull_users) ) \{
+      my @pulled_user_groups;
+      for my $ggroup (split(',',$properties\{'pull_groups'\}))
+      \{
+       my ($name,$passwd,$gid,$members)=getgrnam($ggroup);
+       push @pulled_user_groups , split(' ',$members);
+      \}
+      push @pulled_user_groups, split(',',$properties\{'pull_users'\});
+      @pulled_user_groups = do \{ my %seen; grep \{ !$seen\{$_\}++ \} @pulled_user_groups \};
+
+      if( @http_digest[0] ~~ @pulled_user_groups ) \{
         # USER IN AUTHORISED LIST -> CHECK PASSWORD
         if( trypass( @http_digest[0], @http_digest[1] ) == 0 ) \{
           return 1;  # EXIT USER IS AUTHORISED -> REPOSITORY VIEW ALLOWED
1	diff -Nur smeserver-gitweb-1.1.0.old/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook smeserver-gitweb-1.1.0/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook
2	--- smeserver-gitweb-1.1.0.old/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook 2016-06-22 12:44:06.965000000 -0400
3	+++ smeserver-gitweb-1.1.0/root/etc/e-smith/templates/etc/gitweb.conf/60ExportAuthHook 2016-06-22 12:48:57.056000000 -0400
4	@@ -122,9 +122,16 @@
5
6	# See who the effective users are for this repository. The AccountsDB needs
7	# to have world read permissions to allow this to work.
8	- my $effective_pull_users = $git_db->effective_users_list_from( $properties\{'pull_groups'\},
9	- $properties\{'pull_users'\} );
10	- if( @http_digest[0] ~~ split( / /,$effective_pull_users) ) \{
11	+ my @pulled_user_groups;
12	+ for my $ggroup (split(',',$properties\{'pull_groups'\}))
13	+ \{
14	+ my ($name,$passwd,$gid,$members)=getgrnam($ggroup);
15	+ push @pulled_user_groups , split(' ',$members);
16	+ \}
17	+ push @pulled_user_groups, split(',',$properties\{'pull_users'\});
18	+ @pulled_user_groups = do \{ my %seen; grep \{ !$seen\{$_\}++ \} @pulled_user_groups \};
19	+
20	+ if( @http_digest[0] ~~ @pulled_user_groups ) \{
21	# USER IN AUTHORISED LIST -> CHECK PASSWORD
22	if( trypass( @http_digest[0], @http_digest[1] ) == 0 ) \{
23	return 1; # EXIT USER IS AUTHORISED -> REPOSITORY VIEW ALLOWED