Date: Thu, 12 Jan 2006 19:59:22 -0500 From: Jonathan Noack <noackjr@alumni.rice.edu> To: =?ISO-8859-1?Q?Ville_Skytt=E4?= <scop@freebsd.org> Cc: freebsd-cvsweb@freebsd.org Subject: Re: Hiding some directories Message-ID: <43C6FB6A.70905@alumni.rice.edu> In-Reply-To: <1137101189.19680.54.camel@bobcat.mine.nu> References: <OF96243472.5A043BB8-ON072570F3.0070D138-072570F3.0071175F@microchip.com> <43C5CEBC.6070908@acm.org> <43C5DC1C.9040209@alumni.rice.edu> <1137101189.19680.54.camel@bobcat.mine.nu>
next in thread | previous in thread | raw e-mail | index | archive | help
Ville Skyttä wrote:
> On Wed, 2006-01-11 at 23:33 -0500, Jonathan Noack wrote:
>>> BTW, I am not familiar enough with Perl. Although I was able to
>>> configure that array to forbid all directories that I did not want, I
>>> wonder if is there a way to specify in that array just a few top level
>>> directories that I want.
>> How about an @AllowedFiles list that only displays files and directories
>> that match? See attached patches for cvsweb.cgi and cvsweb.conf.
>
> No strong opinions nor objections if this is really needed, but couldn't
> some extended patterns be used for that, and some commented out examples
> of those be added to cvsweb.conf? Maybe negative look-behind (see "man
> perlre")? It could get somewhat hairy though.
It probably could be done with some extended patterns but few of our
users would understand them (I certainly wouldn't!). Having
@AllowedFiles means that we can give our users 2 options:
1) Allow all with @ForbiddenFiles override (This is the default).
2) Forbid all with @AllowedFiles override (which in turn is overridden
by @ForbiddenFiles).
This is quite powerful AND easy to configure. Consider a repository
with this directory structure:
$ pwd
/usr/home/cvsroot
$ find . -type d
./CVSROOT
./dir1
./dir2
./dir3
./dir3/sub1
./dir3/sub2
./dir3/sub3
./dir4
...
./dir9
If I only wanted to allow dir3 and dir4 but forbid dir3/sub2, the
configuration is simple:
@ForbiddenFiles = (
qr|^dir3/sub2|o,
);
@AllowedFiles = (
qr|^dir[34]/|o,
);
This is much easier than the way it would be done currently (and what if
we added more directories that needed to be forbidden?):
@ForbiddenFiles = (
qr|^CVSROOT|o,
qr|^dir1|o,
qr|^dir2|o,
qr|^dir3/sub2|o,
qr|^dir5|o,
qr|^dir6|o,
qr|^dir7|o,
qr|^dir8|o,
qr|^dir9|o,
);
As we don't want to allow more than we intend, we must be more careful
with @AllowedFiles then with @ForbiddenFiles. Here are some best
practices for @AllowedFiles:
1) Patterns should begin with '^' to match the beginning of the relative
path in the repository and should contain as much path information as
possible. For example: Use 'qr|^dir/sub/|o' instead of 'qr|sub|o'. The
latter could erroneously match 'yellow_submarine.mp3' or 'folder/sub'.
2) Patterns for specific directories should have a trailing slash. For
example: Use 'qr|^dir/|o' instead of 'qr|^dir|o'. The latter could
erroneously match 'dir.txt' or 'dirty'.
3) Patterns for specific files should end with '$' to match the end of
filename. For example: Use 'qr|^dir/file.txt$|o' instead of
'qr|^dir/file.txt|o'. The latter could erroneously match
dir/file.txt.old or dir/file.txt/real_file.txt.
Why did I write that much?!? Off to dinner,
-Jonathan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43C6FB6A.70905>