I can see https://trello.com/c/NgjWZyc6 is a blocker,
so the first step is to work out what yarns need to be written.
This mail is partly to allow me to organise my own thoughts,
but I'd appreciate feedback.
The two areas we need to focus on are basic functionality fuzzing,
and regression testing,
so I'm mining the list of empty yarn files, and the commit log.
I'm thinking the 3 main things we need to test here are:
1. Copying from a repo owned by the user,
to a path that the user also owns.
2. Copying from a repo owned by the user,
but still readable by them,
to a path that the user also owns.
3. Being denied the ability to copy a repository that exists,
but the user isn't allowed to read,
to a path that belongs to them.
4. Being denied the ability to copy a repo owned by the user,
to a path that doesn't belong to them.
1. Count the objects for a repository owned by the user,
verifying that an object count and total size is shown.
2. Verify that you can't count the objects for a repository not owned by you,
since that would be a leak that it exists.
Basic functionality is assumed by basics, config, gc and ls yarns;
so ideally we would avoid re-testing that.
I think the only things usefully left to test are
1. Whether created repositories are owned by the right user.
2. Whether they are allowed or denied creation based on the ACLs.
This is completely untested, requiring:
1. Destroy failing predictably for a repository that is known not to exist.
2. Destroy working for a repository owned by the user doing the deletion.
3. Destroy failing for a repository not writable by the user doing the deletion,
and that the error message denies it because it's not a writable repository,
rather than because it doesn't exist.
This requires the basics of destroy,
but it shouldn't overlap too much.
1. An Admin user can restore a repository deleted by another user,
to a path owned by that user, and then change its ownership to that user.
Potentially there's a hole in graveyard
where you could socially engineer a tired admin to ask you to restore a repo
to somewhere you're not allowed to create it yourself,
but I'm not sure we need to worry about that at this point.
2. An Admin can list deleted repositories.
3. An Admin can purge deleted repositories.
This looks like it would be a big one,
since as well as testing that users can be put into groups,
ideally we should test whether that right can be delegated,
and that rights can be granted based on group membership.
Additionally, a previous bug was that if you removed a group that was a
subgroup of another group, it wouldn't remove the subgroup as a member
of the group, and produce unparseable config.
All I can think of for this is that you don't get an error when asking for help.
1. Show the contents of the readme file for a readable repository.
2. Set the contents of the readme file for a writable repository,
and verify that the output is what was just set.
1. Verify that after renaming, the same contents are in the new path.
2. Check that renaming a path that you aren't allowed to read gives EPERM,
rather than allowing, or ENOENT.
3. Check that renaming to a path you aren't allowed to write to is EPERM.
set-description set-head and set-owner
Since you intend to remove these commands,
any missing tests should go in the config yarns.
The only one I think is missing is:
1. `config $repo set project.owner $user`
Everything depends on the standard instance,
which requires basic functionality to work.
I don't think we need any more than:
1. Extra keys can be added.
2. Extra keys can be deleted.
Basic functionality depends on user add working,
but everything else needs testing:
1. Non-administrators can't create users unless delegated by ACLs.
2. Created users can be deleted.
3. Changing the email or real name works.
4. Renaming a user works.
5. Renaming your own user works.
Basic functionality expects that this works,
and we don't really want to be parsing the output,
so I can't think of anything to test.
1. `auto_user_*` and `auto_group_*` ACL defines
2. gitano-setup with non-test options
3. Gitano HTTP interface
4. per git repository rsync repositories
5. Custom plugins, though testing behaviour that comes from in-tree
plugins is probably sufficient.
6. Password authentication
Also needs to re-test `whoami`, since anon access over HTTP is possible,
so seeing what it does without a key may be interesting.
7. Clod config availability to rulesets
8. Syslog, though I'm not sure how we'd do that.
9. Prefix, suffix and regular expression matching rules in ACL defines.
Fixed bugs without regression tests
1. `receive-pack` reports dangling HEAD after pushes.
We're currently missing yarns for most git commands entirely.
2. `as` reports the original user as the committer for config changes
Probably roll these into
3. Users and groups may have dots in their names.
Probably best to change the names used for testing,
so we know it works for all commands.
"lace.builtin.define: Record the definition in error words" is evil evil,
and I really don't like it.
Richard Maw (13):
lace.builtin: move any/allof function out
lace.builtin.define: Clarify unknown control type error
lace.compiler.transfer_args: call errors `msg`
lace.builtin.include: Highlight the right word when inclusion
lace.error: Split out subword collection logic
lace.builtin.include: Record subwords for include errors
lace.error: Move augmented source location into words
lace.builtin: Augment default rule with source and line number
lace.builtin: Pass the rule into builtin functions
lace.builtin: Augment returned errors with line numbers
lace.error.render: Build wordset before filling in lines
lace.builtin.define: Record the definition in error words
lace.error.render: Report all lines that caused error
lib/lace/builtin.lua | 105 ++++++++++++++++++--------
lib/lace/compiler.lua | 27 ++++++-
lib/lace/error.lua | 72 ++++++++++++------
test/test-lace.builtin.lua | 42 +++++------
test/test-lace.compiler.lua | 20 ++---
test/test-lace.engine-chaindefine-error.rules | 2 +
test/test-lace.engine.lua | 19 +++++
test/test-lace.error.lua | 4 +-
8 files changed, 201 insertions(+), 90 deletions(-)
create mode 100644 test/test-lace.engine-chaindefine-error.rules
This makes lace highlight the word in the subdefinition that caused the error.
A related problem is highlighting definitions that came from different lines,
but this approach doesn't solve that,
as it would require a more in-depth rework than I am comfortable with,
and the scope was just to make lace's error message more precise than it was.
Richard Maw (4):
lace.builtin: Offset anyof/allof error messages
lace.lex: Don't include trailing ] in subword
lace: Collect subwords when collecting errors
lace.error.render: Highlight the subword the error came from
lib/lace/builtin.lua | 17 ++++++++++--
lib/lace/error.lua | 67 ++++++++++++++++++++++++++++++++++++-----------
lib/lace/lex.lua | 4 +++
test/test-lace.engine.lua | 4 +--
4 files changed, 73 insertions(+), 19 deletions(-)
Here's a rough summary of everything going on with Gitano et al of recent.
Ordering isn't completely chronological and I'm covering from when I woke
from my recent stupor...
I have been working on Debian packaging for Gitano and its attendant libraries.
I will be adopting Luxio as well, though that hasn't happened yet.
Also, the following has changed:
* Fixed an issue with `default` being down an include path
* Added support for Lua 5.3
* Merged Richard Ipsum's fix for empty commands, along with a yarn.
* Added basic support for archived repositories
* Write support for cgitrc.hide in repo configuration, along wtith
a yarn written by Richard Maw
* Merged Gavin Lee's git-archive work. The plugin along with yarn
courtesy of Richard Maw
* Rewrote the HTTP interface presented to post-receive hooks to
use the cURL binary. Thusly it can now do chunked receives
and more usefully, can do https.
* Fixed group rename messaging
* Fixed issues with user renaming the user doing the rename
* Added support for dots in user and group names.
* Added auto_user_* and auto_group_* lace defines generated at
runtime, to allow rulesets to use them.
* Support passing committer on config changes (both global and project)
* Thread author and committer through everything which ends up making
such a change.
* Ensure that when you use 'as foouser barcommand' that while the
author is set to foouser, the committer is set to you.
* Warn if after a push, you still have a dangling HEAD.
* Make detection of missing repository on commandline more automatic
It's possible that I might do more through today, but I intend to spend
some time on auto-building (CI pipelines ish) packages so that I can get
closer to the point that I can upload Gitano to Debian.
Daniel Silverstone http://www.digital-scurf.org/
PGP mail accepted and encouraged. Key Id: 3CCE BABE 206C 3B69