the pre-receive wrapper needs to be suid after all
[ikiwiki.git] / IkiWiki / Plugin / git.pm
index e565f63691cfd09935338f33e6734a41b313f660..5bef92856efa31e5693d67ba7207622da5d17171 100644 (file)
@@ -46,7 +46,7 @@ sub checkconfig () { #{{{
                push @{$config{wrappers}}, {
                        test_receive => 1,
                        wrapper => $config{git_test_receive_wrapper},
-                       wrappermode => "0755",
+                       wrappermode => (defined $config{git_wrappermode} ? $config{git_wrappermode} : "06755"),
                };
        }
 } #}}}
@@ -643,15 +643,6 @@ sub rcs_receive () { #{{{
                                elsif ($detail->{'status'} =~ /^[AM]+\d*$/) {
                                        $action="add";
                                        $mode=$detail->{'mode_to'};
-                                       if (! pagetype($file)) {
-                                               eval q{use File::Temp};
-                                               die $@ if $@;
-                                               my $fh;
-                                               ($fh, $path)=File::Temp::tempfile("XXXXXXXXXX", UNLINK => 1);
-                                               if (system("git show ".$detail->{sha1_to}." > '$path'") != 0) {
-                                                       error("failed writing temp file");
-                                               }
-                                       }
                                }
                                elsif ($detail->{'status'} =~ /^[DAM]+\d*/) {
                                        $action="remove";
@@ -670,6 +661,18 @@ sub rcs_receive () { #{{{
                                                error gettext("you are not allowed to change file modes");
                                        }
                                }
+                               
+                               # extract attachment to temp file
+                               if (($action eq 'add' || $action eq 'change') &&
+                                    ! pagetype($file)) {
+                                       eval q{use File::Temp};
+                                       die $@ if $@;
+                                       my $fh;
+                                       ($fh, $path)=File::Temp::tempfile("XXXXXXXXXX", UNLINK => 1);
+                                       if (system("git show ".$detail->{sha1_to}." > '$path'") != 0) {
+                                               error("failed writing temp file");
+                                       }
+                               }
 
                                push @rets, {
                                        file => $file,