2010-12-28 21:44:55 +00:00
|
|
|
{- git-annex command
|
|
|
|
|
-
|
expire, trust et al, dead, describe: Support --json and --json-error-messages
For expire, the normal output is unchanged, but the --json output includes the uuid
in machine parseable form. Which could be very useful for this somewhat obscure
command. That needed ActionItemUUID to be implemented, which seemed like a lot
of work, but then ---
I had been going to skip implementing them for trust, untrust, dead, semitrust,
and describe, but putting the uuid in the json is useful information, it tells
what uuid git-annex picked given the input. It was not hard to support
these once ActionItemUUID was implemented.
Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-05 19:29:49 +00:00
|
|
|
- Copyright 2010-2023 Joey Hess <id@joeyh.name>
|
2010-12-28 21:44:55 +00:00
|
|
|
-
|
2019-03-13 19:48:14 +00:00
|
|
|
- Licensed under the GNU AGPL version 3 or higher.
|
2010-12-28 21:44:55 +00:00
|
|
|
-}
|
|
|
|
|
|
|
|
|
|
module Command.Trust where
|
|
|
|
|
|
|
|
|
|
import Command
|
2011-03-27 20:55:43 +00:00
|
|
|
import qualified Remote
|
2021-01-07 13:59:52 +00:00
|
|
|
import qualified Annex
|
2014-02-20 19:17:39 +00:00
|
|
|
import Types.TrustLevel
|
2011-10-15 20:21:08 +00:00
|
|
|
import Logs.Trust
|
2014-02-20 19:12:35 +00:00
|
|
|
import Logs.Group
|
|
|
|
|
|
|
|
|
|
import qualified Data.Set as S
|
2010-12-28 21:44:55 +00:00
|
|
|
|
2015-07-08 16:33:27 +00:00
|
|
|
cmd :: Command
|
expire, trust et al, dead, describe: Support --json and --json-error-messages
For expire, the normal output is unchanged, but the --json output includes the uuid
in machine parseable form. Which could be very useful for this somewhat obscure
command. That needed ActionItemUUID to be implemented, which seemed like a lot
of work, but then ---
I had been going to skip implementing them for trust, untrust, dead, semitrust,
and describe, but putting the uuid in the json is useful information, it tells
what uuid git-annex picked given the input. It was not hard to support
these once ActionItemUUID was implemented.
Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-05 19:29:49 +00:00
|
|
|
cmd = withAnnexOptions [jsonOptions] $
|
|
|
|
|
command "trust" SectionSetup "trust a repository"
|
|
|
|
|
(paramRepeating paramRepository) (withParams seek)
|
2010-12-30 19:06:26 +00:00
|
|
|
|
2015-07-08 19:08:02 +00:00
|
|
|
seek :: CmdParams -> CommandSeek
|
2014-02-20 19:12:35 +00:00
|
|
|
seek = trustCommand "trust" Trusted
|
2010-12-28 21:44:55 +00:00
|
|
|
|
2015-07-08 19:08:02 +00:00
|
|
|
trustCommand :: String -> TrustLevel -> CmdParams -> CommandSeek
|
avoid combining multiple words provided to trust/untrust/dead
* trust, untrust, semitrust, dead: Fix behavior when provided with
multiple repositories to operate on.
* trust, untrust, semitrust, dead: When provided with no parameters,
do not operate on a repository that has an empty name.
The man page and usage already indicated that multiple repos could be
provided to these commands, but they actually used unwords to combine
everything into string, and found a repo matching that string. This was
especially bad when no parameters resulted in the empty string and some
repo happened to have an empty description.
This does change the behavior, and it's possible someone relied on the
current behavior to eg, trust a repo by name with the name not quoted into
a single parameter. But fixing the empty string bug and matching the
documentation are worth breaking that usage.
Note that git-annex init/reinit do still unwords multiple parameters when
provided to them. That is inconsistent behavior, but it certianly seems
possible that something does run git-annex init with an unquoted
description, and I don't think it's worth breaking that just to make it more
consistent with these other commands.
Sponsored-by: Boyd Stephen Smith Jr. on Patreon
2022-10-03 17:48:40 +00:00
|
|
|
trustCommand _ _ [] = giveup "no repository name specified"
|
|
|
|
|
trustCommand c level ps = withStrings (commandAction . start) ps
|
2014-02-20 19:12:35 +00:00
|
|
|
where
|
avoid combining multiple words provided to trust/untrust/dead
* trust, untrust, semitrust, dead: Fix behavior when provided with
multiple repositories to operate on.
* trust, untrust, semitrust, dead: When provided with no parameters,
do not operate on a repository that has an empty name.
The man page and usage already indicated that multiple repos could be
provided to these commands, but they actually used unwords to combine
everything into string, and found a repo matching that string. This was
especially bad when no parameters resulted in the empty string and some
repo happened to have an empty description.
This does change the behavior, and it's possible someone relied on the
current behavior to eg, trust a repo by name with the name not quoted into
a single parameter. But fixing the empty string bug and matching the
documentation are worth breaking that usage.
Note that git-annex init/reinit do still unwords multiple parameters when
provided to them. That is inconsistent behavior, but it certianly seems
possible that something does run git-annex init with an unquoted
description, and I don't think it's worth breaking that just to make it more
consistent with these other commands.
Sponsored-by: Boyd Stephen Smith Jr. on Patreon
2022-10-03 17:48:40 +00:00
|
|
|
start name = do
|
2014-02-20 19:12:35 +00:00
|
|
|
u <- Remote.nameToUUID name
|
avoid combining multiple words provided to trust/untrust/dead
* trust, untrust, semitrust, dead: Fix behavior when provided with
multiple repositories to operate on.
* trust, untrust, semitrust, dead: When provided with no parameters,
do not operate on a repository that has an empty name.
The man page and usage already indicated that multiple repos could be
provided to these commands, but they actually used unwords to combine
everything into string, and found a repo matching that string. This was
especially bad when no parameters resulted in the empty string and some
repo happened to have an empty description.
This does change the behavior, and it's possible someone relied on the
current behavior to eg, trust a repo by name with the name not quoted into
a single parameter. But fixing the empty string bug and matching the
documentation are worth breaking that usage.
Note that git-annex init/reinit do still unwords multiple parameters when
provided to them. That is inconsistent behavior, but it certianly seems
possible that something does run git-annex init with an unquoted
description, and I don't think it's worth breaking that just to make it more
consistent with these other commands.
Sponsored-by: Boyd Stephen Smith Jr. on Patreon
2022-10-03 17:48:40 +00:00
|
|
|
let si = SeekInput [name]
|
expire, trust et al, dead, describe: Support --json and --json-error-messages
For expire, the normal output is unchanged, but the --json output includes the uuid
in machine parseable form. Which could be very useful for this somewhat obscure
command. That needed ActionItemUUID to be implemented, which seemed like a lot
of work, but then ---
I had been going to skip implementing them for trust, untrust, dead, semitrust,
and describe, but putting the uuid in the json is useful information, it tells
what uuid git-annex picked given the input. It was not hard to support
these once ActionItemUUID was implemented.
Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-05 19:29:49 +00:00
|
|
|
starting c (ActionItemUUID u (UnquotedString name)) si (perform name u)
|
2021-01-07 13:59:52 +00:00
|
|
|
perform name uuid = do
|
|
|
|
|
when (level >= Trusted) $
|
2022-06-28 19:28:14 +00:00
|
|
|
unlessM (Annex.getRead Annex.force) $
|
2021-01-07 13:59:52 +00:00
|
|
|
giveup $ trustedNeedsForce name
|
2014-02-20 19:12:35 +00:00
|
|
|
trustSet uuid level
|
|
|
|
|
when (level == DeadTrusted) $
|
|
|
|
|
groupSet uuid S.empty
|
2014-02-20 19:17:39 +00:00
|
|
|
l <- lookupTrust uuid
|
|
|
|
|
when (l /= level) $
|
filter out control characters in warning messages
Converted warning and similar to use StringContainingQuotedPath. Most
warnings are static strings, some do refer to filepaths that need to be
quoted, and others don't need quoting.
Note that, since quote filters out control characters of even
UnquotedString, this makes all warnings safe, even when an attacker
sneaks in a control character in some other way.
When json is being output, no quoting is done, since json gets its own
quoting.
This does, as a side effect, make warning messages in json output not
be indented. The indentation is only needed to offset warning messages
underneath the display of the file they apply to, so that's ok.
Sponsored-by: Brett Eisenberg on Patreon
2023-04-10 18:47:32 +00:00
|
|
|
warning $ UnquotedString $ "This remote's trust level is overridden to " ++ showTrustLevel l ++ "."
|
2014-02-20 19:12:35 +00:00
|
|
|
next $ return True
|
2021-01-07 13:59:52 +00:00
|
|
|
|
|
|
|
|
trustedNeedsForce :: String -> String
|
2021-01-11 17:14:09 +00:00
|
|
|
trustedNeedsForce name = unwords
|
2021-01-07 13:59:52 +00:00
|
|
|
[ "Trusting a repository can lead to data loss."
|
|
|
|
|
, "If you're sure you know what you're doing, use --force to"
|
|
|
|
|
, "make this take effect."
|
|
|
|
|
, "If you choose to do so, bear in mind that any time you drop"
|
|
|
|
|
, "content from " ++ name ++ ", you will risk losing data."
|
|
|
|
|
]
|