mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
git-annex/Command/Reinject.hs

138 lines
3.7 KiB
Haskell
Raw Normal View History

Removed the setkey command, and added a setcontent command with a more useful interface.
2011-10-31 16:33:41 +00:00
{- git-annex command
-
reinject: Support --json and --json-error-messages Also fix support for operating on multiple pairs of files and keys. Moved notAnnexed to inside starting, so error message will get into the json. Cannot include the key in the starting as it's not known yet, so instead add it to the json later. Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-08 19:43:37 +00:00
- Copyright 2011-2023 Joey Hess <id@joeyh.name>
Removed the setkey command, and added a setcontent command with a more useful interface.
2011-10-31 16:33:41 +00:00
-
update licenses from GPL to AGPL This does not change the overall license of the git-annex program, which was already AGPL due to a number of sources files being AGPL already. Legally speaking, I'm adding a new license under which these files are now available; I already released their current contents under the GPL license. Now they're dual licensed GPL and AGPL. However, I intend for all my future changes to these files to only be released under the AGPL license, and I won't be tracking the dual licensing status, so I'm simply changing the license statement to say it's AGPL. (In some cases, others wrote parts of the code of a file and released it under the GPL; but in all cases I have contributed a significant portion of the code in each file and it's that code that is getting the AGPL license; the GPL license of other contributors allows combining with AGPL code.)
2019-03-13 19:48:14 +00:00
- Licensed under the GNU AGPL version 3 or higher.
Removed the setkey command, and added a setcontent command with a more useful interface.
2011-10-31 16:33:41 +00:00
-}
git style filename quoting for giveup When the filenames are part of the git repository or other files that might have attacker-controlled names, quote them in error messages. This is fairly complete, although I didn't do the one in Utility.DirWatcher.INotify.hs because that doesn't have access to Git.Filename or Annex. But it's also quite possible I missed some. And also while scanning for these, I found giveup used with other things that could be attacker controlled to contain control characters (eg Keys). So, I'm thinking it would also be good for giveup to just filter out control characters. This commit is then not the only line of defence, but just good formatting when git-annex displays a filename in an error message. Sponsored-by: Kevin Mueller on Patreon
2023-04-10 16:56:45 +00:00
{-# LANGUAGE OverloadedStrings #-}
better command name
2011-10-31 19:18:41 +00:00
module Command.Reinject where
Removed the setkey command, and added a setcontent command with a more useful interface.
2011-10-31 16:33:41 +00:00
import Command
import Logs.Location
import Annex.Content
reinject: Added new mode which can reinject known files into the annex. For example: git-annex reinject --known /mnt/backup/*
2016-04-22 17:49:32 +00:00
import Backend
import Types.KeySource
plumb MeterUpdate into getKey No behavior changes, but this shows everywhere that a progress meter could be displayed when hashing a file to add to the annex. Many of the places don't make sense to display a progress meter though, eg when importing the copy of the file probably swamps the hashing of the file.
2019-06-25 15:37:52 +00:00
import Utility.Metered
remove whenAnnexed and ifAnnexed In preparation for adding a new variation on lookupKey. Sponsored-by: Max Thoursie on Patreon
2022-10-26 17:58:20 +00:00
import Annex.WorkTree
reinject --known: Fix bug that prevented it from working in a bare repo. ifAnnexed in a bare repo passes to git cat-file :./filename , which it refuses to do since the repo is bare. Note that, reinject somefile someannexedfile in a bare repo silently does nothing, because someannexedfile is never actually an annexed worktree file, because the repo is bare.
2020-01-06 18:22:22 +00:00
import qualified Git
git style filename quoting for giveup When the filenames are part of the git repository or other files that might have attacker-controlled names, quote them in error messages. This is fairly complete, although I didn't do the one in Utility.DirWatcher.INotify.hs because that doesn't have access to Git.Filename or Annex. But it's also quite possible I missed some. And also while scanning for these, I found giveup used with other things that could be attacker controlled to contain control characters (eg Keys). So, I'm thinking it would also be good for giveup to just filter out control characters. This commit is then not the only line of defence, but just good formatting when git-annex displays a filename in an error message. Sponsored-by: Kevin Mueller on Patreon
2023-04-10 16:56:45 +00:00
import qualified Annex
Removed the setkey command, and added a setcontent command with a more useful interface.
2011-10-31 16:33:41 +00:00
convert all commands to work with optparse-applicative Still no options though.
2015-07-08 19:08:02 +00:00
cmd :: Command
reinject: Support --json and --json-error-messages Also fix support for operating on multiple pairs of files and keys. Moved notAnnexed to inside starting, so error message will get into the json. Cannot include the key in the starting as it's not known yet, so instead add it to the json later. Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-08 19:43:37 +00:00
cmd = withAnnexOptions [backendOption, jsonOptions] $
remove --backend from global options --backend is no longer a global option, and is only accepted by commands that actually need it. Three commands that used to support backend but don't any longer are watch, webapp, and assistant. It would be possible to make them support it, but I doubt anyone used the option with these. And in the case of webapp and assistant, the option was handled inconsistently, only taking affect when the command is run with an existing git-annex repo, not when it creates a new one. Also, renamed GlobalOption etc to AnnexOption. Because there are many options of this type that are not actually global (any more) and get added to commands that need them. Sponsored-by: Kevin Mueller on Patreon
2022-06-29 17:28:08 +00:00
command "reinject" SectionUtility
"inject content of file back into annex"
(paramRepeating (paramPair "SRC" "DEST"))
(seek <$$> optParser)
Removed the setkey command, and added a setcontent command with a more useful interface.
2011-10-31 16:33:41 +00:00
reinject: Added new mode which can reinject known files into the annex. For example: git-annex reinject --known /mnt/backup/*
2016-04-22 17:49:32 +00:00
data ReinjectOptions = ReinjectOptions
{ params :: CmdParams
, knownOpt :: Bool
reinject: Added --guesskeys option Sponsored-by: Noam Kremen on Patreon
2023-06-26 18:05:31 +00:00
, guessKeysOpt :: Bool
reinject: Added new mode which can reinject known files into the annex. For example: git-annex reinject --known /mnt/backup/*
2016-04-22 17:49:32 +00:00
}
Removed the setkey command, and added a setcontent command with a more useful interface.
2011-10-31 16:33:41 +00:00
reinject: Added new mode which can reinject known files into the annex. For example: git-annex reinject --known /mnt/backup/*
2016-04-22 17:49:32 +00:00
optParser :: CmdParamsDesc -> Parser ReinjectOptions
optParser desc = ReinjectOptions
<$> cmdParams desc
<*> switch
( long "known"
<> help "inject all known files"
<> hidden
)
reinject: Added --guesskeys option Sponsored-by: Noam Kremen on Patreon
2023-06-26 18:05:31 +00:00
<*> switch
( long "guesskeys"
<> help "inject files that are named like keys"
<> hidden
)
reinject: Added new mode which can reinject known files into the annex. For example: git-annex reinject --known /mnt/backup/*
2016-04-22 17:49:32 +00:00
seek :: ReinjectOptions -> CommandSeek
seek os
reinject: Added --guesskeys option Sponsored-by: Noam Kremen on Patreon
2023-06-26 18:05:31 +00:00
| guessKeysOpt os && knownOpt os = giveup "Cannot combine --known with --guesskeys"
| guessKeysOpt os = withStrings (commandAction . startGuessKeys) (params os)
move commandAction out of CmdLine.Seek This is groundwork for nested seek loops, eg seeking over all files and then performing commandActions on a list of remotes, which can be done concurrently. This commit was sponsored by Boyd Stephen Smith Jr. on Patreon.
2018-10-01 18:12:06 +00:00
| knownOpt os = withStrings (commandAction . startKnown) (params os)
reinject: Support --json and --json-error-messages Also fix support for operating on multiple pairs of files and keys. Moved notAnnexed to inside starting, so error message will get into the json. Cannot include the key in the starting as it's not known yet, so instead add it to the json later. Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-08 19:43:37 +00:00
| otherwise = withPairs (commandAction . startSrcDest) (params os)
reinject: Added new mode which can reinject known files into the annex. For example: git-annex reinject --known /mnt/backup/*
2016-04-22 17:49:32 +00:00
reinject: Support --json and --json-error-messages Also fix support for operating on multiple pairs of files and keys. Moved notAnnexed to inside starting, so error message will get into the json. Cannot include the key in the starting as it's not known yet, so instead add it to the json later. Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-08 19:43:37 +00:00
startSrcDest :: (SeekInput, (String, String)) -> CommandStart
startSrcDest (si, (src, dest))
cleanup
2011-10-31 20:46:51 +00:00
| src == dest = stop
reinject: Support --json and --json-error-messages Also fix support for operating on multiple pairs of files and keys. Moved notAnnexed to inside starting, so error message will get into the json. Cannot include the key in the starting as it's not known yet, so instead add it to the json later. Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-08 19:43:37 +00:00
| otherwise = starting "reinject" ai si $ notAnnexed src' $
remove whenAnnexed and ifAnnexed In preparation for adding a new variation on lookupKey. Sponsored-by: Max Thoursie on Patreon
2022-10-26 17:58:20 +00:00
lookupKey (toRawFilePath dest) >>= \case
reinject: Support --json and --json-error-messages Also fix support for operating on multiple pairs of files and keys. Moved notAnnexed to inside starting, so error message will get into the json. Cannot include the key in the starting as it's not known yet, so instead add it to the json later. Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-08 19:43:37 +00:00
Just key -> ifM (verifyKeyContent key src')
( perform src' key
, do
qp <- coreQuotePath <$> Annex.getGitConfig
giveup $ decodeBS $ quote qp $ QuotedPath src'
<> " does not have expected content of "
<> QuotedPath (toRawFilePath dest)
)
git style filename quoting for giveup When the filenames are part of the git repository or other files that might have attacker-controlled names, quote them in error messages. This is fairly complete, although I didn't do the one in Utility.DirWatcher.INotify.hs because that doesn't have access to Git.Filename or Annex. But it's also quite possible I missed some. And also while scanning for these, I found giveup used with other things that could be attacker controlled to contain control characters (eg Keys). So, I'm thinking it would also be good for giveup to just filter out control characters. This commit is then not the only line of defence, but just good formatting when git-annex displays a filename in an error message. Sponsored-by: Kevin Mueller on Patreon
2023-04-10 16:56:45 +00:00
Nothing -> do
qp <- coreQuotePath <$> Annex.getGitConfig
giveup $ decodeBS $ quote qp $ QuotedPath src'
<> " is not an annexed file"
import --reinject-duplicates This is the same as running git annex reinject --known, followed by git-annex import. The advantage to having it in one command is that it only has to hash each file once; the two commands have to hash the imported files a second time. This commit was sponsored by Shane-o on Patreon.
2017-02-09 19:40:44 +00:00
where
more RawFilePath conversion This commit was sponsored by Luke Shumaker on Patreon.
2020-11-02 20:31:28 +00:00
src' = toRawFilePath src
git style quoting for ActionItemOther Added StringContainingQuotedPath, which is used for ActionItemOther. In the process, checked every ActionItemOther for those containing filenames, and made them use quoting. Sponsored-by: Graham Spencer on Patreon
2023-04-08 19:48:32 +00:00
ai = ActionItemOther (Just (QuotedPath src'))
reinject: Added new mode which can reinject known files into the annex. For example: git-annex reinject --known /mnt/backup/*
2016-04-22 17:49:32 +00:00
reinject: Added --guesskeys option Sponsored-by: Noam Kremen on Patreon
2023-06-26 18:05:31 +00:00
startGuessKeys :: FilePath -> CommandStart
startGuessKeys src = starting "reinject" ai si $ notAnnexed src' $
case fileKey (toRawFilePath (takeFileName src)) of
Just key -> ifM (verifyKeyContent key src')
( perform src' key
, do
qp <- coreQuotePath <$> Annex.getGitConfig
giveup $ decodeBS $ quote qp $ QuotedPath src'
<> " does not have expected content"
)
Nothing -> do
warning "Not named like an object file; skipping"
next $ return True
where
src' = toRawFilePath src
ai = ActionItemOther (Just (QuotedPath src'))
si = SeekInput [src]
reinject: Added new mode which can reinject known files into the annex. For example: git-annex reinject --known /mnt/backup/*
2016-04-22 17:49:32 +00:00
startKnown :: FilePath -> CommandStart
reinject: Support --json and --json-error-messages Also fix support for operating on multiple pairs of files and keys. Moved notAnnexed to inside starting, so error message will get into the json. Cannot include the key in the starting as it's not known yet, so instead add it to the json later. Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-08 19:43:37 +00:00
startKnown src = starting "reinject" ai si $ notAnnexed src' $ do
(key, _) <- genKey ks nullMeterUpdate =<< defaultBackend
ifM (isKnownKey key)
( perform src' key
, do
warning "Not known content; skipping"
next $ return True
)
convert KeySource to RawFilePath
2020-02-21 13:34:59 +00:00
where
src' = toRawFilePath src
more RawFilePath conversion This commit was sponsored by Luke Shumaker on Patreon.
2020-11-02 20:31:28 +00:00
ks = KeySource src' src' Nothing
git style quoting for ActionItemOther Added StringContainingQuotedPath, which is used for ActionItemOther. In the process, checked every ActionItemOther for those containing filenames, and made them use quoting. Sponsored-by: Graham Spencer on Patreon
2023-04-08 19:48:32 +00:00
ai = ActionItemOther (Just (QuotedPath src'))
add SeekInput (not yet used) No behavior changes (hopefully), just adding SeekInput and plumbing it through to the JSON display code for later use. Over the course of 2 grueling days. withFilesNotInGit reimplemented in terms of seekHelper should be the only possible behavior change. It seems to test as behaving the same. Note that seekHelper dummies up the SeekInput in the case where segmentPaths' gives up on sorting the expanded paths because there are too many input paths. When SeekInput later gets exposed as a json field, that will result in it being a little bit wrong in the case where 100 or more paths are passed to a git-annex command. I think this is a subtle enough problem to not matter. If it does turn out to be a problem, fixing it would require splitting up the input parameters into groups of < 100, which would make git ls-files run perhaps more than is necessary. May want to revisit this, because that fix seems fairly low-impact.
2020-09-14 20:49:33 +00:00
si = SeekInput [src]
reinject: Added new mode which can reinject known files into the annex. For example: git-annex reinject --known /mnt/backup/*
2016-04-22 17:49:32 +00:00
reinject: Support --json and --json-error-messages Also fix support for operating on multiple pairs of files and keys. Moved notAnnexed to inside starting, so error message will get into the json. Cannot include the key in the starting as it's not known yet, so instead add it to the json later. Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-08 19:43:37 +00:00
notAnnexed :: RawFilePath -> CommandPerform -> CommandPerform
reinject --known: Fix bug that prevented it from working in a bare repo. ifAnnexed in a bare repo passes to git cat-file :./filename , which it refuses to do since the repo is bare. Note that, reinject somefile someannexedfile in a bare repo silently does nothing, because someannexedfile is never actually an annexed worktree file, because the repo is bare.
2020-01-06 18:22:22 +00:00
notAnnexed src a =
ifM (fromRepo Git.repoIsLocalBare)
( a
remove whenAnnexed and ifAnnexed In preparation for adding a new variation on lookupKey. Sponsored-by: Max Thoursie on Patreon
2022-10-26 17:58:20 +00:00
, lookupKey src >>= \case
git style filename quoting for giveup When the filenames are part of the git repository or other files that might have attacker-controlled names, quote them in error messages. This is fairly complete, although I didn't do the one in Utility.DirWatcher.INotify.hs because that doesn't have access to Git.Filename or Annex. But it's also quite possible I missed some. And also while scanning for these, I found giveup used with other things that could be attacker controlled to contain control characters (eg Keys). So, I'm thinking it would also be good for giveup to just filter out control characters. This commit is then not the only line of defence, but just good formatting when git-annex displays a filename in an error message. Sponsored-by: Kevin Mueller on Patreon
2023-04-10 16:56:45 +00:00
Just _ -> do
qp <- coreQuotePath <$> Annex.getGitConfig
giveup $ decodeBS $ quote qp $
"cannot used annexed file as src: "
<> QuotedPath src
remove whenAnnexed and ifAnnexed In preparation for adding a new variation on lookupKey. Sponsored-by: Max Thoursie on Patreon
2022-10-26 17:58:20 +00:00
Nothing -> a
reinject --known: Fix bug that prevented it from working in a bare repo. ifAnnexed in a bare repo passes to git cat-file :./filename , which it refuses to do since the repo is bare. Note that, reinject somefile someannexedfile in a bare repo silently does nothing, because someannexedfile is never actually an annexed worktree file, because the repo is bare.
2020-01-06 18:22:22 +00:00
)
Removed the setkey command, and added a setcontent command with a more useful interface.
2011-10-31 16:33:41 +00:00
more RawFilePath conversion This commit was sponsored by Luke Shumaker on Patreon.
2020-11-02 20:31:28 +00:00
perform :: RawFilePath -> Key -> CommandPerform
reinject: Support --json and --json-error-messages Also fix support for operating on multiple pairs of files and keys. Moved notAnnexed to inside starting, so error message will get into the json. Cannot include the key in the starting as it's not known yet, so instead add it to the json later. Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-08 19:43:37 +00:00
perform src key = do
factor out maybeAddJSONField Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-08 20:03:34 +00:00
maybeAddJSONField "key" (serializeKey key)
reinject: Support --json and --json-error-messages Also fix support for operating on multiple pairs of files and keys. Moved notAnnexed to inside starting, so error message will get into the json. Cannot include the key in the starting as it's not known yet, so instead add it to the json later. Sponsored-By: the NIH-funded NICEMAN (ReproNim TR&D3) project
2023-05-08 19:43:37 +00:00
ifM move
( next $ cleanup key
, giveup "failed"
)
where indentation
2012-11-12 05:05:04 +00:00
where
annex.securehashesonly Cryptographically secure hashes can be forced to be used in a repository, by setting annex.securehashesonly. This does not prevent the git repository from containing files with insecure hashes, but it does prevent the content of such files from being pulled into .git/annex/objects from another repository. We want to make sure that at no point does git-annex accept content into .git/annex/objects that is hashed with an insecure key. Here's how it was done: * .git/annex/objects/xx/yy/KEY/ is kept frozen, so nothing can be written to it normally * So every place that writes content must call, thawContent or modifyContent. We can audit for these, and be sure we've considered all cases. * The main functions are moveAnnex, and linkToAnnex; these were made to check annex.securehashesonly, and are the main security boundary for annex.securehashesonly. * Most other calls to modifyContent deal with other files in the KEY directory (inode cache etc). The other ones that mess with the content are: - Annex.Direct.toDirectGen, in which content already in the annex directory is moved to the direct mode file, so not relevant. - fix and lock, which don't add new content - Command.ReKey.linkKey, which manually unlocks it to make a copy. * All other calls to thawContent appear safe. Made moveAnnex return a Bool, so checked all callsites and made them deal with a failure in appropriate ways. linkToAnnex simply returns LinkAnnexFailed; all callsites already deal with it failing in appropriate ways. This commit was sponsored by Riku Voipio.
2017-02-27 17:01:32 +00:00
move = checkDiskSpaceToGet key False $
annex.adjustedbranchrefresh Added annex.adjustedbranchrefresh git config to update adjusted branches set up by git-annex adjust --unlock-present/--hide-missing. Note, in a few cases, I was not able to make the adjusted branch be updated in calls to moveAnnex, because information about what file corresponds to a key is not available. They are: * If two files point to one file, then eg, `git annex get foo` will update the branch to unlock foo, but will not unlock bar, because it does not know about it. Might be fixable by making `git annex get bar` do something besides skipping bar? * git-annex-shell recvkey likewise (so sends over ssh from old versions of git-annex) * git-annex setkey * git-annex transferkey if the user does not use --file * git-annex multicast sends keys with no associated file info Doing a single full refresh at the end, after any incremental refresh, will deal with those edge cases.
2020-11-16 18:09:55 +00:00
moveAnnex key (AssociatedFile Nothing) src
Removed the setkey command, and added a setcontent command with a more useful interface.
2011-10-31 16:33:41 +00:00
reinject: When the provided file doesn't match, leave it where it is, rather than moving to .git/annex/bad/
2012-09-16 05:17:48 +00:00
cleanup :: Key -> CommandCleanup
cleanup key = do
Removed the setkey command, and added a setcontent command with a more useful interface.
2011-10-31 16:33:41 +00:00
logStatus key InfoPresent
reinject: When the provided file doesn't match, leave it where it is, rather than moving to .git/annex/bad/
2012-09-16 05:17:48 +00:00
return True
Reference in a new issue Copy permalink