implement exporttree=yes configuration
* Only export to remotes that were initialized to support it. * Prevent storing key/value on export remotes. * Prevent enabling exporttree=yes and encryption in the same remote. SetupStage Enable was changed to take the old RemoteConfig. This allowed only setting exporttree when initially setting up a remote, and not configuring it later after stuff might already be stored in the remote. Went with =yes rather than =true for consistency with other parts of git-annex. Changed docs accordingly. This commit was supported by the NSF-funded DataLad project.
This commit is contained in:
Joey Hess
parent
a4328b49d2
commit
28e2cad849
14 changed files with 69 additions and 29 deletions
|
|
@ -15,6 +15,7 @@ module Remote.Helper.Encryptable (
|
|||
embedCreds,
|
||||
cipherKey,
|
||||
extractCipher,
|
||||
isEncrypted,
|
||||
describeEncryption,
|
||||
) where
|
||||
|
||||
|
|
@ -57,7 +58,7 @@ encryptionSetup c gc = do
|
|||
encryption = M.lookup "encryption" c
|
||||
-- Generate a new cipher, depending on the chosen encryption scheme
|
||||
genCipher cmd = case encryption of
|
||||
_ | M.member "cipher" c || M.member "cipherkeys" c || M.member "pubkeys" c -> cannotchange
|
||||
_ | hasEncryptionConfig c -> cannotchange
|
||||
Just "none" -> return (c, NoEncryption)
|
||||
Just "shared" -> encsetup $ genSharedCipher cmd
|
||||
-- hybrid encryption is the default when a keyid is
|
||||
|
|
@ -167,6 +168,15 @@ extractCipher c = case (M.lookup "cipher" c,
|
|||
where
|
||||
readkeys = KeyIds . splitc ','
|
||||
|
||||
isEncrypted :: RemoteConfig -> Bool
|
||||
isEncrypted c = case M.lookup "encryption" c of
|
||||
Just "none" -> False
|
||||
Just _ -> True
|
||||
Nothing -> hasEncryptionConfig c
|
||||
|
||||
hasEncryptionConfig :: RemoteConfig -> Bool
|
||||
hasEncryptionConfig c = M.member "cipher" c || M.member "cipherkeys" c || M.member "pubkeys" c
|
||||
|
||||
describeEncryption :: RemoteConfig -> String
|
||||
describeEncryption c = case extractCipher c of
|
||||
Nothing -> "none"
|
||||
|
|
|
|||
|
|
@ -9,7 +9,12 @@ module Remote.Helper.Export where
|
|||
|
||||
import Annex.Common
|
||||
import Types.Remote
|
||||
import Types.Creds
|
||||
import Remote.Helper.Encryptable (isEncrypted)
|
||||
|
||||
import qualified Data.Map as M
|
||||
|
||||
-- | Use for remotes that do not support exports.
|
||||
exportUnsupported :: ExportActions Annex
|
||||
exportUnsupported = ExportActions
|
||||
{ exportSupported = return False
|
||||
|
|
@ -19,3 +24,28 @@ exportUnsupported = ExportActions
|
|||
, checkPresentExport = \_ _ -> return False
|
||||
, renameExport = \_ _ _ -> return False
|
||||
}
|
||||
|
||||
-- | A remote that supports exports when configured with exporttree=yes,
|
||||
-- and otherwise does not.
|
||||
exportableRemote :: Remote -> Remote
|
||||
exportableRemote r = case M.lookup "exporttree" (config r) of
|
||||
Just "yes" -> r
|
||||
{ storeKey = \_ _ _ -> do
|
||||
warning "remote is configured with exporttree=yes; use `git-annex export` to store content on it"
|
||||
return False
|
||||
}
|
||||
_ -> r
|
||||
{ exportActions = exportUnsupported }
|
||||
|
||||
exportableRemoteSetup :: (SetupStage -> Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID)) -> SetupStage -> Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID)
|
||||
exportableRemoteSetup setupaction st mu cp c gc = case st of
|
||||
Init -> case M.lookup "exporttree" c of
|
||||
Just "yes" | isEncrypted c ->
|
||||
giveup "cannot enable both encryption and exporttree"
|
||||
_ -> cont
|
||||
Enable oldc
|
||||
| M.lookup "exporttree" c /= M.lookup "exporttree" oldc ->
|
||||
giveup "cannot change exporttree of existing special remote"
|
||||
| otherwise -> cont
|
||||
where
|
||||
cont = setupaction st mu cp c gc
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue