2013-09-28 09:15:31 +00:00
|
|
|
#!/usr/bin/env perl
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
use warnings;
|
|
|
|
use v5.10;
|
|
|
|
use File::Basename;
|
|
|
|
use Net::IP;
|
|
|
|
|
|
|
|
use ACU::Log;
|
|
|
|
$ACU::Log::log_file = "/var/log/hooks/" . basename($0) . ".log";
|
|
|
|
|
2013-09-30 08:53:21 +00:00
|
|
|
my $ip = $1 if ($ENV{'SSH_CLIENT'} =~ m/([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/);
|
|
|
|
|
2013-10-07 14:42:02 +00:00
|
|
|
exit 0 if (!$ip);
|
|
|
|
|
2013-10-18 07:22:15 +00:00
|
|
|
log DEBUG, "Connection with $ARGV[0] to $ENV{GL_REPO} from $ip";
|
|
|
|
|
|
|
|
my $promo = qx(git config hooks.promo);
|
|
|
|
my $id_project = qx(git config hooks.idproject);
|
|
|
|
my $repo_login = qx(git config hooks.repologin);
|
2013-09-30 08:53:21 +00:00
|
|
|
|
2013-11-14 19:34:12 +00:00
|
|
|
my @habitent_loin = qw(amed_m bellev_m freima_m ikouna_l simon_j faure_n abdelm_a habri_z trang_d henrie_p verbec_y);
|
2013-10-20 00:15:12 +00:00
|
|
|
|
2013-09-28 09:15:31 +00:00
|
|
|
# First, check if the repository is in the YYYY/ directory
|
2013-10-18 07:22:15 +00:00
|
|
|
exit 0 if (($promo && $id_project && $repo_login) || $ENV{GL_REPO} !~ /^2[0-9]{3}\/.+\/.+/);
|
|
|
|
|
|
|
|
my ($ref, $oldsha, $newsha) = @ARGV;
|
2013-09-28 09:15:31 +00:00
|
|
|
|
2013-10-18 07:22:15 +00:00
|
|
|
$promo = $1 if (!$promo && $ENV{'GL_REPO'} =~ m/([0-9]{4}).*/);
|
|
|
|
$id_project = $1 if (!$id_project && $ENV{'GL_REPO'} =~ m/.*\/(.*)\//);
|
|
|
|
$repo_login = $1 if (!$repo_login && $ENV{'GL_REPO'} =~ m/.*\/.*\/(.*)/);
|
2013-09-28 09:15:31 +00:00
|
|
|
|
2013-10-07 18:19:07 +00:00
|
|
|
my $read = ($ARGV[0] =~ /R/);
|
|
|
|
my $write = ($ARGV[0] =~ /W/);
|
|
|
|
|
2013-09-28 09:15:31 +00:00
|
|
|
|
|
|
|
$ip = Net::IP->new($ip) or die ("IP invalide");
|
|
|
|
|
2013-10-18 07:22:15 +00:00
|
|
|
my $labnetwork = Net::IP->new('192.168.0.0/16');
|
|
|
|
|
|
|
|
if ($ip->overlaps($labnetwork) == $IP_A_IN_B_OVERLAP)
|
|
|
|
{
|
|
|
|
exit 0;
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
#{
|
|
|
|
# log ERROR, "Les dépôts Git sont en cours de maintenance, veuillez réessayer dans quelques minutes.";
|
|
|
|
# exit 1;
|
|
|
|
#}
|
|
|
|
|
2013-11-16 12:32:39 +00:00
|
|
|
exit 0 if (grep { /\Q$ENV{GL_USER}\E/ } @habitent_loin);
|
2013-10-20 00:15:12 +00:00
|
|
|
|
2013-09-30 08:27:44 +00:00
|
|
|
my $schoolnetwork = Net::IP->new('10.41.0.0/16');
|
2013-10-18 07:22:15 +00:00
|
|
|
#my $vjschoolnetwork = Net::IP->new('10.3.0.0/16');
|
2013-09-28 09:15:31 +00:00
|
|
|
|
2013-10-18 07:22:15 +00:00
|
|
|
if (
|
|
|
|
$ip->overlaps($schoolnetwork) != $IP_A_IN_B_OVERLAP
|
|
|
|
# && $ip->overlaps($vjschoolnetwork) != $IP_A_IN_B_OVERLAP
|
|
|
|
)
|
2013-09-28 09:15:31 +00:00
|
|
|
{
|
2013-10-18 07:24:49 +00:00
|
|
|
say "Votre IP est : ".$ip->ip();
|
2013-10-12 00:47:57 +00:00
|
|
|
|
2013-10-07 18:19:07 +00:00
|
|
|
log ERROR, "Vous n'êtes pas autorisé à envoyer vos modifications depuis cette IP." if ($write);
|
|
|
|
log ERROR, "Vous n'êtes pas autorisé à accéder à ce dépôt depuis cette IP." if ($read);
|
2013-09-28 09:15:31 +00:00
|
|
|
exit 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
my $sshnetwork = Net::IP->new('10.41.253.0/24');
|
|
|
|
|
|
|
|
if ($ip->overlaps($sshnetwork) == $IP_A_IN_B_OVERLAP)
|
|
|
|
{
|
2013-10-18 07:24:49 +00:00
|
|
|
say "Votre IP est : ".$ip->ip();
|
2013-10-12 00:47:57 +00:00
|
|
|
|
2013-10-07 18:19:07 +00:00
|
|
|
log ERROR, "Vous n'êtes pas autorisé à envoyer vos modifications depuis cette IP." if ($write);
|
|
|
|
log ERROR, "Vous n'êtes pas autorisé à accéder à ce dépôt depuis cette IP." if ($read);
|
2013-09-28 09:15:31 +00:00
|
|
|
exit 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
exit 0;
|