diff options
| author |  Jeff King <peff@peff.net> | 2012-08-27 09:25:53 -0400 |
|---|---|---|
| committer |  Junio C Hamano <gitster@pobox.com> | 2012-08-27 10:49:09 -0700 |
| commit | 4c71009da60baee436358e84ff1057cd1c80e776 (patch) | |
| tree | d311a3b85502a817f37a17964838b826b21daecd /t/t5541-http-push.sh | |
| parent | t: test basic smart-http authentication (diff) | |
| download | tgif-4c71009da60baee436358e84ff1057cd1c80e776.tar.xz | |
t: test http access to "half-auth" repositories
Some sites set up http access to repositories such that
fetching is anonymous and unauthenticated, but pushing is
authenticated. While there are multiple ways to do this, the
technique advertised in the git-http-backend manpage is to
block access to locations matching "/git-receive-pack$".
Let's emulate that advice in our test setup, which makes it
clear that this advice does not actually work.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't/t5541-http-push.sh')
| -rwxr-xr-x | t/t5541-http-push.sh | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/t/t5541-http-push.sh b/t/t5541-http-push.sh index eeb993203f..9b1cd603c6 100755 --- a/t/t5541-http-push.sh +++ b/t/t5541-http-push.sh @@ -280,5 +280,17 @@ test_expect_success 'push over smart http with auth' ' test_cmp expect actual ' +test_expect_failure 'push to auth-only-for-push repo' ' + cd "$ROOT_PATH/test_repo_clone" && + echo push-half-auth >expect && + test_commit push-half-auth && + set_askpass user@host && + git push "$HTTPD_URL"/auth-push/smart/test_repo.git && + git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/test_repo.git" \ + log -1 --format=%s >actual && + expect_askpass both user@host && + test_cmp expect actual +' + stop_httpd test_done |