From 7d6ff8ff61ace65aa3b78a918b5797571ae6749f Mon Sep 17 00:00:00 2001 From: Magnus Hagander Date: Wed, 4 Mar 2009 15:49:11 +0100 Subject: [PATCH] Don't ever allow any direct access to a remote-synced repository --- pggit.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pggit.py b/pggit.py index 9ebc0fe..9b27b1e 100755 --- a/pggit.py +++ b/pggit.py @@ -89,7 +89,7 @@ class PgGit(object): writeperm = False db = psycopg2.connect(self.cfg.get('database','db')) curs = db.cursor() - curs.execute("SELECT level FROM repository_permissions INNER JOIN repositories ON repoid=repository WHERE userid=%s AND name=%s", + curs.execute("SELECT CASE WHEN remoterepository_id IS NULL THEN level ELSE 0 END FROM repository_permissions INNER JOIN repositories ON repoid=repository WHERE userid=%s AND name=%s", (self.user, self.subpath)) try: writeperm = (curs.fetchone()[0] > 0) -- 2.39.5