repo: allow admin owned configs by admin users Allow users in the administrator group to use git configs that are owned by administrators.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51
diff --git a/src/libgit2/repository.c b/src/libgit2/repository.c
index 48a0b70..09e81cd 100644
--- a/src/libgit2/repository.c
+++ b/src/libgit2/repository.c
@@ -509,10 +509,13 @@ static int validate_ownership(const char *repo_path)
{
git_config *config = NULL;
validate_ownership_data data = { repo_path, GIT_STR_INIT, false };
+ git_fs_path_owner_t owner_level =
+ GIT_FS_PATH_OWNER_CURRENT_USER |
+ GIT_FS_PATH_USER_IS_ADMINISTRATOR;
bool is_safe;
int error;
- if ((error = git_fs_path_owner_is_current_user(&is_safe, repo_path)) < 0) {
+ if ((error = git_fs_path_owner_is(&is_safe, repo_path, owner_level)) < 0) {
if (error == GIT_ENOTFOUND)
error = 0;
diff --git a/tests/libgit2/repo/open.c b/tests/libgit2/repo/open.c
index cb044a0..634ba59 100644
--- a/tests/libgit2/repo/open.c
+++ b/tests/libgit2/repo/open.c
@@ -489,6 +489,13 @@ void test_repo_open__validates_dir_ownership(void)
git_fs_path__set_owner(GIT_FS_PATH_OWNER_ADMINISTRATOR);
cl_git_fail(git_repository_open(&repo, "empty_standard_repo"));
+#ifdef GIT_WIN32
+ /* When the user is an administrator, succeed on Windows. */
+ git_fs_path__set_owner(GIT_FS_PATH_USER_IS_ADMINISTRATOR);
+ cl_git_pass(git_repository_open(&repo, "empty_standard_repo"));
+ git_repository_free(repo);
+#endif
+
/* When an unknown user owns the repo config, fail */
git_fs_path__set_owner(GIT_FS_PATH_OWNER_OTHER);
cl_git_fail(git_repository_open(&repo, "empty_standard_repo"));
@@ -511,6 +518,13 @@ void test_repo_open__validates_bare_repo_ownership(void)
git_fs_path__set_owner(GIT_FS_PATH_OWNER_ADMINISTRATOR);
cl_git_fail(git_repository_open(&repo, "testrepo.git"));
+#ifdef GIT_WIN32
+ /* When the user is an administrator, succeed on Windows. */
+ git_fs_path__set_owner(GIT_FS_PATH_USER_IS_ADMINISTRATOR);
+ cl_git_pass(git_repository_open(&repo, "testrepo.git"));
+ git_repository_free(repo);
+#endif
+
/* When an unknown user owns the repo config, fail */
git_fs_path__set_owner(GIT_FS_PATH_OWNER_OTHER);
cl_git_fail(git_repository_open(&repo, "testrepo.git"));