Add pre-authorisation commandline hook

This hook is permitted to adjust the command line before it is
passed on to command authorisation.  This is needed for a number
of use-cases requested around permitting a plugin to provide domain
specific command line shapes without needing to adjust Gitano's
core command structures.

1 files changed, 18 insertions, 0 deletions

diff --git a/lib/gitano/auth.lua b/lib/gitano/auth.lua
index c5a1095..bf3260f 100644
--- a/lib/gitano/auth.lua
+++ b/lib/gitano/auth.lua
@@ -37,6 +37,7 @@ local log = require 'gitano.log'
 local repository = require 'gitano.repository'
 local util = require 'gitano.util'
 local i18n = require 'gitano.i18n'
+local hooks = require 'gitano.hooks'
 local gall = require 'gall'
 local luxio = require 'luxio'
 
@@ -121,6 +122,23 @@ local function is_authorized(user, source, cmdline, repo_root,
       i18n.expand("CLIENT_CONNECTED",
                   { ip=ip, user=user, key=keytag, cmdline=cmdline}))
 
+   local cancel
+   cancel, ip, user, keytag, parsed_cmdline =
+      (function(c,i,u,k,...)
+	    return c, i, u, k, {...}
+      end)(hooks.run(hooks.names.PREAUTH_CMDLINE, false,
+		     ip, user, keytag, unpack(parsed_cmdline)))
+
+   if cancel == nil then
+      log.syslog.err(i18n.expand("PREAUTH_CMDLINE_HOOK_ABORTED", {reason=ip}))
+      log.critical(i18n.expand("PREAUTH_CMDLINE_HOOK_DECLINED", {reason=ip}))
+      return nil
+   end
+   if cancel then
+      log.critical(i18n.expand("PREAUTH_CMDLINE_HOOK_DECLINED", {reason=ip}))
+      return nil
+   end
+
    local cmd = command.get(parsed_cmdline[1])
 
    if not cmd then