granual persmissions

Signed-off-by: dzdidi <deniszalessky@gmail.com>

src/home.js

@@ -15,7 +15,13 @@ function shareAppFolder (name) {
 }
 
 function shareWith (userId, branch = '*', permissions = 'rw') {
-  fs.appendFileSync(`${APP_HOME}/.git-daemon-export-ok`, `${userId}:${branch}:${permissions}\n`)
+  if (!fs.existsSync(`${APP_HOME}/.git-daemon-export-ok`)) {
+    fs.writeFileSync(`${APP_HOME}/.git-daemon-export-ok`, '')
+  }
+  if (permissions.split('').some(p => !['r', 'w'].includes(p))) {
+    throw new Error('Permissions must be r, w or rw')
+  }
+  fs.appendFileSync(`${APP_HOME}/.git-daemon-export-ok`, `${userId}\t${branch}\t${permissions}\n`)
 }
 
 function unshareAppFolder (name) {
@@ -31,7 +37,12 @@ function isShared (name) {
 }
 
 function getACL (name) {
-  return fs.readFileSync(`${APP_HOME}/${name}/.git-daemon-export-ok`).toString().split('\n').filter(Boolean)
+  const entries = fs.readFileSync(`${APP_HOME}/${name}/.git-daemon-export-ok`).toString().split('\n').filter(Boolean)
+  const res = {}
+  for (const entry of entries) {
+    const [userId, branch, permissions] = entry.split('\t')
+    res[userId] = { branch, permissions }
+  }
 }
 
 function list (sharedOnly) {

src/rpc.js

@@ -109,14 +109,10 @@ module.exports = class RPC {
     if (process.env.GIT_PEAR_AUTH) {
       if (!request.header) throw new Error('You are not allowed to access this repo')
 
-      payload = await acl.getId({
-        ...request.body,
-        payload: request.header
-      })
-      // read .git-daemon-export-ok 
-      // check if payload.userId is presenet there
+      payload = await acl.getId({ ...request.body, payload: request.header })
       const aclList = home.getACL(result.repoName)
-      if (!aclList.includes(payload.userId)) {
+      // TODO: read specific permissions for the user
+      if (!Object.keys(aclList).includes(payload.userId)) {
         throw new Error('You are not allowed to access this repo')
       }
     }