#!/usr/bin/perl

use strict;
use warnings;

my $acl = {};
my $conf = `git config --list`;
while ($conf =~ s/^acl.(\w+)=(.*)$//m) {
    my $param = $1;
    my $keys = $2;
    foreach my $key (split /,/, $keys) {
        $acl->{$param}->{$key} = 1;
    }
}

$SIG{PIPE} = sub { exit 1; };

my $KEY = $ENV{KEY} || "UNKNOWN";
if ($acl->{deploy}->{$KEY}) {
    warn localtime().": [$KEY] git-server: PULL waiting for notification ...\n";
    my $who = $KEY;
    if (($ENV{SSH_CLIENT} || "") =~ /^([\d\.]+)/) {
        $who .= "@".$1;
    }
    if (my $repo = $ENV{GIT_DIR}) {
        $who .= ":$repo";
    }
    system "hooks/push-notification", $who;
    die "$0: notification failed ($?)\n" if $?;
}
warn localtime().": [$KEY] git-server: RUNNING PULL ...\n";
# If you can write or deploy, then you can also read
die "$KEY: You have been banned from all read operations!\n" unless $acl->{readers}->{$KEY} || $acl->{writers}->{$KEY} || $acl->{deploy}->{$KEY};
