lib/Test/PAUSE/Permissions.pm


            
              1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
—
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
              package Test::PAUSE::Permissions;
use strict;
use warnings;
use parent 'Exporter';
use Test::More;
use Parse::LocalDistribution;
our $VERSION = '0.07';
our @EXPORT = (@Test::More::EXPORT, qw/all_permissions_ok/);
sub all_permissions_ok {
  my ($author, $opts) = ref $_[0] ? (undef, @_) : @_;
  $opts ||= {};
  plan skip_all => 'Set RELEASE_TESTING environmental variable to test this.' unless $ENV{RELEASE_TESTING};
  # Get your id from .pause
  $author ||= _get_pause_user();
  plan skip_all => "Can't determine who is going to release." unless $author;
  # Get authority from META
  my $meta_authority ||= _get_authority_in_meta();
  local $Parse::PMFile::ALLOW_DEV_VERSION = 1 if $opts->{dev};
  # Get packages (respecting no_index)
  my $provides = Parse::LocalDistribution->new->parse();
  # Get maintainers from 06perms or MetaCPAN
  my $use_metacpan = $opts->{metacpan} || $ENV{TEST_PAUSE_PERMISSIONS_METACPAN};
  my $maintainers = _get_maintainers($use_metacpan, [keys %$provides]);
  # Iterate
  my $saw_errors;
  my @authorities = grep $_, $author, $meta_authority;
  my %new_packages;
  my %dist_maintainers = map {uc $_ => 1} @authorities;
SKIP:
  for my $package (keys %$provides) {
    my $authority = uc($meta_authority || $author || '');
    my $module_maintainers = $maintainers->{$package};
    if (!$module_maintainers) {
      pass "$package: no one has permissions ($authority should have the first come)";
      $new_packages{$package} = 1;
      next;
    }
    $dist_maintainers{uc $_} = 1 for @$module_maintainers;
    # Author should have permissions, regardless of the authority
    if (grep { uc $_ eq uc $author } @$module_maintainers) {
      pass "$package: $author has a permission";
    }
    else {
      fail "$package: maintained by ".join ', ', @$module_maintainers;
      $saw_errors = 1;
    }
    # $AUTHORITY has no effect in PAUSE.
    # just see if $AUTHORITY matches x_authority for information
    if ($meta_authority) {
      my $file_authority = _get_authority_in_file($package, $provides->{$package});
      if ($file_authority && $file_authority ne $meta_authority) {
        # XXX: should fail?
        diag "$package: \$AUTHORITY ($file_authority) doesn't match x_authority ($meta_authority)";
      }
    }
  }
  # There are several known IDs that won't maintain any package
  delete $dist_maintainers{$_} for qw/ADOPTME HANDOFF NEEDHELP LOCAL/;
  # GH #3: Adding a new module to an established distribution maintained by a large group may cause
  # an annoying permission problem.
  if (
    !$saw_errors  # having errors already means there's someone (ie. you) who can't upload it
    and %new_packages # no problem if no new module is added
    and (keys %new_packages < keys %$provides) # no problem if everything is new
    and (keys %dist_maintainers > @authorities) # no problem if maintainers are few and everyone gets permissions
  ) {
    delete $dist_maintainers{$_} for @authorities;
    my $message = "Some of the maintainers of this distribution (@{[sort keys %dist_maintainers]}) won't have permissions for the following package(s): @{[sort keys %new_packages]}.";
    if ($opts->{strict}) {
      fail $message;
    } else {
      diag "[WARNING] $message\n(This may or may not be a problem, depending on the policy of your team.)";
    }
  }
  done_testing;
}
sub _get_pause_user {
  # Get authority from ~/.pause
  require Config::Identity::PAUSE;
  my %config = Config::Identity::PAUSE->load;
  return $config{user};
}
sub _get_authority_in_meta {
  # Get authority from META
  my $meta = _parse_meta();
  if ($meta && $meta->{x_authority}) {
    my $authority = $meta->{x_authority};
    $authority =~ s/^cpan://i;
    return $authority;
  }
}
sub _parse_meta {
  for my $file (qw/META.json META.yml/) {
    next unless -f $file && -r _;
    my $meta = Parse::CPAN::Meta->load_file($file);
    return $meta if $meta && ref $meta eq ref {};
  }
}
sub _get_authority_in_file {
  my ($package, $package_info) = @_;
  my $file = $package_info->{infile};
  return unless $file && -f $file && -r _;
  open my $fh, '<', $file or return;
  my $in_pod = 0;
  while(<$fh>) {
    last if /__(DATA|END)__/;
    $in_pod = /^=(?!cut?)/ ? 1 : /^=cut/ ? 0 : $in_pod;
    next if $in_pod;
    if (/\$(?:${package}::)?AUTHORITY\s*=.+?(?i:cpan):([A-Za-z0-9]+)/) {
      return $1;
    }
  }
}
sub _get_maintainers {
  my ($use_metacpan, $modules) = @_;
  if ($use_metacpan) {
    eval { require PAUSE::Permissions::MetaCPAN };
    die "To use MetaCPAN permission API, "
      . "you need to install PAUSE::Permissions::MetaCPAN, $@" if $@;
    my $perms = PAUSE::Permissions::MetaCPAN->new->get(modules => $modules);
    my %maintainers;
    for my $module (@$modules) {
      $maintainers{$module} = $perms->{$module}
        ? [ $perms->{$module}{owner}, @{$perms->{$module}{co_maintainers}} ] : undef;
    }
    \%maintainers;
  } else {
    require PAUSE::Permissions;
    my $file = PAUSE::Permissions->new;
    my %maintainers;
    for my $module (@$modules) {
      my $mp = $file->module_permissions($module);
      $maintainers{$module} = $mp ? [$mp->all_maintainers] : undef;
    }
    \%maintainers;
  }
}
1;
__END__
=head1 NAME
Test::PAUSE::Permissions - tests module permissions in your distribution
=head1 SYNOPSIS
    # in your xt/perms.t
    use Test::PAUSE::Permissions;
     
    all_permissions_ok();
=head1 DESCRIPTION
This module is to test if modules in your distribution have proper
permissions or not. You need to set RELEASE_TESTING to test this.
If your distribution has modules/packages that should not be
indexed, you might want to generate META files before you run this
test to provide C<no_index> information to Test::PAUSE::Permissions.
You might also want to prepare C<.pause> file to show who is
releasing the distribution (you should have one to release
distributions anyway).
=head1 FUNCTION
This module exports only one function (yet):
=head2 all_permissions_ok
Looks for packages with L<Parse::LocalDistribution>, and tests
if you have proper permissions for them by L<PAUSE::Permissions>,
which downloads C<06perms.txt> from CPAN before testing.
By default, C<all_permissions_ok> looks into C<.pause> file
to find who is releasing the distribution.
You can also pass the author as an argument, though this is only
useful when you generate this test every time you release a
distribution.
    use Test::PAUSE::Permissions;
     
    # assumes ISHIGAKI is going to release the distribution
    all_permissions_ok('ISHIGAKI');
C<all_permissions_ok> also looks into META files for <x_authority>,
and each .pm file for C<$AUTHORITY> variable, for your information.
You can pass an optional hash reference to C<all_permissions_ok()>
to change its behavior.
=head3 strict mode
    all_permissions_ok({strict => 1});
If this is set, C<all_permissions_ok> would fail if the following
conditions should be met:
=over 4
=item the distribution is maintained by more than one person
(or two people if C<x_authority> is set).
=item the uploader has added a new indexable package.
=item and the distribution itself is not newly created.
=back
In the case above, if the uploader uploads the distribution,
permission to the new package is only given to the uploader
(and the author specified in C<x_authority> if applicable),
and other maintainers will not be able to upload the distribution
appropriately until they are given permission to the
new package. Strict mode is to prevent such an (accidental)
addtion so that everyone in a team can upload without a problem.
=head3 test also modules with a developer version
    all_permissions_ok({dev => 1});
This module ignores modules that won't be indexed (namely those
that have a version number with an underscore in it) by default.
If you do want to test them, set C<dev> to true.
=head3 use MetaCPAN API for testing permissions
    all_permissions_ok({metacpan => 1});
If C<metacpan> is true, this module tests permissions via MetaCPAN API
instead of C<06perms.txt> using L<PAUSE::Permissions::MetaCPAN>.
You can also set an environment variable C<TEST_PAUSE_PERMISSIONS_METACPAN> true
to use MetaCPAN API.
=head1 SEE ALSO
L<PAUSE::Permissions>, L<App::PAUSE::CheckPerms>
=head1 AUTHOR
Kenichi Ishigaki, E<lt>ishigaki@cpan.orgE<gt>
=head1 COPYRIGHT AND LICENSE
Copyright (C) 2014 by Kenichi Ishigaki.
This program is free software; you can redistribute it and/or
modify it under the same terms as Perl itself.
=cut
	Global
`s`	Focus search bar
`?`	Bring up this help dialog
	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)
	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse
	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)