From da0aa9d407e7eb52c5da22c98e6c74f538caafe7 Mon Sep 17 00:00:00 2001 From: Boming Zhang Date: Sat, 25 Oct 2025 08:13:22 -0700 Subject: [PATCH] feat: enforce correct permission --- bin/joj3-forge-convert | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/bin/joj3-forge-convert b/bin/joj3-forge-convert index 284fce7..50a72d7 100755 --- a/bin/joj3-forge-convert +++ b/bin/joj3-forge-convert @@ -28,6 +28,7 @@ main() { local git_email="bot-$course@focs.ji.sjtu.edu.cn" local git_server="ssh://git@focs.ji.sjtu.edu.cn:2222" + # init repos if not exist if ! [ -d "$config_repo_path" ]; then git clone "$git_server/$course/$course-joj.git" "$config_repo_path" git -C "$config_repo_path" config user.name "$git_user" @@ -49,6 +50,7 @@ EOF git -C "$grading_repo_path" push -u origin grading fi + # sync config repo git -C "$config_repo_path" reset --hard git -C "$config_repo_path" pull --rebase if [ -e "$config_repo_path/home/tt/.config/teapot/teapot.env" ]; then @@ -59,12 +61,21 @@ EOF rsync -a --delete "$config_repo_path/home/tt/.config/" "/home/tt/.config" joj3-forge convert "/home/tt/.config/joj" rsync -a --delete "/home/tt/.config/joj/" "$config_repo_path/home/tt/.config/joj" + + # enforce correct permissions + chmod 700 "/home/tt/.config/" + chmod 700 "/home/tt/.cache/" + chmod 700 "/home/tt/.ssh/" + + # commit config changes git -C "$config_repo_path" add home/tt/.config/joj if ! git -C "$config_repo_path" diff --staged --quiet; then commit_hash=$(git -C "$config_repo_path" rev-parse HEAD) git -C "$config_repo_path" commit -m "chore: $commit_hash trigger joj3-forge convert [skip ci]" git -C "$config_repo_path" push fi + + # check gitea token if [ -n "${TEAPOT_GITEA_TOKEN:-}" ]; then local teapot_config_dir="/home/tt/.config/teapot" mkdir -p "$teapot_config_dir"