brownbeagle-gitauth 0.0.3.3 → 0.0.4.0

data/Rakefile

@@ -0,0 +1,19 @@
+require 'rake'
+
+task :gemspec do
+  require 'rubygems'
+  require File.join(File.dirname(__FILE__), "lib", "gitauth")
+  spec = Gem::Specification.new do |s|
+    s.name        = 'gitauth'
+    s.email       = 'sutto@sutto.net'
+    s.homepage    = 'http://brownbeagle.com.au/'
+    s.authors     = ["Darcy Laycock"]
+    s.version     = GitAuth.version
+    s.summary     = "An authentication manager for Git repositories served over SSH"
+    s.description = "A library to enable per user / group authentication on a read / write basis for git repositories running over ssh"
+    s.files       = (FileList["{bin,lib,public,resources,views}/**/*"].to_a + FileList["*"].to_a).sort
+    s.executables = FileList["bin/*"].to_a.map { |f| File.basename(f) }
+    s.platform    = Gem::Platform::RUBY
+  end
+  File.open("gitauth.gemspec", "w+") { |f| f.puts spec.to_ruby }
+end

data/USAGE

@@ -9,7 +9,7 @@ gitauth permissions REPO USERORGROUP [PERMISSION=all,read,write]
   PERMISSION:
     Default = all
     The level of permissions you want to give the user or group on the repository in question
-      all = read/write
+      all = read and write
       read = the user can see the repository and pull it, but cannot push changes
       write = user can push changes but can't pull it.
       

data/bin/gitauth

@@ -1,252 +1,195 @@
 #!/usr/bin/env ruby
+require File.join(File.dirname(__FILE__), "..", "lib", "gitauth")
 
-#--
-#   Copyright (C) 2009 Brown Beagle Software
-#   Copyright (C) 2008 Darcy Laycock <sutto@sutto.net>
-#
-#   This program is free software: you can redistribute it and/or modify
-#   it under the terms of the GNU Affero General Public License as published by
-#   the Free Software Foundation, either version 3 of the License, or
-#   (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be useful,
-#   but WITHOUT ANY WARRANTY; without even the implied warranty of
-#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#   GNU Affero General Public License for more details.
-#
-#   You should have received a copy of the GNU Affero General Public License
-#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#++
+GitAuth::Application.processing(ARGV) do |a|
+  a.banner = "GitAuth v#{GitAuth.version}"
+  
+  a.generator!
+  
+  a.option(:force, "force the creation of the settings file")
+  a.option(:admin, "pass the path to a ssh public key and it adds a default admin user")
+  a.add("install", "Sets up GitAuth for the current user") do |options|
+    
+    setup_generator ".", :silent => true
+    
+    # Check for a valid admin key
+    if options.has_key?(:admin) && (!options[:admin].is_a?(String) || !file?(options[:admin]))
+      puts "You provided the admin option but didn't provide it with a path to public key."
+      die! "Please re-run again with a path to a key, e.g. --admin=~/id_rsa.pub"
+    end
+    
+    if !yes?("Are you logged in as the correct user?")
+      die!("Please log in as the correct user and re-run") 
+    end
 
-require 'rubygems'
-require 'readline'
-require 'thor'
-require File.join(File.dirname(__FILE__), "..", "lib", "gitauth")
+    if !GitAuth.has_git?
+      die!("'git' was not found in your path - please install it / add it to your path before continuing.")
+    end
 
+    ssh_folder = "~/.ssh"
+    if !folder?(ssh_folder)
+      folders ssh_folder
+      chmod 0700, ssh_folder
+    end
 
-class GitAuthRunner < Thor
-  
-  map "-h" => :help
-  map "--help" => :help
-  map "--usage" => :usage
-  
-  # Adding users, groups and repos
-  
-  desc "addrepo REPO-NAME [PATH-PART]", "Adds a new repository"
-  def addrepo(name, path = name)
-    GitAuth.setup!
-    if GitAuth::Repo.create(name, path)
-      $stdout.puts "Repo was successfully created"
+    authorized_keys = ssh_folder / "authorized_keys"
+    if !file?(authorized_keys)
+      file authorized_keys, "\n\n## GitAuth - DO NO EDIT BELOW THIS LINE ##\n"
+      chmod 0600, authorized_keys
+    end
+
+    gitauth_folder = "~/.gitauth/"
+    folders gitauth_folder
+
+    settings_file = gitauth_folder / "settings.yml"
+    if !file?(settings_file) || options[:force]
+      repo_path = ask("Where did you want repositories to be stored?", "~/repositories")
+      repo_path = File.expand_path(repo_path)
+      folders repo_path
+
+      default_shell_path = GitAuth::BASE_DIR.join("bin", "gitauth-shell").to_s
+      gitauth_shell_path = ""
+      gitauth_shell_set  = false
+      while gitauth_shell_path.blank? || !(file?(gitauth_shell_path) && executable?(gitauth_shell_path))
+        # A Give the user a message if the path doesn't exist.
+        if gitauth_shell_set
+          puts "The shell you provided, #{gitauth_shell_path}, isn't executable"
+        else
+          gitauth_shell_set = true
+        end
+        gitauth_shell_path = ask("What is the path to your gitauth-shell?", default_shell_path)
+        gitauth_shell_path = File.expand_path(gitauth_shell_path)
+      end
+
+      GitAuth::Settings.update!({
+        :base_path            => File.expand_path(repo_path),
+        :authorized_keys_file => File.expand_path(authorized_keys),
+        :shell_executable     => File.expand_path(gitauth_shell_path)
+      })
+    end
+
+    if options[:admin]
+      
+    end
+    
+  end
+
+  a.controller! :web_app, "Starts the gitauth frontend using the default sintra runner"
+  
+  a.option(:force, "Skip the verification / confirmation part of adding the permissions")
+  a.option(:type, "The type of permissions - one of all, read, write or none. Defaults to all")
+  full_desc = "Gives a specific user or group the specified permissions to a given repository - pass '-h' for more information"
+  a.add("permissions REPOSITORY USER-OR-GROUP", full_desc) do |repo, target, options|
+    permissions = options[:type] || 'all'
+    
+    if !%w(all read write none).include? permissions
+      die! "'#{permissions}' is not a valid permission type. It must be all, read, write or none"
+    end
+    
+    real_permissions = ({"all" => ["read", "write"], "none" => []}[permissions] || [permissions])
+    repository       = GitAuth::Repo.get(repo)
+    real_target      = GitAuth.get_user_or_group(target)
+    
+    die! "Unknown repository '#{repo}'"      if repository.blank?
+    die! "Unknown user or group '#{target}'" if real_target.blank?
+    
+    if options[:force] || yes?("Adding '#{permissions}' permissions for #{real_target} to #{repository.name}")
+      repository.update_permissions!(real_target, real_permissions)
+      puts "Permissions updated."
     else
-      $stderr.puts "There was an error creating the repo"
-      exit! 1
+      puts "Permissions not added, exiting."
     end
   end
   
-  desc "adduser NAME PATH-TO-PUBLIC-KEY [--admin]", "Adds a user"
-  method_options :admin => :boolean
-  def adduser(name, key_path)
-    GitAuth.setup!
-    admin = !!(options && options[:admin])
-    if GitAuth::User.create(name, admin, File.read(key_path).strip)
-      $stdout.puts "User added"
+  a.option(:admin, "Makes a user an admin user")
+  a.add("add-user NAME PATH-TO-PUBLIC-KEY", "Creates a user with a given public key") do |name, ssh_key, options|
+    GitAuth.prepare
+    die! "'#{ssh_key}' is not a valid path to a public key" if !File.file?(ssh_key)
+    admin = !!options[:admin]
+    contents = File.read(ssh_key).strip
+    if GitAuth::User.create(name, admin, contents)
+      puts "Successfully added user '#{name}' (user #{admin ? 'is' : 'is not'} an admin)"
     else
-      $stderr.puts "There was an error adding the given user"
-      exit! 
+      die! "There was an unknown error attempting to add a user called '#{name}'"
     end
   end
   
-  desc "addgroup NAME", "Adds a group with the specified name"
-  def addgroup(name)
-    GitAuth.setup!
-    if GitAuth::Group.create(name)
-      $stdout.puts "The group was added"
+  a.add("add-repo NAME [PATH=NAME]", "Creates a named repository, with an optional path on the file system") do |name, *args|
+    GitAuth.prepare
+    options = args.extract_options!
+    path = (args.shift || name)
+    if GitAuth::Repo.create(name, path)
+      puts "Successfully created repository '#{name}' located at '#{path}'"
     else
-      $stderr.puts "There was an error creating the aforementioned group"
-      exit! 1
+      die! "Unable to create repository '#{name}' in location '#{path}'"
     end
   end
   
-  # Misc. operations
-  
-  desc "permissions REPO USERORGROUP [PERMISION=all,read,write]", "Adds Permissions for a user or group to a repository"
-  def permissions(repo, user_or_group, permissions = "all")
-    GitAuth.setup!
-    unless %w(read write all).include?(permissions)
-      $stderr.puts "Invalid permissions: #{permissions}"
-      exit! 1
-    end
-    repo = GitAuth::Repo.get(repo)
-    uog  = GitAuth.get_user_or_group(user_or_group)
-    if repo.nil? || uog.nil?
-      $stderr.puts "Invalid repository or user, please check the name"
-      exit! 1
-    end
-    repo.writeable_by(uog) if %w(all write).include?(permissions)
-    repo.readable_by(uog)  if %w(all read).include?(permissions)
-    GitAuth::Repo.save!
-    $stdout.puts "Permissions Added"
+  a.add("add-group NAME", "Creates a group with a given name") do |name, options|
+    GitAuth.prepare
+    if GitAuth::Group.create(name)
+      puts "Successfully created group '#{name}'"
+    else
+      die! "Unable to create group '#{name}'"
+    end
   end
   
-  desc "install [ADMIN-PUBLIC-KEY]", "creates and sets the permissions for .ssh and .ssh/authorized keys"
-  method_options :force_config => :boolean
-  def install(public_key_path = nil)
-    $stdout.print "Are you logged in as the correct user? (y/n) "
-    answer = Readline.readline
-    if answer !~ /^y/i
-      $stderr.puts "Please log in as the correct user and re-run"
-      exit! 1
-    end
-    if !GitAuth.has_git?
-      $stderr.puts "'git' was not found in your path - please install it before continuing."
-      exit! 1
-    end
-    require 'fileutils'
-    folder = File.expand_path("~/.ssh")
-    if !File.exist?(folder) || !File.directory?(folder)
-      FileUtils.mkdir(folder)
-      FileUtils.chmod(0700, folder)
-    end
-    authorized_keys = File.join(folder, "authorized_keys")
-    if !File.exist?(authorized_keys)
-      File.open(authorized_keys, "w+") do |f|
-        f.puts "## GitAuth - DO NO EDIT BELOW THIS LINE ##"
-      end
-      FileUtils.chmod(0600, authorized_keys)
-    end
-    gitauth_folder = File.expand_path("~/.gitauth/")
-    FileUtils.mkdir(gitauth_folder) if !File.exist?(gitauth_folder) || !File.directory?(gitauth_folder)
-    gitauth_settings_path = File.join(gitauth_folder, "settings.yml")
-    unless File.exist?(gitauth_settings_path) || (options && options[:force_config])
-      print "Where did you want repositories to be stored? (default: ~/repositories/): "
-      path = Readline.readline.strip
-      path = File.expand_path("~/repositories") if path.empty?
-      begin
-        FileUtils.mkdir_p(path)
-      rescue
-        $stderr.puts "There was an error making the repository folder: #{path}"
-        $stderr.puts "Please check again"
-        exit! 1
-      end
-      current_gitauth_shell_path = File.join(GitAuth::BASE_DIR, "bin", "gitauth-shell")
-      $stdout.print "What is the path to your gitauth-shell (default: '#{current_gitauth_shell_path}'):  "
-      gitauth_shell_path = Readline.readline
-      gitauth_shell_path = current_gitauth_shell_path if gitauth_shell_path.empty?
-      File.open(gitauth_settings_path, "w+") do |f|
-        f.write({
-          "base_path"            => path,
-          "authorized_keys_file" => authorized_keys,
-          "shell_executable"     => gitauth_shell_path
-        }.to_yaml)
-      end
-      if !public_key_path.nil? && File.exist?(public_key_path)
-        GitAuth.setup!
-        created = GitAuth::User.create("admin", true, File.read(public_key_path).strip)
-        if created
-          $stdout.puts "Admin User Created."
-        else
-          $stderr.puts "An admin user couldn't be created."
-          exit! 1
-        end
-      end
+  a.add("ls-users", "Lists all users currently managed by gitauth") do |options|
+    GitAuth.prepare
+    puts "Users:"
+    (GitAuth::User.all || []).each do |user|
+      line = "- #{user}"
+      line << " (admin)" if user.admin?
+      puts line
     end
-  rescue Errno::EACCES
-      $stderr.puts "Hey, it looks you don't have access to that - sorry!"
-      exit! 1
   end
   
-  # Viewing Users etc
-  
-  desc "repos", "Lists all the current repos handled by gitauth"
-  def repos
-    GitAuth.setup!
-    $stdout.puts "Repositories:"
-    GitAuth::Repo.all.each do |repo|
+  a.add("ls-repos", "Lists all repositories currently managed by gitauth") do |options|
+    GitAuth.prepare
+    puts "Repositories:"
+    (GitAuth::Repo.all || []).each do |repo|
       line = " - #{repo.name}"
       line << " (#{repo.path})" if repo.path != repo.name
-      $stdout.puts line
+      puts line
     end
   end
   
-  desc "users", "Lists all users handled by gitauth"
-  def users
-    GitAuth.setup!
-    $stdout.puts "Users:"
-    GitAuth::User.all.each do |user|
-      line = "- #{user}"
-      line << " (admin)" if user.admin?
-      $stdout.puts line
+  a.add("ls-groups", "Lists all groups currently managed by gitauth") do |options|
+    GitAuth.prepare
+    puts "Groups:"
+    (GitAuth::Group.all || []).each do |group|
+      puts "- #{group} (#{group.members.empty? ? "no members" : group.members.join(", ")})"
     end
   end
   
-  desc "groups", "Lists all groups handled by gitauth"
-  def groups
-    GitAuth.setup!
-    $stdout.puts "Groups:"
-    GitAuth::Group.all.each do |group|
-      $stdout.puts "- #{group} - #{group.members.empty? ? "no members" : group.members.join(", ")}"
-    end
+  a.add("rm-user NAME", "Removes the specified user") do |name, options|
+    GitAuth.prepare
+    user = GitAuth::User.get(name)
+    die! "Unknown user '#{name}'" if user.blank?
+    user.destroy!
+    puts "Removed user '#{name}' - Please note you will manually need to remove this users line from authorized_keys"
   end
   
-  desc "webapp", "starts serving the GitAuth web-app on Port 8998"
-  def webapp
-    s = GitAuth.settings
-    if s.web_username.to_s.empty? || s.web_password_hash.to_s.empty?
-      $stdout.puts "To use the web interface you must first setup some credentials:"
-      $stdout.print "What username would you like to use? (default is 'gitauth'): "
-      username = Readline.readline.strip
-      username = "gitauth" if username.empty?
-      $stdout.print "What password would you like to use?: "
-      password = read_password
-      while password.empty?
-        $stdout.print "Please try again, What password would you like to use?: "
-        password = read_password
-      end
-      print "Please enter your password again: "
-      confirmation = read_password
-      while confirmation != password
-        print "Wrong password, please confirm again: "
-        confirmation = read_password
-      end
-      require 'digest/sha2'
-      settings = YAML.load_file(File.join(GitAuth::GITAUTH_DIR, "settings.yml"))
-      settings.merge!({
-        "web_username"      => username,
-        "web_password_hash" => Digest::SHA256.hexdigest(password)
-      })
-      File.open(File.join(GitAuth::GITAUTH_DIR, "settings.yml"), "w+") { |f| f.write settings.to_yaml }
-      puts "Username and Password saved."
-      GitAuth.reload_settings!
-    end
-    GitAuth.serve_web!
-  rescue Interrupt
-    exit! 1
+  a.add("rm-repo NAME", "Removes the specified repo") do |name, options|
+    GitAuth.prepare
+    repo = GitAuth::Repo.get(name)
+    die! "Unknown repo '#{name}'" if repo.blank?
+    repo.destroy!
+    puts "Removed repo '#{name}'"
   end
   
-  def usage
-    counter = 1
-    file = File.new("USAGE", "r")
-    while (line = file.gets)
-      puts line
-      counter = counter + 1
-    end
-    file.close
+  a.add("rm-group NAME", "Removes the specified group") do |name, options|
+    GitAuth.prepare
+    group = GitAuth::Group.get(name)
+    die! "Unknown group '#{name}'" if group.blank?
+    group.destroy!
+    puts "Removed group '#{name}'"
   end
   
-  protected
-  
-  def read_password
-    system "stty -echo" 
-    line = Readline.readline.strip
-    system "stty echo"
-    print "\n"
-    return line
+  a.add("usage", "Prints out the sample usage instructions") do |options|
+    File.open(GitAuth::BASE_DIR.join("USAGE")) do |f|
+      f.each_line { |line| puts line }
+    end
   end
   
-end
-
-if ARGV.empty?
-  GitAuthRunner.new.help
-else
-  GitAuthRunner.start
-end
+end

data/bin/gitauth-shell

@@ -2,7 +2,7 @@
 
 #--
 #   Copyright (C) 2009 Brown Beagle Software
-#   Copyright (C) 2008 Darcy Laycock <sutto@sutto.net>
+#   Copyright (C) 2009 Darcy Laycock <sutto@sutto.net>
 #
 #   This program is free software: you can redistribute it and/or modify
 #   it under the terms of the GNU Affero General Public License as published by
@@ -19,18 +19,11 @@
 #++
 
 
-REAL_FILE = File.symlink?(__FILE__) ? File.readlink(__FILE__) : __FILE__
+base = __FILE__
+# Get out of symlink-hell and then require the gitauth file.
+base = File.readlink(base) while File.symlink?(base)
+require File.expand_path(File.join(File.dirname(base), "..", "lib", "gitauth"))
 
-# Require the proper gitauth file.
-require File.expand_path(File.join(File.dirname(REAL_FILE), "..", "lib", "gitauth"))
-
-GitAuth.setup!
-
-# Gitorious does it so I should too!
-File.umask(0022)
-
-user_name = ARGV[0]
-command   = ENV["SSH_ORIGINAL_COMMAND"]
-
-GitAuth::Client.start!(user_name, command)
+# Start the cli client.
+GitAuth::Client.start!(ARGV[0], ENV["SSH_ORIGINAL_COMMAND"])
 

data/config.ru

@@ -0,0 +1,5 @@
+require File.join(File.dirname(__FILE__), "lib", "gitauth")
+require GitAuth::BASE_DIR.join("lib", "gitauth", "web_app")
+
+GitAuth::Settings.setup!
+run GitAuth::WebApp.new

data/gitauth.gemspec

@@ -0,0 +1,28 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{gitauth}
+  s.version = "0.0.4.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Darcy Laycock"]
+  s.date = %q{2009-09-06}
+  s.description = %q{A library to enable per user / group authentication on a read / write basis for git repositories running over ssh}
+  s.email = %q{sutto@sutto.net}
+  s.executables = ["gitauth", "gitauth-shell"]
+  s.files = ["LICENSE", "README.rdoc", "Rakefile", "USAGE", "bin", "bin/gitauth", "bin/gitauth-shell", "config.ru", "gitauth.gemspec", "lib", "lib/gitauth", "lib/gitauth.rb", "lib/gitauth/auth_setup_middleware.rb", "lib/gitauth/client.rb", "lib/gitauth/command.rb", "lib/gitauth/group.rb", "lib/gitauth/message.rb", "lib/gitauth/repo.rb", "lib/gitauth/saveable_class.rb", "lib/gitauth/settings.rb", "lib/gitauth/user.rb", "lib/gitauth/web_app.rb", "public", "public/gitauth.css", "public/gitauth.js", "public/jquery.js", "resources", "resources/messages.yml", "vendor", "views", "views/auth_setup.erb", "views/clone_repo.erb", "views/group.erb", "views/index.erb", "views/layout.erb", "views/repo.erb", "views/user.erb"]
+  s.homepage = %q{http://brownbeagle.com.au/}
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.2}
+  s.summary = %q{An authentication manager for Git repositories served over SSH}
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end

data/lib/gitauth/auth_setup_middleware.rb

@@ -0,0 +1,44 @@
+#--
+#   Copyright (C) 2009 Brown Beagle Software
+#   Copyright (C) 2009 Darcy Laycock <sutto@sutto.net>
+#
+#   This program is free software: you can redistribute it and/or modify
+#   it under the terms of the GNU Affero General Public License as published by
+#   the Free Software Foundation, either version 3 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU Affero General Public License for more details.
+#
+#   You should have received a copy of the GNU Affero General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#++
+
+module GitAuth
+  class AuthSetupMiddleware
+    
+    def initialize(app)
+      @app = app
+      @files = Rack::File.new(GitAuth::BASE_DIR.join("public").to_s)
+    end
+    
+    def call(env)
+      dup._call(env)
+    end
+    
+    def _call(env)
+      if GitAuth::WebApp.has_auth?
+        @app.call(env)
+      elsif env["PATH_INFO"].include?("/gitauth.css")
+        @files.call(env)
+      else
+        content = ERB.new(File.read(GitAuth::BASE_DIR.join("views", "auth_setup.erb"))).result
+        headers = {"Content-Type" => "text/html", "Content-Length" => Rack::Utils.bytesize(content).to_s}
+        [403, headers, [content]]
+      end
+    end
+    
+  end
+end

data/lib/gitauth/client.rb

@@ -1,9 +1,9 @@
 #--
 #   Copyright (C) 2009 Brown Beagle Software
+#   Copyright (C) 2009 Darcy Laycock <sutto@sutto.net>
 #   Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies)
 #   Copyright (C) 2007, 2008 Johan Sørensen <johan@johansorensen.com>
 #   Copyright (C) 2008 Tor Arne Vestbø <tavestbo@trolltech.com>
-#   Copyright (C) 2008 Darcy Laycock <sutto@sutto.net>
 #
 #   This program is free software: you can redistribute it and/or modify
 #   it under the terms of the GNU Affero General Public License as published by
@@ -25,14 +25,14 @@ module GitAuth
     attr_accessor :user, :command
     
     def initialize(user_name, command)
-      GitAuth.logger.debug "Initializing client with command: #{command.inspect} and user name #{user_name.inspect}"
+      GitAuth::Logger.debug "Initializing client with command: #{command.inspect} and user name #{user_name.inspect}"
       @callbacks = Hash.new { |h,k| h[k] = [] }
       @user      = GitAuth::User.get(user_name.to_s.strip)
       @command   = command
     end
     
     def exit_with_error(error)
-      GitAuth.logger.warn "Exiting with error: #{error}"
+      GitAuth::Logger.warn "Exiting with error: #{error}"
       $stderr.puts error
       exit! 1
     end
@@ -47,7 +47,7 @@ module GitAuth
           exit_with_error "SSH_ORIGINAL_COMMAND is needed, mmmkay?"
         end
       else
-        command   = Command.parse!(@command)
+        command   = Command.parse(@command)
         repo      = command.bad? ? nil : Repo.get(extract_repo_name(command))
         if command.bad?
           if user.shell_accessible?
@@ -59,21 +59,26 @@ module GitAuth
           exit_with_error "Ze repository you specified does not exist."
         elsif user.can_execute?(command, repo)
           git_shell_argument = "#{command.verb} '#{repo.real_path}'"
-          GitAuth.logger.info "Running command: #{git_shell_argument} for user: #{@user.name}"
+          GitAuth::Logger.info "Running command: #{git_shell_argument} for user: #{@user.name}"
           exec("git-shell", "-c", git_shell_argument)
         else
           exit_with_error "These are not the droids you are looking for"
         end
       end
     rescue Exception => e
-      GitAuth.logger.fatal "Exception: #{e.class.name}: #{e.message}"
+      GitAuth::Logger.fatal "Exception: #{e.class.name}: #{e.message}"
       e.backtrace.each do |l|
-        GitAuth.logger.fatal "  => #{l}"
+        GitAuth::Logger.fatal "  => #{l}"
       end
       exit_with_error "Holy crap, we've imploded cap'n!"
     end
     
     def self.start!(user, command)
+      # Gitorious does it so I should too!
+      File.umask(0022)
+      # Setup models etc
+      GitAuth.prepare
+      # Finally, create and initialize
       client = self.new(user, command)
       yield client if block_given?
       client.run!