capistrano-secure-permissions 0.6.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1d4408c3155757896ba51bac6edb9c08b23dd90b
-  data.tar.gz: 1e39b876bb834e65bbabb086d5182efafa8f1481
+  metadata.gz: cbac181a509519550ba41104b5bd9678e2848ad3
+  data.tar.gz: ed692a574a547322498e190da68cf62bb734a254
 SHA512:
-  metadata.gz: 5787545d4d7c5da4943a15d2f83368502955524f0e15c76c4ada24931573cef885929a6465bd7b508bfb6b858a72ef6461f678436d987fdc7b46b1107fb6d6bc
-  data.tar.gz: 839d0feff3a2cb984fed75ad1a95e08cbfcdc15bdbdeadf4bbc041ac430270f35a365de66bb75cadce0a0baca8e468f466c964c189957d56df342dd38411071b
+  metadata.gz: 764d02da0db2fc71467fa571d6df3470ecfa29ac1f8fd0adc0636c8faa7f235b6708e9d7155934d6ec427e3544ab578954b43868e3ab7c30d9d3f078f1273fca
+  data.tar.gz: d37434ca705068d0663dc16b075ee8f0a4c183a51a4aa8258224bb2c66cdf974d40825ad151ce95d907be6425b15485d7585e5c09cb09b045e9c5730c0de6476

data/VERSION

@@ -1 +1 @@
-0.6.0
+1.0.0

data/capistrano-secure-permissions.gemspec

@@ -2,11 +2,11 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: capistrano-secure-permissions 0.6.0 ruby lib
+# stub: capistrano-secure-permissions 1.0.0 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "capistrano-secure-permissions"
-  s.version = "0.6.0"
+  s.version = "1.0.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib"]

data/lib/capistrano/tasks/secure-permissions.rake

@@ -1,7 +1,7 @@
 namespace :deploy do
   desc 'Secure app with file permissions'
   task :secure_permissions do
-    on roles(:all) do |server|
+    on roles(:app) do |server|
       web_user = fetch(:web_user)
       app_user = fetch(:app_user)
       deploy_user = server.user
@@ -20,7 +20,7 @@ end
 
 namespace :secure_permissions do
   task :validate do
-    on roles(:all) do
+    on roles(:app) do
       if fetch(:app_user).nil?
         error "secure_permissions: app_user is not set"
         exit 1
@@ -30,14 +30,16 @@ namespace :secure_permissions do
 
   desc 'Sets permissions on the public folder, only needs to be done once, not on every deploy. And there might be a lot of files, so it might take a while.'
   task :setup do
-    web_user = fetch(:web_user)
-    app_user = fetch(:app_user)
-    deploy_user = server.user
+    on roles(:app) do |server|
+      web_user = fetch(:web_user)
+      app_user = fetch(:app_user)
+      deploy_user = server.user
 
-    # Set permissions for files in public, readable by web_user and writable by app_user.
-    execute :find, '-L', "#{release_path}/public", '-user', deploy_user, '-not', '-type', 'l', '-print0', '|', 'xargs', '-0', '--no-run-if-empty', 'setfacl', '-m', "u:#{web_user}:rX,u:#{app_user}:rwX"
-    # Set defaults for directories in public (that is permissions for new files made by the app).
-    execute :find, "#{shared_path}/public", '-user', deploy_user, '-type', 'd', '-print0', '|', 'xargs', '-0', '--no-run-if-empty', 'setfacl', '-m', "d:u:#{web_user}:rX,d:u:#{app_user}:rwX"
+      # Set permissions for files in public, readable by web_user and writable by app_user.
+      execute :find, '-L', "#{release_path}/public", '-user', deploy_user, '-not', '-type', 'l', '-print0', '|', 'xargs', '-0', '--no-run-if-empty', 'setfacl', '-m', "u:#{web_user}:rX,u:#{app_user}:rwX"
+      # Set defaults for directories in public (that is permissions for new files made by the app).
+      execute :find, "#{shared_path}/public", '-user', deploy_user, '-type', 'd', '-print0', '|', 'xargs', '-0', '--no-run-if-empty', 'setfacl', '-m', "d:u:#{web_user}:rX,d:u:#{app_user}:rwX"
+    end
   end
 end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: capistrano-secure-permissions
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Rune Schjellerup Philosof