/usr/share/doc/monotone/html/Trust-Evaluation-Hooks.html

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<!-- Created by GNU Texinfo 6.1, http://www.gnu.org/software/texinfo/ -->
<head>
<title>monotone documentation: Trust Evaluation Hooks</title>

<meta name="description" content="monotone documentation: Trust Evaluation Hooks">
<meta name="keywords" content="monotone documentation: Trust Evaluation Hooks">
<meta name="resource-type" content="document">
<meta name="distribution" content="global">
<meta name="Generator" content="makeinfo">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link href="index.html#Top" rel="start" title="Top">
<link href="General-Index.html#General-Index" rel="index" title="General Index">
<link href="index.html#SEC_Contents" rel="contents" title="Table of Contents">
<link href="Hooks.html#Hooks" rel="up" title="Hooks">
<link href="External-Diff-Tools.html#External-Diff-Tools" rel="next" title="External Diff Tools">
<link href="Netsync-Transport-Hooks.html#Netsync-Transport-Hooks" rel="prev" title="Netsync Transport Hooks">
<style type="text/css">
<!--
a.summary-letter {text-decoration: none}
blockquote.indentedblock {margin-right: 0em}
blockquote.smallindentedblock {margin-right: 0em; font-size: smaller}
blockquote.smallquotation {font-size: smaller}
div.display {margin-left: 3.2em}
div.example {margin-left: 3.2em}
div.lisp {margin-left: 3.2em}
div.smalldisplay {margin-left: 3.2em}
div.smallexample {margin-left: 3.2em}
div.smalllisp {margin-left: 3.2em}
kbd {font-style: oblique}
pre.display {font-family: inherit}
pre.format {font-family: inherit}
pre.menu-comment {font-family: serif}
pre.menu-preformatted {font-family: serif}
pre.smalldisplay {font-family: inherit; font-size: smaller}
pre.smallexample {font-size: smaller}
pre.smallformat {font-family: inherit; font-size: smaller}
pre.smalllisp {font-size: smaller}
span.nolinebreak {white-space: nowrap}
span.roman {font-family: initial; font-weight: normal}
span.sansserif {font-family: sans-serif; font-weight: normal}
ul.no-bullet {list-style: none}
-->
</style>
<link rel="stylesheet" type="text/css" href="texinfo.css">


</head>

<body lang="en">
<a name="Trust-Evaluation-Hooks"></a>
<div class="header">
<p>
Next: <a href="External-Diff-Tools.html#External-Diff-Tools" accesskey="n" rel="next">External Diff Tools</a>, Previous: <a href="Netsync-Transport-Hooks.html#Netsync-Transport-Hooks" accesskey="p" rel="prev">Netsync Transport Hooks</a>, Up: <a href="Hooks.html#Hooks" accesskey="u" rel="up">Hooks</a> &nbsp; [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="General-Index.html#General-Index" title="Index" rel="index">Index</a>]</p>
</div>
<hr>
<a name="Trust-Evaluation-Hooks-1"></a>
<h4 class="subsection">6.1.6 Trust Evaluation Hooks</h4>

<p>Monotone makes heavy use of certs to provide descriptive information
about revisions. In many projects, not all developers should have the
same privileges, or be trusted for the same purposes (indeed, some
signers might be automated robots, with very specific purposes).
</p>
<p>These hooks allow the user to configure which signers will be trusted to
make which kinds of assertions using certs. Monotone uses these certs when
selecting available revisions for commands such as <code>update</code>.
</p>
<p>Each user, or even each workspace, can have their own implementation
of these hooks, and thus a different filtered view of valid revisions,
according to their own preferences and purposes.
</p>
<p>See <a href="Quality-Assurance.html#Quality-Assurance">Quality Assurance</a>.
</p>
<dl compact="compact">
<dd><a name="get_005frevision_005fcert_005ftrust"></a></dd>
<dt><code>get_revision_cert_trust (<var>signers</var>, <var>id</var>, <var>name</var>, <var>val</var>)</code>
<a name="index-get_005frevision_005fcert_005ftrust-_0028signers_002c-id_002c-name_002c-val_0029"></a>
</dt>
<dd>
<p>Returns <code>true</code> if you <em>trust</em> the assertion
<var>name</var>=<var>value</var> on a given revision <var>id</var>, given a valid
signature from all the keys in <var>signers</var>; <code>false</code>
otherwise. <var>signers</var> is a table containing a
<code><a href="Common-Data-Types.html#key_005fidentity">key_identity</a></code> for all signatures on this cert, the other
three parameters are strings.
</p>
<p>The default definition of this hook returns <code>true</code>.
</p>
<p>The default definition corresponds to a form of trust where every key
which is defined in your database is trusted. This is a <em>weak</em>
trust setting. A possible example of a stronger trust function (along
with a utility function for computing the intersection of tables) is
the following:
</p>
<div class="smallexample">
<pre class="smallexample">function intersection(a,b)
   local s={}
   local t={}
   for k,v in pairs(a) do s[v.name] = 1 end
   for k,v in pairs(b) do if s[v] ~= nil then table.insert(t,v) end end
   return t
end

function get_revision_cert_trust(signers, id, name, val)
   local trusted_signers = { &quot;bob@happyplace.example.com&quot;,
                             &quot;friend@trustedplace.example.com&quot;,
                             &quot;myself@home.example.com&quot; }
   local t = intersection(signers, trusted_signers)

   if t == nil then return false end

   if    (name ~= &quot;branch&quot; and table.getn(t) &gt;= 1)
      or (name == &quot;branch&quot; and table.getn(t) &gt;= 2)
   then
      return true
   else
      return false
   end
end
</pre></div>

<p>In this example, any revision certificate is trusted if it is signed
by at least one of three &ldquo;trusted&rdquo; keys, unless it is an
<code>branch</code> certificate, in which case it must be signed by
<em>two</em> or more trusted keys. This is one way of requiring that
the revision has been approved by an extra &ldquo;reviewer&rdquo; who used the
<code>approve</code> command.
</p>
<a name="accept_005ftestresult_005fchange"></a></dd>
<dt><code>accept_testresult_change (<var>old_results</var>, <var>new_results</var>)</code>
<a name="index-accept_005ftestresult_005fchange-_0028old_005fresults_002c-new_005fresults_0029"></a>
</dt>
<dd><p>Called by <code><a href="Workspace.html#mtn-update">mtn update</a></code>.
</p>
<p>This hook is used by the update algorithm to determine whether a
change in test results between update source and update target is
acceptable. The hook is called with two tables, each of which maps a
signing key hash (as 20 raw bytes) &ndash; representing a particular testsuite &ndash; to a boolean
value indicating whether or not the test run was successful (calculated
from the <code>testresult</code> cert). The
function should return <code>true</code> if you consider an update from the
version carrying the <var>old_results</var> to the version carrying the
<var>new_results</var> to be acceptable.
</p>
<p>The default definition of this hook returns <code>true</code> if
<samp>_MTN/wanted-testresults</samp> does not exist. Otherwise, the file
should contain a list of signing key hex-encoded hashes in lowercase (40 characters).
The hook returns <code>false</code>
if a listed signing key hash is present in both <var>old_results</var> and
<var>new_results</var>, with the value <code>true</code> in <var>old_results</var>
and <code>false</code> in <var>new_results</var>; otherwise it returns <code>true</code>.
</p>
</dd>
</dl>

<hr>
<div class="header">
<p>
Next: <a href="External-Diff-Tools.html#External-Diff-Tools" accesskey="n" rel="next">External Diff Tools</a>, Previous: <a href="Netsync-Transport-Hooks.html#Netsync-Transport-Hooks" accesskey="p" rel="prev">Netsync Transport Hooks</a>, Up: <a href="Hooks.html#Hooks" accesskey="u" rel="up">Hooks</a> &nbsp; [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="General-Index.html#General-Index" title="Index" rel="index">Index</a>]</p>
</div>



</body>
</html>
monotone-doc 1.1-9 / usr / share / doc / monotone / html / Trust-Evaluation-Hooks.html
