From 8a71c2e0eb6d7628ef10e9000ce00001f09f9340 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Scott=20Gonz=C3=A1lez?= <scott.gonzalez@gmail.com>
Date: Thu, 13 Mar 2014 20:06:21 -0400
Subject: [PATCH] NPM: Verify credential upfront

Fixes gh-27
---
 lib/npm.js | 39 +++++++++++++++++++++++++++++++++++++++
 release.js |  1 +
 2 files changed, 40 insertions(+)

diff --git a/lib/npm.js b/lib/npm.js
index 31ffd95..1739b49 100644
--- a/lib/npm.js
+++ b/lib/npm.js
@@ -1,5 +1,44 @@
 module.exports = function( Release ) {
 	Release.define({
+		_getNpmUser: function() {
+			var user = Release.exec( "npm whoami", { silent: true } );
+
+			if ( user.code !== 0 ) {
+				Release.abort( "Error getting npm user." );
+			}
+
+			if ( /^Not authed/.test( user.output ) ) {
+				Release.abort( "You are not registered with npm." );
+			}
+
+			return user.output.trim();
+		},
+
+		_getNpmOwners: function() {
+			var owners = Release.exec( "npm owner ls " + Release.project, { silent: true } );
+
+			if ( owners.code !== 0 ) {
+				Release.abort( "Error getting npm owners." );
+			}
+
+			return owners.output.trim().split( "\n" ).map(function( owner ) {
+				return owner.split( " " )[ 0 ];
+			});
+		},
+
+		_checkNpmCredentials: function() {
+			if ( !Release.npmPublish ) {
+				return;
+			}
+
+			var user = Release._getNpmUser(),
+				owners = Release._getNpmOwners();
+
+			if ( owners.indexOf( user ) === -1 ) {
+				Release.abort( user + " is not an owner of " + Release.project + " on npm." );
+			}
+		},
+
 		_publishNpm: function() {
 			if ( !Release.npmPublish ) {
 				return;
diff --git a/release.js b/release.js
index 3cc587a..28a2bc5 100644
--- a/release.js
+++ b/release.js
@@ -23,6 +23,7 @@ commonTasks = [
 	Release._parseArguments,
 	Release.confirm,
 
+	Release._checkNpmCredentials,
 	Release._createReleaseDirectory,
 
 	Release._section( "setting up repo" ),