author | Paul Crowley <paul@lshift.net> |
Tue, 22 Apr 2008 13:03:17 +0100 | |
changeset 23 | 9fa62cfd2821 |
parent 19 | 62ee928ac9b3 |
parent 22 | 578555227599 |
child 24 | 9f8e11ede780 |
permissions | -rw-r--r-- |
18
538d6b198f4a
Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents:
17
diff
changeset
|
1 |
# Copyright 2008 LShift Ltd |
17
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
2 |
# Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com> |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
3 |
# |
18
538d6b198f4a
Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents:
17
diff
changeset
|
4 |
# Authors: |
538d6b198f4a
Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents:
17
diff
changeset
|
5 |
# Paul Crowley <paul@lshift.net> |
538d6b198f4a
Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents:
17
diff
changeset
|
6 |
# Vadim Gelfer <vadim.gelfer@gmail.com> |
538d6b198f4a
Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents:
17
diff
changeset
|
7 |
# |
17
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
8 |
# This software may be used and distributed according to the terms |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
9 |
# of the GNU General Public License, incorporated herein by reference. |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
10 |
|
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
11 |
from mercurial.i18n import _ |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
12 |
from mercurial.node import * |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
13 |
from mercurial import util |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
14 |
|
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
15 |
import os |
19
62ee928ac9b3
fixes following actual testing
Paul Crowley <paul@lshift.net>
parents:
18
diff
changeset
|
16 |
import ruleset |
17
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
17 |
|
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
18 |
class Checker(object): |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
19 |
'''acl checker.''' |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
20 |
|
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
21 |
def __init__(self, ui, repo): |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
22 |
self.ui = ui |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
23 |
self.repo = repo |
19
62ee928ac9b3
fixes following actual testing
Paul Crowley <paul@lshift.net>
parents:
18
diff
changeset
|
24 |
self.rules = ruleset.Ruleset.readfile(os.environ['HG_ACCESS_RULES_FILE']) |
21
59540181a4bb
simplify by allowing some params to be preset in rules
Paul Crowley <paul@ciphergoth.org>
parents:
20
diff
changeset
|
25 |
self.rules.set(user = os.environ['REMOTE_USER']) |
59540181a4bb
simplify by allowing some params to be preset in rules
Paul Crowley <paul@ciphergoth.org>
parents:
20
diff
changeset
|
26 |
self.rules.set(repo = os.environ['HG_REPO_PATH']) |
17
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
27 |
|
20
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
28 |
def allow(self, node): |
17
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
29 |
'''return if access allowed, raise exception if not.''' |
20
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
30 |
ctx = self.repo.changectx(node) |
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
31 |
branch = ctx.branch() |
22
578555227599
branch is local not member
Paul Crowley <paul@ciphergoth.org>
parents:
21
diff
changeset
|
32 |
if not self.rules.allow("write", branch=branch, file=None): |
20
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
33 |
self.ui.debug(_('%s: user %s not allowed on branch %s\n') % |
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
34 |
(__name__, self.user, branch)) |
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
35 |
return False |
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
36 |
for f in ctx.files(): |
22
578555227599
branch is local not member
Paul Crowley <paul@ciphergoth.org>
parents:
21
diff
changeset
|
37 |
if not self.rules.allow("write", branch=branch, file=f): |
17
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
38 |
self.ui.debug(_('%s: user %s not allowed on %s\n') % |
20
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
39 |
(__name__, self.user, f)) |
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
40 |
return False |
17
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
41 |
self.ui.debug(_('%s: allowing changeset %s\n') % (__name__, short(node))) |
20
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
42 |
return True |
17
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
43 |
|
20
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
44 |
def check(self, node): |
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
45 |
if not allow(self, node): |
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
46 |
raise util.Abort(_('%s: access denied for changeset %s') % |
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
47 |
(__name__, short(node))) |
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
48 |
|
f4daa224dc7e
Add support for locking by branch, and document breaking in.
Paul Crowley <paul@ciphergoth.org>
parents:
18
diff
changeset
|
49 |
|
17
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
50 |
def hook(ui, repo, hooktype, node=None, source=None, **kwargs): |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
51 |
if hooktype != 'pretxnchangegroup': |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
52 |
raise util.Abort(_('config error - hook type "%s" cannot stop ' |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
53 |
'incoming changesets') % hooktype) |
18
538d6b198f4a
Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents:
17
diff
changeset
|
54 |
c = Checker(ui, repo) |
17
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
55 |
start = repo.changelog.rev(bin(node)) |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
56 |
end = repo.changelog.count() |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
57 |
for rev in xrange(start, end): |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
58 |
c.check(repo.changelog.node(rev)) |
4c98440de851
Started work on acl.py replacement - currently broken.
Paul Crowley <paul@ciphergoth.org>
parents:
diff
changeset
|
59 |