src/mercurialserver/access.py
branchdebian
changeset 248 107d28ce67f5
parent 242 03d8f07230b3
child 311 3cbde66305e4
equal deleted inserted replaced
240:97a8fe72a35e 248:107d28ce67f5
     1 # Copyright 2008-2009 LShift Ltd
     1 """Mercurial access control hook"""
     2 # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
       
     3 #
       
     4 # Authors:
       
     5 # Paul Crowley <paul@lshift.net>
       
     6 # Vadim Gelfer <vadim.gelfer@gmail.com>
       
     7 #
       
     8 # This software may be used and distributed according to the terms
       
     9 # of the GNU General Public License, incorporated herein by reference.
       
    10 
     2 
    11 from mercurial.i18n import _
     3 from mercurial.i18n import _
    12 import mercurial.util
     4 import mercurial.util
    13 import mercurial.node
     5 import mercurial.node
    14 
     6 
    15 import os
     7 import os
    16 from mercurialserver import ruleset
     8 from mercurialserver import ruleset
    17 from mercurialserver import changes
     9 from mercurialserver import changes
    18 
    10 
    19 class Checker(object):
    11 def allow(ctx):
    20     '''acl checker.'''
    12     branch = ctx.branch()
    21 
    13     if not ruleset.rules.allow("write", branch=branch, file=None):
    22     def __init__(self, ui, repo):
    14         return False
    23         self.ui = ui
    15     for f in ctx.files():
    24         self.repo = repo
    16         if not ruleset.rules.allow("write", branch=branch, file=f):
    25         
       
    26     def allow(self, ctx):
       
    27         branch = ctx.branch()
       
    28         if not ruleset.rules.allow("write", branch=branch, file=None):
       
    29             return False
    17             return False
    30         for f in ctx.files():
    18     return True
    31             if not ruleset.rules.allow("write", branch=branch, file=f):
       
    32                 return False
       
    33         return True
       
    34 
       
    35     def check(self, ctx):
       
    36         '''return if access allowed, raise exception if not.'''
       
    37         if not self.allow(ctx):
       
    38             raise mercurial.util.Abort(_('%s: access denied for changeset %s') %
       
    39                 (__name__, mercurial.node.short(ctx.node())))
       
    40 
    19 
    41 def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
    20 def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
    42     if hooktype != 'pretxnchangegroup':
    21     if hooktype != 'pretxnchangegroup':
    43         raise mercurial.util.Abort(_('config error - hook type "%s" cannot stop '
    22         raise mercurial.util.Abort(_('config error - hook type "%s" cannot stop '
    44                            'incoming changesets') % hooktype)
    23                            'incoming changesets') % hooktype)
    45     c = Checker(ui, repo)
       
    46     for ctx in changes.changes(repo, node):
    24     for ctx in changes.changes(repo, node):
    47         c.check(ctx)
    25         if not allow(ctx):
       
    26             raise mercurial.util.Abort(_('%s: access denied for changeset %s') %
       
    27                 (__name__, mercurial.node.short(ctx.node())))
       
    28