46 path = path[:-1] |
46 path = path[:-1] |
47 if not ruleset.goodpath(path): |
47 if not ruleset.goodpath(path): |
48 fail("Disallowing path: %s" % path) |
48 fail("Disallowing path: %s" % path) |
49 return path |
49 return path |
50 |
50 |
51 def try_cmd(rules, cmd): |
51 def try_cmd(cmd): |
52 if cmd.startswith('hg -R ') and cmd.endswith(' serve --stdio'): |
52 if cmd.startswith('hg -R ') and cmd.endswith(' serve --stdio'): |
53 repo = getpath(cmd[6:-14]) |
53 repo = getpath(cmd[6:-14]) |
54 if rules.allow("read", repo=repo): |
54 ruleset.rules.set(repo=repo) |
55 os.environ["HG_REPO_PATH"] = repo |
55 if ruleset.rules.allow("read", branch=None, file=None): |
56 dispatch.dispatch(['-R', repo, 'serve', '--stdio']) |
56 dispatch.dispatch(['-R', repo, 'serve', '--stdio']) |
57 return |
57 return |
58 elif cmd.startswith('hg init '): |
58 elif cmd.startswith('hg init '): |
59 repo = getpath(cmd[8:]) |
59 repo = getpath(cmd[8:]) |
60 if rules.allow("init", repo=repo): |
60 ruleset.rules.set(repo=repo) |
61 os.environ["HG_REPO_PATH"] = repo |
61 if ruleset.rules.allow("init", branch=None, file=None): |
62 dispatch.dispatch(['init', repo]) |
62 dispatch.dispatch(['init', repo]) |
63 return |
63 return |
64 fail("Illegal command %r" % cmd) |
64 fail("Illegal command %r" % cmd) |
65 |
65 |
66 #logfile = open("/tmp/hg-ssh.%d.txt" % os.getpid(), "w") |
66 #logfile = open("/tmp/hg-ssh.%d.txt" % os.getpid(), "w") |
78 |
78 |
79 os.environ['HGRCPATH'] = paths.getEtcPath() + "/remote-hgrc" |
79 os.environ['HGRCPATH'] = paths.getEtcPath() + "/remote-hgrc" |
80 |
80 |
81 os.chdir('repos') |
81 os.chdir('repos') |
82 |
82 |
83 os.environ['HG_ACCESS_RULES_PATH'] = ( |
83 for f in [ |
84 paths.getEtcPath() + "/access.conf" + ":" + |
84 paths.getEtcPath() + "/access.conf", |
85 os.getcwd() + "/hgadmin/access.conf") |
85 os.getcwd() + "/hgadmin/access.conf"]: |
|
86 if os.path.isfile(f): |
|
87 ruleset.rules.readfile(f) |
86 |
88 |
87 rules = ruleset.rules_from_env() |
89 ruleset.rules.set(user = getpath(remote_user)) |
88 rules.set(user = getpath(remote_user)) |
90 try_cmd(os.environ.get('SSH_ORIGINAL_COMMAND', '?')) |
89 rules.set(branch = None, file = None) |
|
90 try_cmd(rules, os.environ.get('SSH_ORIGINAL_COMMAND', '?')) |
|