Mercurial Mercurial > hg > mercurial-server / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
access.py
changeset 23 9fa62cfd2821
parent 19 62ee928ac9b3
parent 22 578555227599
child 24 9f8e11ede780
equal deleted inserted replaced
19:62ee928ac9b3 23:9fa62cfd2821 
    19     '''acl checker.'''
 
    19     '''acl checker.'''
 
    20 
    20 
    21     def __init__(self, ui, repo):
 
    21     def __init__(self, ui, repo):
 
    22         self.ui = ui
 
    22         self.ui = ui
 
    23         self.repo = repo
 
    23         self.repo = repo
 
    24         self.repo_path = os.environ['HG_REPO_PATH']
 
       
    25         self.user = os.environ['REMOTE_USER']
 
       
    26         self.rules = ruleset.Ruleset.readfile(os.environ['HG_ACCESS_RULES_FILE'])
 
    24         self.rules = ruleset.Ruleset.readfile(os.environ['HG_ACCESS_RULES_FILE'])
 
       
    25         self.rules.set(user = os.environ['REMOTE_USER'])
 
       
    26         self.rules.set(repo = os.environ['HG_REPO_PATH'])
 
       
    27 
       
    28     def allow(self, node):
 
       
    29         '''return if access allowed, raise exception if not.'''
 
       
    30         ctx = self.repo.changectx(node)
 
       
    31         branch = ctx.branch()
 
       
    32         if not self.rules.allow("write", branch=branch, file=None):
 
       
    33             self.ui.debug(_('%s: user %s not allowed on branch %s\n') %
 
       
    34                 (__name__, self.user, branch))
 
       
    35             return False
 
       
    36         for f in ctx.files():
 
       
    37             if not self.rules.allow("write", branch=branch, file=f):
 
       
    38                 self.ui.debug(_('%s: user %s not allowed on %s\n') %
 
       
    39                               (__name__, self.user, f))
 
       
    40                 return False
 
       
    41         self.ui.debug(_('%s: allowing changeset %s\n') % (__name__, short(node)))
 
       
    42         return True
 
    27 
    43 
    28     def check(self, node):
 
    44     def check(self, node):
 
    29         '''return if access allowed, raise exception if not.'''
 
    45         if not allow(self, node):
 
    30         files = self.repo.changectx(node).files()
 
    46             raise util.Abort(_('%s: access denied for changeset %s') %
 
    31         for f in files:
 
    47                 (__name__, short(node)))
 
    32             if not self.rules.allow("write", user=self.user, repo=self.repo_path, file=f):
 
       
    33                 self.ui.debug(_('%s: user %s not allowed on %s\n') %
 
       
    34                               (__name__, self.getuser(), f))
 
       
    35                 raise util.Abort(_('%s: access denied for changeset %s') %
 
       
    36                                  (__name__, short(node)))
 
       
    37         self.ui.debug(_('%s: allowing changeset %s\n') % (__name__, short(node)))
 
       
    38 
    48 
       
    49         
    39 def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
 
    50 def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
 
    40     if hooktype != 'pretxnchangegroup':
 
    51     if hooktype != 'pretxnchangegroup':
 
    41         raise util.Abort(_('config error - hook type "%s" cannot stop '
 
    52         raise util.Abort(_('config error - hook type "%s" cannot stop '
 
    42                            'incoming changesets') % hooktype)
 
    53                            'incoming changesets') % hooktype)
 
    43     c = Checker(ui, repo)
 
    54     c = Checker(ui, repo)
mercurial-server