mercurial-server: comparison access.py

equal deleted inserted replaced

-:538d6b198f4a
+:f4daa224dc7e
 self.repo = repo
 self.repo_path = os.environ['HG_REPO_PATH']
 self.user = os.environ['REMOTE_USER']
 self.rules = rules.Ruleset.readfile(os.environ['HG_ACCESS_RULES_FILE'])
+def allow(self, node):
+'''return if access allowed, raise exception if not.'''
+ctx = self.repo.changectx(node)
+branch = ctx.branch()
+if not self.rules.allow("write", user=self.user, repo=self.repo_path, branch=self.branch, file=None):
+self.ui.debug(_('%s: user %s not allowed on branch %s\n') %
+(__name__, self.user, branch))
+return False
+for f in ctx.files():
+if not self.rules.allow("write", user=self.user, repo=self.repo_path, branch=self.branch, file=f):
+self.ui.debug(_('%s: user %s not allowed on %s\n') %
+(__name__, self.user, f))
+return False
+self.ui.debug(_('%s: allowing changeset %s\n') % (__name__, short(node)))
+return True
 def check(self, node):
-'''return if access allowed, raise exception if not.'''
+if not allow(self, node):
-files = self.repo.changectx(node).files()
+raise util.Abort(_('%s: access denied for changeset %s') %
-for f in files:
+(__name__, short(node)))
-if not self.rules.allow("write", user=self.user, repo=self.repo_path, file=f):
-self.ui.debug(_('%s: user %s not allowed on %s\n') %
-(__name__, self.getuser(), f))
-raise util.Abort(_('%s: access denied for changeset %s') %
-(__name__, short(node)))
-self.ui.debug(_('%s: allowing changeset %s\n') % (__name__, short(node)))
 def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
 if hooktype != 'pretxnchangegroup':
 raise util.Abort(_('config error - hook type "%s" cannot stop '
 'incoming changesets') % hooktype)
 c = Checker(ui, repo)

changeset 20	f4daa224dc7e
parent 18	538d6b198f4a
child 21	59540181a4bb