src/mercurialserver/access.py
author Paul Crowley <paul@lshift.net>
Mon, 12 Sep 2011 21:27:30 +0100
changeset 342 34ae6564ec0f
parent 311 3cbde66305e4
child 372 80f78674c56e
permissions -rw-r--r--
Cherry-pick watch file changeset 83de2f945bbe

"""Mercurial access control hook"""

from mercurial.i18n import _
import mercurial.util
import mercurial.node

import os
from mercurialserver import ruleset
from mercurialserver import changes

def allow(ctx):
    branch = ctx.branch()
    if not ruleset.rules.allow("write", branch=branch, file=None):
        return False
    for f in ctx.files():
        if not ruleset.rules.allow("write", branch=branch, file=f):
            return False
    return True

def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
    if hooktype != 'pretxnchangegroup':
        raise mercurial.util.Abort(_('config error - hook type "%s" cannot stop '
                           'incoming changesets') % hooktype)
    for ctx in changes.changes(repo, node):
        if not allow(ctx):
            raise mercurial.util.Abort(_('%s: access denied for changeset %s') %
                (__name__, mercurial.node.short(ctx.node())))