src/mercurialserver/ruleset.py
author Paul Crowley <paul@lshift.net>
Thu, 17 Dec 2009 16:28:43 +0000
changeset 238 4747f2920666
parent 237 d30f3f312ece
child 242 03d8f07230b3
permissions -rw-r--r--
Use wildcard in rule to match instructions

# Copyright 2008-2009 LShift Ltd
# Author(s):
# Paul Crowley <paul@lshift.net>
#
# This software may be used and distributed according to the terms
# of the GNU General Public License, incorporated herein by reference.

import sys
import re
import os
import os.path

def globmatcher(pattern):
    p = "[^/]*".join(re.escape(c) for c in pattern.split("*"))
    # ** means "match recursively" ie "ignore directories"
    return re.compile(p.replace("[^/]*[^/]*", ".*") + "$")

# Returns True for a definite match
# False for a definite non-match
# None where we can't be sure because a key is None
def rule(pairs):
    matchers = [(k, globmatcher(v)) for k, v in pairs]
    def c(kw):
        for k, m in matchers:
            if k not in kw:
                return False
            kkw = kw[k]
            if kkw is None:
                return None
            if m.match(kkw) is None:
                return False
        return True
    return c

class Ruleset(object):
    '''Class representing the rules in a rule file'''
    
    levels = ["init", "write", "read", "deny"]

    def __init__(self):
        self.rules = []
        self.preset = {}

    def add(self, action, conditions):
        self.rules.append((action, conditions))

    def set(self, **kw):
        self.preset.update(kw)
        
    def get(self, k):
        return self.preset.get(k, None)
        
    def matchrules(self, kw):
        d = self.preset.copy()
        d.update(kw)
        res = set()
        for a, c in self.rules:
            m = c(d)
            if m is None:
                # "Maybe match" - add it and carry on
                res.add(a)
            elif m:
                # Definite match - add it and stop
                res.add(a)
                break
        return res

    def allow(self, level, **kw):
        for a in self.matchrules(kw):
            if a in self.levels:
                if self.levels.index(a) <= self.levels.index(level):
                    return True
        return False
    
    def readfile(self, fn):
        f = open(fn)
        try:
            for l in f:
                l = l.strip()
                if len(l) == 0 or l.startswith("#"):
                    continue
                l = l.split()
                self.add(l[0], rule([c.split("=", 1) for c in l[1:]]))
        finally:
            f.close()

rules = Ruleset()