src/mercurialserver/access.py
author Paul Crowley <paul@lshift.net>
Mon, 18 Apr 2011 11:13:23 +0100
changeset 299 f41666a08b87
parent 242 03d8f07230b3
child 311 3cbde66305e4
permissions -rw-r--r--
Scan for all kinds of keys so we don't record one and get hung up on another

"""Mercurial access control hook"""

from mercurial.i18n import _
import mercurial.util
import mercurial.node

import os
from mercurialserver import ruleset
from mercurialserver import changes

def allow(ctx):
    branch = ctx.branch()
    if not ruleset.rules.allow("write", branch=branch, file=None):
        return False
    for f in ctx.files():
        if not ruleset.rules.allow("write", branch=branch, file=f):
            return False
    return True

def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
    if hooktype != 'pretxnchangegroup':
        raise mercurial.util.Abort(_('config error - hook type "%s" cannot stop '
                           'incoming changesets') % hooktype)
    for ctx in changes.changes(repo, node):
        if not allow(ctx):
            raise mercurial.util.Abort(_('%s: access denied for changeset %s') %
                (__name__, mercurial.node.short(ctx.node())))