Patchwork hgweb: refactor checks for granting and revoking user permissions

login
register
mail settings
Submitter Wagner Bruna
Date April 15, 2013, 10:15 p.m.
Message ID <a1959edc4c404c14adb5.1366064149@mwagner.paulista.local>
Download mbox | patch
Permalink /patch/1329/
State Accepted
Commit 7d31f2e42a8afb54c8fae87e8e3e29a63578aea4
Headers show

Comments

Wagner Bruna - April 15, 2013, 10:15 p.m.
# HG changeset patch
# User Wagner Bruna <wbruna@softwareexpress.com.br>
# Date 1366063024 10800
# Node ID a1959edc4c404c14adb500a9f38d74bf7d48f7db
# Parent  8086b530e2ac23f60ee01e6fa274aec1bb32d988
hgweb: refactor checks for granting and revoking user permissions

Provides an entry point for extensions implementing more complex
authorization schemes.

Original patch proposed by Markus Zapke-Gründemann.
Dave S - April 17, 2013, 5:35 p.m.
[Resend to include the list]

On Tue, Apr 16, 2013 at 10:30 AM, Dave S <snidely.too@gmail.com> wrote:

> On Mon, Apr 15, 2013 at 3:15 PM, Wagner Bruna <
> wagner.bruna+mercurial@gmail.com> wrote:
>
>> # HG changeset patch
>> # User Wagner Bruna <wbruna@softwareexpress.com.br>
>> # Date 1366063024 10800
>> # Node ID a1959edc4c404c14adb500a9f38d74bf7d48f7db
>> # Parent  8086b530e2ac23f60ee01e6fa274aec1bb32d988
>> hgweb: refactor checks for granting and revoking user permissions
>>
>> Provides an entry point for extensions implementing more complex
>> authorization schemes.
>>
>> Original patch proposed by Markus Zapke-Gründemann.
>>
>>
> I don't have a comment on the patch (it looks good to my untrained eye,
> though), I just wanted to point out that Bryan may need to manually
> supersede Markus' post on the Patchworks server.
>
> As an aside to Bryan:  the collector for the PWS only runs once a day?
>
> /dps
>
> --
> test signature -- please apply at front gate on Tuesdays only.
>
>
>
Matt Mackall - April 17, 2013, 8:32 p.m.
On Mon, 2013-04-15 at 19:15 -0300, Wagner Bruna wrote:
> # HG changeset patch
> # User Wagner Bruna <wbruna@softwareexpress.com.br>
> # Date 1366063024 10800
> # Node ID a1959edc4c404c14adb500a9f38d74bf7d48f7db
> # Parent  8086b530e2ac23f60ee01e6fa274aec1bb32d988
> hgweb: refactor checks for granting and revoking user permissions
>
> Provides an entry point for extensions implementing more complex
> authorization schemes.
> 
> Original patch proposed by Markus Zapke-Gründemann.

Queued for default, thanks.

Patch

diff --git a/mercurial/hgweb/common.py b/mercurial/hgweb/common.py
--- a/mercurial/hgweb/common.py
+++ b/mercurial/hgweb/common.py
@@ -18,6 +18,15 @@  HTTP_METHOD_NOT_ALLOWED = 405
 HTTP_SERVER_ERROR = 500
 
 
+def ismember(ui, username, userlist):
+    """Check if username is a member of userlist.
+
+    If userlist has a single '*' member, all users are considered members.
+    Can be overriden by extensions to provide more complex authorization
+    schemes.
+    """
+    return userlist == ['*'] or username in userlist
+
 def checkauthz(hgweb, req, op):
     '''Check permission for operation based on request data (including
     authentication info). Return if op allowed, else raise an ErrorResponse
@@ -26,12 +35,11 @@  def checkauthz(hgweb, req, op):
     user = req.env.get('REMOTE_USER')
 
     deny_read = hgweb.configlist('web', 'deny_read')
-    if deny_read and (not user or deny_read == ['*'] or user in deny_read):
+    if deny_read and (not user or ismember(hgweb.repo.ui, user, deny_read)):
         raise ErrorResponse(HTTP_UNAUTHORIZED, 'read not authorized')
 
     allow_read = hgweb.configlist('web', 'allow_read')
-    result = (not allow_read) or (allow_read == ['*'])
-    if not (result or user in allow_read):
+    if allow_read and (not ismember(hgweb.repo.ui, user, allow_read)):
         raise ErrorResponse(HTTP_UNAUTHORIZED, 'read not authorized')
 
     if op == 'pull' and not hgweb.allowpull:
@@ -51,12 +59,11 @@  def checkauthz(hgweb, req, op):
         raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required')
 
     deny = hgweb.configlist('web', 'deny_push')
-    if deny and (not user or deny == ['*'] or user in deny):
+    if deny and (not user or ismember(hgweb.repo.ui, user, deny)):
         raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized')
 
     allow = hgweb.configlist('web', 'allow_push')
-    result = allow and (allow == ['*'] or user in allow)
-    if not result:
+    if not (allow and ismember(hgweb.repo.ui, user, allow)):
         raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized')
 
 # Hooks for hgweb permission checks; extensions can add hooks here.
diff --git a/mercurial/hgweb/hgwebdir_mod.py b/mercurial/hgweb/hgwebdir_mod.py
--- a/mercurial/hgweb/hgwebdir_mod.py
+++ b/mercurial/hgweb/hgwebdir_mod.py
@@ -10,7 +10,7 @@  import os, re, time
 from mercurial.i18n import _
 from mercurial import ui, hg, scmutil, util, templater
 from mercurial import error, encoding
-from common import ErrorResponse, get_mtime, staticfile, paritygen, \
+from common import ErrorResponse, get_mtime, staticfile, paritygen, ismember, \
                    get_contact, HTTP_OK, HTTP_NOT_FOUND, HTTP_SERVER_ERROR
 from hgweb_mod import hgweb, makebreadcrumb
 from request import wsgirequest
@@ -164,12 +164,12 @@  class hgwebdir(object):
         user = req.env.get('REMOTE_USER')
 
         deny_read = ui.configlist('web', 'deny_read', untrusted=True)
-        if deny_read and (not user or deny_read == ['*'] or user in deny_read):
+        if deny_read and (not user or ismember(ui, user, deny_read)):
             return False
 
         allow_read = ui.configlist('web', 'allow_read', untrusted=True)
         # by default, allow reading if no allow_read option has been set
-        if (not allow_read) or (allow_read == ['*']) or (user in allow_read):
+        if (not allow_read) or ismember(ui, user, allow_read):
             return True
 
         return False