Mercurial > public > mercurial-scm > hg-stable
annotate tests/test-trusted.py @ 3551:3b07e223534b
Only read .hg/hgrc files from trusted users/groups
The list of trusted users and groups is specified in the [trusted]
section of a hgrc; the current user is always trusted; "*" can be
used to trust all users/groups.
Global hgrc files are always read.
On Windows (and other systems that don't have the pwd and grp modules),
all .hg/hgrc files are read.
This is essentially the same patch that was previously applied as
revision 494521a3f142.
| author | Alexis S. L. Carvalho <alexis@cecm.usp.br> |
|---|---|
| date | Thu, 26 Oct 2006 19:25:44 +0200 |
| parents | |
| children | 9b52239dc740 |
| rev | line source |
|---|---|
|
3551
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
1 #!/usr/bin/env python |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
2 # Since it's not easy to write a test that portably deals |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
3 # with files from different users/groups, we cheat a bit by |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
4 # monkey-patching some functions in the util module |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
5 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
6 import os |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
7 from mercurial import ui, util |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
8 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
9 hgrc = os.environ['HGRCPATH'] |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
10 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
11 def testui(user='foo', group='bar', tusers=(), tgroups=(), |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
12 cuser='foo', cgroup='bar', debug=False): |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
13 # user, group => owners of the file |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
14 # tusers, tgroups => trusted users/groups |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
15 # cuser, cgroup => user/group of the current process |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
16 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
17 # write a global hgrc with the list of trusted users/groups and |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
18 # some setting so that we can be sure it was read |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
19 f = open(hgrc, 'w') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
20 f.write('[paths]\n') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
21 f.write('global = /some/path\n\n') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
22 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
23 if tusers or tgroups: |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
24 f.write('[trusted]\n') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
25 if tusers: |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
26 f.write('users = %s\n' % ', '.join(tusers)) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
27 if tgroups: |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
28 f.write('groups = %s\n' % ', '.join(tgroups)) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
29 f.close() |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
30 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
31 # override the functions that give names to uids and gids |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
32 def username(uid=None): |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
33 if uid is None: |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
34 return cuser |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
35 return user |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
36 util.username = username |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
37 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
38 def groupname(gid=None): |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
39 if gid is None: |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
40 return 'bar' |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
41 return group |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
42 util.groupname = groupname |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
43 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
44 # try to read everything |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
45 #print '# File belongs to user %s, group %s' % (user, group) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
46 #print '# trusted users = %s; trusted groups = %s' % (tusers, tgroups) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
47 kind = ('different', 'same') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
48 who = ('', 'user', 'group', 'user and the group') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
49 trusted = who[(user in tusers) + 2*(group in tgroups)] |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
50 if trusted: |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
51 trusted = ', but we trust the ' + trusted |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
52 print '# %s user, %s group%s' % (kind[user == cuser], kind[group == cgroup], |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
53 trusted) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
54 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
55 parentui = ui.ui() |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
56 parentui.updateopts(debug=debug) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
57 u = ui.ui(parentui=parentui) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
58 u.readconfig('.hg/hgrc') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
59 for name, path in u.configitems('paths'): |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
60 print ' ', name, '=', path |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
61 print |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
62 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
63 return u |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
64 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
65 os.mkdir('repo') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
66 os.chdir('repo') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
67 os.mkdir('.hg') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
68 f = open('.hg/hgrc', 'w') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
69 f.write('[paths]\n') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
70 f.write('local = /another/path\n\n') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
71 f.close() |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
72 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
73 #print '# Everything is run by user foo, group bar\n' |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
74 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
75 # same user, same group |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
76 testui() |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
77 # same user, different group |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
78 testui(group='def') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
79 # different user, same group |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
80 testui(user='abc') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
81 # ... but we trust the group |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
82 testui(user='abc', tgroups=['bar']) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
83 # different user, different group |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
84 testui(user='abc', group='def') |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
85 # ... but we trust the user |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
86 testui(user='abc', group='def', tusers=['abc']) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
87 # ... but we trust the group |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
88 testui(user='abc', group='def', tgroups=['def']) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
89 # ... but we trust the user and the group |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
90 testui(user='abc', group='def', tusers=['abc'], tgroups=['def']) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
91 # ... but we trust all users |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
92 print '# we trust all users' |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
93 testui(user='abc', group='def', tusers=['*']) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
94 # ... but we trust all groups |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
95 print '# we trust all groups' |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
96 testui(user='abc', group='def', tgroups=['*']) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
97 # ... but we trust the whole universe |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
98 print '# we trust all users and groups' |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
99 testui(user='abc', group='def', tusers=['*'], tgroups=['*']) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
100 # ... check that users and groups are in different namespaces |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
101 print "# we don't get confused by users and groups with the same name" |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
102 testui(user='abc', group='def', tusers=['def'], tgroups=['abc']) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
103 # ... lists of user names work |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
104 print "# list of user names" |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
105 testui(user='abc', group='def', tusers=['foo', 'xyz', 'abc', 'bleh'], |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
106 tgroups=['bar', 'baz', 'qux']) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
107 # ... lists of group names work |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
108 print "# list of group names" |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
109 testui(user='abc', group='def', tusers=['foo', 'xyz', 'bleh'], |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
110 tgroups=['bar', 'def', 'baz', 'qux']) |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
111 |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
112 print "# Can't figure out the name of the user running this process" |
|
3b07e223534b
Only read .hg/hgrc files from trusted users/groups
Alexis S. L. Carvalho <alexis@cecm.usp.br>
parents:
diff
changeset
|
113 testui(user='abc', group='def', cuser=None) |