mercurial-scm/hg-stable: mercurial/hgweb/common.py comparison

comparison mercurial/hgweb/common.py @ 43077:687b865b95ad

formatting: byteify all mercurial/ and hgext/ string literals Done with python3.7 contrib/byteify-strings.py -i $(hg files 'set:mercurial/**.py - mercurial/thirdparty/** + hgext/**.py - hgext/fsmonitor/pywatchman/** - mercurial/__init__.py') black -l 80 -t py33 -S $(hg files 'set:**.py - mercurial/thirdparty/** - "contrib/python-zstandard/**" - hgext/fsmonitor/pywatchman/**') # skip-blame mass-reformatting only Differential Revision: https://phab.mercurial-scm.org/D6972

author	Augie Fackler <augie@google.com>
date	Sun, 06 Oct 2019 09:48:39 -0400
parents	2372284d9457
children	eef9a2d67051

comparison

equal deleted inserted replaced

-:2372284d9457
+:687b865b95ad
 If userlist has a single '*' member, all users are considered members.
 Can be overridden by extensions to provide more complex authorization
 schemes.
 """
-return userlist == ['*'] or username in userlist
+return userlist == [b'*'] or username in userlist
 def checkauthz(hgweb, req, op):
 '''Check permission for operation based on request data (including
 authentication info). Return if op allowed, else raise an ErrorResponse
 exception.'''
 user = req.remoteuser
-deny_read = hgweb.configlist('web', 'deny_read')
+deny_read = hgweb.configlist(b'web', b'deny_read')
 if deny_read and (not user or ismember(hgweb.repo.ui, user, deny_read)):
-raise ErrorResponse(HTTP_UNAUTHORIZED, 'read not authorized')
+raise ErrorResponse(HTTP_UNAUTHORIZED, b'read not authorized')
-allow_read = hgweb.configlist('web', 'allow_read')
+allow_read = hgweb.configlist(b'web', b'allow_read')
 if allow_read and (not ismember(hgweb.repo.ui, user, allow_read)):
-raise ErrorResponse(HTTP_UNAUTHORIZED, 'read not authorized')
+raise ErrorResponse(HTTP_UNAUTHORIZED, b'read not authorized')
-if op == 'pull' and not hgweb.allowpull:
+if op == b'pull' and not hgweb.allowpull:
-raise ErrorResponse(HTTP_UNAUTHORIZED, 'pull not authorized')
+raise ErrorResponse(HTTP_UNAUTHORIZED, b'pull not authorized')
-elif op == 'pull' or op is None:  # op is None for interface requests
+elif op == b'pull' or op is None:  # op is None for interface requests
 return
 # Allow LFS uploading via PUT requests
-if op == 'upload':
+if op == b'upload':
-if req.method != 'PUT':
+if req.method != b'PUT':
-msg = 'upload requires PUT request'
+msg = b'upload requires PUT request'
 raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg)
 # enforce that you can only push using POST requests
-elif req.method != 'POST':
+elif req.method != b'POST':
-msg = 'push requires POST request'
+msg = b'push requires POST request'
 raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg)
 # require ssl by default for pushing, auth info cannot be sniffed
 # and replayed
-if hgweb.configbool('web', 'push_ssl') and req.urlscheme != 'https':
+if hgweb.configbool(b'web', b'push_ssl') and req.urlscheme != b'https':
-raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required')
+raise ErrorResponse(HTTP_FORBIDDEN, b'ssl required')
-deny = hgweb.configlist('web', 'deny_push')
+deny = hgweb.configlist(b'web', b'deny_push')
 if deny and (not user or ismember(hgweb.repo.ui, user, deny)):
-raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized')
+raise ErrorResponse(HTTP_UNAUTHORIZED, b'push not authorized')
-allow = hgweb.configlist('web', 'allow-push')
+allow = hgweb.configlist(b'web', b'allow-push')
 if not (allow and ismember(hgweb.repo.ui, user, allow)):
-raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized')
+raise ErrorResponse(HTTP_UNAUTHORIZED, b'push not authorized')
 # Hooks for hgweb permission checks; extensions can add hooks here.
 # Each hook is invoked like this: hook(hgweb, request, operation),
 # where operation is either read, pull, push or upload. Hooks should either
 self.continued = False
 def read(self, amt=-1):
 if not self.continued:
 self.continued = True
-self._write('HTTP/1.1 100 Continue\r\n\r\n')
+self._write(b'HTTP/1.1 100 Continue\r\n\r\n')
 return self.f.read(amt)
 def __getattr__(self, attr):
-if attr in ('close', 'readline', 'readlines', '__iter__'):
+if attr in (b'close', b'readline', b'readlines', b'__iter__'):
 return getattr(self.f, attr)
 raise AttributeError
 def _statusmessage(code):
 responses.get(code, (r'Error', r'Unknown error'))[0]
 )
 def statusmessage(code, message=None):
-return '%d %s' % (code, message or _statusmessage(code))
+return b'%d %s' % (code, message or _statusmessage(code))
 def get_stat(spath, fn):
 """stat fn if it exists, spath otherwise"""
 cl_path = os.path.join(spath, fn)
 else:
 return os.stat(spath)
 def get_mtime(spath):
-return get_stat(spath, "00changelog.i")[stat.ST_MTIME]
+return get_stat(spath, b"00changelog.i")[stat.ST_MTIME]
 def ispathsafe(path):
 """Determine if a path is safe to use for filesystem access."""
-parts = path.split('/')
+parts = path.split(b'/')
 for part in parts:
 if (
-part in ('', pycompat.oscurdir, pycompat.ospardir)
+part in (b'', pycompat.oscurdir, pycompat.ospardir)
 or pycompat.ossep in part
 or pycompat.osaltsep is not None
 and pycompat.osaltsep in part
 ):
 return False
 """
 if not ispathsafe(fname):
 return
-fpath = os.path.join(*fname.split('/'))
+fpath = os.path.join(*fname.split(b'/'))
 if isinstance(directory, str):
 directory = [directory]
 for d in directory:
 path = os.path.join(d, fpath)
 if os.path.exists(path):
 try:
 os.stat(path)
 ct = pycompat.sysbytes(
 mimetypes.guess_type(pycompat.fsdecode(path))[0] or r"text/plain"
 )
-with open(path, 'rb') as fh:
+with open(path, b'rb') as fh:
 data = fh.read()
-res.headers['Content-Type'] = ct
+res.headers[b'Content-Type'] = ct
 res.setbodybytes(data)
 return res
 except TypeError:
-raise ErrorResponse(HTTP_SERVER_ERROR, 'illegal filename')
+raise ErrorResponse(HTTP_SERVER_ERROR, b'illegal filename')
 except OSError as err:
 if err.errno == errno.ENOENT:
 raise ErrorResponse(HTTP_NOT_FOUND)
 else:
 raise ErrorResponse(
 web.contact is the primary source, but if that is not set, try
 ui.username or $EMAIL as a fallback to display something useful.
 """
 return (
-config("web", "contact")
+config(b"web", b"contact")
-or config("ui", "username")
+or config(b"ui", b"username")
-or encoding.environ.get("EMAIL")
+or encoding.environ.get(b"EMAIL")
-or ""
+or b""
 )
 def cspvalues(ui):
 """Obtain the Content-Security-Policy header and nonce value.
 # We can move it back once we no longer need Python <= 2.7.12 support.
 import uuid
 # Don't allow untrusted CSP setting since it be disable protections
 # from a trusted/global source.
-csp = ui.config('web', 'csp', untrusted=False)
+csp = ui.config(b'web', b'csp', untrusted=False)
 nonce = None
-if csp and '%nonce%' in csp:
+if csp and b'%nonce%' in csp:
-nonce = base64.urlsafe_b64encode(uuid.uuid4().bytes).rstrip('=')
+nonce = base64.urlsafe_b64encode(uuid.uuid4().bytes).rstrip(b'=')
-csp = csp.replace('%nonce%', nonce)
+csp = csp.replace(b'%nonce%', nonce)
 return csp, nonce

Mercurial > public > mercurial-scm > hg-stable

comparison mercurial/hgweb/common.py @ 43077:687b865b95ad