Mercurial > public > mercurial-scm > hg-stable

diff mercurial/hgweb/hgwebdir_mod.py @ 19032:7d31f2e42a8a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hgweb: refactor checks for granting and revoking user permissions Provides an entry point for extensions implementing more complex authorization schemes. Original patch proposed by Markus Zapke-Gr?ndemann.
author Wagner Bruna <wbruna@softwareexpress.com.br>
date Mon, 15 Apr 2013 18:57:04 -0300
parents 76ff3a715cf2
children 1dba26575dba
line wrap: on
line diff
--- a/mercurial/hgweb/hgwebdir_mod.py	Wed Apr 17 14:38:02 2013 -0500
+++ b/mercurial/hgweb/hgwebdir_mod.py	Mon Apr 15 18:57:04 2013 -0300
@@ -10,7 +10,7 @@
 from mercurial.i18n import _
 from mercurial import ui, hg, scmutil, util, templater
 from mercurial import error, encoding
-from common import ErrorResponse, get_mtime, staticfile, paritygen, \
+from common import ErrorResponse, get_mtime, staticfile, paritygen, ismember, \
                    get_contact, HTTP_OK, HTTP_NOT_FOUND, HTTP_SERVER_ERROR
 from hgweb_mod import hgweb, makebreadcrumb
 from request import wsgirequest
@@ -164,12 +164,12 @@
         user = req.env.get('REMOTE_USER')
 
         deny_read = ui.configlist('web', 'deny_read', untrusted=True)
-        if deny_read and (not user or deny_read == ['*'] or user in deny_read):
+        if deny_read and (not user or ismember(ui, user, deny_read)):
             return False
 
         allow_read = ui.configlist('web', 'allow_read', untrusted=True)
         # by default, allow reading if no allow_read option has been set
-        if (not allow_read) or (allow_read == ['*']) or (user in allow_read):
+        if (not allow_read) or ismember(ui, user, allow_read):
             return True
 
         return False