Mercurial Mercurial > public > mercurial-scm > hg / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/hgweb/common.py
changeset 14058 3233b39d756f
parent 13959 141f88ae5276
child 16687 e34106fa0dc3
equal deleted inserted replaced
14057:ef1217a7f206 14058:3233b39d756f 
    15 HTTP_FORBIDDEN = 403
 
    15 HTTP_FORBIDDEN = 403
 
    16 HTTP_NOT_FOUND = 404
 
    16 HTTP_NOT_FOUND = 404
 
    17 HTTP_METHOD_NOT_ALLOWED = 405
 
    17 HTTP_METHOD_NOT_ALLOWED = 405
 
    18 HTTP_SERVER_ERROR = 500
 
    18 HTTP_SERVER_ERROR = 500
 
    19 
    19 
    20 # Hooks for hgweb permission checks; extensions can add hooks here. Each hook
 
       
    21 # is invoked like this: hook(hgweb, request, operation), where operation is
 
       
    22 # either read, pull or push. Hooks should either raise an ErrorResponse
 
       
    23 # exception, or just return.
 
       
    24 # It is possible to do both authentication and authorization through this.
 
       
    25 permhooks = []
 
       
    26 
    20 
    27 def checkauthz(hgweb, req, op):
 
    21 def checkauthz(hgweb, req, op):
 
    28     '''Check permission for operation based on request data (including
 
    22     '''Check permission for operation based on request data (including
 
    29     authentication info). Return if op allowed, else raise an ErrorResponse
 
    23     authentication info). Return if op allowed, else raise an ErrorResponse
 
    30     exception.'''
 
    24     exception.'''
 
    63     allow = hgweb.configlist('web', 'allow_push')
 
    57     allow = hgweb.configlist('web', 'allow_push')
 
    64     result = allow and (allow == ['*'] or user in allow)
 
    58     result = allow and (allow == ['*'] or user in allow)
 
    65     if not result:
 
    59     if not result:
 
    66         raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized')
 
    60         raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized')
 
    67 
    61 
    68 # Add the default permhook, which provides simple authorization.
 
    62 # Hooks for hgweb permission checks; extensions can add hooks here.
 
    69 permhooks.append(checkauthz)
 
    63 # Each hook is invoked like this: hook(hgweb, request, operation),
 
       
    64 # where operation is either read, pull or push. Hooks should either
 
       
    65 # raise an ErrorResponse exception, or just return.
 
       
    66 #
 
       
    67 # It is possible to do both authentication and authorization through
 
       
    68 # this.
 
       
    69 permhooks = [checkauthz]
 
    70 
    70 
    71 
    71 
    72 class ErrorResponse(Exception):
 
    72 class ErrorResponse(Exception):
 
    73     def __init__(self, code, message=None, headers=[]):
 
    73     def __init__(self, code, message=None, headers=[]):
 
    74         if message is None:
 
    74         if message is None:
mercurial-scm/hg