Mercurial Mercurial > public > mercurial-scm > hg / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/hgweb/common.py
changeset 37147 a2566597acb5
parent 36877 02bea04b4c54
child 37149 cc0a6ea95d98
equal deleted inserted replaced
37146:c37c47e47a95 37147:a2566597acb5 
    59     if op == 'pull' and not hgweb.allowpull:
 
    59     if op == 'pull' and not hgweb.allowpull:
 
    60         raise ErrorResponse(HTTP_UNAUTHORIZED, 'pull not authorized')
 
    60         raise ErrorResponse(HTTP_UNAUTHORIZED, 'pull not authorized')
 
    61     elif op == 'pull' or op is None: # op is None for interface requests
 
    61     elif op == 'pull' or op is None: # op is None for interface requests
 
    62         return
 
    62         return
 
    63 
    63 
       
    64     # Allow LFS uploading via PUT requests
 
       
    65     if op == 'upload':
 
       
    66         if req.method != 'PUT':
 
       
    67             msg = 'upload requires PUT request'
 
       
    68             raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg)
 
    64     # enforce that you can only push using POST requests
 
    69     # enforce that you can only push using POST requests
 
    65     if req.method != 'POST':
 
    70     elif req.method != 'POST':
 
    66         msg = 'push requires POST request'
 
    71         msg = 'push requires POST request'
 
    67         raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg)
 
    72         raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg)
 
    68 
    73 
    69     # require ssl by default for pushing, auth info cannot be sniffed
 
    74     # require ssl by default for pushing, auth info cannot be sniffed
 
    70     # and replayed
 
    75     # and replayed
 
    79     if not (allow and ismember(hgweb.repo.ui, user, allow)):
 
    84     if not (allow and ismember(hgweb.repo.ui, user, allow)):
 
    80         raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized')
 
    85         raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized')
 
    81 
    86 
    82 # Hooks for hgweb permission checks; extensions can add hooks here.
 
    87 # Hooks for hgweb permission checks; extensions can add hooks here.
 
    83 # Each hook is invoked like this: hook(hgweb, request, operation),
 
    88 # Each hook is invoked like this: hook(hgweb, request, operation),
 
    84 # where operation is either read, pull or push. Hooks should either
 
    89 # where operation is either read, pull, push or upload. Hooks should either
 
    85 # raise an ErrorResponse exception, or just return.
 
    90 # raise an ErrorResponse exception, or just return.
 
    86 #
 
    91 #
 
    87 # It is possible to do both authentication and authorization through
 
    92 # It is possible to do both authentication and authorization through
 
    88 # this.
 
    93 # this.
 
    89 permhooks = [checkauthz]
 
    94 permhooks = [checkauthz]
mercurial-scm/hg