mercurial-scm/hg: comparison mercurial/hgweb/protocol.py

equal deleted inserted replaced

-:959efdac4a9c
+:d3147b4e3e8a
 req.write(resp)
 def changegroup(web, req):
 req.respond(HTTP_OK, HGTYPE)
 nodes = []
-if not web.allowpull:
-return
 if 'roots' in req.form:
 nodes = map(bin, req.form['roots'][0].split(" "))
 z = zlib.compressobj()
 def changegroupsubset(web, req):
 req.respond(HTTP_OK, HGTYPE)
 bases = []
 heads = []
-if not web.allowpull:
-return
 if 'bases' in req.form:
 bases = [bin(x) for x in req.form['bases'][0].split(' ')]
 if 'heads' in req.form:
 heads = [bin(x) for x in req.form['heads'][0].split(' ')]
 req.header(headers.items())
 req.respond(status, HGTYPE)
 req.write('0\n')
 req.write(response)
-# enforce that you can only unbundle with POST requests
+proto = req.env.get('wsgi.url_scheme') or 'http'
-if req.env['REQUEST_METHOD'] != 'POST':
-headers = {'status': '405 Method Not Allowed'}
-bail('unbundle requires POST request\n', headers)
-return
-# require ssl by default, auth info cannot be sniffed and
-# replayed
-ssl_req = web.configbool('web', 'push_ssl', True)
-if ssl_req:
-if req.env.get('wsgi.url_scheme') != 'https':
-bail('ssl required\n')
-return
-proto = 'https'
-else:
-proto = 'http'
-# do not allow push unless explicitly allowed
-if not web.check_perm(req, 'push', False):
-bail('push not authorized\n', headers={'status': '401 Unauthorized'})
-return
 their_heads = req.form['heads'][0].split(' ')
 def check_heads():
 heads = map(hex, web.repo.heads())
 return their_heads == [hex('force')] or their_heads == heads
 finally:
 fp.close()
 os.unlink(tempname)
 def stream_out(web, req):
-if not web.allowpull:
-return
 req.respond(HTTP_OK, HGTYPE)
 streamclone.stream_out(web.repo, req, untrusted=True)

changeset 6779	d3147b4e3e8a
parent 6630	8542fac26f63
child 6780	4c1d67e0fa8c