vcs: handle excessive slashes in from of the repo name path, fixes #5522
marcink -
r3328:44e97172 default
Not Reviewed
Show More
Add another comment
TODOs: 0 unresolved 0 Resolved
COMMENTS: 0 General 0 Inline
@@ -44,7 +44,11
44
44
45 :param environ: environ where PATH_INFO is stored
45 :param environ: environ where PATH_INFO is stored
46 """
46 """
47 return environ['PATH_INFO'].strip('/')
47 repo_name = environ['PATH_INFO']
48 if repo_name and repo_name.startswith('/'):
49 # remove only the first leading /
50 repo_name = repo_name[1:]
51 return repo_name.rstrip('/')
48
52
49 _ACTION_MAPPING = {
53 _ACTION_MAPPING = {
50 'changegroup': 'pull',
54 'changegroup': 'pull',
@@ -147,8 +151,7
147 return default
151 return default
148
152
149 def _create_wsgi_app(self, repo_path, repo_name, config):
153 def _create_wsgi_app(self, repo_path, repo_name, config):
150 return self.scm_app.create_hg_wsgi_app(
154 return self.scm_app.create_hg_wsgi_app(repo_path, repo_name, config)
151 repo_path, repo_name, config)
152
155
153 def _create_config(self, extras, repo_name):
156 def _create_config(self, extras, repo_name):
154 config = utils.make_db_config(repo=repo_name)
157 config = utils.make_db_config(repo=repo_name)
@@ -153,12 +153,10
153
153
154 @property
154 @property
155 def base_path(self):
155 def base_path(self):
156 settings_path = self.repo_vcs_config.get(
156 settings_path = self.repo_vcs_config.get(*VcsSettingsModel.PATH_SETTING)
157 *VcsSettingsModel.PATH_SETTING)
158
157
159 if not settings_path:
158 if not settings_path:
160 settings_path = self.global_vcs_config.get(
159 settings_path = self.global_vcs_config.get(*VcsSettingsModel.PATH_SETTING)
161 *VcsSettingsModel.PATH_SETTING)
162
160
163 if not settings_path:
161 if not settings_path:
164 # try, maybe we passed in explicitly as config option
162 # try, maybe we passed in explicitly as config option
@@ -396,7 +394,6
396 meta.Session.remove()
394 meta.Session.remove()
397
395
398 def _handle_request(self, environ, start_response):
396 def _handle_request(self, environ, start_response):
399
400 if not self._check_ssl(environ, start_response):
397 if not self._check_ssl(environ, start_response):
401 reason = ('SSL required, while RhodeCode was unable '
398 reason = ('SSL required, while RhodeCode was unable '
402 'to detect this as SSL request')
399 'to detect this as SSL request')
@@ -514,8 +511,7
514 plugin_cache_active, cache_ttl = auth_result.get(
511 plugin_cache_active, cache_ttl = auth_result.get(
515 'auth_data', {}).get('_ttl_cache') or (False, 0)
512 'auth_data', {}).get('_ttl_cache') or (False, 0)
516 else:
513 else:
517 return auth_result.wsgi_application(
514 return auth_result.wsgi_application(environ, start_response)
518 environ, start_response)
519
515
520 # ==============================================================
516 # ==============================================================
521 # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME
517 # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME
@@ -141,6 +141,16
141 stdout, stderr = Command('/tmp').execute('git clone', clone_url)
141 stdout, stderr = Command('/tmp').execute('git clone', clone_url)
142 assert 'not found' in stderr
142 assert 'not found' in stderr
143
143
144 def test_clone_hg_with_slashes(self, rc_web_server, tmpdir):
145 clone_url = rc_web_server.repo_clone_url('//' + HG_REPO)
146 stdout, stderr = Command('/tmp').execute('hg clone', clone_url, tmpdir.strpath)
147 assert 'HTTP Error 404: Not Found' in stderr
148
149 def test_clone_git_with_slashes(self, rc_web_server, tmpdir):
150 clone_url = rc_web_server.repo_clone_url('//' + GIT_REPO)
151 stdout, stderr = Command('/tmp').execute('git clone', clone_url)
152 assert 'not found' in stderr
153
144 def test_clone_existing_path_hg_not_in_database(
154 def test_clone_existing_path_hg_not_in_database(
145 self, rc_web_server, tmpdir, fs_repo_only):
155 self, rc_web_server, tmpdir, fs_repo_only):
146
156
Comments 0
You need to be logged in to leave comments. Login now