##// END OF EJS Templates
fix(svn): fixed svn ssl support compatability. Fixes #5711...
super-admin -
r5227:cb968864 default
parent child Browse files
Show More
@@ -1,95 +1,95 b''
1 1 # Auto generated configuration for use with the Apache mod_dav_svn module.
2 2 #
3 3 # WARNING: Make sure your Apache instance which runs the mod_dav_svn module is
4 4 # only accessible by RhodeCode. Otherwise everyone is able to browse
5 5 # the repositories or run subversion operations (checkout/commit/etc.).
6 6 #
7 7 # The mod_dav_svn module does not support subversion repositories which are
8 8 # organized in subfolders. To support the repository groups of RhodeCode it is
9 9 # required to provide a <Location> block for each group pointing to the
10 10 # repository group sub folder. To ease the configuration RhodeCode auto
11 11 # generates this file whenever a repository group is created/changed/deleted.
12 12 # Auto generation can be configured in the ini file. Settings are prefixed with
13 13 # ``svn.proxy``.
14 14 #
15 15 # To include this configuration into your apache config you can use the
16 16 # `Include` directive. See the following example snippet of a virtual host how
17 17 # to include this configuration file.
18 18 #
19 19 # <VirtualHost *:8090>
20 20 # ServerAdmin webmaster@localhost
21 21 # DocumentRoot /var/www/html
22 22 # ErrorLog ${'${APACHE_LOG_DIR}'}/error.log
23 23 # CustomLog ${'${APACHE_LOG_DIR}'}/access.log combined
24 24 # LogLevel info
25 25 # # allows custom host names, prevents 400 errors on checkout
26 26 # HttpProtocolOptions Unsafe
27 27 # # Most likely this will be: /home/user/.rccontrol/enterprise-1/mod_dav_svn.conf
28 28 # Include /path/to/generated/mod_dav_svn.conf
29 29 # </VirtualHost>
30 30 #
31 31 # Depending on the apache configuration you may encounter the following error if
32 32 # you are using special characters in your repository or repository group
33 33 # names.
34 34 #
35 35 # ``Error converting entry in directory '/path/to/repo' to UTF-8``
36 36 #
37 37 # In this case you have to change the LANG environment variable in the apache
38 38 # configuration. This setting is typically located at ``/etc/apache2/envvars``.
39 39 # You have to change it to an UTF-8 value like ``export LANG="en_US.UTF-8"``.
40 40 # After changing this a stop and start of Apache is required (using restart
41 41 # doesn't work).
42 42
43 43 # fix https -> http downgrade with DAV. It requires an header downgrade for
44 44 # https -> http reverse proxy to work properly
45 45 % if use_https:
46 46 RequestHeader edit Destination ^https: http: early
47 47 % else:
48 #RequestHeader edit Destination ^https: http: early
48 RequestHeader edit Destination ^https: http: early
49 49 % endif
50 50
51 51 <Location "${location_root|n}">
52 52 # The mod_dav_svn module takes the username from the apache request object.
53 53 # Without authorization this will be empty and no username is logged for the
54 54 # transactions. This will result in "(no author)" for each revision. The
55 55 # following directives implement a fake authentication that allows every
56 56 # username/password combination.
57 57 AuthType Basic
58 58 AuthName "${rhodecode_realm|n}"
59 59 AuthBasicProvider anon
60 60 Anonymous *
61 61 Anonymous_LogEmail off
62 62 Require valid-user
63 63
64 64 DAV svn
65 65 SVNParentPath "${parent_path_root|n}"
66 66 SVNListParentPath ${"On" if svn_list_parent_path else "Off"|n}
67 67
68 68 # use specific SVN conf/authz file for each repository
69 69 #AuthzSVNReposRelativeAccessFile authz
70 70
71 71 Allow from all
72 72 Order allow,deny
73 73 </Location>
74 74
75 75 % for location, parent_path in repo_group_paths:
76 76
77 77 <Location "${location|n}">
78 78 AuthType Basic
79 79 AuthName "${rhodecode_realm|n}"
80 80 AuthBasicProvider anon
81 81 Anonymous *
82 82 Anonymous_LogEmail off
83 83 Require valid-user
84 84
85 85 DAV svn
86 86 SVNParentPath "${parent_path|n}"
87 87 SVNListParentPath ${"On" if svn_list_parent_path else "Off"|n}
88 88
89 89 # use specific SVN conf/authz file for each repository
90 90 #AuthzSVNReposRelativeAccessFile authz
91 91
92 92 Allow from all
93 93 Order allow,deny
94 94 </Location>
95 95 % endfor
@@ -1,119 +1,119 b''
1 1 # Copyright (C) 2016-2023 RhodeCode GmbH
2 2 #
3 3 # This program is free software: you can redistribute it and/or modify
4 4 # it under the terms of the GNU Affero General Public License, version 3
5 5 # (only), as published by the Free Software Foundation.
6 6 #
7 7 # This program is distributed in the hope that it will be useful,
8 8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
9 9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 10 # GNU General Public License for more details.
11 11 #
12 12 # You should have received a copy of the GNU Affero General Public License
13 13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
14 14 #
15 15 # This program is dual-licensed. If you wish to learn more about the
16 16 # RhodeCode Enterprise Edition, including its added features, Support services,
17 17 # and proprietary license terms, please see https://rhodecode.com/licenses/
18 18
19 19 import re
20 20 import os
21 21 import mock
22 22 import pytest
23 23
24 24 from rhodecode.apps.svn_support import utils
25 25
26 26
27 27 @pytest.mark.usefixtures('config_stub')
28 28 class TestModDavSvnConfig(object):
29 29
30 30 @classmethod
31 31 def setup_class(cls):
32 32 cls.location_root = '/location/root/ç¡Àâ'
33 33 cls.parent_path_root = '/parent/path/ç¡Àâ'
34 34 cls.realm = 'Dummy Realm (Àâüç¡)'
35 35
36 36 @classmethod
37 37 def get_repo_group_mocks(cls, count=1):
38 38 repo_groups = []
39 39 for num in range(0, count):
40 40 full_path = f'/path/to/RepâGrâúp-°¡ {num}'
41 41 repo_group_mock = mock.MagicMock()
42 42 repo_group_mock.full_path = full_path
43 43 repo_group_mock.full_path_splitted = full_path.split('/')
44 44 repo_groups.append(repo_group_mock)
45 45 return repo_groups
46 46
47 47 def assert_root_location_directive(self, config):
48 48 pattern = '<Location "{location}">'.format(
49 49 location=self.location_root)
50 50 assert len(re.findall(pattern, config)) == 1
51 51
52 52 def assert_group_location_directive(self, config, group_path):
53 53 pattern = '<Location "{location}{group_path}">'.format(
54 54 location=self.location_root, group_path=group_path)
55 55 assert len(re.findall(pattern, config)) == 1
56 56
57 57 def test_render_mod_dav_svn_config(self):
58 58 repo_groups = self.get_repo_group_mocks(count=10)
59 59 generated_config = utils._render_mod_dav_svn_config(
60 60 parent_path_root=self.parent_path_root,
61 61 list_parent_path=True,
62 62 location_root=self.location_root,
63 63 repo_groups=repo_groups,
64 64 realm=self.realm,
65 65 use_ssl=True,
66 66 template=''
67 67 )
68 68 # Assert that one location directive exists for each repository group.
69 69 for group in repo_groups:
70 70 self.assert_group_location_directive(
71 71 generated_config, group.full_path)
72 72
73 73 # Assert that the root location directive exists.
74 74 self.assert_root_location_directive(generated_config)
75 75
76 76 def test_render_mod_dav_svn_config_with_alternative_template(self, tmpdir):
77 77 repo_groups = self.get_repo_group_mocks(count=10)
78 78 test_file_path = os.path.join(str(tmpdir), 'example.mako')
79 79 with open(test_file_path, 'w') as f:
80 80 f.write('TEST_EXAMPLE\n')
81 81
82 82 generated_config = utils._render_mod_dav_svn_config(
83 83 parent_path_root=self.parent_path_root,
84 84 list_parent_path=True,
85 85 location_root=self.location_root,
86 86 repo_groups=repo_groups,
87 87 realm=self.realm,
88 88 use_ssl=True,
89 89 template=test_file_path
90 90 )
91 91 assert 'TEST_EXAMPLE' in generated_config
92 92
93 93 @pytest.mark.parametrize('list_parent_path', [True, False])
94 94 @pytest.mark.parametrize('use_ssl', [True, False])
95 95 def test_list_parent_path(self, list_parent_path, use_ssl):
96 96 generated_config = utils._render_mod_dav_svn_config(
97 97 parent_path_root=self.parent_path_root,
98 98 list_parent_path=list_parent_path,
99 99 location_root=self.location_root,
100 100 repo_groups=self.get_repo_group_mocks(count=10),
101 101 realm=self.realm,
102 102 use_ssl=use_ssl,
103 103 template=''
104 104 )
105 105
106 106 # Assert that correct configuration directive is present.
107 107 if list_parent_path:
108 108 assert not re.search(r'SVNListParentPath\s+Off', generated_config)
109 109 assert re.search(r'SVNListParentPath\s+On', generated_config)
110 110 else:
111 111 assert re.search(r'SVNListParentPath\s+Off', generated_config)
112 112 assert not re.search(r'SVNListParentPath\s+On', generated_config)
113 113
114 114 if use_ssl:
115 115 assert 'RequestHeader edit Destination ^https: http: early' \
116 116 in generated_config
117 117 else:
118 assert '#RequestHeader edit Destination ^https: http: early' \
118 assert 'RequestHeader edit Destination ^https: http: early' \
119 119 in generated_config
General Comments 0
You need to be logged in to leave comments. Login now