##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
fix(svn): fixed svn ssl support compatability. Fixes #5711...
super-admin -
r5227:cb968864 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,95 +1,95 b''
1 # Auto generated configuration for use with the Apache mod_dav_svn module.
1 # Auto generated configuration for use with the Apache mod_dav_svn module.
2 #
2 #
3 # WARNING: Make sure your Apache instance which runs the mod_dav_svn module is
3 # WARNING: Make sure your Apache instance which runs the mod_dav_svn module is
4 # only accessible by RhodeCode. Otherwise everyone is able to browse
4 # only accessible by RhodeCode. Otherwise everyone is able to browse
5 # the repositories or run subversion operations (checkout/commit/etc.).
5 # the repositories or run subversion operations (checkout/commit/etc.).
6 #
6 #
7 # The mod_dav_svn module does not support subversion repositories which are
7 # The mod_dav_svn module does not support subversion repositories which are
8 # organized in subfolders. To support the repository groups of RhodeCode it is
8 # organized in subfolders. To support the repository groups of RhodeCode it is
9 # required to provide a <Location> block for each group pointing to the
9 # required to provide a <Location> block for each group pointing to the
10 # repository group sub folder. To ease the configuration RhodeCode auto
10 # repository group sub folder. To ease the configuration RhodeCode auto
11 # generates this file whenever a repository group is created/changed/deleted.
11 # generates this file whenever a repository group is created/changed/deleted.
12 # Auto generation can be configured in the ini file. Settings are prefixed with
12 # Auto generation can be configured in the ini file. Settings are prefixed with
13 # ``svn.proxy``.
13 # ``svn.proxy``.
14 #
14 #
15 # To include this configuration into your apache config you can use the
15 # To include this configuration into your apache config you can use the
16 # `Include` directive. See the following example snippet of a virtual host how
16 # `Include` directive. See the following example snippet of a virtual host how
17 # to include this configuration file.
17 # to include this configuration file.
18 #
18 #
19 # <VirtualHost *:8090>
19 # <VirtualHost *:8090>
20 # ServerAdmin webmaster@localhost
20 # ServerAdmin webmaster@localhost
21 # DocumentRoot /var/www/html
21 # DocumentRoot /var/www/html
22 # ErrorLog ${'${APACHE_LOG_DIR}'}/error.log
22 # ErrorLog ${'${APACHE_LOG_DIR}'}/error.log
23 # CustomLog ${'${APACHE_LOG_DIR}'}/access.log combined
23 # CustomLog ${'${APACHE_LOG_DIR}'}/access.log combined
24 # LogLevel info
24 # LogLevel info
25 # # allows custom host names, prevents 400 errors on checkout
25 # # allows custom host names, prevents 400 errors on checkout
26 # HttpProtocolOptions Unsafe
26 # HttpProtocolOptions Unsafe
27 # # Most likely this will be: /home/user/.rccontrol/enterprise-1/mod_dav_svn.conf
27 # # Most likely this will be: /home/user/.rccontrol/enterprise-1/mod_dav_svn.conf
28 # Include /path/to/generated/mod_dav_svn.conf
28 # Include /path/to/generated/mod_dav_svn.conf
29 # </VirtualHost>
29 # </VirtualHost>
30 #
30 #
31 # Depending on the apache configuration you may encounter the following error if
31 # Depending on the apache configuration you may encounter the following error if
32 # you are using special characters in your repository or repository group
32 # you are using special characters in your repository or repository group
33 # names.
33 # names.
34 #
34 #
35 # ``Error converting entry in directory '/path/to/repo' to UTF-8``
35 # ``Error converting entry in directory '/path/to/repo' to UTF-8``
36 #
36 #
37 # In this case you have to change the LANG environment variable in the apache
37 # In this case you have to change the LANG environment variable in the apache
38 # configuration. This setting is typically located at ``/etc/apache2/envvars``.
38 # configuration. This setting is typically located at ``/etc/apache2/envvars``.
39 # You have to change it to an UTF-8 value like ``export LANG="en_US.UTF-8"``.
39 # You have to change it to an UTF-8 value like ``export LANG="en_US.UTF-8"``.
40 # After changing this a stop and start of Apache is required (using restart
40 # After changing this a stop and start of Apache is required (using restart
41 # doesn't work).
41 # doesn't work).
42
42
43 # fix https -> http downgrade with DAV. It requires an header downgrade for
43 # fix https -> http downgrade with DAV. It requires an header downgrade for
44 # https -> http reverse proxy to work properly
44 # https -> http reverse proxy to work properly
45 % if use_https:
45 % if use_https:
46 RequestHeader edit Destination ^https: http: early
46 RequestHeader edit Destination ^https: http: early
47 % else:
47 % else:
48 #RequestHeader edit Destination ^https: http: early
48 RequestHeader edit Destination ^https: http: early
49 % endif
49 % endif
50
50
51 <Location "${location_root|n}">
51 <Location "${location_root|n}">
52 # The mod_dav_svn module takes the username from the apache request object.
52 # The mod_dav_svn module takes the username from the apache request object.
53 # Without authorization this will be empty and no username is logged for the
53 # Without authorization this will be empty and no username is logged for the
54 # transactions. This will result in "(no author)" for each revision. The
54 # transactions. This will result in "(no author)" for each revision. The
55 # following directives implement a fake authentication that allows every
55 # following directives implement a fake authentication that allows every
56 # username/password combination.
56 # username/password combination.
57 AuthType Basic
57 AuthType Basic
58 AuthName "${rhodecode_realm|n}"
58 AuthName "${rhodecode_realm|n}"
59 AuthBasicProvider anon
59 AuthBasicProvider anon
60 Anonymous *
60 Anonymous *
61 Anonymous_LogEmail off
61 Anonymous_LogEmail off
62 Require valid-user
62 Require valid-user
63
63
64 DAV svn
64 DAV svn
65 SVNParentPath "${parent_path_root|n}"
65 SVNParentPath "${parent_path_root|n}"
66 SVNListParentPath ${"On" if svn_list_parent_path else "Off"|n}
66 SVNListParentPath ${"On" if svn_list_parent_path else "Off"|n}
67
67
68 # use specific SVN conf/authz file for each repository
68 # use specific SVN conf/authz file for each repository
69 #AuthzSVNReposRelativeAccessFile authz
69 #AuthzSVNReposRelativeAccessFile authz
70
70
71 Allow from all
71 Allow from all
72 Order allow,deny
72 Order allow,deny
73 </Location>
73 </Location>
74
74
75 % for location, parent_path in repo_group_paths:
75 % for location, parent_path in repo_group_paths:
76
76
77 <Location "${location|n}">
77 <Location "${location|n}">
78 AuthType Basic
78 AuthType Basic
79 AuthName "${rhodecode_realm|n}"
79 AuthName "${rhodecode_realm|n}"
80 AuthBasicProvider anon
80 AuthBasicProvider anon
81 Anonymous *
81 Anonymous *
82 Anonymous_LogEmail off
82 Anonymous_LogEmail off
83 Require valid-user
83 Require valid-user
84
84
85 DAV svn
85 DAV svn
86 SVNParentPath "${parent_path|n}"
86 SVNParentPath "${parent_path|n}"
87 SVNListParentPath ${"On" if svn_list_parent_path else "Off"|n}
87 SVNListParentPath ${"On" if svn_list_parent_path else "Off"|n}
88
88
89 # use specific SVN conf/authz file for each repository
89 # use specific SVN conf/authz file for each repository
90 #AuthzSVNReposRelativeAccessFile authz
90 #AuthzSVNReposRelativeAccessFile authz
91
91
92 Allow from all
92 Allow from all
93 Order allow,deny
93 Order allow,deny
94 </Location>
94 </Location>
95 % endfor
95 % endfor
Show file before | Show file after | Hide comments
@@ -1,119 +1,119 b''
1 # Copyright (C) 2016-2023 RhodeCode GmbH
1 # Copyright (C) 2016-2023 RhodeCode GmbH
2 #
2 #
3 # This program is free software: you can redistribute it and/or modify
3 # This program is free software: you can redistribute it and/or modify
4 # it under the terms of the GNU Affero General Public License, version 3
4 # it under the terms of the GNU Affero General Public License, version 3
5 # (only), as published by the Free Software Foundation.
5 # (only), as published by the Free Software Foundation.
6 #
6 #
7 # This program is distributed in the hope that it will be useful,
7 # This program is distributed in the hope that it will be useful,
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 # GNU General Public License for more details.
10 # GNU General Public License for more details.
11 #
11 #
12 # You should have received a copy of the GNU Affero General Public License
12 # You should have received a copy of the GNU Affero General Public License
13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
14 #
14 #
15 # This program is dual-licensed. If you wish to learn more about the
15 # This program is dual-licensed. If you wish to learn more about the
16 # RhodeCode Enterprise Edition, including its added features, Support services,
16 # RhodeCode Enterprise Edition, including its added features, Support services,
17 # and proprietary license terms, please see https://rhodecode.com/licenses/
17 # and proprietary license terms, please see https://rhodecode.com/licenses/
18
18
19 import re
19 import re
20 import os
20 import os
21 import mock
21 import mock
22 import pytest
22 import pytest
23
23
24 from rhodecode.apps.svn_support import utils
24 from rhodecode.apps.svn_support import utils
25
25
26
26
27 @pytest.mark.usefixtures('config_stub')
27 @pytest.mark.usefixtures('config_stub')
28 class TestModDavSvnConfig(object):
28 class TestModDavSvnConfig(object):
29
29
30 @classmethod
30 @classmethod
31 def setup_class(cls):
31 def setup_class(cls):
32 cls.location_root = '/location/root/ç¡Àâ'
32 cls.location_root = '/location/root/ç¡Àâ'
33 cls.parent_path_root = '/parent/path/ç¡Àâ'
33 cls.parent_path_root = '/parent/path/ç¡Àâ'
34 cls.realm = 'Dummy Realm (Àâüç¡)'
34 cls.realm = 'Dummy Realm (Àâüç¡)'
35
35
36 @classmethod
36 @classmethod
37 def get_repo_group_mocks(cls, count=1):
37 def get_repo_group_mocks(cls, count=1):
38 repo_groups = []
38 repo_groups = []
39 for num in range(0, count):
39 for num in range(0, count):
40 full_path = f'/path/to/RepâGrâúp-°¡ {num}'
40 full_path = f'/path/to/RepâGrâúp-°¡ {num}'
41 repo_group_mock = mock.MagicMock()
41 repo_group_mock = mock.MagicMock()
42 repo_group_mock.full_path = full_path
42 repo_group_mock.full_path = full_path
43 repo_group_mock.full_path_splitted = full_path.split('/')
43 repo_group_mock.full_path_splitted = full_path.split('/')
44 repo_groups.append(repo_group_mock)
44 repo_groups.append(repo_group_mock)
45 return repo_groups
45 return repo_groups
46
46
47 def assert_root_location_directive(self, config):
47 def assert_root_location_directive(self, config):
48 pattern = '<Location "{location}">'.format(
48 pattern = '<Location "{location}">'.format(
49 location=self.location_root)
49 location=self.location_root)
50 assert len(re.findall(pattern, config)) == 1
50 assert len(re.findall(pattern, config)) == 1
51
51
52 def assert_group_location_directive(self, config, group_path):
52 def assert_group_location_directive(self, config, group_path):
53 pattern = '<Location "{location}{group_path}">'.format(
53 pattern = '<Location "{location}{group_path}">'.format(
54 location=self.location_root, group_path=group_path)
54 location=self.location_root, group_path=group_path)
55 assert len(re.findall(pattern, config)) == 1
55 assert len(re.findall(pattern, config)) == 1
56
56
57 def test_render_mod_dav_svn_config(self):
57 def test_render_mod_dav_svn_config(self):
58 repo_groups = self.get_repo_group_mocks(count=10)
58 repo_groups = self.get_repo_group_mocks(count=10)
59 generated_config = utils._render_mod_dav_svn_config(
59 generated_config = utils._render_mod_dav_svn_config(
60 parent_path_root=self.parent_path_root,
60 parent_path_root=self.parent_path_root,
61 list_parent_path=True,
61 list_parent_path=True,
62 location_root=self.location_root,
62 location_root=self.location_root,
63 repo_groups=repo_groups,
63 repo_groups=repo_groups,
64 realm=self.realm,
64 realm=self.realm,
65 use_ssl=True,
65 use_ssl=True,
66 template=''
66 template=''
67 )
67 )
68 # Assert that one location directive exists for each repository group.
68 # Assert that one location directive exists for each repository group.
69 for group in repo_groups:
69 for group in repo_groups:
70 self.assert_group_location_directive(
70 self.assert_group_location_directive(
71 generated_config, group.full_path)
71 generated_config, group.full_path)
72
72
73 # Assert that the root location directive exists.
73 # Assert that the root location directive exists.
74 self.assert_root_location_directive(generated_config)
74 self.assert_root_location_directive(generated_config)
75
75
76 def test_render_mod_dav_svn_config_with_alternative_template(self, tmpdir):
76 def test_render_mod_dav_svn_config_with_alternative_template(self, tmpdir):
77 repo_groups = self.get_repo_group_mocks(count=10)
77 repo_groups = self.get_repo_group_mocks(count=10)
78 test_file_path = os.path.join(str(tmpdir), 'example.mako')
78 test_file_path = os.path.join(str(tmpdir), 'example.mako')
79 with open(test_file_path, 'w') as f:
79 with open(test_file_path, 'w') as f:
80 f.write('TEST_EXAMPLE\n')
80 f.write('TEST_EXAMPLE\n')
81
81
82 generated_config = utils._render_mod_dav_svn_config(
82 generated_config = utils._render_mod_dav_svn_config(
83 parent_path_root=self.parent_path_root,
83 parent_path_root=self.parent_path_root,
84 list_parent_path=True,
84 list_parent_path=True,
85 location_root=self.location_root,
85 location_root=self.location_root,
86 repo_groups=repo_groups,
86 repo_groups=repo_groups,
87 realm=self.realm,
87 realm=self.realm,
88 use_ssl=True,
88 use_ssl=True,
89 template=test_file_path
89 template=test_file_path
90 )
90 )
91 assert 'TEST_EXAMPLE' in generated_config
91 assert 'TEST_EXAMPLE' in generated_config
92
92
93 @pytest.mark.parametrize('list_parent_path', [True, False])
93 @pytest.mark.parametrize('list_parent_path', [True, False])
94 @pytest.mark.parametrize('use_ssl', [True, False])
94 @pytest.mark.parametrize('use_ssl', [True, False])
95 def test_list_parent_path(self, list_parent_path, use_ssl):
95 def test_list_parent_path(self, list_parent_path, use_ssl):
96 generated_config = utils._render_mod_dav_svn_config(
96 generated_config = utils._render_mod_dav_svn_config(
97 parent_path_root=self.parent_path_root,
97 parent_path_root=self.parent_path_root,
98 list_parent_path=list_parent_path,
98 list_parent_path=list_parent_path,
99 location_root=self.location_root,
99 location_root=self.location_root,
100 repo_groups=self.get_repo_group_mocks(count=10),
100 repo_groups=self.get_repo_group_mocks(count=10),
101 realm=self.realm,
101 realm=self.realm,
102 use_ssl=use_ssl,
102 use_ssl=use_ssl,
103 template=''
103 template=''
104 )
104 )
105
105
106 # Assert that correct configuration directive is present.
106 # Assert that correct configuration directive is present.
107 if list_parent_path:
107 if list_parent_path:
108 assert not re.search(r'SVNListParentPath\s+Off', generated_config)
108 assert not re.search(r'SVNListParentPath\s+Off', generated_config)
109 assert re.search(r'SVNListParentPath\s+On', generated_config)
109 assert re.search(r'SVNListParentPath\s+On', generated_config)
110 else:
110 else:
111 assert re.search(r'SVNListParentPath\s+Off', generated_config)
111 assert re.search(r'SVNListParentPath\s+Off', generated_config)
112 assert not re.search(r'SVNListParentPath\s+On', generated_config)
112 assert not re.search(r'SVNListParentPath\s+On', generated_config)
113
113
114 if use_ssl:
114 if use_ssl:
115 assert 'RequestHeader edit Destination ^https: http: early' \
115 assert 'RequestHeader edit Destination ^https: http: early' \
116 in generated_config
116 in generated_config
117 else:
117 else:
118 assert '#RequestHeader edit Destination ^https: http: early' \
118 assert 'RequestHeader edit Destination ^https: http: early' \
119 in generated_config
119 in generated_config
General Comments 0
You need to be logged in to leave comments. Login now