Show More
@@ -788,10 +788,15 b' class HasPermissionAnyMiddleware(object)' | |||||
788 | self.required_perms = set(perms) |
|
788 | self.required_perms = set(perms) | |
789 |
|
789 | |||
790 | def __call__(self, user, repo_name): |
|
790 | def __call__(self, user, repo_name): | |
|
791 | # repo_name MUST be unicode, since we handle keys in permission | |||
|
792 | # dict by unicode | |||
|
793 | repo_name = safe_unicode(repo_name) | |||
791 | usr = AuthUser(user.user_id) |
|
794 | usr = AuthUser(user.user_id) | |
792 | try: |
|
795 | try: | |
793 | self.user_perms = set([usr.permissions['repositories'][repo_name]]) |
|
796 | self.user_perms = set([usr.permissions['repositories'][repo_name]]) | |
794 | except: |
|
797 | except Exception: | |
|
798 | log.error('Exception while accessing permissions %s' % | |||
|
799 | traceback.format_exc()) | |||
795 | self.user_perms = set() |
|
800 | self.user_perms = set() | |
796 | self.granted_for = '' |
|
801 | self.granted_for = '' | |
797 | self.username = user.username |
|
802 | self.username = user.username |
@@ -86,7 +86,9 b" GIT_PROTO_PAT = re.compile(r'^/(.+)/(inf" | |||||
86 | def is_git(environ): |
|
86 | def is_git(environ): | |
87 | path_info = environ['PATH_INFO'] |
|
87 | path_info = environ['PATH_INFO'] | |
88 | isgit_path = GIT_PROTO_PAT.match(path_info) |
|
88 | isgit_path = GIT_PROTO_PAT.match(path_info) | |
89 | log.debug('is a git path %s pathinfo : %s' % (isgit_path, path_info)) |
|
89 | log.debug('pathinfo: %s detected as GIT %s' % ( | |
|
90 | path_info, isgit_path != None) | |||
|
91 | ) | |||
90 | return isgit_path |
|
92 | return isgit_path | |
91 |
|
93 | |||
92 |
|
94 | |||
@@ -121,7 +123,6 b' class SimpleGit(BaseVCSController):' | |||||
121 | #====================================================================== |
|
123 | #====================================================================== | |
122 | # CHECK ANONYMOUS PERMISSION |
|
124 | # CHECK ANONYMOUS PERMISSION | |
123 | #====================================================================== |
|
125 | #====================================================================== | |
124 |
|
||||
125 | if action in ['pull', 'push']: |
|
126 | if action in ['pull', 'push']: | |
126 | anonymous_user = self.__get_user('default') |
|
127 | anonymous_user = self.__get_user('default') | |
127 | username = anonymous_user.username |
|
128 | username = anonymous_user.username | |
@@ -177,7 +178,7 b' class SimpleGit(BaseVCSController):' | |||||
177 | #=================================================================== |
|
178 | #=================================================================== | |
178 | # GIT REQUEST HANDLING |
|
179 | # GIT REQUEST HANDLING | |
179 | #=================================================================== |
|
180 | #=================================================================== | |
180 |
repo_path = |
|
181 | repo_path = os.path.join(safe_str(self.basepath), safe_str(repo_name)) | |
181 | log.debug('Repository path is %s' % repo_path) |
|
182 | log.debug('Repository path is %s' % repo_path) | |
182 |
|
183 | |||
183 | # quick check if that dir exists... |
|
184 | # quick check if that dir exists... |
@@ -27,6 +27,7 b'' | |||||
27 | import os |
|
27 | import os | |
28 | import logging |
|
28 | import logging | |
29 | import traceback |
|
29 | import traceback | |
|
30 | import urllib | |||
30 |
|
31 | |||
31 | from mercurial.error import RepoError |
|
32 | from mercurial.error import RepoError | |
32 | from mercurial.hgweb import hgweb_mod |
|
33 | from mercurial.hgweb import hgweb_mod | |
@@ -45,13 +46,21 b' log = logging.getLogger(__name__)' | |||||
45 |
|
46 | |||
46 |
|
47 | |||
47 | def is_mercurial(environ): |
|
48 | def is_mercurial(environ): | |
48 | """Returns True if request's target is mercurial server - header |
|
49 | """ | |
|
50 | Returns True if request's target is mercurial server - header | |||
49 | ``HTTP_ACCEPT`` of such request would start with ``application/mercurial``. |
|
51 | ``HTTP_ACCEPT`` of such request would start with ``application/mercurial``. | |
50 | """ |
|
52 | """ | |
51 | http_accept = environ.get('HTTP_ACCEPT') |
|
53 | http_accept = environ.get('HTTP_ACCEPT') | |
|
54 | path_info = environ['PATH_INFO'] | |||
52 | if http_accept and http_accept.startswith('application/mercurial'): |
|
55 | if http_accept and http_accept.startswith('application/mercurial'): | |
53 |
|
|
56 | ishg_path = True | |
54 |
|
|
57 | else: | |
|
58 | ishg_path = False | |||
|
59 | ||||
|
60 | log.debug('pathinfo: %s detected as HG %s' % ( | |||
|
61 | path_info, ishg_path) | |||
|
62 | ) | |||
|
63 | return ishg_path | |||
55 |
|
64 | |||
56 |
|
65 | |||
57 | class SimpleHg(BaseVCSController): |
|
66 | class SimpleHg(BaseVCSController): | |
@@ -80,12 +89,12 b' class SimpleHg(BaseVCSController):' | |||||
80 | # GET ACTION PULL or PUSH |
|
89 | # GET ACTION PULL or PUSH | |
81 | #====================================================================== |
|
90 | #====================================================================== | |
82 | action = self.__get_action(environ) |
|
91 | action = self.__get_action(environ) | |
|
92 | ||||
83 | #====================================================================== |
|
93 | #====================================================================== | |
84 | # CHECK ANONYMOUS PERMISSION |
|
94 | # CHECK ANONYMOUS PERMISSION | |
85 | #====================================================================== |
|
95 | #====================================================================== | |
86 | if action in ['pull', 'push']: |
|
96 | if action in ['pull', 'push']: | |
87 | anonymous_user = self.__get_user('default') |
|
97 | anonymous_user = self.__get_user('default') | |
88 |
|
||||
89 | username = anonymous_user.username |
|
98 | username = anonymous_user.username | |
90 | anonymous_perm = self._check_permission(action, anonymous_user, |
|
99 | anonymous_perm = self._check_permission(action, anonymous_user, | |
91 | repo_name) |
|
100 | repo_name) | |
@@ -132,21 +141,23 b' class SimpleHg(BaseVCSController):' | |||||
132 | start_response) |
|
141 | start_response) | |
133 |
|
142 | |||
134 | #check permissions for this repository |
|
143 | #check permissions for this repository | |
135 | perm = self._check_permission(action, user, |
|
144 | perm = self._check_permission(action, user, repo_name) | |
136 | repo_name) |
|
|||
137 | if perm is not True: |
|
145 | if perm is not True: | |
138 | return HTTPForbidden()(environ, start_response) |
|
146 | return HTTPForbidden()(environ, start_response) | |
139 |
|
147 | |||
140 | extras = {'ip': ipaddr, |
|
148 | # extras are injected into mercurial UI object and later available | |
141 | 'username': username, |
|
149 | # in hg hooks executed by rhodecode | |
142 | 'action': action, |
|
150 | extras = { | |
143 | 'repository': repo_name} |
|
151 | 'ip': ipaddr, | |
|
152 | 'username': username, | |||
|
153 | 'action': action, | |||
|
154 | 'repository': repo_name | |||
|
155 | } | |||
144 |
|
156 | |||
145 | #====================================================================== |
|
157 | #====================================================================== | |
146 | # MERCURIAL REQUEST HANDLING |
|
158 | # MERCURIAL REQUEST HANDLING | |
147 | #====================================================================== |
|
159 | #====================================================================== | |
148 |
|
160 | repo_path = os.path.join(safe_str(self.basepath), safe_str(repo_name)) | ||
149 | repo_path = safe_str(os.path.join(self.basepath, repo_name)) |
|
|||
150 | log.debug('Repository path is %s' % repo_path) |
|
161 | log.debug('Repository path is %s' % repo_path) | |
151 |
|
162 | |||
152 | baseui = make_ui('db') |
|
163 | baseui = make_ui('db') |
@@ -54,6 +54,7 b' from rhodecode.model.db import Repositor' | |||||
54 | UserLog, RepoGroup, RhodeCodeSetting, UserRepoGroupToPerm |
|
54 | UserLog, RepoGroup, RhodeCodeSetting, UserRepoGroupToPerm | |
55 | from rhodecode.model.meta import Session |
|
55 | from rhodecode.model.meta import Session | |
56 | from rhodecode.model.repos_group import ReposGroupModel |
|
56 | from rhodecode.model.repos_group import ReposGroupModel | |
|
57 | from rhodecode.lib import safe_str, safe_unicode | |||
57 |
|
58 | |||
58 | log = logging.getLogger(__name__) |
|
59 | log = logging.getLogger(__name__) | |
59 |
|
60 | |||
@@ -154,7 +155,10 b' def action_logger(user, action, repo, ip' | |||||
154 | user_log.user_ip = ipaddr |
|
155 | user_log.user_ip = ipaddr | |
155 | sa.add(user_log) |
|
156 | sa.add(user_log) | |
156 |
|
157 | |||
157 | log.info('Adding user %s, action %s on %s' % (user_obj, action, repo)) |
|
158 | log.info( | |
|
159 | 'Adding user %s, action %s on %s' % (user_obj, action, | |||
|
160 | safe_unicode(repo)) | |||
|
161 | ) | |||
158 | if commit: |
|
162 | if commit: | |
159 | sa.commit() |
|
163 | sa.commit() | |
160 | except: |
|
164 | except: | |
@@ -198,12 +202,13 b' def get_repos(path, recursive=False):' | |||||
198 | def is_valid_repo(repo_name, base_path): |
|
202 | def is_valid_repo(repo_name, base_path): | |
199 | """ |
|
203 | """ | |
200 | Returns True if given path is a valid repository False otherwise |
|
204 | Returns True if given path is a valid repository False otherwise | |
|
205 | ||||
201 | :param repo_name: |
|
206 | :param repo_name: | |
202 | :param base_path: |
|
207 | :param base_path: | |
203 |
|
208 | |||
204 | :return True: if given path is a valid repository |
|
209 | :return True: if given path is a valid repository | |
205 | """ |
|
210 | """ | |
206 | full_path = os.path.join(base_path, repo_name) |
|
211 | full_path = os.path.join(safe_str(base_path), safe_str(repo_name)) | |
207 |
|
212 | |||
208 | try: |
|
213 | try: | |
209 | get_scm(full_path) |
|
214 | get_scm(full_path) | |
@@ -219,7 +224,7 b' def is_valid_repos_group(repos_group_nam' | |||||
219 | :param repo_name: |
|
224 | :param repo_name: | |
220 | :param base_path: |
|
225 | :param base_path: | |
221 | """ |
|
226 | """ | |
222 | full_path = os.path.join(base_path, repos_group_name) |
|
227 | full_path = os.path.join(safe_str(base_path), safe_str(repos_group_name)) | |
223 |
|
228 | |||
224 | # check if it's not a repo |
|
229 | # check if it's not a repo | |
225 | if is_valid_repo(repos_group_name, base_path): |
|
230 | if is_valid_repo(repos_group_name, base_path): |
General Comments 0
You need to be logged in to leave comments.
Login now