Show More
| @@ -788,10 +788,15 b' class HasPermissionAnyMiddleware(object)' | |||
|
|
788 | 788 | self.required_perms = set(perms) |
|
|
789 | 789 | |
|
|
790 | 790 | def __call__(self, user, repo_name): |
|
|
791 | # repo_name MUST be unicode, since we handle keys in permission | |
|
|
792 | # dict by unicode | |
|
|
793 | repo_name = safe_unicode(repo_name) | |
|
|
791 | 794 | usr = AuthUser(user.user_id) |
|
|
792 | 795 | try: |
|
|
793 | 796 | self.user_perms = set([usr.permissions['repositories'][repo_name]]) |
|
|
794 | except: | |
|
|
797 | except Exception: | |
|
|
798 | log.error('Exception while accessing permissions %s' % | |
|
|
799 | traceback.format_exc()) | |
|
|
795 | 800 | self.user_perms = set() |
|
|
796 | 801 | self.granted_for = '' |
|
|
797 | 802 | self.username = user.username |
| @@ -86,7 +86,9 b" GIT_PROTO_PAT = re.compile(r'^/(.+)/(inf" | |||
|
|
86 | 86 | def is_git(environ): |
|
|
87 | 87 | path_info = environ['PATH_INFO'] |
|
|
88 | 88 | isgit_path = GIT_PROTO_PAT.match(path_info) |
|
|
89 | log.debug('is a git path %s pathinfo : %s' % (isgit_path, path_info)) | |
|
|
89 | log.debug('pathinfo: %s detected as GIT %s' % ( | |
|
|
90 | path_info, isgit_path != None) | |
|
|
91 | ) | |
|
|
90 | 92 | return isgit_path |
|
|
91 | 93 | |
|
|
92 | 94 | |
| @@ -121,7 +123,6 b' class SimpleGit(BaseVCSController):' | |||
|
|
121 | 123 | #====================================================================== |
|
|
122 | 124 | # CHECK ANONYMOUS PERMISSION |
|
|
123 | 125 | #====================================================================== |
|
|
124 | ||
|
|
125 | 126 | if action in ['pull', 'push']: |
|
|
126 | 127 | anonymous_user = self.__get_user('default') |
|
|
127 | 128 | username = anonymous_user.username |
| @@ -177,7 +178,7 b' class SimpleGit(BaseVCSController):' | |||
|
|
177 | 178 | #=================================================================== |
|
|
178 | 179 | # GIT REQUEST HANDLING |
|
|
179 | 180 | #=================================================================== |
|
|
180 |
repo_path = |
|
|
|
181 | repo_path = os.path.join(safe_str(self.basepath), safe_str(repo_name)) | |
|
|
181 | 182 | log.debug('Repository path is %s' % repo_path) |
|
|
182 | 183 | |
|
|
183 | 184 | # quick check if that dir exists... |
| @@ -27,6 +27,7 b'' | |||
|
|
27 | 27 | import os |
|
|
28 | 28 | import logging |
|
|
29 | 29 | import traceback |
|
|
30 | import urllib | |
|
|
30 | 31 | |
|
|
31 | 32 | from mercurial.error import RepoError |
|
|
32 | 33 | from mercurial.hgweb import hgweb_mod |
| @@ -45,13 +46,21 b' log = logging.getLogger(__name__)' | |||
|
|
45 | 46 | |
|
|
46 | 47 | |
|
|
47 | 48 | def is_mercurial(environ): |
|
|
48 | """Returns True if request's target is mercurial server - header | |
|
|
49 | """ | |
|
|
50 | Returns True if request's target is mercurial server - header | |
|
|
49 | 51 | ``HTTP_ACCEPT`` of such request would start with ``application/mercurial``. |
|
|
50 | 52 | """ |
|
|
51 | 53 | http_accept = environ.get('HTTP_ACCEPT') |
|
|
54 | path_info = environ['PATH_INFO'] | |
|
|
52 | 55 | if http_accept and http_accept.startswith('application/mercurial'): |
|
|
53 |
|
|
|
|
54 |
|
|
|
|
56 | ishg_path = True | |
|
|
57 | else: | |
|
|
58 | ishg_path = False | |
|
|
59 | ||
|
|
60 | log.debug('pathinfo: %s detected as HG %s' % ( | |
|
|
61 | path_info, ishg_path) | |
|
|
62 | ) | |
|
|
63 | return ishg_path | |
|
|
55 | 64 | |
|
|
56 | 65 | |
|
|
57 | 66 | class SimpleHg(BaseVCSController): |
| @@ -80,12 +89,12 b' class SimpleHg(BaseVCSController):' | |||
|
|
80 | 89 | # GET ACTION PULL or PUSH |
|
|
81 | 90 | #====================================================================== |
|
|
82 | 91 | action = self.__get_action(environ) |
|
|
92 | ||
|
|
83 | 93 | #====================================================================== |
|
|
84 | 94 | # CHECK ANONYMOUS PERMISSION |
|
|
85 | 95 | #====================================================================== |
|
|
86 | 96 | if action in ['pull', 'push']: |
|
|
87 | 97 | anonymous_user = self.__get_user('default') |
|
|
88 | ||
|
|
89 | 98 | username = anonymous_user.username |
|
|
90 | 99 | anonymous_perm = self._check_permission(action, anonymous_user, |
|
|
91 | 100 | repo_name) |
| @@ -132,21 +141,23 b' class SimpleHg(BaseVCSController):' | |||
|
|
132 | 141 | start_response) |
|
|
133 | 142 | |
|
|
134 | 143 | #check permissions for this repository |
|
|
135 | perm = self._check_permission(action, user, | |
|
|
136 | repo_name) | |
|
|
144 | perm = self._check_permission(action, user, repo_name) | |
|
|
137 | 145 | if perm is not True: |
|
|
138 | 146 | return HTTPForbidden()(environ, start_response) |
|
|
139 | 147 | |
|
|
140 | extras = {'ip': ipaddr, | |
|
|
141 | 'username': username, | |
|
|
142 | 'action': action, | |
|
|
143 | 'repository': repo_name} | |
|
|
148 | # extras are injected into mercurial UI object and later available | |
|
|
149 | # in hg hooks executed by rhodecode | |
|
|
150 | extras = { | |
|
|
151 | 'ip': ipaddr, | |
|
|
152 | 'username': username, | |
|
|
153 | 'action': action, | |
|
|
154 | 'repository': repo_name | |
|
|
155 | } | |
|
|
144 | 156 | |
|
|
145 | 157 | #====================================================================== |
|
|
146 | 158 | # MERCURIAL REQUEST HANDLING |
|
|
147 | 159 | #====================================================================== |
|
|
148 | ||
|
|
149 | repo_path = safe_str(os.path.join(self.basepath, repo_name)) | |
|
|
160 | repo_path = os.path.join(safe_str(self.basepath), safe_str(repo_name)) | |
|
|
150 | 161 | log.debug('Repository path is %s' % repo_path) |
|
|
151 | 162 | |
|
|
152 | 163 | baseui = make_ui('db') |
| @@ -54,6 +54,7 b' from rhodecode.model.db import Repositor' | |||
|
|
54 | 54 | UserLog, RepoGroup, RhodeCodeSetting, UserRepoGroupToPerm |
|
|
55 | 55 | from rhodecode.model.meta import Session |
|
|
56 | 56 | from rhodecode.model.repos_group import ReposGroupModel |
|
|
57 | from rhodecode.lib import safe_str, safe_unicode | |
|
|
57 | 58 | |
|
|
58 | 59 | log = logging.getLogger(__name__) |
|
|
59 | 60 | |
| @@ -154,7 +155,10 b' def action_logger(user, action, repo, ip' | |||
|
|
154 | 155 | user_log.user_ip = ipaddr |
|
|
155 | 156 | sa.add(user_log) |
|
|
156 | 157 | |
|
|
157 | log.info('Adding user %s, action %s on %s' % (user_obj, action, repo)) | |
|
|
158 | log.info( | |
|
|
159 | 'Adding user %s, action %s on %s' % (user_obj, action, | |
|
|
160 | safe_unicode(repo)) | |
|
|
161 | ) | |
|
|
158 | 162 | if commit: |
|
|
159 | 163 | sa.commit() |
|
|
160 | 164 | except: |
| @@ -198,12 +202,13 b' def get_repos(path, recursive=False):' | |||
|
|
198 | 202 | def is_valid_repo(repo_name, base_path): |
|
|
199 | 203 | """ |
|
|
200 | 204 | Returns True if given path is a valid repository False otherwise |
|
|
205 | ||
|
|
201 | 206 | :param repo_name: |
|
|
202 | 207 | :param base_path: |
|
|
203 | 208 | |
|
|
204 | 209 | :return True: if given path is a valid repository |
|
|
205 | 210 | """ |
|
|
206 | full_path = os.path.join(base_path, repo_name) | |
|
|
211 | full_path = os.path.join(safe_str(base_path), safe_str(repo_name)) | |
|
|
207 | 212 | |
|
|
208 | 213 | try: |
|
|
209 | 214 | get_scm(full_path) |
| @@ -219,7 +224,7 b' def is_valid_repos_group(repos_group_nam' | |||
|
|
219 | 224 | :param repo_name: |
|
|
220 | 225 | :param base_path: |
|
|
221 | 226 | """ |
|
|
222 | full_path = os.path.join(base_path, repos_group_name) | |
|
|
227 | full_path = os.path.join(safe_str(base_path), safe_str(repos_group_name)) | |
|
|
223 | 228 | |
|
|
224 | 229 | # check if it's not a repo |
|
|
225 | 230 | if is_valid_repo(repos_group_name, base_path): |
General Comments 0
You need to be logged in to leave comments.
Login now