acl.py
471 lines
| 14.1 KiB
| text/x-python
|
PythonLexer
/ hgext / acl.py
Vadim Gelfer
|
r2344 | # acl.py - changeset access control for mercurial | ||
| # | ||||
| # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com> | ||||
| # | ||||
Martin Geisler
|
r8225 | # This software may be used and distributed according to the terms of the | ||
Matt Mackall
|
r10263 | # GNU General Public License version 2 or any later version. | ||
Dirkjan Ochtman
|
r8873 | |||
|
Dirkjan Ochtman
|
r8935 | '''hooks for controlling repository access | ||
|
Dirkjan Ochtman
|
r8873 | |||
Martin Geisler
|
r11095 | This hook makes it possible to allow or deny write access to given | ||
| branches and paths of a repository when receiving incoming changesets | ||||
| via pretxnchangegroup and pretxncommit. | ||||
|
Martin Geisler
|
r9250 | |||
| The authorization is matched based on the local user name on the | ||||
| system where the hook runs, and not the committer of the original | ||||
| changeset (since the latter is merely informative). | ||||
|
Dirkjan Ochtman
|
r8873 | |||
|
Martin Geisler
|
r9250 | The acl hook is best used along with a restricted shell like hgsh, | ||
|
Martin Geisler
|
r11095 | preventing authenticating users from doing anything other than pushing | ||
| or pulling. The hook is not safe to use if users have interactive | ||||
| shell access, as they can then disable the hook. Nor is it safe if | ||||
| remote users share an account, because then there is no way to | ||||
| distinguish them. | ||||
|
Dirkjan Ochtman
|
r8873 | |||
Elifarley Callado Coelho Cruz
|
r11092 | The order in which access checks are performed is: | ||
|
Martin Geisler
|
r11094 | |||
| 1) Deny list for branches (section ``acl.deny.branches``) | ||||
| 2) Allow list for branches (section ``acl.allow.branches``) | ||||
| 3) Deny list for paths (section ``acl.deny``) | ||||
| 4) Allow list for paths (section ``acl.allow``) | ||||
|
Elifarley Callado Coelho Cruz
|
r11042 | |||
|
Elifarley Callado Coelho Cruz
|
r11092 | The allow and deny sections take key-value pairs. | ||
|
Martin Geisler
|
r11094 | Branch-based Access Control | ||
FUJIWARA Katsunori
|
r17267 | --------------------------- | ||
|
Elifarley Callado Coelho Cruz
|
r11092 | |||
|
Martin Geisler
|
r11095 | Use the ``acl.deny.branches`` and ``acl.allow.branches`` sections to | ||
| have branch-based access control. Keys in these sections can be | ||||
| either: | ||||
|
Martin Geisler
|
r11057 | |||
|
Martin Geisler
|
r11095 | - a branch name, or | ||
| - an asterisk, to match any branch; | ||||
|
Elifarley Callado Coelho Cruz
|
r11092 | |||
| The corresponding values can be either: | ||||
|
Martin Geisler
|
r11094 | |||
|
Martin Geisler
|
r11095 | - a comma-separated list containing users and groups, or | ||
| - an asterisk, to match anyone; | ||||
|
Elifarley Callado Coelho Cruz
|
r11042 | |||
Elifarley Callado Coelho Cruz
|
r16957 | You can add the "!" prefix to a user or group name to invert the sense | ||
| of the match. | ||||
|
Martin Geisler
|
r11094 | Path-based Access Control | ||
|
FUJIWARA Katsunori
|
r17267 | ------------------------- | ||
|
Elifarley Callado Coelho Cruz
|
r11092 | |||
|
Martin Geisler
|
r11095 | Use the ``acl.deny`` and ``acl.allow`` sections to have path-based | ||
| access control. Keys in these sections accept a subtree pattern (with | ||||
| a glob syntax by default). The corresponding values follow the same | ||||
| syntax as the other sections above. | ||||
|
Elifarley Callado Coelho Cruz
|
r11092 | |||
| r38550 | Bookmark-based Access Control | |||
| ----------------------------- | ||||
| Use the ``acl.deny.bookmarks`` and ``acl.allow.bookmarks`` sections to | ||||
| have bookmark-based access control. Keys in these sections can be | ||||
| either: | ||||
| - a bookmark name, or | ||||
| - an asterisk, to match any bookmark; | ||||
| The corresponding values can be either: | ||||
| - a comma-separated list containing users and groups, or | ||||
| - an asterisk, to match anyone; | ||||
| You can add the "!" prefix to a user or group name to invert the sense | ||||
| of the match. | ||||
| Note: for interactions between clients and servers using Mercurial 3.6+ | ||||
| a rejection will generally reject the entire push, for interactions | ||||
| involving older clients, the commit transactions will already be accepted, | ||||
| and only the bookmark movement will be rejected. | ||||
|
Martin Geisler
|
r11094 | Groups | ||
|
FUJIWARA Katsunori
|
r17267 | ------ | ||
|
Elifarley Callado Coelho Cruz
|
r11092 | |||
|
Martin Geisler
|
r11095 | Group names must be prefixed with an ``@`` symbol. Specifying a group | ||
| name has the same effect as specifying all the users in that group. | ||||
|
Dirkjan Ochtman
|
r8873 | |||
|
Elifarley Callado Coelho Cruz
|
r11115 | You can define group members in the ``acl.groups`` section. | ||
| If a group name is not defined there, and Mercurial is running under | ||||
| a Unix-like system, the list of users will be taken from the OS. | ||||
| Otherwise, an exception will be raised. | ||||
|
Martin Geisler
|
r11094 | Example Configuration | ||
|
FUJIWARA Katsunori
|
r17267 | --------------------- | ||
|
Martin Geisler
|
r11094 | |||
| :: | ||||
|
Dirkjan Ochtman
|
r8873 | |||
| [hooks] | ||||
|
Elifarley Callado Coelho Cruz
|
r11042 | |||
|
Elifarley Callado Coelho Cruz
|
r11092 | # Use this if you want to check access restrictions at commit time | ||
|
Elifarley Callado Coelho Cruz
|
r11042 | pretxncommit.acl = python:hgext.acl.hook | ||
|
Martin Geisler
|
r11423 | |||
|
Martin Geisler
|
r11095 | # Use this if you want to check access restrictions for pull, push, | ||
| # bundle and serve. | ||||
|
Dirkjan Ochtman
|
r8873 | pretxnchangegroup.acl = python:hgext.acl.hook | ||
| [acl] | ||||
Patrick Mezard
|
r11131 | # Allow or deny access for incoming changes only if their source is | ||
| # listed here, let them pass otherwise. Source is "serve" for all | ||||
| # remote access (http or ssh), "push", "pull" or "bundle" when the | ||||
| # related commands are run locally. | ||||
| # Default: serve | ||||
Cédric Duval
|
r8893 | sources = serve | ||
|
Dirkjan Ochtman
|
r8873 | |||
|
Martin Geisler
|
r11423 | [acl.deny.branches] | ||
| # Everyone is denied to the frozen branch: | ||||
| frozen-branch = * | ||||
| # A bad user is denied on all branches: | ||||
| * = bad-user | ||||
| [acl.allow.branches] | ||||
| # A few users are allowed on branch-a: | ||||
| branch-a = user-1, user-2, user-3 | ||||
| # Only one user is allowed on branch-b: | ||||
| branch-b = user-1 | ||||
| # The super user is allowed on any branch: | ||||
| * = super-user | ||||
| # Everyone is allowed on branch-for-tests: | ||||
| branch-for-tests = * | ||||
|
Elifarley Callado Coelho Cruz
|
r11092 | |||
|
Elifarley Callado Coelho Cruz
|
r11042 | [acl.deny] | ||
|
Martin Geisler
|
r11095 | # This list is checked first. If a match is found, acl.allow is not | ||
| # checked. All users are granted access if acl.deny is not present. | ||||
| # Format for both lists: glob pattern = user, ..., @group, ... | ||||
|
Elifarley Callado Coelho Cruz
|
r11042 | |||
| # To match everyone, use an asterisk for the user: | ||||
| # my/glob/pattern = * | ||||
| # user6 will not have write access to any file: | ||||
| ** = user6 | ||||
| # Group "hg-denied" will not have write access to any file: | ||||
| ** = @hg-denied | ||||
Bryan O'Sullivan
|
r17537 | # Nobody will be able to change "DONT-TOUCH-THIS.txt", despite | ||
|
Martin Geisler
|
r11095 | # everyone being able to change all other files. See below. | ||
|
Bryan O'Sullivan
|
r17537 | src/main/resources/DONT-TOUCH-THIS.txt = * | ||
|
Dirkjan Ochtman
|
r8873 | |||
| [acl.allow] | ||||
|
Patrick Mezard
|
r11131 | # if acl.allow is not present, all users are allowed by default | ||
|
Elifarley Callado Coelho Cruz
|
r11042 | # empty acl.allow = no users allowed | ||
|
Martin Geisler
|
r11095 | # User "doc_writer" has write access to any file under the "docs" | ||
| # folder: | ||||
|
Dirkjan Ochtman
|
r8873 | docs/** = doc_writer | ||
|
Elifarley Callado Coelho Cruz
|
r11042 | |||
|
Martin Geisler
|
r11095 | # User "jack" and group "designers" have write access to any file | ||
| # under the "images" folder: | ||||
|
Elifarley Callado Coelho Cruz
|
r11042 | images/** = jack, @designers | ||
|
FUJIWARA Katsunori
|
r16499 | # Everyone (except for "user6" and "@hg-denied" - see acl.deny above) | ||
| # will have write access to any file under the "resources" folder | ||||
| # (except for 1 file. See acl.deny): | ||||
|
Elifarley Callado Coelho Cruz
|
r11042 | src/main/resources/** = * | ||
|
Dirkjan Ochtman
|
r8873 | .hgtags = release_engineer | ||
|
Elifarley Callado Coelho Cruz
|
r16957 | Examples using the "!" prefix | ||
| ............................. | ||||
| Suppose there's a branch that only a given user (or group) should be able to | ||||
| push to, and you don't want to restrict access to any other branch that may | ||||
| be created. | ||||
| The "!" prefix allows you to prevent anyone except a given user or group to | ||||
| push changesets in a given branch or path. | ||||
| In the examples below, we will: | ||||
| 1) Deny access to branch "ring" to anyone but user "gollum" | ||||
| 2) Deny access to branch "lake" to anyone but members of the group "hobbit" | ||||
| 3) Deny access to a file to anyone but user "gollum" | ||||
| :: | ||||
| [acl.allow.branches] | ||||
| # Empty | ||||
| [acl.deny.branches] | ||||
| # 1) only 'gollum' can commit to branch 'ring'; | ||||
| # 'gollum' and anyone else can still commit to any other branch. | ||||
| ring = !gollum | ||||
| # 2) only members of the group 'hobbit' can commit to branch 'lake'; | ||||
| # 'hobbit' members and anyone else can still commit to any other branch. | ||||
| lake = !@hobbit | ||||
| # You can also deny access based on file paths: | ||||
| [acl.allow] | ||||
| # Empty | ||||
| [acl.deny] | ||||
| # 3) only 'gollum' can change the file below; | ||||
| # 'gollum' and anyone else can still change any other file. | ||||
| /misty/mountains/cave/ring = !gollum | ||||
|
Dirkjan Ochtman
|
r8873 | ''' | ||
|
Vadim Gelfer
|
r2344 | |||
Gregory Szorc
|
r28089 | from __future__ import absolute_import | ||
|
Matt Mackall
|
r3891 | from mercurial.i18n import _ | ||
|
Gregory Szorc
|
r28089 | from mercurial import ( | ||
| error, | ||||
Boris Feld
|
r34830 | extensions, | ||
|
Gregory Szorc
|
r28089 | match, | ||
|
Gregory Szorc
|
r38806 | pycompat, | ||
| r33182 | registrar, | |||
|
Gregory Szorc
|
r28089 | util, | ||
| ) | ||||
Augie Fackler
|
r43346 | from mercurial.utils import procutil | ||
|
Elifarley Callado Coelho Cruz
|
r11041 | |||
timeless
|
r28883 | urlreq = util.urlreq | ||
|
Augie Fackler
|
r29841 | # Note for extension authors: ONLY specify testedwith = 'ships-with-hg-core' for | ||
|
Augie Fackler
|
r25186 | # extensions which SHIP WITH MERCURIAL. Non-mainline extensions should | ||
| # be specifying the version(s) of Mercurial they are tested with, or | ||||
| # leave the attribute unspecified. | ||||
|
Augie Fackler
|
r43347 | testedwith = b'ships-with-hg-core' | ||
Augie Fackler
|
r16743 | |||
| r33182 | configtable = {} | |||
| configitem = registrar.configitem(configtable) | ||||
| # deprecated config: acl.config | ||||
|
Augie Fackler
|
r43346 | configitem( | ||
|
Augie Fackler
|
r43347 | b'acl', b'config', default=None, | ||
| r33182 | ) | |||
|
Augie Fackler
|
r43346 | configitem( | ||
|
Augie Fackler
|
r43347 | b'acl.groups', b'.*', default=None, generic=True, | ||
|
Boris Feld
|
r34780 | ) | ||
|
Augie Fackler
|
r43346 | configitem( | ||
|
Augie Fackler
|
r43347 | b'acl.deny.branches', b'.*', default=None, generic=True, | ||
|
Boris Feld
|
r34780 | ) | ||
|
Augie Fackler
|
r43346 | configitem( | ||
|
Augie Fackler
|
r43347 | b'acl.allow.branches', b'.*', default=None, generic=True, | ||
|
Boris Feld
|
r34780 | ) | ||
|
Augie Fackler
|
r43346 | configitem( | ||
|
Augie Fackler
|
r43347 | b'acl.deny', b'.*', default=None, generic=True, | ||
|
Boris Feld
|
r34780 | ) | ||
|
Augie Fackler
|
r43346 | configitem( | ||
|
Augie Fackler
|
r43347 | b'acl.allow', b'.*', default=None, generic=True, | ||
|
Boris Feld
|
r34780 | ) | ||
|
Augie Fackler
|
r43346 | configitem( | ||
|
Augie Fackler
|
r43347 | b'acl', b'sources', default=lambda: [b'serve'], | ||
| r33183 | ) | |||
| r33182 | ||||
|
Augie Fackler
|
r43346 | |||
|
Elifarley Callado Coelho Cruz
|
r11114 | def _getusers(ui, group): | ||
| # First, try to use group definition from section [acl.groups] | ||||
|
Augie Fackler
|
r43347 | hgrcusers = ui.configlist(b'acl.groups', group) | ||
|
Elifarley Callado Coelho Cruz
|
r11114 | if hgrcusers: | ||
| return hgrcusers | ||||
|
Augie Fackler
|
r43347 | ui.debug(b'acl: "%s" not defined in [acl.groups]\n' % group) | ||
|
Elifarley Callado Coelho Cruz
|
r11114 | # If no users found in group definition, get users from OS-level group | ||
|
Patrick Mezard
|
r11140 | try: | ||
| return util.groupmembers(group) | ||||
| except KeyError: | ||||
|
Augie Fackler
|
r43347 | raise error.Abort(_(b"group '%s' is undefined") % group) | ||
|
Elifarley Callado Coelho Cruz
|
r11041 | |||
|
Augie Fackler
|
r43346 | |||
|
Elifarley Callado Coelho Cruz
|
r11114 | def _usermatch(ui, user, usersorgroups): | ||
|
Elifarley Callado Coelho Cruz
|
r11041 | |||
|
Augie Fackler
|
r43347 | if usersorgroups == b'*': | ||
|
Elifarley Callado Coelho Cruz
|
r11041 | return True | ||
|
Augie Fackler
|
r43347 | for ug in usersorgroups.replace(b',', b' ').split(): | ||
|
Elifarley Callado Coelho Cruz
|
r16956 | |||
|
Augie Fackler
|
r43347 | if ug.startswith(b'!'): | ||
|
Elifarley Callado Coelho Cruz
|
r16956 | # Test for excluded user or group. Format: | ||
| # if ug is a user name: !username | ||||
| # if ug is a group name: !@groupname | ||||
| ug = ug[1:] | ||||
|
Augie Fackler
|
r43346 | if ( | ||
|
Augie Fackler
|
r43347 | not ug.startswith(b'@') | ||
|
Augie Fackler
|
r43346 | and user != ug | ||
|
Augie Fackler
|
r43347 | or ug.startswith(b'@') | ||
|
Augie Fackler
|
r43346 | and user not in _getusers(ui, ug[1:]) | ||
| ): | ||||
|
Elifarley Callado Coelho Cruz
|
r16956 | return True | ||
| # Test for user or group. Format: | ||||
| # if ug is a user name: username | ||||
| # if ug is a group name: @groupname | ||||
|
Augie Fackler
|
r43347 | elif ( | ||
| user == ug or ug.startswith(b'@') and user in _getusers(ui, ug[1:]) | ||||
| ): | ||||
|
Elifarley Callado Coelho Cruz
|
r11041 | return True | ||
| return False | ||||
|
Vadim Gelfer
|
r2344 | |||
|
Augie Fackler
|
r43346 | |||
|
Matt Mackall
|
r6766 | def buildmatch(ui, repo, user, key): | ||
| '''return tuple of (match function, list enabled).''' | ||||
| if not ui.has_section(key): | ||||
|
Augie Fackler
|
r43347 | ui.debug(b'acl: %s not enabled\n' % key) | ||
|
Matt Mackall
|
r6766 | return None | ||
|
Vadim Gelfer
|
r2344 | |||
|
Augie Fackler
|
r43346 | pats = [ | ||
| pat for pat, users in ui.configitems(key) if _usermatch(ui, user, users) | ||||
| ] | ||||
| ui.debug( | ||||
|
Augie Fackler
|
r43347 | b'acl: %s enabled, %d entries for user %s\n' % (key, len(pats), user) | ||
|
Augie Fackler
|
r43346 | ) | ||
|
Elifarley Callado Coelho Cruz
|
r11092 | |||
|
Elifarley Callado Coelho Cruz
|
r16765 | # Branch-based ACL | ||
|
Elifarley Callado Coelho Cruz
|
r11092 | if not repo: | ||
| if pats: | ||||
|
Elifarley Callado Coelho Cruz
|
r16766 | # If there's an asterisk (meaning "any branch"), always return True; | ||
| # Otherwise, test if b is in pats | ||||
|
Augie Fackler
|
r43347 | if b'*' in pats: | ||
|
Elifarley Callado Coelho Cruz
|
r16766 | return util.always | ||
| return lambda b: b in pats | ||||
|
Elifarley Callado Coelho Cruz
|
r16764 | return util.never | ||
|
Elifarley Callado Coelho Cruz
|
r11092 | |||
|
Elifarley Callado Coelho Cruz
|
r16765 | # Path-based ACL | ||
|
Matt Mackall
|
r6766 | if pats: | ||
|
Augie Fackler
|
r43347 | return match.match(repo.root, b'', pats) | ||
|
Elifarley Callado Coelho Cruz
|
r16767 | return util.never | ||
|
Vadim Gelfer
|
r2344 | |||
|
Augie Fackler
|
r43346 | |||
|
Boris Feld
|
r34830 | def ensureenabled(ui): | ||
| """make sure the extension is enabled when used as hook | ||||
| When acl is used through hooks, the extension is never formally loaded and | ||||
| enabled. This has some side effect, for example the config declaration is | ||||
| never loaded. This function ensure the extension is enabled when running | ||||
| hooks. | ||||
| """ | ||||
|
Augie Fackler
|
r43347 | if b'acl' in ui._knownconfig: | ||
|
Boris Feld
|
r34830 | return | ||
|
Augie Fackler
|
r43347 | ui.setconfig(b'extensions', b'acl', b'', source=b'internal') | ||
| extensions.loadall(ui, [b'acl']) | ||||
|
Boris Feld
|
r34830 | |||
|
Augie Fackler
|
r43346 | |||
|
Vadim Gelfer
|
r2344 | def hook(ui, repo, hooktype, node=None, source=None, **kwargs): | ||
|
Boris Feld
|
r34830 | |||
| ensureenabled(ui) | ||||
|
Augie Fackler
|
r43347 | if hooktype not in [b'pretxnchangegroup', b'pretxncommit', b'prepushkey']: | ||
| r38550 | raise error.Abort( | |||
|
Augie Fackler
|
r43346 | _( | ||
|
Augie Fackler
|
r43347 | b'config error - hook type "%s" cannot stop ' | ||
| b'incoming changesets, commits, nor bookmarks' | ||||
|
Augie Fackler
|
r43346 | ) | ||
| % hooktype | ||||
| ) | ||||
|
Augie Fackler
|
r43347 | if hooktype == b'pretxnchangegroup' and source not in ui.configlist( | ||
| b'acl', b'sources' | ||||
|
Augie Fackler
|
r43346 | ): | ||
|
Augie Fackler
|
r43347 | ui.debug(b'acl: changes have source "%s" - skipping\n' % source) | ||
|
Vadim Gelfer
|
r2344 | return | ||
Henrik Stuart
|
r8846 | user = None | ||
|
Augie Fackler
|
r43347 | if source == b'serve' and r'url' in kwargs: | ||
| url = kwargs[r'url'].split(b':') | ||||
| if url[0] == b'remote' and url[1].startswith(b'http'): | ||||
|
timeless
|
r28883 | user = urlreq.unquote(url[3]) | ||
|
Henrik Stuart
|
r8846 | |||
| if user is None: | ||||
Yuya Nishihara
|
r37138 | user = procutil.getuser() | ||
|
Henrik Stuart
|
r8846 | |||
|
Augie Fackler
|
r43347 | ui.debug(b'acl: checking access for user "%s"\n' % user) | ||
|
Elifarley Callado Coelho Cruz
|
r15207 | |||
|
Augie Fackler
|
r43347 | if hooktype == b'prepushkey': | ||
| r38550 | _pkhook(ui, repo, hooktype, node, source, user, **kwargs) | |||
| else: | ||||
| _txnhook(ui, repo, hooktype, node, source, user, **kwargs) | ||||
|
Augie Fackler
|
r43346 | |||
| r38550 | def _pkhook(ui, repo, hooktype, node, source, user, **kwargs): | |||
|
Augie Fackler
|
r43347 | if kwargs[r'namespace'] == b'bookmarks': | ||
Pulkit Goyal
|
r39458 | bookmark = kwargs[r'key'] | ||
| ctx = kwargs[r'new'] | ||||
|
Augie Fackler
|
r43347 | allowbookmarks = buildmatch(ui, None, user, b'acl.allow.bookmarks') | ||
| denybookmarks = buildmatch(ui, None, user, b'acl.deny.bookmarks') | ||||
| r38550 | ||||
| if denybookmarks and denybookmarks(bookmark): | ||||
|
Augie Fackler
|
r43346 | raise error.Abort( | ||
|
Augie Fackler
|
r43347 | _( | ||
| b'acl: user "%s" denied on bookmark "%s"' | ||||
| b' (changeset "%s")' | ||||
| ) | ||||
|
Augie Fackler
|
r43346 | % (user, bookmark, ctx) | ||
| ) | ||||
| r38550 | if allowbookmarks and not allowbookmarks(bookmark): | |||
|
Augie Fackler
|
r43346 | raise error.Abort( | ||
| _( | ||||
|
Augie Fackler
|
r43347 | b'acl: user "%s" not allowed on bookmark "%s"' | ||
| b' (changeset "%s")' | ||||
|
Augie Fackler
|
r43346 | ) | ||
| % (user, bookmark, ctx) | ||||
| ) | ||||
| ui.debug( | ||||
|
Augie Fackler
|
r43347 | b'acl: bookmark access granted: "%s" on bookmark "%s"\n' | ||
|
Augie Fackler
|
r43346 | % (ctx, bookmark) | ||
| ) | ||||
| r38550 | ||||
| def _txnhook(ui, repo, hooktype, node, source, user, **kwargs): | ||||
|
Matt Mackall
|
r25792 | # deprecated config: acl.config | ||
|
Augie Fackler
|
r43347 | cfg = ui.config(b'acl', b'config') | ||
|
Matt Mackall
|
r6766 | if cfg: | ||
|
Augie Fackler
|
r43346 | ui.readconfig( | ||
| cfg, | ||||
| sections=[ | ||||
|
Augie Fackler
|
r43347 | b'acl.groups', | ||
| b'acl.allow.branches', | ||||
| b'acl.deny.branches', | ||||
| b'acl.allow', | ||||
| b'acl.deny', | ||||
|
Augie Fackler
|
r43346 | ], | ||
| ) | ||||
|
Elifarley Callado Coelho Cruz
|
r11092 | |||
|
Augie Fackler
|
r43347 | allowbranches = buildmatch(ui, None, user, b'acl.allow.branches') | ||
| denybranches = buildmatch(ui, None, user, b'acl.deny.branches') | ||||
| allow = buildmatch(ui, repo, user, b'acl.allow') | ||||
| deny = buildmatch(ui, repo, user, b'acl.deny') | ||||
|
Matt Mackall
|
r6766 | |||
|
Gregory Szorc
|
r38806 | for rev in pycompat.xrange(repo[node].rev(), len(repo)): | ||
|
Matt Mackall
|
r6766 | ctx = repo[rev] | ||
|
Elifarley Callado Coelho Cruz
|
r11092 | branch = ctx.branch() | ||
| if denybranches and denybranches(branch): | ||||
|
Augie Fackler
|
r43346 | raise error.Abort( | ||
Martin von Zweigbergk
|
r43387 | _(b'acl: user "%s" denied on branch "%s" (changeset "%s")') | ||
|
Augie Fackler
|
r43346 | % (user, branch, ctx) | ||
| ) | ||||
|
Elifarley Callado Coelho Cruz
|
r11092 | if allowbranches and not allowbranches(branch): | ||
|
Augie Fackler
|
r43346 | raise error.Abort( | ||
| _( | ||||
|
Augie Fackler
|
r43347 | b'acl: user "%s" not allowed on branch "%s"' | ||
| b' (changeset "%s")' | ||||
|
Augie Fackler
|
r43346 | ) | ||
| % (user, branch, ctx) | ||||
| ) | ||||
| ui.debug( | ||||
|
Augie Fackler
|
r43347 | b'acl: branch access granted: "%s" on branch "%s"\n' % (ctx, branch) | ||
|
Augie Fackler
|
r43346 | ) | ||
|
Elifarley Callado Coelho Cruz
|
r11092 | |||
|
Matt Mackall
|
r6766 | for f in ctx.files(): | ||
| if deny and deny(f): | ||||
|
Augie Fackler
|
r43346 | raise error.Abort( | ||
|
Martin von Zweigbergk
|
r43387 | _(b'acl: user "%s" denied on "%s" (changeset "%s")') | ||
|
Augie Fackler
|
r43346 | % (user, f, ctx) | ||
| ) | ||||
|
Matt Mackall
|
r6766 | if allow and not allow(f): | ||
|
Augie Fackler
|
r43346 | raise error.Abort( | ||
|
Augie Fackler
|
r43347 | _( | ||
| b'acl: user "%s" not allowed on "%s"' | ||||
| b' (changeset "%s")' | ||||
| ) | ||||
|
Augie Fackler
|
r43346 | % (user, f, ctx) | ||
| ) | ||||
|
Augie Fackler
|
r43347 | ui.debug(b'acl: path access granted: "%s"\n' % ctx) | ||
