upstream/mercurial-mirror Commit - r36893:02bea04b

hgweb: transition permissions hooks to modern request type (API)...

Gregory Szorc -

r36893:02bea04b default

parent child

mercurial/hgweb/common.py

0 +3 -4

                 authentication info). Return if op allowed, else raise an ErrorResponse
                 exception.'''
-                user = req.env.get(r'REMOTE_USER')
+                user = req.remoteuser
                 deny_read = hgweb.configlist('web', 'deny_read')
                 if deny_read and (not user or ismember(hgweb.repo.ui, user, deny_read)):
                     return
                 # enforce that you can only push using POST requests
-                if req.env[r'REQUEST_METHOD'] != r'POST':
+                if req.method != 'POST':
                     msg = 'push requires POST request'
                     raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg)
                 # require ssl by default for pushing, auth info cannot be sniffed
                 # and replayed
-                scheme = req.env.get('wsgi.url_scheme')
+                if hgweb.configbool('web', 'push_ssl') and req.urlscheme != 'https':
-                if hgweb.configbool('web', 'push_ssl') and scheme != 'https':
                     raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required')
                 deny = hgweb.configlist('web', 'deny_push')

mercurial/hgweb/hgweb_mod.py

0 +2 -2

                         res.headers['Content-Security-Policy'] = rctx.csp
                     handled = wireprotoserver.handlewsgirequest(
-                        rctx, wsgireq, req, res, self.check_perm)
+                        rctx, req, res, self.check_perm)
                     if handled:
                         return res.sendresponse()
                         # check read permissions non-static content
                         if cmd != 'static':
-                            self.check_perm(rctx, wsgireq, None)
+                            self.check_perm(rctx, req, None)
                         if cmd == '':
                             req.qsparams['cmd'] = tmpl.cache['default']

mercurial/wireprotoserver.py

0 +2 -3

             def iscmd(cmd):
                 return cmd in wireproto.commands
-            def handlewsgirequest(rctx, wsgireq, req, res, checkperm):
+            def handlewsgirequest(rctx, req, res, checkperm):
                 """Possibly process a wire protocol request.
                 If the current request is a wire protocol request, the request is
                 processed by this function.
-                ``wsgireq`` is a ``wsgirequest`` instance.
                 ``req`` is a ``parsedrequest`` instance.
                 ``res`` is a ``wsgiresponse`` instance.
                     return True
                 proto = httpv1protocolhandler(req, repo.ui,
-                                              lambda perm: checkperm(rctx, wsgireq, perm))
+                                              lambda perm: checkperm(rctx, req, perm))
                 # The permissions checker should be the only thing that can raise an
                 # ErrorResponse. It is kind of a layer violation to catch an hgweb

tests/test-http-bundle1.t

0 +1 -1

               > import base64
               > from mercurial.hgweb import common
               > def perform_authentication(hgweb, req, op):
-              >     auth = req.env.get('HTTP_AUTHORIZATION')
+              >     auth = req.headers.get('Authorization')
               >     if not auth:
               >         raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who',
               >                 [('WWW-Authenticate', 'Basic Realm="mercurial"')])

tests/test-http.t

0 +2 -2

               > import base64
               > from mercurial.hgweb import common
               > def perform_authentication(hgweb, req, op):
-              >     auth = req.env.get('HTTP_AUTHORIZATION')
+              >     auth = req.headers.get('Authorization')
               >     if not auth:
               >         raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who',
               >                 [('WWW-Authenticate', 'Basic Realm="mercurial"')])
               > from mercurial import util
               > from mercurial.hgweb import common
               > def perform_authentication(hgweb, req, op):
-              >     cookie = req.env.get('HTTP_COOKIE')
+              >     cookie = req.headers.get('Cookie')
               >     if not cookie:
               >         raise common.ErrorResponse(common.HTTP_SERVER_ERROR, 'no-cookie')
               >     raise common.ErrorResponse(common.HTTP_SERVER_ERROR, 'Cookie: %s' % cookie)

tests/test-largefiles-wireproto.t

0 +1 -1

               > import base64
               > from mercurial.hgweb import common
               > def perform_authentication(hgweb, req, op):
-              >     auth = req.env.get('HTTP_AUTHORIZATION')
+              >     auth = req.headers.get('Authorization')
               >     if not auth:
               >         raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who',
               >                 [('WWW-Authenticate', 'Basic Realm="mercurial"')])

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages