upstream/mercurial-mirror Commit - r36893:02bea04b

hgweb: transition permissions hooks to modern request type (API)...

Gregory Szorc -

r36893:02bea04b default

parent child

mercurial/hgweb/common.py

0 +3 -4

                  authentication info). Return if op allowed, else raise an ErrorResponse
                  exception.'''
-                 user = req.env.get(r'REMOTE_USER')
+                 user = req.remoteuser
                  deny_read = hgweb.configlist('web', 'deny_read')
                  if deny_read and (not user or ismember(hgweb.repo.ui, user, deny_read)):
                      return
                  # enforce that you can only push using POST requests
-                 if req.env[r'REQUEST_METHOD'] != r'POST':
+                 if req.method != 'POST':
                      msg = 'push requires POST request'
                      raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg)
                  # require ssl by default for pushing, auth info cannot be sniffed
                  # and replayed
-                 scheme = req.env.get('wsgi.url_scheme')
-                 if hgweb.configbool('web', 'push_ssl') and scheme != 'https':
+                 if hgweb.configbool('web', 'push_ssl') and req.urlscheme != 'https':
                      raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required')
                  deny = hgweb.configlist('web', 'deny_push')

mercurial/hgweb/hgweb_mod.py

0 +2 -2

                          res.headers['Content-Security-Policy'] = rctx.csp
                      handled = wireprotoserver.handlewsgirequest(
-                         rctx, wsgireq, req, res, self.check_perm)
+                         rctx, req, res, self.check_perm)
                      if handled:
                          return res.sendresponse()
                          # check read permissions non-static content
                          if cmd != 'static':
-                             self.check_perm(rctx, wsgireq, None)
+                             self.check_perm(rctx, req, None)
                          if cmd == '':
                              req.qsparams['cmd'] = tmpl.cache['default']

mercurial/wireprotoserver.py

0 +2 -3

              def iscmd(cmd):
                  return cmd in wireproto.commands
-             def handlewsgirequest(rctx, wsgireq, req, res, checkperm):
+             def handlewsgirequest(rctx, req, res, checkperm):
                  """Possibly process a wire protocol request.
                  If the current request is a wire protocol request, the request is
                  processed by this function.
-                 ``wsgireq`` is a ``wsgirequest`` instance.
                  ``req`` is a ``parsedrequest`` instance.
                  ``res`` is a ``wsgiresponse`` instance.
                      return True
                  proto = httpv1protocolhandler(req, repo.ui,
-                                               lambda perm: checkperm(rctx, wsgireq, perm))
+                                               lambda perm: checkperm(rctx, req, perm))
                  # The permissions checker should be the only thing that can raise an
                  # ErrorResponse. It is kind of a layer violation to catch an hgweb

tests/test-http-bundle1.t

0 +1 -1

                > import base64
                > from mercurial.hgweb import common
                > def perform_authentication(hgweb, req, op):
-               >     auth = req.env.get('HTTP_AUTHORIZATION')
+               >     auth = req.headers.get('Authorization')
                >     if not auth:
                >         raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who',
                >                 [('WWW-Authenticate', 'Basic Realm="mercurial"')])

tests/test-http.t

0 +2 -2

                > import base64
                > from mercurial.hgweb import common
                > def perform_authentication(hgweb, req, op):
-               >     auth = req.env.get('HTTP_AUTHORIZATION')
+               >     auth = req.headers.get('Authorization')
                >     if not auth:
                >         raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who',
                >                 [('WWW-Authenticate', 'Basic Realm="mercurial"')])
                > from mercurial import util
                > from mercurial.hgweb import common
                > def perform_authentication(hgweb, req, op):
-               >     cookie = req.env.get('HTTP_COOKIE')
+               >     cookie = req.headers.get('Cookie')
                >     if not cookie:
                >         raise common.ErrorResponse(common.HTTP_SERVER_ERROR, 'no-cookie')
                >     raise common.ErrorResponse(common.HTTP_SERVER_ERROR, 'Cookie: %s' % cookie)

tests/test-largefiles-wireproto.t

0 +1 -1

                > import base64
                > from mercurial.hgweb import common
                > def perform_authentication(hgweb, req, op):
-               >     auth = req.env.get('HTTP_AUTHORIZATION')
+               >     auth = req.headers.get('Authorization')
                >     if not auth:
                >         raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who',
                >                 [('WWW-Authenticate', 'Basic Realm="mercurial"')])

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages