Show More
| @@ -17,12 +17,6 b' HTTP_NOT_FOUND = 404' | |||||
| 17 | HTTP_METHOD_NOT_ALLOWED = 405 |
|
17 | HTTP_METHOD_NOT_ALLOWED = 405 | |
| 18 | HTTP_SERVER_ERROR = 500 |
|
18 | HTTP_SERVER_ERROR = 500 | |
| 19 |
|
19 | |||
| 20 | # Hooks for hgweb permission checks; extensions can add hooks here. Each hook |
|
|||
| 21 | # is invoked like this: hook(hgweb, request, operation), where operation is |
|
|||
| 22 | # either read, pull or push. Hooks should either raise an ErrorResponse |
|
|||
| 23 | # exception, or just return. |
|
|||
| 24 | # It is possible to do both authentication and authorization through this. |
|
|||
| 25 | permhooks = [] |
|
|||
| 26 |
|
20 | |||
| 27 | def checkauthz(hgweb, req, op): |
|
21 | def checkauthz(hgweb, req, op): | |
| 28 | '''Check permission for operation based on request data (including |
|
22 | '''Check permission for operation based on request data (including | |
| @@ -65,8 +59,14 b' def checkauthz(hgweb, req, op):' | |||||
| 65 | if not result: |
|
59 | if not result: | |
| 66 | raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized') |
|
60 | raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized') | |
| 67 |
|
61 | |||
| 68 | # Add the default permhook, which provides simple authorization. |
|
62 | # Hooks for hgweb permission checks; extensions can add hooks here. | |
| 69 | permhooks.append(checkauthz) |
|
63 | # Each hook is invoked like this: hook(hgweb, request, operation), | |
|
|
64 | # where operation is either read, pull or push. Hooks should either | |||
|
|
65 | # raise an ErrorResponse exception, or just return. | |||
|
|
66 | # | |||
|
|
67 | # It is possible to do both authentication and authorization through | |||
|
|
68 | # this. | |||
|
|
69 | permhooks = [checkauthz] | |||
| 70 |
|
70 | |||
| 71 |
|
71 | |||
| 72 | class ErrorResponse(Exception): |
|
72 | class ErrorResponse(Exception): | |
General Comments 0
You need to be logged in to leave comments.
Login now