upstream/mercurial-mirror Commit - r11114:62714143

acl: support for group definitions in section [acl.groups], which take precedence over OS-level groups

Elifarley Callado Coelho Cruz -

r11114:62714143 default

parent child

hgext/acl.py

0 +13 -5

             from mercurial import util, match
             import getpass, urllib, grp
-            def _getusers(group):
+            def _getusers(ui, group):
+                # First, try to use group definition from section [acl.groups]
+                hgrcusers = ui.configlist('acl.groups', group)
+                if hgrcusers:
+                    return hgrcusers
+                ui.debug('acl: "%s" not defined in [acl.groups]\n' % group)
+                # If no users found in group definition, get users from OS-level group
                 return grp.getgrnam(group).gr_mem
-            def _usermatch(user, usersorgroups):
+            def _usermatch(ui, user, usersorgroups):
                 if usersorgroups == '*':
                     return True
                 for ug in usersorgroups.replace(',', ' ').split():
-                    if user == ug or ug.find('@') == 0 and user in _getusers(ug[1:]):
+                    if user == ug or ug.find('@') == 0 and user in _getusers(ui, ug[1:]):
                         return True
                 return False
                     return None
                 pats = [pat for pat, users in ui.configitems(key)
-                        if _usermatch(user, users)]
+                        if _usermatch(ui, user, users)]
                 ui.debug('acl: %s enabled, %d entries for user %s\n' %
                          (key, len(pats), user))
                 cfg = ui.config('acl', 'config')
                 if cfg:
-                    ui.readconfig(cfg, sections = ['acl.allow.branches',
+                    ui.readconfig(cfg, sections = ['acl.groups', 'acl.allow.branches',
                     'acl.deny.branches', 'acl.allow', 'acl.deny'])
                 allowbranches = buildmatch(ui, None, user, 'acl.allow.branches')

tests/test-acl

0 +7 -1

             {
             cat > fakegroups.py <<EOF
             from hgext import acl
-            acl._getusers = lambda x: ["fred", "betty"]
+            def fakegetusers(ui, group):
+                try:
+                    return acl._getusersorig(ui, group)
+                except:
+                    return ["fred", "betty"]
+            acl._getusersorig = acl._getusers
+            acl._getusers = fakegetusers
             EOF
             rm -f acl.config

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages