##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

acl: use of "!" prefix in user or group names...
Elifarley Callado Coelho Cruz -
r16956:c49cf339 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,259 +1,273
1 1 # acl.py - changeset access control for mercurial
2 2 #
3 3 # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
4 4 #
5 5 # This software may be used and distributed according to the terms of the
6 6 # GNU General Public License version 2 or any later version.
7 7
8 8 '''hooks for controlling repository access
9 9
10 10 This hook makes it possible to allow or deny write access to given
11 11 branches and paths of a repository when receiving incoming changesets
12 12 via pretxnchangegroup and pretxncommit.
13 13
14 14 The authorization is matched based on the local user name on the
15 15 system where the hook runs, and not the committer of the original
16 16 changeset (since the latter is merely informative).
17 17
18 18 The acl hook is best used along with a restricted shell like hgsh,
19 19 preventing authenticating users from doing anything other than pushing
20 20 or pulling. The hook is not safe to use if users have interactive
21 21 shell access, as they can then disable the hook. Nor is it safe if
22 22 remote users share an account, because then there is no way to
23 23 distinguish them.
24 24
25 25 The order in which access checks are performed is:
26 26
27 27 1) Deny list for branches (section ``acl.deny.branches``)
28 28 2) Allow list for branches (section ``acl.allow.branches``)
29 29 3) Deny list for paths (section ``acl.deny``)
30 30 4) Allow list for paths (section ``acl.allow``)
31 31
32 32 The allow and deny sections take key-value pairs.
33 33
34 34 Branch-based Access Control
35 35 ...........................
36 36
37 37 Use the ``acl.deny.branches`` and ``acl.allow.branches`` sections to
38 38 have branch-based access control. Keys in these sections can be
39 39 either:
40 40
41 41 - a branch name, or
42 42 - an asterisk, to match any branch;
43 43
44 44 The corresponding values can be either:
45 45
46 46 - a comma-separated list containing users and groups, or
47 47 - an asterisk, to match anyone;
48 48
49 49 Path-based Access Control
50 50 .........................
51 51
52 52 Use the ``acl.deny`` and ``acl.allow`` sections to have path-based
53 53 access control. Keys in these sections accept a subtree pattern (with
54 54 a glob syntax by default). The corresponding values follow the same
55 55 syntax as the other sections above.
56 56
57 57 Groups
58 58 ......
59 59
60 60 Group names must be prefixed with an ``@`` symbol. Specifying a group
61 61 name has the same effect as specifying all the users in that group.
62 62
63 63 You can define group members in the ``acl.groups`` section.
64 64 If a group name is not defined there, and Mercurial is running under
65 65 a Unix-like system, the list of users will be taken from the OS.
66 66 Otherwise, an exception will be raised.
67 67
68 68 Example Configuration
69 69 .....................
70 70
71 71 ::
72 72
73 73 [hooks]
74 74
75 75 # Use this if you want to check access restrictions at commit time
76 76 pretxncommit.acl = python:hgext.acl.hook
77 77
78 78 # Use this if you want to check access restrictions for pull, push,
79 79 # bundle and serve.
80 80 pretxnchangegroup.acl = python:hgext.acl.hook
81 81
82 82 [acl]
83 83 # Allow or deny access for incoming changes only if their source is
84 84 # listed here, let them pass otherwise. Source is "serve" for all
85 85 # remote access (http or ssh), "push", "pull" or "bundle" when the
86 86 # related commands are run locally.
87 87 # Default: serve
88 88 sources = serve
89 89
90 90 [acl.deny.branches]
91 91
92 92 # Everyone is denied to the frozen branch:
93 93 frozen-branch = *
94 94
95 95 # A bad user is denied on all branches:
96 96 * = bad-user
97 97
98 98 [acl.allow.branches]
99 99
100 100 # A few users are allowed on branch-a:
101 101 branch-a = user-1, user-2, user-3
102 102
103 103 # Only one user is allowed on branch-b:
104 104 branch-b = user-1
105 105
106 106 # The super user is allowed on any branch:
107 107 * = super-user
108 108
109 109 # Everyone is allowed on branch-for-tests:
110 110 branch-for-tests = *
111 111
112 112 [acl.deny]
113 113 # This list is checked first. If a match is found, acl.allow is not
114 114 # checked. All users are granted access if acl.deny is not present.
115 115 # Format for both lists: glob pattern = user, ..., @group, ...
116 116
117 117 # To match everyone, use an asterisk for the user:
118 118 # my/glob/pattern = *
119 119
120 120 # user6 will not have write access to any file:
121 121 ** = user6
122 122
123 123 # Group "hg-denied" will not have write access to any file:
124 124 ** = @hg-denied
125 125
126 126 # Nobody will be able to change "DONT-TOUCH-THIS.txt", despite
127 127 # everyone being able to change all other files. See below.
128 128 src/main/resources/DONT-TOUCH-THIS.txt = *
129 129
130 130 [acl.allow]
131 131 # if acl.allow is not present, all users are allowed by default
132 132 # empty acl.allow = no users allowed
133 133
134 134 # User "doc_writer" has write access to any file under the "docs"
135 135 # folder:
136 136 docs/** = doc_writer
137 137
138 138 # User "jack" and group "designers" have write access to any file
139 139 # under the "images" folder:
140 140 images/** = jack, @designers
141 141
142 142 # Everyone (except for "user6" and "@hg-denied" - see acl.deny above)
143 143 # will have write access to any file under the "resources" folder
144 144 # (except for 1 file. See acl.deny):
145 145 src/main/resources/** = *
146 146
147 147 .hgtags = release_engineer
148 148
149 149 '''
150 150
151 151 from mercurial.i18n import _
152 152 from mercurial import util, match
153 153 import getpass, urllib
154 154
155 155 testedwith = 'internal'
156 156
157 157 def _getusers(ui, group):
158 158
159 159 # First, try to use group definition from section [acl.groups]
160 160 hgrcusers = ui.configlist('acl.groups', group)
161 161 if hgrcusers:
162 162 return hgrcusers
163 163
164 164 ui.debug('acl: "%s" not defined in [acl.groups]\n' % group)
165 165 # If no users found in group definition, get users from OS-level group
166 166 try:
167 167 return util.groupmembers(group)
168 168 except KeyError:
169 169 raise util.Abort(_("group '%s' is undefined") % group)
170 170
171 171 def _usermatch(ui, user, usersorgroups):
172 172
173 173 if usersorgroups == '*':
174 174 return True
175 175
176 176 for ug in usersorgroups.replace(',', ' ').split():
177 if user == ug or ug.startswith('@') and user in _getusers(ui, ug[1:]):
177
178 if ug.startswith('!'):
179 # Test for excluded user or group. Format:
180 # if ug is a user name: !username
181 # if ug is a group name: !@groupname
182 ug = ug[1:]
183 if not ug.startswith('@') and user != ug \
184 or ug.startswith('@') and user not in _getusers(ui, ug[1:]):
185 return True
186
187 # Test for user or group. Format:
188 # if ug is a user name: username
189 # if ug is a group name: @groupname
190 elif user == ug \
191 or ug.startswith('@') and user in _getusers(ui, ug[1:]):
178 192 return True
179 193
180 194 return False
181 195
182 196 def buildmatch(ui, repo, user, key):
183 197 '''return tuple of (match function, list enabled).'''
184 198 if not ui.has_section(key):
185 199 ui.debug('acl: %s not enabled\n' % key)
186 200 return None
187 201
188 202 pats = [pat for pat, users in ui.configitems(key)
189 203 if _usermatch(ui, user, users)]
190 204 ui.debug('acl: %s enabled, %d entries for user %s\n' %
191 205 (key, len(pats), user))
192 206
193 207 # Branch-based ACL
194 208 if not repo:
195 209 if pats:
196 210 # If there's an asterisk (meaning "any branch"), always return True;
197 211 # Otherwise, test if b is in pats
198 212 if '*' in pats:
199 213 return util.always
200 214 return lambda b: b in pats
201 215 return util.never
202 216
203 217 # Path-based ACL
204 218 if pats:
205 219 return match.match(repo.root, '', pats)
206 220 return util.never
207 221
208 222 def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
209 223 if hooktype not in ['pretxnchangegroup', 'pretxncommit']:
210 224 raise util.Abort(_('config error - hook type "%s" cannot stop '
211 225 'incoming changesets nor commits') % hooktype)
212 226 if (hooktype == 'pretxnchangegroup' and
213 227 source not in ui.config('acl', 'sources', 'serve').split()):
214 228 ui.debug('acl: changes have source "%s" - skipping\n' % source)
215 229 return
216 230
217 231 user = None
218 232 if source == 'serve' and 'url' in kwargs:
219 233 url = kwargs['url'].split(':')
220 234 if url[0] == 'remote' and url[1].startswith('http'):
221 235 user = urllib.unquote(url[3])
222 236
223 237 if user is None:
224 238 user = getpass.getuser()
225 239
226 240 ui.debug('acl: checking access for user "%s"\n' % user)
227 241
228 242 cfg = ui.config('acl', 'config')
229 243 if cfg:
230 244 ui.readconfig(cfg, sections = ['acl.groups', 'acl.allow.branches',
231 245 'acl.deny.branches', 'acl.allow', 'acl.deny'])
232 246
233 247 allowbranches = buildmatch(ui, None, user, 'acl.allow.branches')
234 248 denybranches = buildmatch(ui, None, user, 'acl.deny.branches')
235 249 allow = buildmatch(ui, repo, user, 'acl.allow')
236 250 deny = buildmatch(ui, repo, user, 'acl.deny')
237 251
238 252 for rev in xrange(repo[node], len(repo)):
239 253 ctx = repo[rev]
240 254 branch = ctx.branch()
241 255 if denybranches and denybranches(branch):
242 256 raise util.Abort(_('acl: user "%s" denied on branch "%s"'
243 257 ' (changeset "%s")')
244 258 % (user, branch, ctx))
245 259 if allowbranches and not allowbranches(branch):
246 260 raise util.Abort(_('acl: user "%s" not allowed on branch "%s"'
247 261 ' (changeset "%s")')
248 262 % (user, branch, ctx))
249 263 ui.debug('acl: branch access granted: "%s" on branch "%s"\n'
250 264 % (ctx, branch))
251 265
252 266 for f in ctx.files():
253 267 if deny and deny(f):
254 268 raise util.Abort(_('acl: user "%s" denied on "%s"'
255 269 ' (changeset "%s")') % (user, f, ctx))
256 270 if allow and not allow(f):
257 271 raise util.Abort(_('acl: user "%s" not allowed on "%s"'
258 272 ' (changeset "%s")') % (user, f, ctx))
259 273 ui.debug('acl: path access granted: "%s"\n' % ctx)
Show file before | Show file after | Hide comments
@@ -1,1921 +1,2073
1 1 > do_push()
2 2 > {
3 3 > user=$1
4 4 > shift
5 5 > echo "Pushing as user $user"
6 6 > echo 'hgrc = """'
7 7 > sed -e 1,2d b/.hg/hgrc | grep -v fakegroups.py
8 8 > echo '"""'
9 9 > if test -f acl.config; then
10 10 > echo 'acl.config = """'
11 11 > cat acl.config
12 12 > echo '"""'
13 13 > fi
14 14 > # On AIX /etc/profile sets LOGNAME read-only. So
15 15 > # LOGNAME=$user hg --cws a --debug push ../b
16 16 > # fails with "This variable is read only."
17 17 > # Use env to work around this.
18 18 > env LOGNAME=$user hg --cwd a --debug push ../b
19 19 > hg --cwd b rollback
20 20 > hg --cwd b --quiet tip
21 21 > echo
22 22 > }
23 23
24 24 > init_config()
25 25 > {
26 26 > cat > fakegroups.py <<EOF
27 27 > from hgext import acl
28 28 > def fakegetusers(ui, group):
29 29 > try:
30 30 > return acl._getusersorig(ui, group)
31 31 > except:
32 32 > return ["fred", "betty"]
33 33 > acl._getusersorig = acl._getusers
34 34 > acl._getusers = fakegetusers
35 35 > EOF
36 36 > rm -f acl.config
37 37 > cat > $config <<EOF
38 38 > [hooks]
39 39 > pretxnchangegroup.acl = python:hgext.acl.hook
40 40 > [acl]
41 41 > sources = push
42 42 > [extensions]
43 43 > f=`pwd`/fakegroups.py
44 44 > EOF
45 45 > }
46 46
47 47 $ hg init a
48 48 $ cd a
49 49 $ mkdir foo foo/Bar quux
50 50 $ echo 'in foo' > foo/file.txt
51 51 $ echo 'in foo/Bar' > foo/Bar/file.txt
52 52 $ echo 'in quux' > quux/file.py
53 53 $ hg add -q
54 54 $ hg ci -m 'add files' -d '1000000 0'
55 55 $ echo >> foo/file.txt
56 56 $ hg ci -m 'change foo/file' -d '1000001 0'
57 57 $ echo >> foo/Bar/file.txt
58 58 $ hg ci -m 'change foo/Bar/file' -d '1000002 0'
59 59 $ echo >> quux/file.py
60 60 $ hg ci -m 'change quux/file' -d '1000003 0'
61 61 $ hg tip --quiet
62 62 3:911600dab2ae
63 63
64 64 $ cd ..
65 65 $ hg clone -r 0 a b
66 66 adding changesets
67 67 adding manifests
68 68 adding file changes
69 69 added 1 changesets with 3 changes to 3 files
70 70 updating to branch default
71 71 3 files updated, 0 files merged, 0 files removed, 0 files unresolved
72 72
73 73 $ config=b/.hg/hgrc
74 74
75 75 Extension disabled for lack of a hook
76 76
77 77 $ do_push fred
78 78 Pushing as user fred
79 79 hgrc = """
80 80 """
81 81 pushing to ../b
82 82 query 1; heads
83 83 searching for changes
84 84 all remote heads known locally
85 85 3 changesets found
86 86 list of changesets:
87 87 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
88 88 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
89 89 911600dab2ae7a9baff75958b84fe606851ce955
90 90 adding changesets
91 91 bundling: 1/3 changesets (33.33%)
92 92 bundling: 2/3 changesets (66.67%)
93 93 bundling: 3/3 changesets (100.00%)
94 94 bundling: 1/3 manifests (33.33%)
95 95 bundling: 2/3 manifests (66.67%)
96 96 bundling: 3/3 manifests (100.00%)
97 97 bundling: foo/Bar/file.txt 1/3 files (33.33%)
98 98 bundling: foo/file.txt 2/3 files (66.67%)
99 99 bundling: quux/file.py 3/3 files (100.00%)
100 100 changesets: 1 chunks
101 101 add changeset ef1ea85a6374
102 102 changesets: 2 chunks
103 103 add changeset f9cafe1212c8
104 104 changesets: 3 chunks
105 105 add changeset 911600dab2ae
106 106 adding manifests
107 107 manifests: 1/3 chunks (33.33%)
108 108 manifests: 2/3 chunks (66.67%)
109 109 manifests: 3/3 chunks (100.00%)
110 110 adding file changes
111 111 adding foo/Bar/file.txt revisions
112 112 files: 1/3 chunks (33.33%)
113 113 adding foo/file.txt revisions
114 114 files: 2/3 chunks (66.67%)
115 115 adding quux/file.py revisions
116 116 files: 3/3 chunks (100.00%)
117 117 added 3 changesets with 3 changes to 3 files
118 118 updating the branch cache
119 119 checking for updated bookmarks
120 120 repository tip rolled back to revision 0 (undo push)
121 121 0:6675d58eff77
122 122
123 123
124 124 $ echo '[hooks]' >> $config
125 125 $ echo 'pretxnchangegroup.acl = python:hgext.acl.hook' >> $config
126 126
127 127 Extension disabled for lack of acl.sources
128 128
129 129 $ do_push fred
130 130 Pushing as user fred
131 131 hgrc = """
132 132 [hooks]
133 133 pretxnchangegroup.acl = python:hgext.acl.hook
134 134 """
135 135 pushing to ../b
136 136 query 1; heads
137 137 searching for changes
138 138 all remote heads known locally
139 139 invalidating branch cache (tip differs)
140 140 3 changesets found
141 141 list of changesets:
142 142 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
143 143 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
144 144 911600dab2ae7a9baff75958b84fe606851ce955
145 145 adding changesets
146 146 bundling: 1/3 changesets (33.33%)
147 147 bundling: 2/3 changesets (66.67%)
148 148 bundling: 3/3 changesets (100.00%)
149 149 bundling: 1/3 manifests (33.33%)
150 150 bundling: 2/3 manifests (66.67%)
151 151 bundling: 3/3 manifests (100.00%)
152 152 bundling: foo/Bar/file.txt 1/3 files (33.33%)
153 153 bundling: foo/file.txt 2/3 files (66.67%)
154 154 bundling: quux/file.py 3/3 files (100.00%)
155 155 changesets: 1 chunks
156 156 add changeset ef1ea85a6374
157 157 changesets: 2 chunks
158 158 add changeset f9cafe1212c8
159 159 changesets: 3 chunks
160 160 add changeset 911600dab2ae
161 161 adding manifests
162 162 manifests: 1/3 chunks (33.33%)
163 163 manifests: 2/3 chunks (66.67%)
164 164 manifests: 3/3 chunks (100.00%)
165 165 adding file changes
166 166 adding foo/Bar/file.txt revisions
167 167 files: 1/3 chunks (33.33%)
168 168 adding foo/file.txt revisions
169 169 files: 2/3 chunks (66.67%)
170 170 adding quux/file.py revisions
171 171 files: 3/3 chunks (100.00%)
172 172 added 3 changesets with 3 changes to 3 files
173 173 calling hook pretxnchangegroup.acl: hgext.acl.hook
174 174 acl: changes have source "push" - skipping
175 175 updating the branch cache
176 176 checking for updated bookmarks
177 177 repository tip rolled back to revision 0 (undo push)
178 178 0:6675d58eff77
179 179
180 180
181 181 No [acl.allow]/[acl.deny]
182 182
183 183 $ echo '[acl]' >> $config
184 184 $ echo 'sources = push' >> $config
185 185 $ do_push fred
186 186 Pushing as user fred
187 187 hgrc = """
188 188 [hooks]
189 189 pretxnchangegroup.acl = python:hgext.acl.hook
190 190 [acl]
191 191 sources = push
192 192 """
193 193 pushing to ../b
194 194 query 1; heads
195 195 searching for changes
196 196 all remote heads known locally
197 197 invalidating branch cache (tip differs)
198 198 3 changesets found
199 199 list of changesets:
200 200 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
201 201 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
202 202 911600dab2ae7a9baff75958b84fe606851ce955
203 203 adding changesets
204 204 bundling: 1/3 changesets (33.33%)
205 205 bundling: 2/3 changesets (66.67%)
206 206 bundling: 3/3 changesets (100.00%)
207 207 bundling: 1/3 manifests (33.33%)
208 208 bundling: 2/3 manifests (66.67%)
209 209 bundling: 3/3 manifests (100.00%)
210 210 bundling: foo/Bar/file.txt 1/3 files (33.33%)
211 211 bundling: foo/file.txt 2/3 files (66.67%)
212 212 bundling: quux/file.py 3/3 files (100.00%)
213 213 changesets: 1 chunks
214 214 add changeset ef1ea85a6374
215 215 changesets: 2 chunks
216 216 add changeset f9cafe1212c8
217 217 changesets: 3 chunks
218 218 add changeset 911600dab2ae
219 219 adding manifests
220 220 manifests: 1/3 chunks (33.33%)
221 221 manifests: 2/3 chunks (66.67%)
222 222 manifests: 3/3 chunks (100.00%)
223 223 adding file changes
224 224 adding foo/Bar/file.txt revisions
225 225 files: 1/3 chunks (33.33%)
226 226 adding foo/file.txt revisions
227 227 files: 2/3 chunks (66.67%)
228 228 adding quux/file.py revisions
229 229 files: 3/3 chunks (100.00%)
230 230 added 3 changesets with 3 changes to 3 files
231 231 calling hook pretxnchangegroup.acl: hgext.acl.hook
232 232 acl: checking access for user "fred"
233 233 acl: acl.allow.branches not enabled
234 234 acl: acl.deny.branches not enabled
235 235 acl: acl.allow not enabled
236 236 acl: acl.deny not enabled
237 237 acl: branch access granted: "ef1ea85a6374" on branch "default"
238 238 acl: path access granted: "ef1ea85a6374"
239 239 acl: branch access granted: "f9cafe1212c8" on branch "default"
240 240 acl: path access granted: "f9cafe1212c8"
241 241 acl: branch access granted: "911600dab2ae" on branch "default"
242 242 acl: path access granted: "911600dab2ae"
243 243 updating the branch cache
244 244 checking for updated bookmarks
245 245 repository tip rolled back to revision 0 (undo push)
246 246 0:6675d58eff77
247 247
248 248
249 249 Empty [acl.allow]
250 250
251 251 $ echo '[acl.allow]' >> $config
252 252 $ do_push fred
253 253 Pushing as user fred
254 254 hgrc = """
255 255 [hooks]
256 256 pretxnchangegroup.acl = python:hgext.acl.hook
257 257 [acl]
258 258 sources = push
259 259 [acl.allow]
260 260 """
261 261 pushing to ../b
262 262 query 1; heads
263 263 searching for changes
264 264 all remote heads known locally
265 265 invalidating branch cache (tip differs)
266 266 3 changesets found
267 267 list of changesets:
268 268 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
269 269 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
270 270 911600dab2ae7a9baff75958b84fe606851ce955
271 271 adding changesets
272 272 bundling: 1/3 changesets (33.33%)
273 273 bundling: 2/3 changesets (66.67%)
274 274 bundling: 3/3 changesets (100.00%)
275 275 bundling: 1/3 manifests (33.33%)
276 276 bundling: 2/3 manifests (66.67%)
277 277 bundling: 3/3 manifests (100.00%)
278 278 bundling: foo/Bar/file.txt 1/3 files (33.33%)
279 279 bundling: foo/file.txt 2/3 files (66.67%)
280 280 bundling: quux/file.py 3/3 files (100.00%)
281 281 changesets: 1 chunks
282 282 add changeset ef1ea85a6374
283 283 changesets: 2 chunks
284 284 add changeset f9cafe1212c8
285 285 changesets: 3 chunks
286 286 add changeset 911600dab2ae
287 287 adding manifests
288 288 manifests: 1/3 chunks (33.33%)
289 289 manifests: 2/3 chunks (66.67%)
290 290 manifests: 3/3 chunks (100.00%)
291 291 adding file changes
292 292 adding foo/Bar/file.txt revisions
293 293 files: 1/3 chunks (33.33%)
294 294 adding foo/file.txt revisions
295 295 files: 2/3 chunks (66.67%)
296 296 adding quux/file.py revisions
297 297 files: 3/3 chunks (100.00%)
298 298 added 3 changesets with 3 changes to 3 files
299 299 calling hook pretxnchangegroup.acl: hgext.acl.hook
300 300 acl: checking access for user "fred"
301 301 acl: acl.allow.branches not enabled
302 302 acl: acl.deny.branches not enabled
303 303 acl: acl.allow enabled, 0 entries for user fred
304 304 acl: acl.deny not enabled
305 305 acl: branch access granted: "ef1ea85a6374" on branch "default"
306 306 error: pretxnchangegroup.acl hook failed: acl: user "fred" not allowed on "foo/file.txt" (changeset "ef1ea85a6374")
307 307 transaction abort!
308 308 rollback completed
309 309 abort: acl: user "fred" not allowed on "foo/file.txt" (changeset "ef1ea85a6374")
310 310 no rollback information available
311 311 0:6675d58eff77
312 312
313 313
314 314 fred is allowed inside foo/
315 315
316 316 $ echo 'foo/** = fred' >> $config
317 317 $ do_push fred
318 318 Pushing as user fred
319 319 hgrc = """
320 320 [hooks]
321 321 pretxnchangegroup.acl = python:hgext.acl.hook
322 322 [acl]
323 323 sources = push
324 324 [acl.allow]
325 325 foo/** = fred
326 326 """
327 327 pushing to ../b
328 328 query 1; heads
329 329 searching for changes
330 330 all remote heads known locally
331 331 3 changesets found
332 332 list of changesets:
333 333 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
334 334 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
335 335 911600dab2ae7a9baff75958b84fe606851ce955
336 336 adding changesets
337 337 bundling: 1/3 changesets (33.33%)
338 338 bundling: 2/3 changesets (66.67%)
339 339 bundling: 3/3 changesets (100.00%)
340 340 bundling: 1/3 manifests (33.33%)
341 341 bundling: 2/3 manifests (66.67%)
342 342 bundling: 3/3 manifests (100.00%)
343 343 bundling: foo/Bar/file.txt 1/3 files (33.33%)
344 344 bundling: foo/file.txt 2/3 files (66.67%)
345 345 bundling: quux/file.py 3/3 files (100.00%)
346 346 changesets: 1 chunks
347 347 add changeset ef1ea85a6374
348 348 changesets: 2 chunks
349 349 add changeset f9cafe1212c8
350 350 changesets: 3 chunks
351 351 add changeset 911600dab2ae
352 352 adding manifests
353 353 manifests: 1/3 chunks (33.33%)
354 354 manifests: 2/3 chunks (66.67%)
355 355 manifests: 3/3 chunks (100.00%)
356 356 adding file changes
357 357 adding foo/Bar/file.txt revisions
358 358 files: 1/3 chunks (33.33%)
359 359 adding foo/file.txt revisions
360 360 files: 2/3 chunks (66.67%)
361 361 adding quux/file.py revisions
362 362 files: 3/3 chunks (100.00%)
363 363 added 3 changesets with 3 changes to 3 files
364 364 calling hook pretxnchangegroup.acl: hgext.acl.hook
365 365 acl: checking access for user "fred"
366 366 acl: acl.allow.branches not enabled
367 367 acl: acl.deny.branches not enabled
368 368 acl: acl.allow enabled, 1 entries for user fred
369 369 acl: acl.deny not enabled
370 370 acl: branch access granted: "ef1ea85a6374" on branch "default"
371 371 acl: path access granted: "ef1ea85a6374"
372 372 acl: branch access granted: "f9cafe1212c8" on branch "default"
373 373 acl: path access granted: "f9cafe1212c8"
374 374 acl: branch access granted: "911600dab2ae" on branch "default"
375 375 error: pretxnchangegroup.acl hook failed: acl: user "fred" not allowed on "quux/file.py" (changeset "911600dab2ae")
376 376 transaction abort!
377 377 rollback completed
378 378 abort: acl: user "fred" not allowed on "quux/file.py" (changeset "911600dab2ae")
379 379 no rollback information available
380 380 0:6675d58eff77
381 381
382 382
383 383 Empty [acl.deny]
384 384
385 385 $ echo '[acl.deny]' >> $config
386 386 $ do_push barney
387 387 Pushing as user barney
388 388 hgrc = """
389 389 [hooks]
390 390 pretxnchangegroup.acl = python:hgext.acl.hook
391 391 [acl]
392 392 sources = push
393 393 [acl.allow]
394 394 foo/** = fred
395 395 [acl.deny]
396 396 """
397 397 pushing to ../b
398 398 query 1; heads
399 399 searching for changes
400 400 all remote heads known locally
401 401 3 changesets found
402 402 list of changesets:
403 403 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
404 404 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
405 405 911600dab2ae7a9baff75958b84fe606851ce955
406 406 adding changesets
407 407 bundling: 1/3 changesets (33.33%)
408 408 bundling: 2/3 changesets (66.67%)
409 409 bundling: 3/3 changesets (100.00%)
410 410 bundling: 1/3 manifests (33.33%)
411 411 bundling: 2/3 manifests (66.67%)
412 412 bundling: 3/3 manifests (100.00%)
413 413 bundling: foo/Bar/file.txt 1/3 files (33.33%)
414 414 bundling: foo/file.txt 2/3 files (66.67%)
415 415 bundling: quux/file.py 3/3 files (100.00%)
416 416 changesets: 1 chunks
417 417 add changeset ef1ea85a6374
418 418 changesets: 2 chunks
419 419 add changeset f9cafe1212c8
420 420 changesets: 3 chunks
421 421 add changeset 911600dab2ae
422 422 adding manifests
423 423 manifests: 1/3 chunks (33.33%)
424 424 manifests: 2/3 chunks (66.67%)
425 425 manifests: 3/3 chunks (100.00%)
426 426 adding file changes
427 427 adding foo/Bar/file.txt revisions
428 428 files: 1/3 chunks (33.33%)
429 429 adding foo/file.txt revisions
430 430 files: 2/3 chunks (66.67%)
431 431 adding quux/file.py revisions
432 432 files: 3/3 chunks (100.00%)
433 433 added 3 changesets with 3 changes to 3 files
434 434 calling hook pretxnchangegroup.acl: hgext.acl.hook
435 435 acl: checking access for user "barney"
436 436 acl: acl.allow.branches not enabled
437 437 acl: acl.deny.branches not enabled
438 438 acl: acl.allow enabled, 0 entries for user barney
439 439 acl: acl.deny enabled, 0 entries for user barney
440 440 acl: branch access granted: "ef1ea85a6374" on branch "default"
441 441 error: pretxnchangegroup.acl hook failed: acl: user "barney" not allowed on "foo/file.txt" (changeset "ef1ea85a6374")
442 442 transaction abort!
443 443 rollback completed
444 444 abort: acl: user "barney" not allowed on "foo/file.txt" (changeset "ef1ea85a6374")
445 445 no rollback information available
446 446 0:6675d58eff77
447 447
448 448
449 449 fred is allowed inside foo/, but not foo/bar/ (case matters)
450 450
451 451 $ echo 'foo/bar/** = fred' >> $config
452 452 $ do_push fred
453 453 Pushing as user fred
454 454 hgrc = """
455 455 [hooks]
456 456 pretxnchangegroup.acl = python:hgext.acl.hook
457 457 [acl]
458 458 sources = push
459 459 [acl.allow]
460 460 foo/** = fred
461 461 [acl.deny]
462 462 foo/bar/** = fred
463 463 """
464 464 pushing to ../b
465 465 query 1; heads
466 466 searching for changes
467 467 all remote heads known locally
468 468 3 changesets found
469 469 list of changesets:
470 470 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
471 471 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
472 472 911600dab2ae7a9baff75958b84fe606851ce955
473 473 adding changesets
474 474 bundling: 1/3 changesets (33.33%)
475 475 bundling: 2/3 changesets (66.67%)
476 476 bundling: 3/3 changesets (100.00%)
477 477 bundling: 1/3 manifests (33.33%)
478 478 bundling: 2/3 manifests (66.67%)
479 479 bundling: 3/3 manifests (100.00%)
480 480 bundling: foo/Bar/file.txt 1/3 files (33.33%)
481 481 bundling: foo/file.txt 2/3 files (66.67%)
482 482 bundling: quux/file.py 3/3 files (100.00%)
483 483 changesets: 1 chunks
484 484 add changeset ef1ea85a6374
485 485 changesets: 2 chunks
486 486 add changeset f9cafe1212c8
487 487 changesets: 3 chunks
488 488 add changeset 911600dab2ae
489 489 adding manifests
490 490 manifests: 1/3 chunks (33.33%)
491 491 manifests: 2/3 chunks (66.67%)
492 492 manifests: 3/3 chunks (100.00%)
493 493 adding file changes
494 494 adding foo/Bar/file.txt revisions
495 495 files: 1/3 chunks (33.33%)
496 496 adding foo/file.txt revisions
497 497 files: 2/3 chunks (66.67%)
498 498 adding quux/file.py revisions
499 499 files: 3/3 chunks (100.00%)
500 500 added 3 changesets with 3 changes to 3 files
501 501 calling hook pretxnchangegroup.acl: hgext.acl.hook
502 502 acl: checking access for user "fred"
503 503 acl: acl.allow.branches not enabled
504 504 acl: acl.deny.branches not enabled
505 505 acl: acl.allow enabled, 1 entries for user fred
506 506 acl: acl.deny enabled, 1 entries for user fred
507 507 acl: branch access granted: "ef1ea85a6374" on branch "default"
508 508 acl: path access granted: "ef1ea85a6374"
509 509 acl: branch access granted: "f9cafe1212c8" on branch "default"
510 510 acl: path access granted: "f9cafe1212c8"
511 511 acl: branch access granted: "911600dab2ae" on branch "default"
512 512 error: pretxnchangegroup.acl hook failed: acl: user "fred" not allowed on "quux/file.py" (changeset "911600dab2ae")
513 513 transaction abort!
514 514 rollback completed
515 515 abort: acl: user "fred" not allowed on "quux/file.py" (changeset "911600dab2ae")
516 516 no rollback information available
517 517 0:6675d58eff77
518 518
519 519
520 520 fred is allowed inside foo/, but not foo/Bar/
521 521
522 522 $ echo 'foo/Bar/** = fred' >> $config
523 523 $ do_push fred
524 524 Pushing as user fred
525 525 hgrc = """
526 526 [hooks]
527 527 pretxnchangegroup.acl = python:hgext.acl.hook
528 528 [acl]
529 529 sources = push
530 530 [acl.allow]
531 531 foo/** = fred
532 532 [acl.deny]
533 533 foo/bar/** = fred
534 534 foo/Bar/** = fred
535 535 """
536 536 pushing to ../b
537 537 query 1; heads
538 538 searching for changes
539 539 all remote heads known locally
540 540 3 changesets found
541 541 list of changesets:
542 542 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
543 543 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
544 544 911600dab2ae7a9baff75958b84fe606851ce955
545 545 adding changesets
546 546 bundling: 1/3 changesets (33.33%)
547 547 bundling: 2/3 changesets (66.67%)
548 548 bundling: 3/3 changesets (100.00%)
549 549 bundling: 1/3 manifests (33.33%)
550 550 bundling: 2/3 manifests (66.67%)
551 551 bundling: 3/3 manifests (100.00%)
552 552 bundling: foo/Bar/file.txt 1/3 files (33.33%)
553 553 bundling: foo/file.txt 2/3 files (66.67%)
554 554 bundling: quux/file.py 3/3 files (100.00%)
555 555 changesets: 1 chunks
556 556 add changeset ef1ea85a6374
557 557 changesets: 2 chunks
558 558 add changeset f9cafe1212c8
559 559 changesets: 3 chunks
560 560 add changeset 911600dab2ae
561 561 adding manifests
562 562 manifests: 1/3 chunks (33.33%)
563 563 manifests: 2/3 chunks (66.67%)
564 564 manifests: 3/3 chunks (100.00%)
565 565 adding file changes
566 566 adding foo/Bar/file.txt revisions
567 567 files: 1/3 chunks (33.33%)
568 568 adding foo/file.txt revisions
569 569 files: 2/3 chunks (66.67%)
570 570 adding quux/file.py revisions
571 571 files: 3/3 chunks (100.00%)
572 572 added 3 changesets with 3 changes to 3 files
573 573 calling hook pretxnchangegroup.acl: hgext.acl.hook
574 574 acl: checking access for user "fred"
575 575 acl: acl.allow.branches not enabled
576 576 acl: acl.deny.branches not enabled
577 577 acl: acl.allow enabled, 1 entries for user fred
578 578 acl: acl.deny enabled, 2 entries for user fred
579 579 acl: branch access granted: "ef1ea85a6374" on branch "default"
580 580 acl: path access granted: "ef1ea85a6374"
581 581 acl: branch access granted: "f9cafe1212c8" on branch "default"
582 582 error: pretxnchangegroup.acl hook failed: acl: user "fred" denied on "foo/Bar/file.txt" (changeset "f9cafe1212c8")
583 583 transaction abort!
584 584 rollback completed
585 585 abort: acl: user "fred" denied on "foo/Bar/file.txt" (changeset "f9cafe1212c8")
586 586 no rollback information available
587 587 0:6675d58eff77
588 588
589 589
590 590 $ echo 'barney is not mentioned => not allowed anywhere'
591 591 barney is not mentioned => not allowed anywhere
592 592 $ do_push barney
593 593 Pushing as user barney
594 594 hgrc = """
595 595 [hooks]
596 596 pretxnchangegroup.acl = python:hgext.acl.hook
597 597 [acl]
598 598 sources = push
599 599 [acl.allow]
600 600 foo/** = fred
601 601 [acl.deny]
602 602 foo/bar/** = fred
603 603 foo/Bar/** = fred
604 604 """
605 605 pushing to ../b
606 606 query 1; heads
607 607 searching for changes
608 608 all remote heads known locally
609 609 3 changesets found
610 610 list of changesets:
611 611 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
612 612 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
613 613 911600dab2ae7a9baff75958b84fe606851ce955
614 614 adding changesets
615 615 bundling: 1/3 changesets (33.33%)
616 616 bundling: 2/3 changesets (66.67%)
617 617 bundling: 3/3 changesets (100.00%)
618 618 bundling: 1/3 manifests (33.33%)
619 619 bundling: 2/3 manifests (66.67%)
620 620 bundling: 3/3 manifests (100.00%)
621 621 bundling: foo/Bar/file.txt 1/3 files (33.33%)
622 622 bundling: foo/file.txt 2/3 files (66.67%)
623 623 bundling: quux/file.py 3/3 files (100.00%)
624 624 changesets: 1 chunks
625 625 add changeset ef1ea85a6374
626 626 changesets: 2 chunks
627 627 add changeset f9cafe1212c8
628 628 changesets: 3 chunks
629 629 add changeset 911600dab2ae
630 630 adding manifests
631 631 manifests: 1/3 chunks (33.33%)
632 632 manifests: 2/3 chunks (66.67%)
633 633 manifests: 3/3 chunks (100.00%)
634 634 adding file changes
635 635 adding foo/Bar/file.txt revisions
636 636 files: 1/3 chunks (33.33%)
637 637 adding foo/file.txt revisions
638 638 files: 2/3 chunks (66.67%)
639 639 adding quux/file.py revisions
640 640 files: 3/3 chunks (100.00%)
641 641 added 3 changesets with 3 changes to 3 files
642 642 calling hook pretxnchangegroup.acl: hgext.acl.hook
643 643 acl: checking access for user "barney"
644 644 acl: acl.allow.branches not enabled
645 645 acl: acl.deny.branches not enabled
646 646 acl: acl.allow enabled, 0 entries for user barney
647 647 acl: acl.deny enabled, 0 entries for user barney
648 648 acl: branch access granted: "ef1ea85a6374" on branch "default"
649 649 error: pretxnchangegroup.acl hook failed: acl: user "barney" not allowed on "foo/file.txt" (changeset "ef1ea85a6374")
650 650 transaction abort!
651 651 rollback completed
652 652 abort: acl: user "barney" not allowed on "foo/file.txt" (changeset "ef1ea85a6374")
653 653 no rollback information available
654 654 0:6675d58eff77
655 655
656 656
657 657 barney is allowed everywhere
658 658
659 659 $ echo '[acl.allow]' >> $config
660 660 $ echo '** = barney' >> $config
661 661 $ do_push barney
662 662 Pushing as user barney
663 663 hgrc = """
664 664 [hooks]
665 665 pretxnchangegroup.acl = python:hgext.acl.hook
666 666 [acl]
667 667 sources = push
668 668 [acl.allow]
669 669 foo/** = fred
670 670 [acl.deny]
671 671 foo/bar/** = fred
672 672 foo/Bar/** = fred
673 673 [acl.allow]
674 674 ** = barney
675 675 """
676 676 pushing to ../b
677 677 query 1; heads
678 678 searching for changes
679 679 all remote heads known locally
680 680 3 changesets found
681 681 list of changesets:
682 682 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
683 683 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
684 684 911600dab2ae7a9baff75958b84fe606851ce955
685 685 adding changesets
686 686 bundling: 1/3 changesets (33.33%)
687 687 bundling: 2/3 changesets (66.67%)
688 688 bundling: 3/3 changesets (100.00%)
689 689 bundling: 1/3 manifests (33.33%)
690 690 bundling: 2/3 manifests (66.67%)
691 691 bundling: 3/3 manifests (100.00%)
692 692 bundling: foo/Bar/file.txt 1/3 files (33.33%)
693 693 bundling: foo/file.txt 2/3 files (66.67%)
694 694 bundling: quux/file.py 3/3 files (100.00%)
695 695 changesets: 1 chunks
696 696 add changeset ef1ea85a6374
697 697 changesets: 2 chunks
698 698 add changeset f9cafe1212c8
699 699 changesets: 3 chunks
700 700 add changeset 911600dab2ae
701 701 adding manifests
702 702 manifests: 1/3 chunks (33.33%)
703 703 manifests: 2/3 chunks (66.67%)
704 704 manifests: 3/3 chunks (100.00%)
705 705 adding file changes
706 706 adding foo/Bar/file.txt revisions
707 707 files: 1/3 chunks (33.33%)
708 708 adding foo/file.txt revisions
709 709 files: 2/3 chunks (66.67%)
710 710 adding quux/file.py revisions
711 711 files: 3/3 chunks (100.00%)
712 712 added 3 changesets with 3 changes to 3 files
713 713 calling hook pretxnchangegroup.acl: hgext.acl.hook
714 714 acl: checking access for user "barney"
715 715 acl: acl.allow.branches not enabled
716 716 acl: acl.deny.branches not enabled
717 717 acl: acl.allow enabled, 1 entries for user barney
718 718 acl: acl.deny enabled, 0 entries for user barney
719 719 acl: branch access granted: "ef1ea85a6374" on branch "default"
720 720 acl: path access granted: "ef1ea85a6374"
721 721 acl: branch access granted: "f9cafe1212c8" on branch "default"
722 722 acl: path access granted: "f9cafe1212c8"
723 723 acl: branch access granted: "911600dab2ae" on branch "default"
724 724 acl: path access granted: "911600dab2ae"
725 725 updating the branch cache
726 726 checking for updated bookmarks
727 727 repository tip rolled back to revision 0 (undo push)
728 728 0:6675d58eff77
729 729
730 730
731 731 wilma can change files with a .txt extension
732 732
733 733 $ echo '**/*.txt = wilma' >> $config
734 734 $ do_push wilma
735 735 Pushing as user wilma
736 736 hgrc = """
737 737 [hooks]
738 738 pretxnchangegroup.acl = python:hgext.acl.hook
739 739 [acl]
740 740 sources = push
741 741 [acl.allow]
742 742 foo/** = fred
743 743 [acl.deny]
744 744 foo/bar/** = fred
745 745 foo/Bar/** = fred
746 746 [acl.allow]
747 747 ** = barney
748 748 **/*.txt = wilma
749 749 """
750 750 pushing to ../b
751 751 query 1; heads
752 752 searching for changes
753 753 all remote heads known locally
754 754 invalidating branch cache (tip differs)
755 755 3 changesets found
756 756 list of changesets:
757 757 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
758 758 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
759 759 911600dab2ae7a9baff75958b84fe606851ce955
760 760 adding changesets
761 761 bundling: 1/3 changesets (33.33%)
762 762 bundling: 2/3 changesets (66.67%)
763 763 bundling: 3/3 changesets (100.00%)
764 764 bundling: 1/3 manifests (33.33%)
765 765 bundling: 2/3 manifests (66.67%)
766 766 bundling: 3/3 manifests (100.00%)
767 767 bundling: foo/Bar/file.txt 1/3 files (33.33%)
768 768 bundling: foo/file.txt 2/3 files (66.67%)
769 769 bundling: quux/file.py 3/3 files (100.00%)
770 770 changesets: 1 chunks
771 771 add changeset ef1ea85a6374
772 772 changesets: 2 chunks
773 773 add changeset f9cafe1212c8
774 774 changesets: 3 chunks
775 775 add changeset 911600dab2ae
776 776 adding manifests
777 777 manifests: 1/3 chunks (33.33%)
778 778 manifests: 2/3 chunks (66.67%)
779 779 manifests: 3/3 chunks (100.00%)
780 780 adding file changes
781 781 adding foo/Bar/file.txt revisions
782 782 files: 1/3 chunks (33.33%)
783 783 adding foo/file.txt revisions
784 784 files: 2/3 chunks (66.67%)
785 785 adding quux/file.py revisions
786 786 files: 3/3 chunks (100.00%)
787 787 added 3 changesets with 3 changes to 3 files
788 788 calling hook pretxnchangegroup.acl: hgext.acl.hook
789 789 acl: checking access for user "wilma"
790 790 acl: acl.allow.branches not enabled
791 791 acl: acl.deny.branches not enabled
792 792 acl: acl.allow enabled, 1 entries for user wilma
793 793 acl: acl.deny enabled, 0 entries for user wilma
794 794 acl: branch access granted: "ef1ea85a6374" on branch "default"
795 795 acl: path access granted: "ef1ea85a6374"
796 796 acl: branch access granted: "f9cafe1212c8" on branch "default"
797 797 acl: path access granted: "f9cafe1212c8"
798 798 acl: branch access granted: "911600dab2ae" on branch "default"
799 799 error: pretxnchangegroup.acl hook failed: acl: user "wilma" not allowed on "quux/file.py" (changeset "911600dab2ae")
800 800 transaction abort!
801 801 rollback completed
802 802 abort: acl: user "wilma" not allowed on "quux/file.py" (changeset "911600dab2ae")
803 803 no rollback information available
804 804 0:6675d58eff77
805 805
806 806
807 807 file specified by acl.config does not exist
808 808
809 809 $ echo '[acl]' >> $config
810 810 $ echo 'config = ../acl.config' >> $config
811 811 $ do_push barney
812 812 Pushing as user barney
813 813 hgrc = """
814 814 [hooks]
815 815 pretxnchangegroup.acl = python:hgext.acl.hook
816 816 [acl]
817 817 sources = push
818 818 [acl.allow]
819 819 foo/** = fred
820 820 [acl.deny]
821 821 foo/bar/** = fred
822 822 foo/Bar/** = fred
823 823 [acl.allow]
824 824 ** = barney
825 825 **/*.txt = wilma
826 826 [acl]
827 827 config = ../acl.config
828 828 """
829 829 pushing to ../b
830 830 query 1; heads
831 831 searching for changes
832 832 all remote heads known locally
833 833 3 changesets found
834 834 list of changesets:
835 835 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
836 836 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
837 837 911600dab2ae7a9baff75958b84fe606851ce955
838 838 adding changesets
839 839 bundling: 1/3 changesets (33.33%)
840 840 bundling: 2/3 changesets (66.67%)
841 841 bundling: 3/3 changesets (100.00%)
842 842 bundling: 1/3 manifests (33.33%)
843 843 bundling: 2/3 manifests (66.67%)
844 844 bundling: 3/3 manifests (100.00%)
845 845 bundling: foo/Bar/file.txt 1/3 files (33.33%)
846 846 bundling: foo/file.txt 2/3 files (66.67%)
847 847 bundling: quux/file.py 3/3 files (100.00%)
848 848 changesets: 1 chunks
849 849 add changeset ef1ea85a6374
850 850 changesets: 2 chunks
851 851 add changeset f9cafe1212c8
852 852 changesets: 3 chunks
853 853 add changeset 911600dab2ae
854 854 adding manifests
855 855 manifests: 1/3 chunks (33.33%)
856 856 manifests: 2/3 chunks (66.67%)
857 857 manifests: 3/3 chunks (100.00%)
858 858 adding file changes
859 859 adding foo/Bar/file.txt revisions
860 860 files: 1/3 chunks (33.33%)
861 861 adding foo/file.txt revisions
862 862 files: 2/3 chunks (66.67%)
863 863 adding quux/file.py revisions
864 864 files: 3/3 chunks (100.00%)
865 865 added 3 changesets with 3 changes to 3 files
866 866 calling hook pretxnchangegroup.acl: hgext.acl.hook
867 867 acl: checking access for user "barney"
868 868 error: pretxnchangegroup.acl hook raised an exception: [Errno 2] *: '../acl.config' (glob)
869 869 transaction abort!
870 870 rollback completed
871 871 abort: *: ../acl.config (glob)
872 872 no rollback information available
873 873 0:6675d58eff77
874 874
875 875
876 876 betty is allowed inside foo/ by a acl.config file
877 877
878 878 $ echo '[acl.allow]' >> acl.config
879 879 $ echo 'foo/** = betty' >> acl.config
880 880 $ do_push betty
881 881 Pushing as user betty
882 882 hgrc = """
883 883 [hooks]
884 884 pretxnchangegroup.acl = python:hgext.acl.hook
885 885 [acl]
886 886 sources = push
887 887 [acl.allow]
888 888 foo/** = fred
889 889 [acl.deny]
890 890 foo/bar/** = fred
891 891 foo/Bar/** = fred
892 892 [acl.allow]
893 893 ** = barney
894 894 **/*.txt = wilma
895 895 [acl]
896 896 config = ../acl.config
897 897 """
898 898 acl.config = """
899 899 [acl.allow]
900 900 foo/** = betty
901 901 """
902 902 pushing to ../b
903 903 query 1; heads
904 904 searching for changes
905 905 all remote heads known locally
906 906 3 changesets found
907 907 list of changesets:
908 908 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
909 909 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
910 910 911600dab2ae7a9baff75958b84fe606851ce955
911 911 adding changesets
912 912 bundling: 1/3 changesets (33.33%)
913 913 bundling: 2/3 changesets (66.67%)
914 914 bundling: 3/3 changesets (100.00%)
915 915 bundling: 1/3 manifests (33.33%)
916 916 bundling: 2/3 manifests (66.67%)
917 917 bundling: 3/3 manifests (100.00%)
918 918 bundling: foo/Bar/file.txt 1/3 files (33.33%)
919 919 bundling: foo/file.txt 2/3 files (66.67%)
920 920 bundling: quux/file.py 3/3 files (100.00%)
921 921 changesets: 1 chunks
922 922 add changeset ef1ea85a6374
923 923 changesets: 2 chunks
924 924 add changeset f9cafe1212c8
925 925 changesets: 3 chunks
926 926 add changeset 911600dab2ae
927 927 adding manifests
928 928 manifests: 1/3 chunks (33.33%)
929 929 manifests: 2/3 chunks (66.67%)
930 930 manifests: 3/3 chunks (100.00%)
931 931 adding file changes
932 932 adding foo/Bar/file.txt revisions
933 933 files: 1/3 chunks (33.33%)
934 934 adding foo/file.txt revisions
935 935 files: 2/3 chunks (66.67%)
936 936 adding quux/file.py revisions
937 937 files: 3/3 chunks (100.00%)
938 938 added 3 changesets with 3 changes to 3 files
939 939 calling hook pretxnchangegroup.acl: hgext.acl.hook
940 940 acl: checking access for user "betty"
941 941 acl: acl.allow.branches not enabled
942 942 acl: acl.deny.branches not enabled
943 943 acl: acl.allow enabled, 1 entries for user betty
944 944 acl: acl.deny enabled, 0 entries for user betty
945 945 acl: branch access granted: "ef1ea85a6374" on branch "default"
946 946 acl: path access granted: "ef1ea85a6374"
947 947 acl: branch access granted: "f9cafe1212c8" on branch "default"
948 948 acl: path access granted: "f9cafe1212c8"
949 949 acl: branch access granted: "911600dab2ae" on branch "default"
950 950 error: pretxnchangegroup.acl hook failed: acl: user "betty" not allowed on "quux/file.py" (changeset "911600dab2ae")
951 951 transaction abort!
952 952 rollback completed
953 953 abort: acl: user "betty" not allowed on "quux/file.py" (changeset "911600dab2ae")
954 954 no rollback information available
955 955 0:6675d58eff77
956 956
957 957
958 958 acl.config can set only [acl.allow]/[acl.deny]
959 959
960 960 $ echo '[hooks]' >> acl.config
961 961 $ echo 'changegroup.acl = false' >> acl.config
962 962 $ do_push barney
963 963 Pushing as user barney
964 964 hgrc = """
965 965 [hooks]
966 966 pretxnchangegroup.acl = python:hgext.acl.hook
967 967 [acl]
968 968 sources = push
969 969 [acl.allow]
970 970 foo/** = fred
971 971 [acl.deny]
972 972 foo/bar/** = fred
973 973 foo/Bar/** = fred
974 974 [acl.allow]
975 975 ** = barney
976 976 **/*.txt = wilma
977 977 [acl]
978 978 config = ../acl.config
979 979 """
980 980 acl.config = """
981 981 [acl.allow]
982 982 foo/** = betty
983 983 [hooks]
984 984 changegroup.acl = false
985 985 """
986 986 pushing to ../b
987 987 query 1; heads
988 988 searching for changes
989 989 all remote heads known locally
990 990 3 changesets found
991 991 list of changesets:
992 992 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
993 993 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
994 994 911600dab2ae7a9baff75958b84fe606851ce955
995 995 adding changesets
996 996 bundling: 1/3 changesets (33.33%)
997 997 bundling: 2/3 changesets (66.67%)
998 998 bundling: 3/3 changesets (100.00%)
999 999 bundling: 1/3 manifests (33.33%)
1000 1000 bundling: 2/3 manifests (66.67%)
1001 1001 bundling: 3/3 manifests (100.00%)
1002 1002 bundling: foo/Bar/file.txt 1/3 files (33.33%)
1003 1003 bundling: foo/file.txt 2/3 files (66.67%)
1004 1004 bundling: quux/file.py 3/3 files (100.00%)
1005 1005 changesets: 1 chunks
1006 1006 add changeset ef1ea85a6374
1007 1007 changesets: 2 chunks
1008 1008 add changeset f9cafe1212c8
1009 1009 changesets: 3 chunks
1010 1010 add changeset 911600dab2ae
1011 1011 adding manifests
1012 1012 manifests: 1/3 chunks (33.33%)
1013 1013 manifests: 2/3 chunks (66.67%)
1014 1014 manifests: 3/3 chunks (100.00%)
1015 1015 adding file changes
1016 1016 adding foo/Bar/file.txt revisions
1017 1017 files: 1/3 chunks (33.33%)
1018 1018 adding foo/file.txt revisions
1019 1019 files: 2/3 chunks (66.67%)
1020 1020 adding quux/file.py revisions
1021 1021 files: 3/3 chunks (100.00%)
1022 1022 added 3 changesets with 3 changes to 3 files
1023 1023 calling hook pretxnchangegroup.acl: hgext.acl.hook
1024 1024 acl: checking access for user "barney"
1025 1025 acl: acl.allow.branches not enabled
1026 1026 acl: acl.deny.branches not enabled
1027 1027 acl: acl.allow enabled, 1 entries for user barney
1028 1028 acl: acl.deny enabled, 0 entries for user barney
1029 1029 acl: branch access granted: "ef1ea85a6374" on branch "default"
1030 1030 acl: path access granted: "ef1ea85a6374"
1031 1031 acl: branch access granted: "f9cafe1212c8" on branch "default"
1032 1032 acl: path access granted: "f9cafe1212c8"
1033 1033 acl: branch access granted: "911600dab2ae" on branch "default"
1034 1034 acl: path access granted: "911600dab2ae"
1035 1035 updating the branch cache
1036 1036 checking for updated bookmarks
1037 1037 repository tip rolled back to revision 0 (undo push)
1038 1038 0:6675d58eff77
1039 1039
1040 1040
1041 1041 asterisk
1042 1042
1043 1043 $ init_config
1044 1044
1045 1045 asterisk test
1046 1046
1047 1047 $ echo '[acl.allow]' >> $config
1048 1048 $ echo "** = fred" >> $config
1049 1049
1050 1050 fred is always allowed
1051 1051
1052 1052 $ do_push fred
1053 1053 Pushing as user fred
1054 1054 hgrc = """
1055 1055 [acl]
1056 1056 sources = push
1057 1057 [extensions]
1058 1058 [acl.allow]
1059 1059 ** = fred
1060 1060 """
1061 1061 pushing to ../b
1062 1062 query 1; heads
1063 1063 searching for changes
1064 1064 all remote heads known locally
1065 1065 invalidating branch cache (tip differs)
1066 1066 3 changesets found
1067 1067 list of changesets:
1068 1068 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
1069 1069 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
1070 1070 911600dab2ae7a9baff75958b84fe606851ce955
1071 1071 adding changesets
1072 1072 bundling: 1/3 changesets (33.33%)
1073 1073 bundling: 2/3 changesets (66.67%)
1074 1074 bundling: 3/3 changesets (100.00%)
1075 1075 bundling: 1/3 manifests (33.33%)
1076 1076 bundling: 2/3 manifests (66.67%)
1077 1077 bundling: 3/3 manifests (100.00%)
1078 1078 bundling: foo/Bar/file.txt 1/3 files (33.33%)
1079 1079 bundling: foo/file.txt 2/3 files (66.67%)
1080 1080 bundling: quux/file.py 3/3 files (100.00%)
1081 1081 changesets: 1 chunks
1082 1082 add changeset ef1ea85a6374
1083 1083 changesets: 2 chunks
1084 1084 add changeset f9cafe1212c8
1085 1085 changesets: 3 chunks
1086 1086 add changeset 911600dab2ae
1087 1087 adding manifests
1088 1088 manifests: 1/3 chunks (33.33%)
1089 1089 manifests: 2/3 chunks (66.67%)
1090 1090 manifests: 3/3 chunks (100.00%)
1091 1091 adding file changes
1092 1092 adding foo/Bar/file.txt revisions
1093 1093 files: 1/3 chunks (33.33%)
1094 1094 adding foo/file.txt revisions
1095 1095 files: 2/3 chunks (66.67%)
1096 1096 adding quux/file.py revisions
1097 1097 files: 3/3 chunks (100.00%)
1098 1098 added 3 changesets with 3 changes to 3 files
1099 1099 calling hook pretxnchangegroup.acl: hgext.acl.hook
1100 1100 acl: checking access for user "fred"
1101 1101 acl: acl.allow.branches not enabled
1102 1102 acl: acl.deny.branches not enabled
1103 1103 acl: acl.allow enabled, 1 entries for user fred
1104 1104 acl: acl.deny not enabled
1105 1105 acl: branch access granted: "ef1ea85a6374" on branch "default"
1106 1106 acl: path access granted: "ef1ea85a6374"
1107 1107 acl: branch access granted: "f9cafe1212c8" on branch "default"
1108 1108 acl: path access granted: "f9cafe1212c8"
1109 1109 acl: branch access granted: "911600dab2ae" on branch "default"
1110 1110 acl: path access granted: "911600dab2ae"
1111 1111 updating the branch cache
1112 1112 checking for updated bookmarks
1113 1113 repository tip rolled back to revision 0 (undo push)
1114 1114 0:6675d58eff77
1115 1115
1116 1116
1117 1117 $ echo '[acl.deny]' >> $config
1118 1118 $ echo "foo/Bar/** = *" >> $config
1119 1119
1120 1120 no one is allowed inside foo/Bar/
1121 1121
1122 1122 $ do_push fred
1123 1123 Pushing as user fred
1124 1124 hgrc = """
1125 1125 [acl]
1126 1126 sources = push
1127 1127 [extensions]
1128 1128 [acl.allow]
1129 1129 ** = fred
1130 1130 [acl.deny]
1131 1131 foo/Bar/** = *
1132 1132 """
1133 1133 pushing to ../b
1134 1134 query 1; heads
1135 1135 searching for changes
1136 1136 all remote heads known locally
1137 1137 invalidating branch cache (tip differs)
1138 1138 3 changesets found
1139 1139 list of changesets:
1140 1140 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
1141 1141 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
1142 1142 911600dab2ae7a9baff75958b84fe606851ce955
1143 1143 adding changesets
1144 1144 bundling: 1/3 changesets (33.33%)
1145 1145 bundling: 2/3 changesets (66.67%)
1146 1146 bundling: 3/3 changesets (100.00%)
1147 1147 bundling: 1/3 manifests (33.33%)
1148 1148 bundling: 2/3 manifests (66.67%)
1149 1149 bundling: 3/3 manifests (100.00%)
1150 1150 bundling: foo/Bar/file.txt 1/3 files (33.33%)
1151 1151 bundling: foo/file.txt 2/3 files (66.67%)
1152 1152 bundling: quux/file.py 3/3 files (100.00%)
1153 1153 changesets: 1 chunks
1154 1154 add changeset ef1ea85a6374
1155 1155 changesets: 2 chunks
1156 1156 add changeset f9cafe1212c8
1157 1157 changesets: 3 chunks
1158 1158 add changeset 911600dab2ae
1159 1159 adding manifests
1160 1160 manifests: 1/3 chunks (33.33%)
1161 1161 manifests: 2/3 chunks (66.67%)
1162 1162 manifests: 3/3 chunks (100.00%)
1163 1163 adding file changes
1164 1164 adding foo/Bar/file.txt revisions
1165 1165 files: 1/3 chunks (33.33%)
1166 1166 adding foo/file.txt revisions
1167 1167 files: 2/3 chunks (66.67%)
1168 1168 adding quux/file.py revisions
1169 1169 files: 3/3 chunks (100.00%)
1170 1170 added 3 changesets with 3 changes to 3 files
1171 1171 calling hook pretxnchangegroup.acl: hgext.acl.hook
1172 1172 acl: checking access for user "fred"
1173 1173 acl: acl.allow.branches not enabled
1174 1174 acl: acl.deny.branches not enabled
1175 1175 acl: acl.allow enabled, 1 entries for user fred
1176 1176 acl: acl.deny enabled, 1 entries for user fred
1177 1177 acl: branch access granted: "ef1ea85a6374" on branch "default"
1178 1178 acl: path access granted: "ef1ea85a6374"
1179 1179 acl: branch access granted: "f9cafe1212c8" on branch "default"
1180 1180 error: pretxnchangegroup.acl hook failed: acl: user "fred" denied on "foo/Bar/file.txt" (changeset "f9cafe1212c8")
1181 1181 transaction abort!
1182 1182 rollback completed
1183 1183 abort: acl: user "fred" denied on "foo/Bar/file.txt" (changeset "f9cafe1212c8")
1184 1184 no rollback information available
1185 1185 0:6675d58eff77
1186 1186
1187 1187
1188 1188 Groups
1189 1189
1190 1190 $ init_config
1191 1191
1192 1192 OS-level groups
1193 1193
1194 1194 $ echo '[acl.allow]' >> $config
1195 1195 $ echo "** = @group1" >> $config
1196 1196
1197 1197 @group1 is always allowed
1198 1198
1199 1199 $ do_push fred
1200 1200 Pushing as user fred
1201 1201 hgrc = """
1202 1202 [acl]
1203 1203 sources = push
1204 1204 [extensions]
1205 1205 [acl.allow]
1206 1206 ** = @group1
1207 1207 """
1208 1208 pushing to ../b
1209 1209 query 1; heads
1210 1210 searching for changes
1211 1211 all remote heads known locally
1212 1212 3 changesets found
1213 1213 list of changesets:
1214 1214 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
1215 1215 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
1216 1216 911600dab2ae7a9baff75958b84fe606851ce955
1217 1217 adding changesets
1218 1218 bundling: 1/3 changesets (33.33%)
1219 1219 bundling: 2/3 changesets (66.67%)
1220 1220 bundling: 3/3 changesets (100.00%)
1221 1221 bundling: 1/3 manifests (33.33%)
1222 1222 bundling: 2/3 manifests (66.67%)
1223 1223 bundling: 3/3 manifests (100.00%)
1224 1224 bundling: foo/Bar/file.txt 1/3 files (33.33%)
1225 1225 bundling: foo/file.txt 2/3 files (66.67%)
1226 1226 bundling: quux/file.py 3/3 files (100.00%)
1227 1227 changesets: 1 chunks
1228 1228 add changeset ef1ea85a6374
1229 1229 changesets: 2 chunks
1230 1230 add changeset f9cafe1212c8
1231 1231 changesets: 3 chunks
1232 1232 add changeset 911600dab2ae
1233 1233 adding manifests
1234 1234 manifests: 1/3 chunks (33.33%)
1235 1235 manifests: 2/3 chunks (66.67%)
1236 1236 manifests: 3/3 chunks (100.00%)
1237 1237 adding file changes
1238 1238 adding foo/Bar/file.txt revisions
1239 1239 files: 1/3 chunks (33.33%)
1240 1240 adding foo/file.txt revisions
1241 1241 files: 2/3 chunks (66.67%)
1242 1242 adding quux/file.py revisions
1243 1243 files: 3/3 chunks (100.00%)
1244 1244 added 3 changesets with 3 changes to 3 files
1245 1245 calling hook pretxnchangegroup.acl: hgext.acl.hook
1246 1246 acl: checking access for user "fred"
1247 1247 acl: acl.allow.branches not enabled
1248 1248 acl: acl.deny.branches not enabled
1249 1249 acl: "group1" not defined in [acl.groups]
1250 1250 acl: acl.allow enabled, 1 entries for user fred
1251 1251 acl: acl.deny not enabled
1252 1252 acl: branch access granted: "ef1ea85a6374" on branch "default"
1253 1253 acl: path access granted: "ef1ea85a6374"
1254 1254 acl: branch access granted: "f9cafe1212c8" on branch "default"
1255 1255 acl: path access granted: "f9cafe1212c8"
1256 1256 acl: branch access granted: "911600dab2ae" on branch "default"
1257 1257 acl: path access granted: "911600dab2ae"
1258 1258 updating the branch cache
1259 1259 checking for updated bookmarks
1260 1260 repository tip rolled back to revision 0 (undo push)
1261 1261 0:6675d58eff77
1262 1262
1263 1263
1264 1264 $ echo '[acl.deny]' >> $config
1265 1265 $ echo "foo/Bar/** = @group1" >> $config
1266 1266
1267 1267 @group is allowed inside anything but foo/Bar/
1268 1268
1269 1269 $ do_push fred
1270 1270 Pushing as user fred
1271 1271 hgrc = """
1272 1272 [acl]
1273 1273 sources = push
1274 1274 [extensions]
1275 1275 [acl.allow]
1276 1276 ** = @group1
1277 1277 [acl.deny]
1278 1278 foo/Bar/** = @group1
1279 1279 """
1280 1280 pushing to ../b
1281 1281 query 1; heads
1282 1282 searching for changes
1283 1283 all remote heads known locally
1284 1284 invalidating branch cache (tip differs)
1285 1285 3 changesets found
1286 1286 list of changesets:
1287 1287 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
1288 1288 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
1289 1289 911600dab2ae7a9baff75958b84fe606851ce955
1290 1290 adding changesets
1291 1291 bundling: 1/3 changesets (33.33%)
1292 1292 bundling: 2/3 changesets (66.67%)
1293 1293 bundling: 3/3 changesets (100.00%)
1294 1294 bundling: 1/3 manifests (33.33%)
1295 1295 bundling: 2/3 manifests (66.67%)
1296 1296 bundling: 3/3 manifests (100.00%)
1297 1297 bundling: foo/Bar/file.txt 1/3 files (33.33%)
1298 1298 bundling: foo/file.txt 2/3 files (66.67%)
1299 1299 bundling: quux/file.py 3/3 files (100.00%)
1300 1300 changesets: 1 chunks
1301 1301 add changeset ef1ea85a6374
1302 1302 changesets: 2 chunks
1303 1303 add changeset f9cafe1212c8
1304 1304 changesets: 3 chunks
1305 1305 add changeset 911600dab2ae
1306 1306 adding manifests
1307 1307 manifests: 1/3 chunks (33.33%)
1308 1308 manifests: 2/3 chunks (66.67%)
1309 1309 manifests: 3/3 chunks (100.00%)
1310 1310 adding file changes
1311 1311 adding foo/Bar/file.txt revisions
1312 1312 files: 1/3 chunks (33.33%)
1313 1313 adding foo/file.txt revisions
1314 1314 files: 2/3 chunks (66.67%)
1315 1315 adding quux/file.py revisions
1316 1316 files: 3/3 chunks (100.00%)
1317 1317 added 3 changesets with 3 changes to 3 files
1318 1318 calling hook pretxnchangegroup.acl: hgext.acl.hook
1319 1319 acl: checking access for user "fred"
1320 1320 acl: acl.allow.branches not enabled
1321 1321 acl: acl.deny.branches not enabled
1322 1322 acl: "group1" not defined in [acl.groups]
1323 1323 acl: acl.allow enabled, 1 entries for user fred
1324 1324 acl: "group1" not defined in [acl.groups]
1325 1325 acl: acl.deny enabled, 1 entries for user fred
1326 1326 acl: branch access granted: "ef1ea85a6374" on branch "default"
1327 1327 acl: path access granted: "ef1ea85a6374"
1328 1328 acl: branch access granted: "f9cafe1212c8" on branch "default"
1329 1329 error: pretxnchangegroup.acl hook failed: acl: user "fred" denied on "foo/Bar/file.txt" (changeset "f9cafe1212c8")
1330 1330 transaction abort!
1331 1331 rollback completed
1332 1332 abort: acl: user "fred" denied on "foo/Bar/file.txt" (changeset "f9cafe1212c8")
1333 1333 no rollback information available
1334 1334 0:6675d58eff77
1335 1335
1336 1336
1337 1337 Invalid group
1338 1338
1339 1339 Disable the fakegroups trick to get real failures
1340 1340
1341 1341 $ grep -v fakegroups $config > config.tmp
1342 1342 $ mv config.tmp $config
1343 1343 $ echo '[acl.allow]' >> $config
1344 1344 $ echo "** = @unlikelytoexist" >> $config
1345 1345 $ do_push fred 2>&1 | grep unlikelytoexist
1346 1346 ** = @unlikelytoexist
1347 1347 acl: "unlikelytoexist" not defined in [acl.groups]
1348 1348 error: pretxnchangegroup.acl hook failed: group 'unlikelytoexist' is undefined
1349 1349 abort: group 'unlikelytoexist' is undefined
1350 1350
1351 1351
1352 1352 Branch acl tests setup
1353 1353
1354 1354 $ init_config
1355 1355 $ cd b
1356 1356 $ hg up
1357 1357 0 files updated, 0 files merged, 0 files removed, 0 files unresolved
1358 1358 $ hg branch foobar
1359 1359 marked working directory as branch foobar
1360 1360 (branches are permanent and global, did you want a bookmark?)
1361 1361 $ hg commit -m 'create foobar'
1362 1362 $ echo 'foo contents' > abc.txt
1363 1363 $ hg add abc.txt
1364 1364 $ hg commit -m 'foobar contents'
1365 1365 $ cd ..
1366 1366 $ hg --cwd a pull ../b
1367 1367 pulling from ../b
1368 1368 searching for changes
1369 1369 adding changesets
1370 1370 adding manifests
1371 1371 adding file changes
1372 1372 added 2 changesets with 1 changes to 1 files (+1 heads)
1373 1373 (run 'hg heads' to see heads)
1374 1374
1375 1375 Create additional changeset on foobar branch
1376 1376
1377 1377 $ cd a
1378 1378 $ hg up -C foobar
1379 1379 4 files updated, 0 files merged, 0 files removed, 0 files unresolved
1380 1380 $ echo 'foo contents2' > abc.txt
1381 1381 $ hg commit -m 'foobar contents2'
1382 1382 $ cd ..
1383 1383
1384 1384
1385 1385 No branch acls specified
1386 1386
1387 1387 $ do_push astro
1388 1388 Pushing as user astro
1389 1389 hgrc = """
1390 1390 [acl]
1391 1391 sources = push
1392 1392 [extensions]
1393 1393 """
1394 1394 pushing to ../b
1395 1395 query 1; heads
1396 1396 searching for changes
1397 1397 all remote heads known locally
1398 1398 4 changesets found
1399 1399 list of changesets:
1400 1400 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
1401 1401 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
1402 1402 911600dab2ae7a9baff75958b84fe606851ce955
1403 1403 e8fc755d4d8217ee5b0c2bb41558c40d43b92c01
1404 1404 adding changesets
1405 1405 bundling: 1/4 changesets (25.00%)
1406 1406 bundling: 2/4 changesets (50.00%)
1407 1407 bundling: 3/4 changesets (75.00%)
1408 1408 bundling: 4/4 changesets (100.00%)
1409 1409 bundling: 1/4 manifests (25.00%)
1410 1410 bundling: 2/4 manifests (50.00%)
1411 1411 bundling: 3/4 manifests (75.00%)
1412 1412 bundling: 4/4 manifests (100.00%)
1413 1413 bundling: abc.txt 1/4 files (25.00%)
1414 1414 bundling: foo/Bar/file.txt 2/4 files (50.00%)
1415 1415 bundling: foo/file.txt 3/4 files (75.00%)
1416 1416 bundling: quux/file.py 4/4 files (100.00%)
1417 1417 changesets: 1 chunks
1418 1418 add changeset ef1ea85a6374
1419 1419 changesets: 2 chunks
1420 1420 add changeset f9cafe1212c8
1421 1421 changesets: 3 chunks
1422 1422 add changeset 911600dab2ae
1423 1423 changesets: 4 chunks
1424 1424 add changeset e8fc755d4d82
1425 1425 adding manifests
1426 1426 manifests: 1/4 chunks (25.00%)
1427 1427 manifests: 2/4 chunks (50.00%)
1428 1428 manifests: 3/4 chunks (75.00%)
1429 1429 manifests: 4/4 chunks (100.00%)
1430 1430 adding file changes
1431 1431 adding abc.txt revisions
1432 1432 files: 1/4 chunks (25.00%)
1433 1433 adding foo/Bar/file.txt revisions
1434 1434 files: 2/4 chunks (50.00%)
1435 1435 adding foo/file.txt revisions
1436 1436 files: 3/4 chunks (75.00%)
1437 1437 adding quux/file.py revisions
1438 1438 files: 4/4 chunks (100.00%)
1439 1439 added 4 changesets with 4 changes to 4 files (+1 heads)
1440 1440 calling hook pretxnchangegroup.acl: hgext.acl.hook
1441 1441 acl: checking access for user "astro"
1442 1442 acl: acl.allow.branches not enabled
1443 1443 acl: acl.deny.branches not enabled
1444 1444 acl: acl.allow not enabled
1445 1445 acl: acl.deny not enabled
1446 1446 acl: branch access granted: "ef1ea85a6374" on branch "default"
1447 1447 acl: path access granted: "ef1ea85a6374"
1448 1448 acl: branch access granted: "f9cafe1212c8" on branch "default"
1449 1449 acl: path access granted: "f9cafe1212c8"
1450 1450 acl: branch access granted: "911600dab2ae" on branch "default"
1451 1451 acl: path access granted: "911600dab2ae"
1452 1452 acl: branch access granted: "e8fc755d4d82" on branch "foobar"
1453 1453 acl: path access granted: "e8fc755d4d82"
1454 1454 updating the branch cache
1455 1455 checking for updated bookmarks
1456 1456 repository tip rolled back to revision 2 (undo push)
1457 1457 2:fb35475503ef
1458 1458
1459 1459
1460 1460 Branch acl deny test
1461 1461
1462 1462 $ echo "[acl.deny.branches]" >> $config
1463 1463 $ echo "foobar = *" >> $config
1464 1464 $ do_push astro
1465 1465 Pushing as user astro
1466 1466 hgrc = """
1467 1467 [acl]
1468 1468 sources = push
1469 1469 [extensions]
1470 1470 [acl.deny.branches]
1471 1471 foobar = *
1472 1472 """
1473 1473 pushing to ../b
1474 1474 query 1; heads
1475 1475 searching for changes
1476 1476 all remote heads known locally
1477 1477 invalidating branch cache (tip differs)
1478 1478 4 changesets found
1479 1479 list of changesets:
1480 1480 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
1481 1481 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
1482 1482 911600dab2ae7a9baff75958b84fe606851ce955
1483 1483 e8fc755d4d8217ee5b0c2bb41558c40d43b92c01
1484 1484 adding changesets
1485 1485 bundling: 1/4 changesets (25.00%)
1486 1486 bundling: 2/4 changesets (50.00%)
1487 1487 bundling: 3/4 changesets (75.00%)
1488 1488 bundling: 4/4 changesets (100.00%)
1489 1489 bundling: 1/4 manifests (25.00%)
1490 1490 bundling: 2/4 manifests (50.00%)
1491 1491 bundling: 3/4 manifests (75.00%)
1492 1492 bundling: 4/4 manifests (100.00%)
1493 1493 bundling: abc.txt 1/4 files (25.00%)
1494 1494 bundling: foo/Bar/file.txt 2/4 files (50.00%)
1495 1495 bundling: foo/file.txt 3/4 files (75.00%)
1496 1496 bundling: quux/file.py 4/4 files (100.00%)
1497 1497 changesets: 1 chunks
1498 1498 add changeset ef1ea85a6374
1499 1499 changesets: 2 chunks
1500 1500 add changeset f9cafe1212c8
1501 1501 changesets: 3 chunks
1502 1502 add changeset 911600dab2ae
1503 1503 changesets: 4 chunks
1504 1504 add changeset e8fc755d4d82
1505 1505 adding manifests
1506 1506 manifests: 1/4 chunks (25.00%)
1507 1507 manifests: 2/4 chunks (50.00%)
1508 1508 manifests: 3/4 chunks (75.00%)
1509 1509 manifests: 4/4 chunks (100.00%)
1510 1510 adding file changes
1511 1511 adding abc.txt revisions
1512 1512 files: 1/4 chunks (25.00%)
1513 1513 adding foo/Bar/file.txt revisions
1514 1514 files: 2/4 chunks (50.00%)
1515 1515 adding foo/file.txt revisions
1516 1516 files: 3/4 chunks (75.00%)
1517 1517 adding quux/file.py revisions
1518 1518 files: 4/4 chunks (100.00%)
1519 1519 added 4 changesets with 4 changes to 4 files (+1 heads)
1520 1520 calling hook pretxnchangegroup.acl: hgext.acl.hook
1521 1521 acl: checking access for user "astro"
1522 1522 acl: acl.allow.branches not enabled
1523 1523 acl: acl.deny.branches enabled, 1 entries for user astro
1524 1524 acl: acl.allow not enabled
1525 1525 acl: acl.deny not enabled
1526 1526 acl: branch access granted: "ef1ea85a6374" on branch "default"
1527 1527 acl: path access granted: "ef1ea85a6374"
1528 1528 acl: branch access granted: "f9cafe1212c8" on branch "default"
1529 1529 acl: path access granted: "f9cafe1212c8"
1530 1530 acl: branch access granted: "911600dab2ae" on branch "default"
1531 1531 acl: path access granted: "911600dab2ae"
1532 1532 error: pretxnchangegroup.acl hook failed: acl: user "astro" denied on branch "foobar" (changeset "e8fc755d4d82")
1533 1533 transaction abort!
1534 1534 rollback completed
1535 1535 abort: acl: user "astro" denied on branch "foobar" (changeset "e8fc755d4d82")
1536 1536 no rollback information available
1537 1537 2:fb35475503ef
1538 1538
1539 1539
1540 1540 Branch acl empty allow test
1541 1541
1542 1542 $ init_config
1543 1543 $ echo "[acl.allow.branches]" >> $config
1544 1544 $ do_push astro
1545 1545 Pushing as user astro
1546 1546 hgrc = """
1547 1547 [acl]
1548 1548 sources = push
1549 1549 [extensions]
1550 1550 [acl.allow.branches]
1551 1551 """
1552 1552 pushing to ../b
1553 1553 query 1; heads
1554 1554 searching for changes
1555 1555 all remote heads known locally
1556 1556 4 changesets found
1557 1557 list of changesets:
1558 1558 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
1559 1559 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
1560 1560 911600dab2ae7a9baff75958b84fe606851ce955
1561 1561 e8fc755d4d8217ee5b0c2bb41558c40d43b92c01
1562 1562 adding changesets
1563 1563 bundling: 1/4 changesets (25.00%)
1564 1564 bundling: 2/4 changesets (50.00%)
1565 1565 bundling: 3/4 changesets (75.00%)
1566 1566 bundling: 4/4 changesets (100.00%)
1567 1567 bundling: 1/4 manifests (25.00%)
1568 1568 bundling: 2/4 manifests (50.00%)
1569 1569 bundling: 3/4 manifests (75.00%)
1570 1570 bundling: 4/4 manifests (100.00%)
1571 1571 bundling: abc.txt 1/4 files (25.00%)
1572 1572 bundling: foo/Bar/file.txt 2/4 files (50.00%)
1573 1573 bundling: foo/file.txt 3/4 files (75.00%)
1574 1574 bundling: quux/file.py 4/4 files (100.00%)
1575 1575 changesets: 1 chunks
1576 1576 add changeset ef1ea85a6374
1577 1577 changesets: 2 chunks
1578 1578 add changeset f9cafe1212c8
1579 1579 changesets: 3 chunks
1580 1580 add changeset 911600dab2ae
1581 1581 changesets: 4 chunks
1582 1582 add changeset e8fc755d4d82
1583 1583 adding manifests
1584 1584 manifests: 1/4 chunks (25.00%)
1585 1585 manifests: 2/4 chunks (50.00%)
1586 1586 manifests: 3/4 chunks (75.00%)
1587 1587 manifests: 4/4 chunks (100.00%)
1588 1588 adding file changes
1589 1589 adding abc.txt revisions
1590 1590 files: 1/4 chunks (25.00%)
1591 1591 adding foo/Bar/file.txt revisions
1592 1592 files: 2/4 chunks (50.00%)
1593 1593 adding foo/file.txt revisions
1594 1594 files: 3/4 chunks (75.00%)
1595 1595 adding quux/file.py revisions
1596 1596 files: 4/4 chunks (100.00%)
1597 1597 added 4 changesets with 4 changes to 4 files (+1 heads)
1598 1598 calling hook pretxnchangegroup.acl: hgext.acl.hook
1599 1599 acl: checking access for user "astro"
1600 1600 acl: acl.allow.branches enabled, 0 entries for user astro
1601 1601 acl: acl.deny.branches not enabled
1602 1602 acl: acl.allow not enabled
1603 1603 acl: acl.deny not enabled
1604 1604 error: pretxnchangegroup.acl hook failed: acl: user "astro" not allowed on branch "default" (changeset "ef1ea85a6374")
1605 1605 transaction abort!
1606 1606 rollback completed
1607 1607 abort: acl: user "astro" not allowed on branch "default" (changeset "ef1ea85a6374")
1608 1608 no rollback information available
1609 1609 2:fb35475503ef
1610 1610
1611 1611
1612 1612 Branch acl allow other
1613 1613
1614 1614 $ init_config
1615 1615 $ echo "[acl.allow.branches]" >> $config
1616 1616 $ echo "* = george" >> $config
1617 1617 $ do_push astro
1618 1618 Pushing as user astro
1619 1619 hgrc = """
1620 1620 [acl]
1621 1621 sources = push
1622 1622 [extensions]
1623 1623 [acl.allow.branches]
1624 1624 * = george
1625 1625 """
1626 1626 pushing to ../b
1627 1627 query 1; heads
1628 1628 searching for changes
1629 1629 all remote heads known locally
1630 1630 4 changesets found
1631 1631 list of changesets:
1632 1632 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
1633 1633 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
1634 1634 911600dab2ae7a9baff75958b84fe606851ce955
1635 1635 e8fc755d4d8217ee5b0c2bb41558c40d43b92c01
1636 1636 adding changesets
1637 1637 bundling: 1/4 changesets (25.00%)
1638 1638 bundling: 2/4 changesets (50.00%)
1639 1639 bundling: 3/4 changesets (75.00%)
1640 1640 bundling: 4/4 changesets (100.00%)
1641 1641 bundling: 1/4 manifests (25.00%)
1642 1642 bundling: 2/4 manifests (50.00%)
1643 1643 bundling: 3/4 manifests (75.00%)
1644 1644 bundling: 4/4 manifests (100.00%)
1645 1645 bundling: abc.txt 1/4 files (25.00%)
1646 1646 bundling: foo/Bar/file.txt 2/4 files (50.00%)
1647 1647 bundling: foo/file.txt 3/4 files (75.00%)
1648 1648 bundling: quux/file.py 4/4 files (100.00%)
1649 1649 changesets: 1 chunks
1650 1650 add changeset ef1ea85a6374
1651 1651 changesets: 2 chunks
1652 1652 add changeset f9cafe1212c8
1653 1653 changesets: 3 chunks
1654 1654 add changeset 911600dab2ae
1655 1655 changesets: 4 chunks
1656 1656 add changeset e8fc755d4d82
1657 1657 adding manifests
1658 1658 manifests: 1/4 chunks (25.00%)
1659 1659 manifests: 2/4 chunks (50.00%)
1660 1660 manifests: 3/4 chunks (75.00%)
1661 1661 manifests: 4/4 chunks (100.00%)
1662 1662 adding file changes
1663 1663 adding abc.txt revisions
1664 1664 files: 1/4 chunks (25.00%)
1665 1665 adding foo/Bar/file.txt revisions
1666 1666 files: 2/4 chunks (50.00%)
1667 1667 adding foo/file.txt revisions
1668 1668 files: 3/4 chunks (75.00%)
1669 1669 adding quux/file.py revisions
1670 1670 files: 4/4 chunks (100.00%)
1671 1671 added 4 changesets with 4 changes to 4 files (+1 heads)
1672 1672 calling hook pretxnchangegroup.acl: hgext.acl.hook
1673 1673 acl: checking access for user "astro"
1674 1674 acl: acl.allow.branches enabled, 0 entries for user astro
1675 1675 acl: acl.deny.branches not enabled
1676 1676 acl: acl.allow not enabled
1677 1677 acl: acl.deny not enabled
1678 1678 error: pretxnchangegroup.acl hook failed: acl: user "astro" not allowed on branch "default" (changeset "ef1ea85a6374")
1679 1679 transaction abort!
1680 1680 rollback completed
1681 1681 abort: acl: user "astro" not allowed on branch "default" (changeset "ef1ea85a6374")
1682 1682 no rollback information available
1683 1683 2:fb35475503ef
1684 1684
1685 1685 $ do_push george
1686 1686 Pushing as user george
1687 1687 hgrc = """
1688 1688 [acl]
1689 1689 sources = push
1690 1690 [extensions]
1691 1691 [acl.allow.branches]
1692 1692 * = george
1693 1693 """
1694 1694 pushing to ../b
1695 1695 query 1; heads
1696 1696 searching for changes
1697 1697 all remote heads known locally
1698 1698 4 changesets found
1699 1699 list of changesets:
1700 1700 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
1701 1701 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
1702 1702 911600dab2ae7a9baff75958b84fe606851ce955
1703 1703 e8fc755d4d8217ee5b0c2bb41558c40d43b92c01
1704 1704 adding changesets
1705 1705 bundling: 1/4 changesets (25.00%)
1706 1706 bundling: 2/4 changesets (50.00%)
1707 1707 bundling: 3/4 changesets (75.00%)
1708 1708 bundling: 4/4 changesets (100.00%)
1709 1709 bundling: 1/4 manifests (25.00%)
1710 1710 bundling: 2/4 manifests (50.00%)
1711 1711 bundling: 3/4 manifests (75.00%)
1712 1712 bundling: 4/4 manifests (100.00%)
1713 1713 bundling: abc.txt 1/4 files (25.00%)
1714 1714 bundling: foo/Bar/file.txt 2/4 files (50.00%)
1715 1715 bundling: foo/file.txt 3/4 files (75.00%)
1716 1716 bundling: quux/file.py 4/4 files (100.00%)
1717 1717 changesets: 1 chunks
1718 1718 add changeset ef1ea85a6374
1719 1719 changesets: 2 chunks
1720 1720 add changeset f9cafe1212c8
1721 1721 changesets: 3 chunks
1722 1722 add changeset 911600dab2ae
1723 1723 changesets: 4 chunks
1724 1724 add changeset e8fc755d4d82
1725 1725 adding manifests
1726 1726 manifests: 1/4 chunks (25.00%)
1727 1727 manifests: 2/4 chunks (50.00%)
1728 1728 manifests: 3/4 chunks (75.00%)
1729 1729 manifests: 4/4 chunks (100.00%)
1730 1730 adding file changes
1731 1731 adding abc.txt revisions
1732 1732 files: 1/4 chunks (25.00%)
1733 1733 adding foo/Bar/file.txt revisions
1734 1734 files: 2/4 chunks (50.00%)
1735 1735 adding foo/file.txt revisions
1736 1736 files: 3/4 chunks (75.00%)
1737 1737 adding quux/file.py revisions
1738 1738 files: 4/4 chunks (100.00%)
1739 1739 added 4 changesets with 4 changes to 4 files (+1 heads)
1740 1740 calling hook pretxnchangegroup.acl: hgext.acl.hook
1741 1741 acl: checking access for user "george"
1742 1742 acl: acl.allow.branches enabled, 1 entries for user george
1743 1743 acl: acl.deny.branches not enabled
1744 1744 acl: acl.allow not enabled
1745 1745 acl: acl.deny not enabled
1746 1746 acl: branch access granted: "ef1ea85a6374" on branch "default"
1747 1747 acl: path access granted: "ef1ea85a6374"
1748 1748 acl: branch access granted: "f9cafe1212c8" on branch "default"
1749 1749 acl: path access granted: "f9cafe1212c8"
1750 1750 acl: branch access granted: "911600dab2ae" on branch "default"
1751 1751 acl: path access granted: "911600dab2ae"
1752 1752 acl: branch access granted: "e8fc755d4d82" on branch "foobar"
1753 1753 acl: path access granted: "e8fc755d4d82"
1754 1754 updating the branch cache
1755 1755 checking for updated bookmarks
1756 1756 repository tip rolled back to revision 2 (undo push)
1757 1757 2:fb35475503ef
1758 1758
1759 1759
1760 1760 Branch acl conflicting allow
1761 1761 asterisk ends up applying to all branches and allowing george to
1762 1762 push foobar into the remote
1763 1763
1764 1764 $ init_config
1765 1765 $ echo "[acl.allow.branches]" >> $config
1766 1766 $ echo "foobar = astro" >> $config
1767 1767 $ echo "* = george" >> $config
1768 1768 $ do_push george
1769 1769 Pushing as user george
1770 1770 hgrc = """
1771 1771 [acl]
1772 1772 sources = push
1773 1773 [extensions]
1774 1774 [acl.allow.branches]
1775 1775 foobar = astro
1776 1776 * = george
1777 1777 """
1778 1778 pushing to ../b
1779 1779 query 1; heads
1780 1780 searching for changes
1781 1781 all remote heads known locally
1782 1782 invalidating branch cache (tip differs)
1783 1783 4 changesets found
1784 1784 list of changesets:
1785 1785 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
1786 1786 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
1787 1787 911600dab2ae7a9baff75958b84fe606851ce955
1788 1788 e8fc755d4d8217ee5b0c2bb41558c40d43b92c01
1789 1789 adding changesets
1790 1790 bundling: 1/4 changesets (25.00%)
1791 1791 bundling: 2/4 changesets (50.00%)
1792 1792 bundling: 3/4 changesets (75.00%)
1793 1793 bundling: 4/4 changesets (100.00%)
1794 1794 bundling: 1/4 manifests (25.00%)
1795 1795 bundling: 2/4 manifests (50.00%)
1796 1796 bundling: 3/4 manifests (75.00%)
1797 1797 bundling: 4/4 manifests (100.00%)
1798 1798 bundling: abc.txt 1/4 files (25.00%)
1799 1799 bundling: foo/Bar/file.txt 2/4 files (50.00%)
1800 1800 bundling: foo/file.txt 3/4 files (75.00%)
1801 1801 bundling: quux/file.py 4/4 files (100.00%)
1802 1802 changesets: 1 chunks
1803 1803 add changeset ef1ea85a6374
1804 1804 changesets: 2 chunks
1805 1805 add changeset f9cafe1212c8
1806 1806 changesets: 3 chunks
1807 1807 add changeset 911600dab2ae
1808 1808 changesets: 4 chunks
1809 1809 add changeset e8fc755d4d82
1810 1810 adding manifests
1811 1811 manifests: 1/4 chunks (25.00%)
1812 1812 manifests: 2/4 chunks (50.00%)
1813 1813 manifests: 3/4 chunks (75.00%)
1814 1814 manifests: 4/4 chunks (100.00%)
1815 1815 adding file changes
1816 1816 adding abc.txt revisions
1817 1817 files: 1/4 chunks (25.00%)
1818 1818 adding foo/Bar/file.txt revisions
1819 1819 files: 2/4 chunks (50.00%)
1820 1820 adding foo/file.txt revisions
1821 1821 files: 3/4 chunks (75.00%)
1822 1822 adding quux/file.py revisions
1823 1823 files: 4/4 chunks (100.00%)
1824 1824 added 4 changesets with 4 changes to 4 files (+1 heads)
1825 1825 calling hook pretxnchangegroup.acl: hgext.acl.hook
1826 1826 acl: checking access for user "george"
1827 1827 acl: acl.allow.branches enabled, 1 entries for user george
1828 1828 acl: acl.deny.branches not enabled
1829 1829 acl: acl.allow not enabled
1830 1830 acl: acl.deny not enabled
1831 1831 acl: branch access granted: "ef1ea85a6374" on branch "default"
1832 1832 acl: path access granted: "ef1ea85a6374"
1833 1833 acl: branch access granted: "f9cafe1212c8" on branch "default"
1834 1834 acl: path access granted: "f9cafe1212c8"
1835 1835 acl: branch access granted: "911600dab2ae" on branch "default"
1836 1836 acl: path access granted: "911600dab2ae"
1837 1837 acl: branch access granted: "e8fc755d4d82" on branch "foobar"
1838 1838 acl: path access granted: "e8fc755d4d82"
1839 1839 updating the branch cache
1840 1840 checking for updated bookmarks
1841 1841 repository tip rolled back to revision 2 (undo push)
1842 1842 2:fb35475503ef
1843 1843
1844 1844 Branch acl conflicting deny
1845 1845
1846 1846 $ init_config
1847 1847 $ echo "[acl.deny.branches]" >> $config
1848 1848 $ echo "foobar = astro" >> $config
1849 1849 $ echo "default = astro" >> $config
1850 1850 $ echo "* = george" >> $config
1851 1851 $ do_push george
1852 1852 Pushing as user george
1853 1853 hgrc = """
1854 1854 [acl]
1855 1855 sources = push
1856 1856 [extensions]
1857 1857 [acl.deny.branches]
1858 1858 foobar = astro
1859 1859 default = astro
1860 1860 * = george
1861 1861 """
1862 1862 pushing to ../b
1863 1863 query 1; heads
1864 1864 searching for changes
1865 1865 all remote heads known locally
1866 1866 invalidating branch cache (tip differs)
1867 1867 4 changesets found
1868 1868 list of changesets:
1869 1869 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
1870 1870 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
1871 1871 911600dab2ae7a9baff75958b84fe606851ce955
1872 1872 e8fc755d4d8217ee5b0c2bb41558c40d43b92c01
1873 1873 adding changesets
1874 1874 bundling: 1/4 changesets (25.00%)
1875 1875 bundling: 2/4 changesets (50.00%)
1876 1876 bundling: 3/4 changesets (75.00%)
1877 1877 bundling: 4/4 changesets (100.00%)
1878 1878 bundling: 1/4 manifests (25.00%)
1879 1879 bundling: 2/4 manifests (50.00%)
1880 1880 bundling: 3/4 manifests (75.00%)
1881 1881 bundling: 4/4 manifests (100.00%)
1882 1882 bundling: abc.txt 1/4 files (25.00%)
1883 1883 bundling: foo/Bar/file.txt 2/4 files (50.00%)
1884 1884 bundling: foo/file.txt 3/4 files (75.00%)
1885 1885 bundling: quux/file.py 4/4 files (100.00%)
1886 1886 changesets: 1 chunks
1887 1887 add changeset ef1ea85a6374
1888 1888 changesets: 2 chunks
1889 1889 add changeset f9cafe1212c8
1890 1890 changesets: 3 chunks
1891 1891 add changeset 911600dab2ae
1892 1892 changesets: 4 chunks
1893 1893 add changeset e8fc755d4d82
1894 1894 adding manifests
1895 1895 manifests: 1/4 chunks (25.00%)
1896 1896 manifests: 2/4 chunks (50.00%)
1897 1897 manifests: 3/4 chunks (75.00%)
1898 1898 manifests: 4/4 chunks (100.00%)
1899 1899 adding file changes
1900 1900 adding abc.txt revisions
1901 1901 files: 1/4 chunks (25.00%)
1902 1902 adding foo/Bar/file.txt revisions
1903 1903 files: 2/4 chunks (50.00%)
1904 1904 adding foo/file.txt revisions
1905 1905 files: 3/4 chunks (75.00%)
1906 1906 adding quux/file.py revisions
1907 1907 files: 4/4 chunks (100.00%)
1908 1908 added 4 changesets with 4 changes to 4 files (+1 heads)
1909 1909 calling hook pretxnchangegroup.acl: hgext.acl.hook
1910 1910 acl: checking access for user "george"
1911 1911 acl: acl.allow.branches not enabled
1912 1912 acl: acl.deny.branches enabled, 1 entries for user george
1913 1913 acl: acl.allow not enabled
1914 1914 acl: acl.deny not enabled
1915 1915 error: pretxnchangegroup.acl hook failed: acl: user "george" denied on branch "default" (changeset "ef1ea85a6374")
1916 1916 transaction abort!
1917 1917 rollback completed
1918 1918 abort: acl: user "george" denied on branch "default" (changeset "ef1ea85a6374")
1919 1919 no rollback information available
1920 1920 2:fb35475503ef
1921 1921
1922 User 'astro' must not be denied
1923
1924 $ init_config
1925 $ echo "[acl.deny.branches]" >> $config
1926 $ echo "default = !astro" >> $config
1927 $ do_push astro
1928 Pushing as user astro
1929 hgrc = """
1930 [acl]
1931 sources = push
1932 [extensions]
1933 [acl.deny.branches]
1934 default = !astro
1935 """
1936 pushing to ../b
1937 query 1; heads
1938 searching for changes
1939 all remote heads known locally
1940 4 changesets found
1941 list of changesets:
1942 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
1943 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
1944 911600dab2ae7a9baff75958b84fe606851ce955
1945 e8fc755d4d8217ee5b0c2bb41558c40d43b92c01
1946 adding changesets
1947 bundling: 1/4 changesets (25.00%)
1948 bundling: 2/4 changesets (50.00%)
1949 bundling: 3/4 changesets (75.00%)
1950 bundling: 4/4 changesets (100.00%)
1951 bundling: 1/4 manifests (25.00%)
1952 bundling: 2/4 manifests (50.00%)
1953 bundling: 3/4 manifests (75.00%)
1954 bundling: 4/4 manifests (100.00%)
1955 bundling: abc.txt 1/4 files (25.00%)
1956 bundling: foo/Bar/file.txt 2/4 files (50.00%)
1957 bundling: foo/file.txt 3/4 files (75.00%)
1958 bundling: quux/file.py 4/4 files (100.00%)
1959 changesets: 1 chunks
1960 add changeset ef1ea85a6374
1961 changesets: 2 chunks
1962 add changeset f9cafe1212c8
1963 changesets: 3 chunks
1964 add changeset 911600dab2ae
1965 changesets: 4 chunks
1966 add changeset e8fc755d4d82
1967 adding manifests
1968 manifests: 1/4 chunks (25.00%)
1969 manifests: 2/4 chunks (50.00%)
1970 manifests: 3/4 chunks (75.00%)
1971 manifests: 4/4 chunks (100.00%)
1972 adding file changes
1973 adding abc.txt revisions
1974 files: 1/4 chunks (25.00%)
1975 adding foo/Bar/file.txt revisions
1976 files: 2/4 chunks (50.00%)
1977 adding foo/file.txt revisions
1978 files: 3/4 chunks (75.00%)
1979 adding quux/file.py revisions
1980 files: 4/4 chunks (100.00%)
1981 added 4 changesets with 4 changes to 4 files (+1 heads)
1982 calling hook pretxnchangegroup.acl: hgext.acl.hook
1983 acl: checking access for user "astro"
1984 acl: acl.allow.branches not enabled
1985 acl: acl.deny.branches enabled, 0 entries for user astro
1986 acl: acl.allow not enabled
1987 acl: acl.deny not enabled
1988 acl: branch access granted: "ef1ea85a6374" on branch "default"
1989 acl: path access granted: "ef1ea85a6374"
1990 acl: branch access granted: "f9cafe1212c8" on branch "default"
1991 acl: path access granted: "f9cafe1212c8"
1992 acl: branch access granted: "911600dab2ae" on branch "default"
1993 acl: path access granted: "911600dab2ae"
1994 acl: branch access granted: "e8fc755d4d82" on branch "foobar"
1995 acl: path access granted: "e8fc755d4d82"
1996 updating the branch cache
1997 checking for updated bookmarks
1998 repository tip rolled back to revision 2 (undo push)
1999 2:fb35475503ef
2000
2001
2002 Non-astro users must be denied
2003
2004 $ do_push george
2005 Pushing as user george
2006 hgrc = """
2007 [acl]
2008 sources = push
2009 [extensions]
2010 [acl.deny.branches]
2011 default = !astro
2012 """
2013 pushing to ../b
2014 query 1; heads
2015 searching for changes
2016 all remote heads known locally
2017 invalidating branch cache (tip differs)
2018 4 changesets found
2019 list of changesets:
2020 ef1ea85a6374b77d6da9dcda9541f498f2d17df7
2021 f9cafe1212c8c6fa1120d14a556e18cc44ff8bdd
2022 911600dab2ae7a9baff75958b84fe606851ce955
2023 e8fc755d4d8217ee5b0c2bb41558c40d43b92c01
2024 adding changesets
2025 bundling: 1/4 changesets (25.00%)
2026 bundling: 2/4 changesets (50.00%)
2027 bundling: 3/4 changesets (75.00%)
2028 bundling: 4/4 changesets (100.00%)
2029 bundling: 1/4 manifests (25.00%)
2030 bundling: 2/4 manifests (50.00%)
2031 bundling: 3/4 manifests (75.00%)
2032 bundling: 4/4 manifests (100.00%)
2033 bundling: abc.txt 1/4 files (25.00%)
2034 bundling: foo/Bar/file.txt 2/4 files (50.00%)
2035 bundling: foo/file.txt 3/4 files (75.00%)
2036 bundling: quux/file.py 4/4 files (100.00%)
2037 changesets: 1 chunks
2038 add changeset ef1ea85a6374
2039 changesets: 2 chunks
2040 add changeset f9cafe1212c8
2041 changesets: 3 chunks
2042 add changeset 911600dab2ae
2043 changesets: 4 chunks
2044 add changeset e8fc755d4d82
2045 adding manifests
2046 manifests: 1/4 chunks (25.00%)
2047 manifests: 2/4 chunks (50.00%)
2048 manifests: 3/4 chunks (75.00%)
2049 manifests: 4/4 chunks (100.00%)
2050 adding file changes
2051 adding abc.txt revisions
2052 files: 1/4 chunks (25.00%)
2053 adding foo/Bar/file.txt revisions
2054 files: 2/4 chunks (50.00%)
2055 adding foo/file.txt revisions
2056 files: 3/4 chunks (75.00%)
2057 adding quux/file.py revisions
2058 files: 4/4 chunks (100.00%)
2059 added 4 changesets with 4 changes to 4 files (+1 heads)
2060 calling hook pretxnchangegroup.acl: hgext.acl.hook
2061 acl: checking access for user "george"
2062 acl: acl.allow.branches not enabled
2063 acl: acl.deny.branches enabled, 1 entries for user george
2064 acl: acl.allow not enabled
2065 acl: acl.deny not enabled
2066 error: pretxnchangegroup.acl hook failed: acl: user "george" denied on branch "default" (changeset "ef1ea85a6374")
2067 transaction abort!
2068 rollback completed
2069 abort: acl: user "george" denied on branch "default" (changeset "ef1ea85a6374")
2070 no rollback information available
2071 2:fb35475503ef
2072
2073
General Comments 0
You need to be logged in to leave comments. Login now