##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

use ui.readsections in the acl extension
Alexis S. L. Carvalho -
r3436:f29989e9 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,124 +1,124
1 1 # acl.py - changeset access control for mercurial
2 2 #
3 3 # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
4 4 #
5 5 # This software may be used and distributed according to the terms
6 6 # of the GNU General Public License, incorporated herein by reference.
7 7 #
8 8 # this hook allows to allow or deny access to parts of a repo when
9 9 # taking incoming changesets.
10 10 #
11 11 # authorization is against local user name on system where hook is
12 12 # run, not committer of original changeset (since that is easy to
13 13 # spoof).
14 14 #
15 15 # acl hook is best to use if you use hgsh to set up restricted shells
16 16 # for authenticated users to only push to / pull from. not safe if
17 17 # user has interactive shell access, because they can disable hook.
18 18 # also not safe if remote users share one local account, because then
19 19 # no way to tell remote users apart.
20 20 #
21 21 # to use, configure acl extension in hgrc like this:
22 22 #
23 23 # [extensions]
24 24 # hgext.acl =
25 25 #
26 26 # [hooks]
27 27 # pretxnchangegroup.acl = python:hgext.acl.hook
28 28 #
29 29 # [acl]
30 30 # sources = serve # check if source of incoming changes in this list
31 31 # # ("serve" == ssh or http, "push", "pull", "bundle")
32 32 #
33 33 # allow and deny lists have subtree pattern (default syntax is glob)
34 34 # on left, user names on right. deny list checked before allow list.
35 35 #
36 36 # [acl.allow]
37 37 # # if acl.allow not present, all users allowed by default
38 38 # # empty acl.allow = no users allowed
39 39 # docs/** = doc_writer
40 40 # .hgtags = release_engineer
41 41 #
42 42 # [acl.deny]
43 43 # # if acl.deny not present, no users denied by default
44 44 # # empty acl.deny = all users allowed
45 45 # glob pattern = user4, user5
46 46 # ** = user6
47 47
48 48 from mercurial.demandload import *
49 49 from mercurial.i18n import gettext as _
50 50 from mercurial.node import *
51 51 demandload(globals(), 'getpass mercurial:util')
52 52
53 53 class checker(object):
54 54 '''acl checker.'''
55 55
56 56 def buildmatch(self, key):
57 57 '''return tuple of (match function, list enabled).'''
58 58 if not self.ui.has_config(key):
59 59 self.ui.debug(_('acl: %s not enabled\n') % key)
60 60 return None, False
61 61
62 62 thisuser = self.getuser()
63 63 pats = [pat for pat, users in self.ui.configitems(key)
64 64 if thisuser in users.replace(',', ' ').split()]
65 65 self.ui.debug(_('acl: %s enabled, %d entries for user %s\n') %
66 66 (key, len(pats), thisuser))
67 67 if pats:
68 68 match = util.matcher(self.repo.root, names=pats)[1]
69 69 else:
70 70 match = util.never
71 71 return match, True
72 72
73 73 def getuser(self):
74 74 '''return name of authenticated user.'''
75 75 return self.user
76 76
77 77 def __init__(self, ui, repo):
78 78 self.ui = ui
79 79 self.repo = repo
80 80 self.user = getpass.getuser()
81 81 cfg = self.ui.config('acl', 'config')
82 82 if cfg:
83 self.ui.readconfig(cfg)
83 self.ui.readsections(cfg, 'acl.allow', 'acl.deny')
84 84 self.allow, self.allowable = self.buildmatch('acl.allow')
85 85 self.deny, self.deniable = self.buildmatch('acl.deny')
86 86
87 87 def skipsource(self, source):
88 88 '''true if incoming changes from this source should be skipped.'''
89 89 ok_sources = self.ui.config('acl', 'sources', 'serve').split()
90 90 return source not in ok_sources
91 91
92 92 def check(self, node):
93 93 '''return if access allowed, raise exception if not.'''
94 94 files = self.repo.changelog.read(node)[3]
95 95 if self.deniable:
96 96 for f in files:
97 97 if self.deny(f):
98 98 self.ui.debug(_('acl: user %s denied on %s\n') %
99 99 (self.getuser(), f))
100 100 raise util.Abort(_('acl: access denied for changeset %s') %
101 101 short(node))
102 102 if self.allowable:
103 103 for f in files:
104 104 if not self.allow(f):
105 105 self.ui.debug(_('acl: user %s not allowed on %s\n') %
106 106 (self.getuser(), f))
107 107 raise util.Abort(_('acl: access denied for changeset %s') %
108 108 short(node))
109 109 self.ui.debug(_('acl: allowing changeset %s\n') % short(node))
110 110
111 111 def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
112 112 if hooktype != 'pretxnchangegroup':
113 113 raise util.Abort(_('config error - hook type "%s" cannot stop '
114 114 'incoming changesets') % hooktype)
115 115
116 116 c = checker(ui, repo)
117 117 if c.skipsource(source):
118 118 ui.debug(_('acl: changes have source "%s" - skipping\n') % source)
119 119 return
120 120
121 121 start = repo.changelog.rev(bin(node))
122 122 end = repo.changelog.count()
123 123 for rev in xrange(start, end):
124 124 c.check(repo.changelog.node(rev))
Show file before | Show file after | Hide comments
@@ -1,104 +1,109
1 1 #!/bin/sh
2 2
3 3 do_push()
4 4 {
5 5 user=$1
6 6 shift
7 7
8 8 echo "Pushing as user $user"
9 9 echo 'hgrc = """'
10 10 sed -e 1,2d b/.hg/hgrc
11 11 echo '"""'
12 12 if [ -e acl.config ]; then
13 13 echo 'acl.config = """'
14 14 cat acl.config
15 15 echo '"""'
16 16 fi
17 17 LOGNAME=$user hg --cwd a --debug push ../b
18 18 hg --cwd b rollback
19 19 hg --cwd b --quiet tip
20 20 echo
21 21 }
22 22
23 23 hg init a
24 24 cd a
25 25 mkdir foo foo/Bar quux
26 26 echo 'in foo' > foo/file.txt
27 27 echo 'in foo/Bar' > foo/Bar/file.txt
28 28 echo 'in quux' > quux/file.py
29 29 hg add
30 30 hg ci -m 'add files' -d '1000000 0'
31 31 echo >> foo/file.txt
32 32 hg ci -m 'change foo/file' -d '1000001 0'
33 33 echo >> foo/Bar/file.txt
34 34 hg ci -m 'change foo/Bar/file' -d '1000002 0'
35 35 echo >> quux/file.py
36 36 hg ci -m 'change quux/file' -d '1000003 0'
37 37 hg tip --quiet
38 38
39 39 cd ..
40 40 hg clone -r 0 a b
41 41
42 42 echo '[extensions]' >> $HGRCPATH
43 43 echo 'hgext.acl =' >> $HGRCPATH
44 44
45 45 config=b/.hg/hgrc
46 46
47 47 echo
48 48
49 49 echo 'Extension disabled for lack of a hook'
50 50 do_push fred
51 51
52 52 echo '[hooks]' >> $config
53 53 echo 'pretxnchangegroup.acl = python:hgext.acl.hook' >> $config
54 54
55 55 echo 'Extension disabled for lack of acl.sources'
56 56 do_push fred
57 57
58 58 echo 'No [acl.allow]/[acl.deny]'
59 59 echo '[acl]' >> $config
60 60 echo 'sources = push' >> $config
61 61 do_push fred
62 62
63 63 echo 'Empty [acl.allow]'
64 64 echo '[acl.allow]' >> $config
65 65 do_push fred
66 66
67 67 echo 'fred is allowed inside foo/'
68 68 echo 'foo/** = fred' >> $config
69 69 do_push fred
70 70
71 71 echo 'Empty [acl.deny]'
72 72 echo '[acl.deny]' >> $config
73 73 do_push barney
74 74
75 75 echo 'fred is allowed inside foo/, but not foo/bar/ (case matters)'
76 76 echo 'foo/bar/** = fred' >> $config
77 77 do_push fred
78 78
79 79 echo 'fred is allowed inside foo/, but not foo/Bar/'
80 80 echo 'foo/Bar/** = fred' >> $config
81 81 do_push fred
82 82
83 83 echo 'barney is not mentioned => not allowed anywhere'
84 84 do_push barney
85 85
86 86 echo 'barney is allowed everywhere'
87 87 echo '[acl.allow]' >> $config
88 88 echo '** = barney' >> $config
89 89 do_push barney
90 90
91 91 echo 'wilma can change files with a .txt extension'
92 92 echo '**/*.txt = wilma' >> $config
93 93 do_push wilma
94 94
95 95 echo 'file specified by acl.config does not exist'
96 96 echo '[acl]' >> $config
97 97 echo 'config = ../acl.config' >> $config
98 98 do_push barney
99 99
100 100 echo 'betty is allowed inside foo/ by a acl.config file'
101 101 echo '[acl.allow]' >> acl.config
102 102 echo 'foo/** = betty' >> acl.config
103 103 do_push betty
104 104
105 echo 'acl.config can set only [acl.allow]/[acl.deny]'
106 echo '[hooks]' >> acl.config
107 echo 'changegroup.acl = false' >> acl.config
108 do_push barney
109
Show file before | Show file after | Hide comments
@@ -1,471 +1,517
1 1 adding foo/Bar/file.txt
2 2 adding foo/file.txt
3 3 adding quux/file.py
4 4 3:911600dab2ae
5 5 requesting all changes
6 6 adding changesets
7 7 adding manifests
8 8 adding file changes
9 9 added 1 changesets with 3 changes to 3 files
10 10 3 files updated, 0 files merged, 0 files removed, 0 files unresolved
11 11
12 12 Extension disabled for lack of a hook
13 13 Pushing as user fred
14 14 hgrc = """
15 15 """
16 16 pushing to ../b
17 17 searching for changes
18 18 common changesets up to 6675d58eff77
19 19 adding changesets
20 20 add changeset ef1ea85a6374
21 21 add changeset f9cafe1212c8
22 22 add changeset 911600dab2ae
23 23 adding manifests
24 24 adding file changes
25 25 adding foo/Bar/file.txt revisions
26 26 adding foo/file.txt revisions
27 27 adding quux/file.py revisions
28 28 added 3 changesets with 3 changes to 3 files
29 29 rolling back last transaction
30 30 0:6675d58eff77
31 31
32 32 Extension disabled for lack of acl.sources
33 33 Pushing as user fred
34 34 hgrc = """
35 35 [hooks]
36 36 pretxnchangegroup.acl = python:hgext.acl.hook
37 37 """
38 38 pushing to ../b
39 39 searching for changes
40 40 common changesets up to 6675d58eff77
41 41 adding changesets
42 42 add changeset ef1ea85a6374
43 43 add changeset f9cafe1212c8
44 44 add changeset 911600dab2ae
45 45 adding manifests
46 46 adding file changes
47 47 adding foo/Bar/file.txt revisions
48 48 adding foo/file.txt revisions
49 49 adding quux/file.py revisions
50 50 added 3 changesets with 3 changes to 3 files
51 51 calling hook pretxnchangegroup.acl: hgext.acl.hook
52 52 acl: acl.allow not enabled
53 53 acl: acl.deny not enabled
54 54 acl: changes have source "push" - skipping
55 55 rolling back last transaction
56 56 0:6675d58eff77
57 57
58 58 No [acl.allow]/[acl.deny]
59 59 Pushing as user fred
60 60 hgrc = """
61 61 [hooks]
62 62 pretxnchangegroup.acl = python:hgext.acl.hook
63 63 [acl]
64 64 sources = push
65 65 """
66 66 pushing to ../b
67 67 searching for changes
68 68 common changesets up to 6675d58eff77
69 69 adding changesets
70 70 add changeset ef1ea85a6374
71 71 add changeset f9cafe1212c8
72 72 add changeset 911600dab2ae
73 73 adding manifests
74 74 adding file changes
75 75 adding foo/Bar/file.txt revisions
76 76 adding foo/file.txt revisions
77 77 adding quux/file.py revisions
78 78 added 3 changesets with 3 changes to 3 files
79 79 calling hook pretxnchangegroup.acl: hgext.acl.hook
80 80 acl: acl.allow not enabled
81 81 acl: acl.deny not enabled
82 82 acl: allowing changeset ef1ea85a6374
83 83 acl: allowing changeset f9cafe1212c8
84 84 acl: allowing changeset 911600dab2ae
85 85 rolling back last transaction
86 86 0:6675d58eff77
87 87
88 88 Empty [acl.allow]
89 89 Pushing as user fred
90 90 hgrc = """
91 91 [hooks]
92 92 pretxnchangegroup.acl = python:hgext.acl.hook
93 93 [acl]
94 94 sources = push
95 95 [acl.allow]
96 96 """
97 97 pushing to ../b
98 98 searching for changes
99 99 common changesets up to 6675d58eff77
100 100 adding changesets
101 101 add changeset ef1ea85a6374
102 102 add changeset f9cafe1212c8
103 103 add changeset 911600dab2ae
104 104 adding manifests
105 105 adding file changes
106 106 adding foo/Bar/file.txt revisions
107 107 adding foo/file.txt revisions
108 108 adding quux/file.py revisions
109 109 added 3 changesets with 3 changes to 3 files
110 110 calling hook pretxnchangegroup.acl: hgext.acl.hook
111 111 acl: acl.allow enabled, 0 entries for user fred
112 112 acl: acl.deny not enabled
113 113 acl: user fred not allowed on foo/file.txt
114 114 error: pretxnchangegroup.acl hook failed: acl: access denied for changeset ef1ea85a6374
115 115 abort: acl: access denied for changeset ef1ea85a6374
116 116 transaction abort!
117 117 rollback completed
118 118 no rollback information available
119 119 0:6675d58eff77
120 120
121 121 fred is allowed inside foo/
122 122 Pushing as user fred
123 123 hgrc = """
124 124 [hooks]
125 125 pretxnchangegroup.acl = python:hgext.acl.hook
126 126 [acl]
127 127 sources = push
128 128 [acl.allow]
129 129 foo/** = fred
130 130 """
131 131 pushing to ../b
132 132 searching for changes
133 133 common changesets up to 6675d58eff77
134 134 adding changesets
135 135 add changeset ef1ea85a6374
136 136 add changeset f9cafe1212c8
137 137 add changeset 911600dab2ae
138 138 adding manifests
139 139 adding file changes
140 140 adding foo/Bar/file.txt revisions
141 141 adding foo/file.txt revisions
142 142 adding quux/file.py revisions
143 143 added 3 changesets with 3 changes to 3 files
144 144 calling hook pretxnchangegroup.acl: hgext.acl.hook
145 145 acl: acl.allow enabled, 1 entries for user fred
146 146 acl: acl.deny not enabled
147 147 acl: allowing changeset ef1ea85a6374
148 148 acl: allowing changeset f9cafe1212c8
149 149 acl: user fred not allowed on quux/file.py
150 150 error: pretxnchangegroup.acl hook failed: acl: access denied for changeset 911600dab2ae
151 151 abort: acl: access denied for changeset 911600dab2ae
152 152 transaction abort!
153 153 rollback completed
154 154 no rollback information available
155 155 0:6675d58eff77
156 156
157 157 Empty [acl.deny]
158 158 Pushing as user barney
159 159 hgrc = """
160 160 [hooks]
161 161 pretxnchangegroup.acl = python:hgext.acl.hook
162 162 [acl]
163 163 sources = push
164 164 [acl.allow]
165 165 foo/** = fred
166 166 [acl.deny]
167 167 """
168 168 pushing to ../b
169 169 searching for changes
170 170 common changesets up to 6675d58eff77
171 171 adding changesets
172 172 add changeset ef1ea85a6374
173 173 add changeset f9cafe1212c8
174 174 add changeset 911600dab2ae
175 175 adding manifests
176 176 adding file changes
177 177 adding foo/Bar/file.txt revisions
178 178 adding foo/file.txt revisions
179 179 adding quux/file.py revisions
180 180 added 3 changesets with 3 changes to 3 files
181 181 calling hook pretxnchangegroup.acl: hgext.acl.hook
182 182 acl: acl.allow enabled, 0 entries for user barney
183 183 acl: acl.deny enabled, 0 entries for user barney
184 184 acl: user barney not allowed on foo/file.txt
185 185 error: pretxnchangegroup.acl hook failed: acl: access denied for changeset ef1ea85a6374
186 186 abort: acl: access denied for changeset ef1ea85a6374
187 187 transaction abort!
188 188 rollback completed
189 189 no rollback information available
190 190 0:6675d58eff77
191 191
192 192 fred is allowed inside foo/, but not foo/bar/ (case matters)
193 193 Pushing as user fred
194 194 hgrc = """
195 195 [hooks]
196 196 pretxnchangegroup.acl = python:hgext.acl.hook
197 197 [acl]
198 198 sources = push
199 199 [acl.allow]
200 200 foo/** = fred
201 201 [acl.deny]
202 202 foo/bar/** = fred
203 203 """
204 204 pushing to ../b
205 205 searching for changes
206 206 common changesets up to 6675d58eff77
207 207 adding changesets
208 208 add changeset ef1ea85a6374
209 209 add changeset f9cafe1212c8
210 210 add changeset 911600dab2ae
211 211 adding manifests
212 212 adding file changes
213 213 adding foo/Bar/file.txt revisions
214 214 adding foo/file.txt revisions
215 215 adding quux/file.py revisions
216 216 added 3 changesets with 3 changes to 3 files
217 217 calling hook pretxnchangegroup.acl: hgext.acl.hook
218 218 acl: acl.allow enabled, 1 entries for user fred
219 219 acl: acl.deny enabled, 1 entries for user fred
220 220 acl: allowing changeset ef1ea85a6374
221 221 acl: allowing changeset f9cafe1212c8
222 222 acl: user fred not allowed on quux/file.py
223 223 error: pretxnchangegroup.acl hook failed: acl: access denied for changeset 911600dab2ae
224 224 abort: acl: access denied for changeset 911600dab2ae
225 225 transaction abort!
226 226 rollback completed
227 227 no rollback information available
228 228 0:6675d58eff77
229 229
230 230 fred is allowed inside foo/, but not foo/Bar/
231 231 Pushing as user fred
232 232 hgrc = """
233 233 [hooks]
234 234 pretxnchangegroup.acl = python:hgext.acl.hook
235 235 [acl]
236 236 sources = push
237 237 [acl.allow]
238 238 foo/** = fred
239 239 [acl.deny]
240 240 foo/bar/** = fred
241 241 foo/Bar/** = fred
242 242 """
243 243 pushing to ../b
244 244 searching for changes
245 245 common changesets up to 6675d58eff77
246 246 adding changesets
247 247 add changeset ef1ea85a6374
248 248 add changeset f9cafe1212c8
249 249 add changeset 911600dab2ae
250 250 adding manifests
251 251 adding file changes
252 252 adding foo/Bar/file.txt revisions
253 253 adding foo/file.txt revisions
254 254 adding quux/file.py revisions
255 255 added 3 changesets with 3 changes to 3 files
256 256 calling hook pretxnchangegroup.acl: hgext.acl.hook
257 257 acl: acl.allow enabled, 1 entries for user fred
258 258 acl: acl.deny enabled, 2 entries for user fred
259 259 acl: allowing changeset ef1ea85a6374
260 260 acl: user fred denied on foo/Bar/file.txt
261 261 error: pretxnchangegroup.acl hook failed: acl: access denied for changeset f9cafe1212c8
262 262 abort: acl: access denied for changeset f9cafe1212c8
263 263 transaction abort!
264 264 rollback completed
265 265 no rollback information available
266 266 0:6675d58eff77
267 267
268 268 barney is not mentioned => not allowed anywhere
269 269 Pushing as user barney
270 270 hgrc = """
271 271 [hooks]
272 272 pretxnchangegroup.acl = python:hgext.acl.hook
273 273 [acl]
274 274 sources = push
275 275 [acl.allow]
276 276 foo/** = fred
277 277 [acl.deny]
278 278 foo/bar/** = fred
279 279 foo/Bar/** = fred
280 280 """
281 281 pushing to ../b
282 282 searching for changes
283 283 common changesets up to 6675d58eff77
284 284 adding changesets
285 285 add changeset ef1ea85a6374
286 286 add changeset f9cafe1212c8
287 287 add changeset 911600dab2ae
288 288 adding manifests
289 289 adding file changes
290 290 adding foo/Bar/file.txt revisions
291 291 adding foo/file.txt revisions
292 292 adding quux/file.py revisions
293 293 added 3 changesets with 3 changes to 3 files
294 294 calling hook pretxnchangegroup.acl: hgext.acl.hook
295 295 acl: acl.allow enabled, 0 entries for user barney
296 296 acl: acl.deny enabled, 0 entries for user barney
297 297 acl: user barney not allowed on foo/file.txt
298 298 error: pretxnchangegroup.acl hook failed: acl: access denied for changeset ef1ea85a6374
299 299 abort: acl: access denied for changeset ef1ea85a6374
300 300 transaction abort!
301 301 rollback completed
302 302 no rollback information available
303 303 0:6675d58eff77
304 304
305 305 barney is allowed everywhere
306 306 Pushing as user barney
307 307 hgrc = """
308 308 [hooks]
309 309 pretxnchangegroup.acl = python:hgext.acl.hook
310 310 [acl]
311 311 sources = push
312 312 [acl.allow]
313 313 foo/** = fred
314 314 [acl.deny]
315 315 foo/bar/** = fred
316 316 foo/Bar/** = fred
317 317 [acl.allow]
318 318 ** = barney
319 319 """
320 320 pushing to ../b
321 321 searching for changes
322 322 common changesets up to 6675d58eff77
323 323 adding changesets
324 324 add changeset ef1ea85a6374
325 325 add changeset f9cafe1212c8
326 326 add changeset 911600dab2ae
327 327 adding manifests
328 328 adding file changes
329 329 adding foo/Bar/file.txt revisions
330 330 adding foo/file.txt revisions
331 331 adding quux/file.py revisions
332 332 added 3 changesets with 3 changes to 3 files
333 333 calling hook pretxnchangegroup.acl: hgext.acl.hook
334 334 acl: acl.allow enabled, 1 entries for user barney
335 335 acl: acl.deny enabled, 0 entries for user barney
336 336 acl: allowing changeset ef1ea85a6374
337 337 acl: allowing changeset f9cafe1212c8
338 338 acl: allowing changeset 911600dab2ae
339 339 rolling back last transaction
340 340 0:6675d58eff77
341 341
342 342 wilma can change files with a .txt extension
343 343 Pushing as user wilma
344 344 hgrc = """
345 345 [hooks]
346 346 pretxnchangegroup.acl = python:hgext.acl.hook
347 347 [acl]
348 348 sources = push
349 349 [acl.allow]
350 350 foo/** = fred
351 351 [acl.deny]
352 352 foo/bar/** = fred
353 353 foo/Bar/** = fred
354 354 [acl.allow]
355 355 ** = barney
356 356 **/*.txt = wilma
357 357 """
358 358 pushing to ../b
359 359 searching for changes
360 360 common changesets up to 6675d58eff77
361 361 adding changesets
362 362 add changeset ef1ea85a6374
363 363 add changeset f9cafe1212c8
364 364 add changeset 911600dab2ae
365 365 adding manifests
366 366 adding file changes
367 367 adding foo/Bar/file.txt revisions
368 368 adding foo/file.txt revisions
369 369 adding quux/file.py revisions
370 370 added 3 changesets with 3 changes to 3 files
371 371 calling hook pretxnchangegroup.acl: hgext.acl.hook
372 372 acl: acl.allow enabled, 1 entries for user wilma
373 373 acl: acl.deny enabled, 0 entries for user wilma
374 374 acl: allowing changeset ef1ea85a6374
375 375 acl: allowing changeset f9cafe1212c8
376 376 acl: user wilma not allowed on quux/file.py
377 377 error: pretxnchangegroup.acl hook failed: acl: access denied for changeset 911600dab2ae
378 378 abort: acl: access denied for changeset 911600dab2ae
379 379 transaction abort!
380 380 rollback completed
381 381 no rollback information available
382 382 0:6675d58eff77
383 383
384 384 file specified by acl.config does not exist
385 385 Pushing as user barney
386 386 hgrc = """
387 387 [hooks]
388 388 pretxnchangegroup.acl = python:hgext.acl.hook
389 389 [acl]
390 390 sources = push
391 391 [acl.allow]
392 392 foo/** = fred
393 393 [acl.deny]
394 394 foo/bar/** = fred
395 395 foo/Bar/** = fred
396 396 [acl.allow]
397 397 ** = barney
398 398 **/*.txt = wilma
399 399 [acl]
400 400 config = ../acl.config
401 401 """
402 402 pushing to ../b
403 403 searching for changes
404 404 common changesets up to 6675d58eff77
405 405 adding changesets
406 406 add changeset ef1ea85a6374
407 407 add changeset f9cafe1212c8
408 408 add changeset 911600dab2ae
409 409 adding manifests
410 410 adding file changes
411 411 adding foo/Bar/file.txt revisions
412 412 adding foo/file.txt revisions
413 413 adding quux/file.py revisions
414 414 added 3 changesets with 3 changes to 3 files
415 415 calling hook pretxnchangegroup.acl: hgext.acl.hook
416 416 acl: acl.allow enabled, 1 entries for user barney
417 417 acl: acl.deny enabled, 0 entries for user barney
418 418 acl: allowing changeset ef1ea85a6374
419 419 acl: allowing changeset f9cafe1212c8
420 420 acl: allowing changeset 911600dab2ae
421 421 rolling back last transaction
422 422 0:6675d58eff77
423 423
424 424 betty is allowed inside foo/ by a acl.config file
425 425 Pushing as user betty
426 426 hgrc = """
427 427 [hooks]
428 428 pretxnchangegroup.acl = python:hgext.acl.hook
429 429 [acl]
430 430 sources = push
431 431 [acl.allow]
432 432 foo/** = fred
433 433 [acl.deny]
434 434 foo/bar/** = fred
435 435 foo/Bar/** = fred
436 436 [acl.allow]
437 437 ** = barney
438 438 **/*.txt = wilma
439 439 [acl]
440 440 config = ../acl.config
441 441 """
442 442 acl.config = """
443 443 [acl.allow]
444 444 foo/** = betty
445 445 """
446 446 pushing to ../b
447 447 searching for changes
448 448 common changesets up to 6675d58eff77
449 449 adding changesets
450 450 add changeset ef1ea85a6374
451 451 add changeset f9cafe1212c8
452 452 add changeset 911600dab2ae
453 453 adding manifests
454 454 adding file changes
455 455 adding foo/Bar/file.txt revisions
456 456 adding foo/file.txt revisions
457 457 adding quux/file.py revisions
458 458 added 3 changesets with 3 changes to 3 files
459 459 calling hook pretxnchangegroup.acl: hgext.acl.hook
460 460 acl: acl.allow enabled, 1 entries for user betty
461 461 acl: acl.deny enabled, 0 entries for user betty
462 462 acl: allowing changeset ef1ea85a6374
463 463 acl: allowing changeset f9cafe1212c8
464 464 acl: user betty not allowed on quux/file.py
465 465 error: pretxnchangegroup.acl hook failed: acl: access denied for changeset 911600dab2ae
466 466 abort: acl: access denied for changeset 911600dab2ae
467 467 transaction abort!
468 468 rollback completed
469 469 no rollback information available
470 470 0:6675d58eff77
471 471
472 acl.config can set only [acl.allow]/[acl.deny]
473 Pushing as user barney
474 hgrc = """
475 [hooks]
476 pretxnchangegroup.acl = python:hgext.acl.hook
477 [acl]
478 sources = push
479 [acl.allow]
480 foo/** = fred
481 [acl.deny]
482 foo/bar/** = fred
483 foo/Bar/** = fred
484 [acl.allow]
485 ** = barney
486 **/*.txt = wilma
487 [acl]
488 config = ../acl.config
489 """
490 acl.config = """
491 [acl.allow]
492 foo/** = betty
493 [hooks]
494 changegroup.acl = false
495 """
496 pushing to ../b
497 searching for changes
498 common changesets up to 6675d58eff77
499 adding changesets
500 add changeset ef1ea85a6374
501 add changeset f9cafe1212c8
502 add changeset 911600dab2ae
503 adding manifests
504 adding file changes
505 adding foo/Bar/file.txt revisions
506 adding foo/file.txt revisions
507 adding quux/file.py revisions
508 added 3 changesets with 3 changes to 3 files
509 calling hook pretxnchangegroup.acl: hgext.acl.hook
510 acl: acl.allow enabled, 1 entries for user barney
511 acl: acl.deny enabled, 0 entries for user barney
512 acl: allowing changeset ef1ea85a6374
513 acl: allowing changeset f9cafe1212c8
514 acl: allowing changeset 911600dab2ae
515 rolling back last transaction
516 0:6675d58eff77
517
General Comments 0
You need to be logged in to leave comments. Login now