##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

acl: cleanup module docstring...
Martin Geisler -
r11058:f6dcbeb5 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,163 +1,160 b''
1 1 # acl.py - changeset access control for mercurial
2 2 #
3 3 # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
4 4 #
5 5 # This software may be used and distributed according to the terms of the
6 6 # GNU General Public License version 2 or any later version.
7 7
8 8 '''hooks for controlling repository access
9 9
10 10 This hook makes it possible to allow or deny write access to portions
11 11 of a repository when receiving incoming changesets via pretxnchangegroup and
12 12 pretxncommit.
13 13
14 14 The authorization is matched based on the local user name on the
15 15 system where the hook runs, and not the committer of the original
16 16 changeset (since the latter is merely informative).
17 17
18 18 The acl hook is best used along with a restricted shell like hgsh,
19 19 preventing authenticating users from doing anything other than
20 20 pushing or pulling. The hook is not safe to use if users have
21 21 interactive shell access, as they can then disable the hook.
22 22 Nor is it safe if remote users share an account, because then there
23 23 is no way to distinguish them.
24 24
25 The deny list is checked before the allow list is.
25 The deny list is checked before the allow list.
26 26
27 27 The allow and deny sections take key-value pairs, having a subtree pattern
28 28 as key (with a glob syntax by default). The corresponding value can be either:
29 29
30 30 1) an asterisk, to match everyone;
31 31 2) a comma-separated list containing users and groups.
32 32
33 Group names must be prefixed with an @ symbol.
33 Group names must be prefixed with an ``@`` symbol.
34 34 Specifying a group name has the same effect as specifying all the users in
35 35 that group.
36 The set of users for a group is taken from "grp.getgrnam"
37 (see http://docs.python.org/library/grp.html#grp.getgrnam).
38 36
39 37 To use this hook, configure the acl extension in your hgrc like this::
40 38
41 39 [extensions]
42 40 acl =
43 41
44 42 [hooks]
45 43
46 # Use this if you want to check access restrictions at commit time
44 # Use this if you want to check access restrictions at commit time.
47 45 pretxncommit.acl = python:hgext.acl.hook
48 46
49 47 # Use this if you want to check access restrictions for pull, push, bundle
50 48 # and serve.
51 49 pretxnchangegroup.acl = python:hgext.acl.hook
52 50
53 51 [acl]
54 # Check whether the source of incoming changes is in this list
55 # ("serve" == ssh or http, "push", "pull", "bundle")
52 # Check whether the source of incoming changes is in this list where
53 # "serve" == ssh or http, and "push", "pull" and "bundle" are the
54 # corresponding hg commands.
56 55 sources = serve
57 56
58 57 [acl.deny]
59 58 # This list is checked first. If a match is found, 'acl.allow' will not be
60 # checked.
61 # if acl.deny is not present, no users denied by default
62 # empty acl.deny = all users allowed
63 # Format for both lists: glob pattern = user4, user5, @group1
59 # checked. All users are granted access if acl.deny is not present.
60 # Format for both lists: glob pattern = user, ..., @group, ...
64 61
65 62 # To match everyone, use an asterisk for the user:
66 63 # my/glob/pattern = *
67 64
68 65 # user6 will not have write access to any file:
69 66 ** = user6
70 67
71 68 # Group "hg-denied" will not have write access to any file:
72 69 ** = @hg-denied
73 70
74 71 # Nobody will be able to change "DONT-TOUCH-THIS.txt", despite everyone being
75 72 # able to change all other files. See below.
76 73 src/main/resources/DONT-TOUCH-THIS.txt = *
77 74
78 75 [acl.allow]
79 76 # if acl.allow not present, all users allowed by default
80 77 # empty acl.allow = no users allowed
81 78
82 79 # User "doc_writer" has write access to any file under the "docs" folder:
83 80 docs/** = doc_writer
84 81
85 82 # User "jack" and group "designers" have write access to any file under the
86 83 # "images" folder:
87 84 images/** = jack, @designers
88 85
89 86 # Everyone (except for "user6" - see "acl.deny" above) will have write access
90 to any file under the "resources" folder (except for 1 file. See "acl.deny"):
87 # to any file under the "resources" folder (except for 1 file. See "acl.deny"):
91 88 src/main/resources/** = *
92 89
93 90 .hgtags = release_engineer
94 91
95 92 '''
96 93
97 94 from mercurial.i18n import _
98 95 from mercurial import util, match
99 96 import getpass, urllib, grp
100 97
101 98 def _getusers(group):
102 99 return grp.getgrnam(group).gr_mem
103 100
104 101 def _usermatch(user, usersorgroups):
105 102
106 103 if usersorgroups == '*':
107 104 return True
108 105
109 106 for ug in usersorgroups.replace(',', ' ').split():
110 107 if user == ug or ug.find('@') == 0 and user in _getusers(ug[1:]):
111 108 return True
112 109
113 110 return False
114 111
115 112 def buildmatch(ui, repo, user, key):
116 113 '''return tuple of (match function, list enabled).'''
117 114 if not ui.has_section(key):
118 115 ui.debug('acl: %s not enabled\n' % key)
119 116 return None
120 117
121 118 pats = [pat for pat, users in ui.configitems(key)
122 119 if _usermatch(user, users)]
123 120 ui.debug('acl: %s enabled, %d entries for user %s\n' %
124 121 (key, len(pats), user))
125 122 if pats:
126 123 return match.match(repo.root, '', pats)
127 124 return match.exact(repo.root, '', [])
128 125
129 126
130 127 def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
131 128 if hooktype not in ['pretxnchangegroup', 'pretxncommit']:
132 129 raise util.Abort(_('config error - hook type "%s" cannot stop '
133 130 'incoming changesets nor commits') % hooktype)
134 131 if (hooktype == 'pretxnchangegroup' and
135 132 source not in ui.config('acl', 'sources', 'serve').split()):
136 133 ui.debug('acl: changes have source "%s" - skipping\n' % source)
137 134 return
138 135
139 136 user = None
140 137 if source == 'serve' and 'url' in kwargs:
141 138 url = kwargs['url'].split(':')
142 139 if url[0] == 'remote' and url[1].startswith('http'):
143 140 user = urllib.unquote(url[3])
144 141
145 142 if user is None:
146 143 user = getpass.getuser()
147 144
148 145 cfg = ui.config('acl', 'config')
149 146 if cfg:
150 147 ui.readconfig(cfg, sections = ['acl.allow', 'acl.deny'])
151 148 allow = buildmatch(ui, repo, user, 'acl.allow')
152 149 deny = buildmatch(ui, repo, user, 'acl.deny')
153 150
154 151 for rev in xrange(repo[node], len(repo)):
155 152 ctx = repo[rev]
156 153 for f in ctx.files():
157 154 if deny and deny(f):
158 155 ui.debug('acl: user %s denied on %s\n' % (user, f))
159 156 raise util.Abort(_('acl: access denied for changeset %s') % ctx)
160 157 if allow and not allow(f):
161 158 ui.debug('acl: user %s not allowed on %s\n' % (user, f))
162 159 raise util.Abort(_('acl: access denied for changeset %s') % ctx)
163 160 ui.debug('acl: allowing changeset %s\n' % ctx)
General Comments 0
You need to be logged in to leave comments. Login now