##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

hgweb: move readallowed to a standalone function...
Gregory Szorc -
r36906:f8d6d9b2 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,554 +1,554
1 1 # hgweb/hgwebdir_mod.py - Web interface for a directory of repositories.
2 2 #
3 3 # Copyright 21 May 2005 - (c) 2005 Jake Edge <jake@edge2.net>
4 4 # Copyright 2005, 2006 Matt Mackall <mpm@selenic.com>
5 5 #
6 6 # This software may be used and distributed according to the terms of the
7 7 # GNU General Public License version 2 or any later version.
8 8
9 9 from __future__ import absolute_import
10 10
11 11 import os
12 12 import re
13 13 import time
14 14
15 15 from ..i18n import _
16 16
17 17 from .common import (
18 18 ErrorResponse,
19 19 HTTP_NOT_FOUND,
20 20 HTTP_OK,
21 21 HTTP_SERVER_ERROR,
22 22 cspvalues,
23 23 get_contact,
24 24 get_mtime,
25 25 ismember,
26 26 paritygen,
27 27 staticfile,
28 28 )
29 29
30 30 from .. import (
31 31 configitems,
32 32 encoding,
33 33 error,
34 34 hg,
35 35 profiling,
36 36 pycompat,
37 37 scmutil,
38 38 templater,
39 39 ui as uimod,
40 40 util,
41 41 )
42 42
43 43 from . import (
44 44 hgweb_mod,
45 45 request as requestmod,
46 46 webutil,
47 47 wsgicgi,
48 48 )
49 49 from ..utils import dateutil
50 50
51 51 def cleannames(items):
52 52 return [(util.pconvert(name).strip('/'), path) for name, path in items]
53 53
54 54 def findrepos(paths):
55 55 repos = []
56 56 for prefix, root in cleannames(paths):
57 57 roothead, roottail = os.path.split(root)
58 58 # "foo = /bar/*" or "foo = /bar/**" lets every repo /bar/N in or below
59 59 # /bar/ be served as as foo/N .
60 60 # '*' will not search inside dirs with .hg (except .hg/patches),
61 61 # '**' will search inside dirs with .hg (and thus also find subrepos).
62 62 try:
63 63 recurse = {'*': False, '**': True}[roottail]
64 64 except KeyError:
65 65 repos.append((prefix, root))
66 66 continue
67 67 roothead = os.path.normpath(os.path.abspath(roothead))
68 68 paths = scmutil.walkrepos(roothead, followsym=True, recurse=recurse)
69 69 repos.extend(urlrepos(prefix, roothead, paths))
70 70 return repos
71 71
72 72 def urlrepos(prefix, roothead, paths):
73 73 """yield url paths and filesystem paths from a list of repo paths
74 74
75 75 >>> conv = lambda seq: [(v, util.pconvert(p)) for v,p in seq]
76 76 >>> conv(urlrepos(b'hg', b'/opt', [b'/opt/r', b'/opt/r/r', b'/opt']))
77 77 [('hg/r', '/opt/r'), ('hg/r/r', '/opt/r/r'), ('hg', '/opt')]
78 78 >>> conv(urlrepos(b'', b'/opt', [b'/opt/r', b'/opt/r/r', b'/opt']))
79 79 [('r', '/opt/r'), ('r/r', '/opt/r/r'), ('', '/opt')]
80 80 """
81 81 for path in paths:
82 82 path = os.path.normpath(path)
83 83 yield (prefix + '/' +
84 84 util.pconvert(path[len(roothead):]).lstrip('/')).strip('/'), path
85 85
86 86 def geturlcgivars(baseurl, port):
87 87 """
88 88 Extract CGI variables from baseurl
89 89
90 90 >>> geturlcgivars(b"http://host.org/base", b"80")
91 91 ('host.org', '80', '/base')
92 92 >>> geturlcgivars(b"http://host.org:8000/base", b"80")
93 93 ('host.org', '8000', '/base')
94 94 >>> geturlcgivars(b'/base', 8000)
95 95 ('', '8000', '/base')
96 96 >>> geturlcgivars(b"base", b'8000')
97 97 ('', '8000', '/base')
98 98 >>> geturlcgivars(b"http://host", b'8000')
99 99 ('host', '8000', '/')
100 100 >>> geturlcgivars(b"http://host/", b'8000')
101 101 ('host', '8000', '/')
102 102 """
103 103 u = util.url(baseurl)
104 104 name = u.host or ''
105 105 if u.port:
106 106 port = u.port
107 107 path = u.path or ""
108 108 if not path.startswith('/'):
109 109 path = '/' + path
110 110
111 111 return name, pycompat.bytestr(port), path
112 112
113 def readallowed(ui, req):
114 """Check allow_read and deny_read config options of a repo's ui object
115 to determine user permissions. By default, with neither option set (or
116 both empty), allow all users to read the repo. There are two ways a
117 user can be denied read access: (1) deny_read is not empty, and the
118 user is unauthenticated or deny_read contains user (or *), and (2)
119 allow_read is not empty and the user is not in allow_read. Return True
120 if user is allowed to read the repo, else return False."""
121
122 user = req.remoteuser
123
124 deny_read = ui.configlist('web', 'deny_read', untrusted=True)
125 if deny_read and (not user or ismember(ui, user, deny_read)):
126 return False
127
128 allow_read = ui.configlist('web', 'allow_read', untrusted=True)
129 # by default, allow reading if no allow_read option has been set
130 if not allow_read or ismember(ui, user, allow_read):
131 return True
132
133 return False
134
113 135 class hgwebdir(object):
114 136 """HTTP server for multiple repositories.
115 137
116 138 Given a configuration, different repositories will be served depending
117 139 on the request path.
118 140
119 141 Instances are typically used as WSGI applications.
120 142 """
121 143 def __init__(self, conf, baseui=None):
122 144 self.conf = conf
123 145 self.baseui = baseui
124 146 self.ui = None
125 147 self.lastrefresh = 0
126 148 self.motd = None
127 149 self.refresh()
128 150
129 151 def refresh(self):
130 152 if self.ui:
131 153 refreshinterval = self.ui.configint('web', 'refreshinterval')
132 154 else:
133 155 item = configitems.coreitems['web']['refreshinterval']
134 156 refreshinterval = item.default
135 157
136 158 # refreshinterval <= 0 means to always refresh.
137 159 if (refreshinterval > 0 and
138 160 self.lastrefresh + refreshinterval > time.time()):
139 161 return
140 162
141 163 if self.baseui:
142 164 u = self.baseui.copy()
143 165 else:
144 166 u = uimod.ui.load()
145 167 u.setconfig('ui', 'report_untrusted', 'off', 'hgwebdir')
146 168 u.setconfig('ui', 'nontty', 'true', 'hgwebdir')
147 169 # displaying bundling progress bar while serving feels wrong and may
148 170 # break some wsgi implementations.
149 171 u.setconfig('progress', 'disable', 'true', 'hgweb')
150 172
151 173 if not isinstance(self.conf, (dict, list, tuple)):
152 174 map = {'paths': 'hgweb-paths'}
153 175 if not os.path.exists(self.conf):
154 176 raise error.Abort(_('config file %s not found!') % self.conf)
155 177 u.readconfig(self.conf, remap=map, trust=True)
156 178 paths = []
157 179 for name, ignored in u.configitems('hgweb-paths'):
158 180 for path in u.configlist('hgweb-paths', name):
159 181 paths.append((name, path))
160 182 elif isinstance(self.conf, (list, tuple)):
161 183 paths = self.conf
162 184 elif isinstance(self.conf, dict):
163 185 paths = self.conf.items()
164 186
165 187 repos = findrepos(paths)
166 188 for prefix, root in u.configitems('collections'):
167 189 prefix = util.pconvert(prefix)
168 190 for path in scmutil.walkrepos(root, followsym=True):
169 191 repo = os.path.normpath(path)
170 192 name = util.pconvert(repo)
171 193 if name.startswith(prefix):
172 194 name = name[len(prefix):]
173 195 repos.append((name.lstrip('/'), repo))
174 196
175 197 self.repos = repos
176 198 self.ui = u
177 199 encoding.encoding = self.ui.config('web', 'encoding')
178 200 self.style = self.ui.config('web', 'style')
179 201 self.templatepath = self.ui.config('web', 'templates', untrusted=False)
180 202 self.stripecount = self.ui.config('web', 'stripes')
181 203 if self.stripecount:
182 204 self.stripecount = int(self.stripecount)
183 205 self._baseurl = self.ui.config('web', 'baseurl')
184 206 prefix = self.ui.config('web', 'prefix')
185 207 if prefix.startswith('/'):
186 208 prefix = prefix[1:]
187 209 if prefix.endswith('/'):
188 210 prefix = prefix[:-1]
189 211 self.prefix = prefix
190 212 self.lastrefresh = time.time()
191 213
192 214 def run(self):
193 215 if not encoding.environ.get('GATEWAY_INTERFACE',
194 216 '').startswith("CGI/1."):
195 217 raise RuntimeError("This function is only intended to be "
196 218 "called while running as a CGI script.")
197 219 wsgicgi.launch(self)
198 220
199 221 def __call__(self, env, respond):
200 222 wsgireq = requestmod.wsgirequest(env, respond)
201 223 return self.run_wsgi(wsgireq)
202 224
203 def readallowed(self, ui, req):
204 """Check allow_read and deny_read config options of a repo's ui object
205 to determine user permissions. By default, with neither option set (or
206 both empty), allow all users to read the repo. There are two ways a
207 user can be denied read access: (1) deny_read is not empty, and the
208 user is unauthenticated or deny_read contains user (or *), and (2)
209 allow_read is not empty and the user is not in allow_read. Return True
210 if user is allowed to read the repo, else return False."""
211
212 user = req.remoteuser
213
214 deny_read = ui.configlist('web', 'deny_read', untrusted=True)
215 if deny_read and (not user or ismember(ui, user, deny_read)):
216 return False
217
218 allow_read = ui.configlist('web', 'allow_read', untrusted=True)
219 # by default, allow reading if no allow_read option has been set
220 if (not allow_read) or ismember(ui, user, allow_read):
221 return True
222
223 return False
224
225 225 def run_wsgi(self, wsgireq):
226 226 profile = self.ui.configbool('profiling', 'enabled')
227 227 with profiling.profile(self.ui, enabled=profile):
228 228 for r in self._runwsgi(wsgireq):
229 229 yield r
230 230
231 231 def _runwsgi(self, wsgireq):
232 232 req = wsgireq.req
233 233 res = wsgireq.res
234 234
235 235 try:
236 236 self.refresh()
237 237
238 238 csp, nonce = cspvalues(self.ui)
239 239 if csp:
240 240 res.headers['Content-Security-Policy'] = csp
241 241 wsgireq.headers.append(('Content-Security-Policy', csp))
242 242
243 243 virtual = wsgireq.env.get("PATH_INFO", "").strip('/')
244 244 tmpl = self.templater(wsgireq, nonce)
245 245 ctype = tmpl('mimetype', encoding=encoding.encoding)
246 246 ctype = templater.stringify(ctype)
247 247
248 248 # Global defaults. These can be overridden by any handler.
249 249 res.status = '200 Script output follows'
250 250 res.headers['Content-Type'] = ctype
251 251
252 252 # a static file
253 253 if virtual.startswith('static/') or 'static' in req.qsparams:
254 254 if virtual.startswith('static/'):
255 255 fname = virtual[7:]
256 256 else:
257 257 fname = req.qsparams['static']
258 258 static = self.ui.config("web", "static", None,
259 259 untrusted=False)
260 260 if not static:
261 261 tp = self.templatepath or templater.templatepaths()
262 262 if isinstance(tp, str):
263 263 tp = [tp]
264 264 static = [os.path.join(p, 'static') for p in tp]
265 265
266 266 staticfile(static, fname, res)
267 267 return res.sendresponse()
268 268
269 269 # top-level index
270 270
271 271 repos = dict(self.repos)
272 272
273 273 if (not virtual or virtual == 'index') and virtual not in repos:
274 274 wsgireq.respond(HTTP_OK, ctype)
275 275 return self.makeindex(wsgireq, tmpl)
276 276
277 277 # nested indexes and hgwebs
278 278
279 279 if virtual.endswith('/index') and virtual not in repos:
280 280 subdir = virtual[:-len('index')]
281 281 if any(r.startswith(subdir) for r in repos):
282 282 wsgireq.respond(HTTP_OK, ctype)
283 283 return self.makeindex(wsgireq, tmpl, subdir)
284 284
285 285 def _virtualdirs():
286 286 # Check the full virtual path, each parent, and the root ('')
287 287 if virtual != '':
288 288 yield virtual
289 289
290 290 for p in util.finddirs(virtual):
291 291 yield p
292 292
293 293 yield ''
294 294
295 295 for virtualrepo in _virtualdirs():
296 296 real = repos.get(virtualrepo)
297 297 if real:
298 298 wsgireq.env['REPO_NAME'] = virtualrepo
299 299 # We have to re-parse because of updated environment
300 300 # variable.
301 301 # TODO this is kind of hacky and we should have a better
302 302 # way of doing this than with REPO_NAME side-effects.
303 303 wsgireq.req = requestmod.parserequestfromenv(
304 304 wsgireq.env, wsgireq.req.bodyfh)
305 305 try:
306 306 # ensure caller gets private copy of ui
307 307 repo = hg.repository(self.ui.copy(), real)
308 308 return hgweb_mod.hgweb(repo).run_wsgi(wsgireq)
309 309 except IOError as inst:
310 310 msg = encoding.strtolocal(inst.strerror)
311 311 raise ErrorResponse(HTTP_SERVER_ERROR, msg)
312 312 except error.RepoError as inst:
313 313 raise ErrorResponse(HTTP_SERVER_ERROR, bytes(inst))
314 314
315 315 # browse subdirectories
316 316 subdir = virtual + '/'
317 317 if [r for r in repos if r.startswith(subdir)]:
318 318 wsgireq.respond(HTTP_OK, ctype)
319 319 return self.makeindex(wsgireq, tmpl, subdir)
320 320
321 321 # prefixes not found
322 322 wsgireq.respond(HTTP_NOT_FOUND, ctype)
323 323 return tmpl("notfound", repo=virtual)
324 324
325 325 except ErrorResponse as err:
326 326 wsgireq.respond(err, ctype)
327 327 return tmpl('error', error=err.message or '')
328 328 finally:
329 329 tmpl = None
330 330
331 331 def makeindex(self, wsgireq, tmpl, subdir=""):
332 332 req = wsgireq.req
333 333
334 334 def archivelist(ui, nodeid, url):
335 335 allowed = ui.configlist("web", "allow_archive", untrusted=True)
336 336 archives = []
337 337 for typ, spec in hgweb_mod.archivespecs.iteritems():
338 338 if typ in allowed or ui.configbool("web", "allow" + typ,
339 339 untrusted=True):
340 340 archives.append({"type": typ, "extension": spec[2],
341 341 "node": nodeid, "url": url})
342 342 return archives
343 343
344 344 def rawentries(subdir="", **map):
345 345
346 346 descend = self.ui.configbool('web', 'descend')
347 347 collapse = self.ui.configbool('web', 'collapse')
348 348 seenrepos = set()
349 349 seendirs = set()
350 350 for name, path in self.repos:
351 351
352 352 if not name.startswith(subdir):
353 353 continue
354 354 name = name[len(subdir):]
355 355 directory = False
356 356
357 357 if '/' in name:
358 358 if not descend:
359 359 continue
360 360
361 361 nameparts = name.split('/')
362 362 rootname = nameparts[0]
363 363
364 364 if not collapse:
365 365 pass
366 366 elif rootname in seendirs:
367 367 continue
368 368 elif rootname in seenrepos:
369 369 pass
370 370 else:
371 371 directory = True
372 372 name = rootname
373 373
374 374 # redefine the path to refer to the directory
375 375 discarded = '/'.join(nameparts[1:])
376 376
377 377 # remove name parts plus accompanying slash
378 378 path = path[:-len(discarded) - 1]
379 379
380 380 try:
381 381 r = hg.repository(self.ui, path)
382 382 directory = False
383 383 except (IOError, error.RepoError):
384 384 pass
385 385
386 386 parts = [name]
387 387 parts.insert(0, '/' + subdir.rstrip('/'))
388 388 if wsgireq.env['SCRIPT_NAME']:
389 389 parts.insert(0, wsgireq.env['SCRIPT_NAME'])
390 390 url = re.sub(r'/+', '/', '/'.join(parts) + '/')
391 391
392 392 # show either a directory entry or a repository
393 393 if directory:
394 394 # get the directory's time information
395 395 try:
396 396 d = (get_mtime(path), dateutil.makedate()[1])
397 397 except OSError:
398 398 continue
399 399
400 400 # add '/' to the name to make it obvious that
401 401 # the entry is a directory, not a regular repository
402 402 row = {'contact': "",
403 403 'contact_sort': "",
404 404 'name': name + '/',
405 405 'name_sort': name,
406 406 'url': url,
407 407 'description': "",
408 408 'description_sort': "",
409 409 'lastchange': d,
410 410 'lastchange_sort': d[1]-d[0],
411 411 'archives': [],
412 412 'isdirectory': True,
413 413 'labels': [],
414 414 }
415 415
416 416 seendirs.add(name)
417 417 yield row
418 418 continue
419 419
420 420 u = self.ui.copy()
421 421 try:
422 422 u.readconfig(os.path.join(path, '.hg', 'hgrc'))
423 423 except Exception as e:
424 424 u.warn(_('error reading %s/.hg/hgrc: %s\n') % (path, e))
425 425 continue
426 426 def get(section, name, default=uimod._unset):
427 427 return u.config(section, name, default, untrusted=True)
428 428
429 429 if u.configbool("web", "hidden", untrusted=True):
430 430 continue
431 431
432 if not self.readallowed(u, req):
432 if not readallowed(u, req):
433 433 continue
434 434
435 435 # update time with local timezone
436 436 try:
437 437 r = hg.repository(self.ui, path)
438 438 except IOError:
439 439 u.warn(_('error accessing repository at %s\n') % path)
440 440 continue
441 441 except error.RepoError:
442 442 u.warn(_('error accessing repository at %s\n') % path)
443 443 continue
444 444 try:
445 445 d = (get_mtime(r.spath), dateutil.makedate()[1])
446 446 except OSError:
447 447 continue
448 448
449 449 contact = get_contact(get)
450 450 description = get("web", "description")
451 451 seenrepos.add(name)
452 452 name = get("web", "name", name)
453 453 row = {'contact': contact or "unknown",
454 454 'contact_sort': contact.upper() or "unknown",
455 455 'name': name,
456 456 'name_sort': name,
457 457 'url': url,
458 458 'description': description or "unknown",
459 459 'description_sort': description.upper() or "unknown",
460 460 'lastchange': d,
461 461 'lastchange_sort': d[1]-d[0],
462 462 'archives': archivelist(u, "tip", url),
463 463 'isdirectory': None,
464 464 'labels': u.configlist('web', 'labels', untrusted=True),
465 465 }
466 466
467 467 yield row
468 468
469 469 sortdefault = None, False
470 470 def entries(sortcolumn="", descending=False, subdir="", **map):
471 471 rows = rawentries(subdir=subdir, **map)
472 472
473 473 if sortcolumn and sortdefault != (sortcolumn, descending):
474 474 sortkey = '%s_sort' % sortcolumn
475 475 rows = sorted(rows, key=lambda x: x[sortkey],
476 476 reverse=descending)
477 477 for row, parity in zip(rows, paritygen(self.stripecount)):
478 478 row['parity'] = parity
479 479 yield row
480 480
481 481 self.refresh()
482 482 sortable = ["name", "description", "contact", "lastchange"]
483 483 sortcolumn, descending = sortdefault
484 484 if 'sort' in req.qsparams:
485 485 sortcolumn = req.qsparams['sort']
486 486 descending = sortcolumn.startswith('-')
487 487 if descending:
488 488 sortcolumn = sortcolumn[1:]
489 489 if sortcolumn not in sortable:
490 490 sortcolumn = ""
491 491
492 492 sort = [("sort_%s" % column,
493 493 "%s%s" % ((not descending and column == sortcolumn)
494 494 and "-" or "", column))
495 495 for column in sortable]
496 496
497 497 self.refresh()
498 498 self.updatereqenv(wsgireq.env)
499 499
500 500 return tmpl("index", entries=entries, subdir=subdir,
501 501 pathdef=hgweb_mod.makebreadcrumb('/' + subdir, self.prefix),
502 502 sortcolumn=sortcolumn, descending=descending,
503 503 **dict(sort))
504 504
505 505 def templater(self, wsgireq, nonce):
506 506
507 507 def motd(**map):
508 508 if self.motd is not None:
509 509 yield self.motd
510 510 else:
511 511 yield config('web', 'motd')
512 512
513 513 def config(section, name, default=uimod._unset, untrusted=True):
514 514 return self.ui.config(section, name, default, untrusted)
515 515
516 516 self.updatereqenv(wsgireq.env)
517 517
518 518 url = wsgireq.env.get('SCRIPT_NAME', '')
519 519 if not url.endswith('/'):
520 520 url += '/'
521 521
522 522 vars = {}
523 523 styles, (style, mapfile) = hgweb_mod.getstyle(wsgireq.req, config,
524 524 self.templatepath)
525 525 if style == styles[0]:
526 526 vars['style'] = style
527 527
528 528 sessionvars = webutil.sessionvars(vars, r'?')
529 529 logourl = config('web', 'logourl')
530 530 logoimg = config('web', 'logoimg')
531 531 staticurl = config('web', 'staticurl') or url + 'static/'
532 532 if not staticurl.endswith('/'):
533 533 staticurl += '/'
534 534
535 535 defaults = {
536 536 "encoding": encoding.encoding,
537 537 "motd": motd,
538 538 "url": url,
539 539 "logourl": logourl,
540 540 "logoimg": logoimg,
541 541 "staticurl": staticurl,
542 542 "sessionvars": sessionvars,
543 543 "style": style,
544 544 "nonce": nonce,
545 545 }
546 546 tmpl = templater.templater.frommapfile(mapfile, defaults=defaults)
547 547 return tmpl
548 548
549 549 def updatereqenv(self, env):
550 550 if self._baseurl is not None:
551 551 name, port, path = geturlcgivars(self._baseurl, env['SERVER_PORT'])
552 552 env['SERVER_NAME'] = name
553 553 env['SERVER_PORT'] = port
554 554 env['SCRIPT_NAME'] = path
General Comments 0
You need to be logged in to leave comments. Login now