def check_read_access(username, cvsrepo, cvspath): # extract project unix name (group name) and fetch # the group information from DB path_elements = string.split(cvsrepo,'/') group_name = path_elements[len(path_elements)-1] group_id = group.set_group_info_from_name(group_name) # if the file path exists as such then it's a directory # else add the ,v extension because it's a file path = cvsrepo+'/'+cvspath if not os.path.exists(path): path = path+',v' # if file was removed, allow access anyway. if not os.path.exists(path): return True mode = os.stat(path)[stat.ST_MODE] mode_repo = os.stat(cvsrepo)[stat.ST_MODE] #print "Content-type: text/html\n" #print user.user_is_member(group_id, '0') # A directory that is not world readable can only be viewed # through viewvc if the user is a project member # Since we only removes read access on top directory, # we need to also check it. if group_id and ((mode & stat.S_IROTH) == 0 or (mode_repo & stat.S_IROTH) == 0) and not user.user_is_member(group_id, '0'): return False else: return True
def check_read_access(username, cvsrepo, cvspath): # extract project unix name (group name) and fetch # the group information from DB path_elements = string.split(cvsrepo, '/') group_name = path_elements[len(path_elements) - 1] group_id = group.set_group_info_from_name(group_name) # if the file path exists as such then it's a directory # else add the ,v extension because it's a file path = cvsrepo + '/' + cvspath if not os.path.exists(path): path = path + ',v' # if file was removed, allow access anyway. if not os.path.exists(path): return True mode = os.stat(path)[stat.ST_MODE] mode_repo = os.stat(cvsrepo)[stat.ST_MODE] #print "Content-type: text/html\n" #print user.user_is_member(group_id, '0') # A directory that is not world readable can only be viewed # through viewvc if the user is a project member # Since we only removes read access on top directory, # we need to also check it. if group_id and ((mode & stat.S_IROTH) == 0 or (mode_repo & stat.S_IROTH) == 0) and not user.user_is_member(group_id, '0'): return False else: return True
def check_read_access(username, svnrepo, svnpath): if user.user_is_super_user(): return True if user.user_is_restricted(): group_name = get_group_from_svnrepo_path(svnrepo) group_id = group.set_group_info_from_name(group_name) if not user.user_is_member(group_id): return False # make sure that usernames are lowercase username = username.lower() return __check_read_access_with_epel_viewvc(username, svnrepo, svnpath)
def check_read_access(username, svnrepo, svnpath): # make sure that usernames are lowercase username = get_name_for_svn_access(svnrepo, username) if user.user_is_super_user(): return True if user.user_is_restricted(): group_name = get_group_from_svnrepo_path(svnrepo) group_id = group.set_group_info_from_name(group_name) if not user.user_is_member(group_id): return False return __check_read_access_with_epel_viewvc(username, svnrepo, svnpath)
def check_read_access(username, svnrepo, svnpath): global SVNACCESS, SVNGROUPS # make sure that usernames are lowercase username = get_name_for_svn_access(svnrepo, username) #f = open('/tmp/viewvc.log', 'a'); #f.write(svnrepo+": "+username+"\n"); #f.close(); if user.user_is_super_user(): return True if user.user_is_restricted(): path_elements = string.split(svnrepo,'/') group_name = path_elements[len(path_elements)-1] group_id = group.set_group_info_from_name(group_name) if not user.user_is_member(group_id): return False if SVNACCESS is None: fetch_access_file(svnrepo) perm = '' path = '/'+svnpath while True: if SVNACCESS.has_key(username) and SVNACCESS[username].has_key(path): perm = SVNACCESS[username][path] #print "match: SVNACCESS[",username,"][",path,"]",perm break elif SVNACCESS.has_key('*') and SVNACCESS['*'].has_key(path): perm = SVNACCESS['*'][path] #print "match: SVNACCESS[*][",path,"]",perm break else: # see if it maches higher in the path if path == '/': break idx = string.rfind(path,'/') if idx == 0: path = '/' else: path = path[:idx] if perm == 'r' or perm == 'rw': return True else: return False
def check_read_access(username, svnrepo, svnpath): global SVNACCESS, SVNGROUPS # make sure that usernames are lowercase username = get_name_for_svn_access(svnrepo, username) #f = open('/tmp/viewvc.log', 'a'); #f.write(svnrepo+": "+username+"\n"); #f.close(); if user.user_is_super_user(): return True if user.user_is_restricted(): path_elements = string.split(svnrepo, '/') group_name = path_elements[len(path_elements) - 1] group_id = group.set_group_info_from_name(group_name) if not user.user_is_member(group_id): return False if SVNACCESS is None: fetch_access_file(svnrepo) perm = '' path = '/' + svnpath while True: if SVNACCESS.has_key(username) and SVNACCESS[username].has_key(path): perm = SVNACCESS[username][path] #print "match: SVNACCESS[",username,"][",path,"]",perm break elif SVNACCESS.has_key('*') and SVNACCESS['*'].has_key(path): perm = SVNACCESS['*'][path] #print "match: SVNACCESS[*][",path,"]",perm break else: # see if it maches higher in the path if path == '/': break idx = string.rfind(path, '/') if idx == 0: path = '/' else: path = path[:idx] if perm == 'r' or perm == 'rw': return True else: return False