def archivelist(ui, nodeid, url): allowed = ui.configlist("web", "allow_archive", untrusted=True) for i in [('zip', '.zip'), ('gz', '.tar.gz'), ('bz2', '.tar.bz2')]: if i[0] in allowed or ui.configbool("web", "allow" + i[0], untrusted=True): yield {"type" : i[0], "extension": i[1], "node": nodeid, "url": url}
def get_config(ui, item): # type: (ui, str) -> Optional[str] try: # configlist returns everything in lists. return ui.configlist('zulip', item)[0] except IndexError: return None
def create_allowed(ui, req): """Check allow_create and deny_create config options of a repo's ui object to determine user permissions. By default, with neither option set (or both empty), deny all users to create new repos. There are two ways a user can be denied create access: (1) deny_create is not empty, and the user is unauthenticated or deny_create contains user (or *), and (2) allow_create is not empty and the user is not in allow_create. Return True if user is allowed to read the repo, else return False. This is modeled on (copied almost verbatim) hg's read_allowed function.""" user = req.env.get("REMOTE_USER") # enforce that you can only push using POST requests # if req.env['REQUEST_METHOD'] != 'POST': # msg = 'push requires POST request' # raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg) # require ssl by default for pushing, auth info cannot be sniffed # and replayed scheme = req.env.get("wsgi.url_scheme") if ui.configbool("web", "push_ssl", True) and scheme != "https": raise ErrorResponse(HTTP_FORBIDDEN, "ssl required") deny = ui.configlist("web", "deny_push") if deny and (not user or deny == ["*"] or user in deny): raise ErrorResponse(HTTP_UNAUTHORIZED, "push not authorized") allow = ui.configlist("web", "allow_push") result = allow and (allow == ["*"] or user in allow) if not result: raise ErrorResponse(HTTP_UNAUTHORIZED, "push not authorized") deny_create = ui.configlist("web", "deny_create", untrusted=True) if deny_create and (not user or deny_create == ["*"] or user in deny_create): raise ErrorResponse(HTTP_UNAUTHORIZED, "create not authorized") allow_create = ui.configlist("web", "allow_create", untrusted=True) result = (allow_create == ["*"]) or (user in allow_create) if not result: raise ErrorResponse(HTTP_UNAUTHORIZED, "create not authorized") return True
def archivelist(ui, nodeid, url): allowed = ui.configlist("web", "allow_archive", untrusted=True) for i in [('zip', '.zip'), ('gz', '.tar.gz'), ('bz2', '.tar.bz2')]: if i[0] in allowed or ui.configbool( "web", "allow" + i[0], untrusted=True): yield { "type": i[0], "extension": i[1], "node": nodeid, "url": url }
def read_allowed(self, ui, req): """Check allow_read and deny_read config options of a repo's ui object to determine user permissions. By default, with neither option set (or both empty), allow all users to read the repo. There are two ways a user can be denied read access: (1) deny_read is not empty, and the user is unauthenticated or deny_read contains user (or *), and (2) allow_read is not empty and the user is not in allow_read. Return True if user is allowed to read the repo, else return False.""" user = req.env.get('REMOTE_USER') deny_read = ui.configlist('web', 'deny_read', untrusted=True) if deny_read and (not user or ismember(ui, user, deny_read)): return False allow_read = ui.configlist('web', 'allow_read', untrusted=True) # by default, allow reading if no allow_read option has been set if (not allow_read) or ismember(ui, user, allow_read): return True return False
def _expandsubtrees(ui, subtrees): """Expand subtree aliases. Each string in subtrees that has a like-named config entry in the [trees] section is replaced by the right hand side of the config entry.""" l = [] for subtree in subtrees: if '/' in subtree: l += [subtree] else: cfglist = ui.configlist('trees', subtree) if cfglist: l += _expandsubtrees(ui, cfglist) else: l += [subtree] return l
def expandconfig(ui, repo, args, opts): """show recursively-expanded trees config items Config items in the [trees] section can be defined in terms of other items; this command shows the expanded value. returns 0 if at least one config item was found; otherwise returns 1. """ rc = 1 for item in args: rhs = ui.configlist('trees', item) if rhs: rc = 0 l = _expandsubtrees(ui, rhs) ui.write(' '.join(l)) ui.write('\n') return rc
def reposetup(ui, repo): # Pushing keys is disabled; unclear whether/how it should work. pushfunc = lambda *x: False x = [_nsnormalize(s) for s in ui.configlist('trees', 'namespaces', [])] try: for ns in [_ns(ui, {})] + x: pushkey.register(ns, pushfunc, genlistkeys(ns)) except exceptions.ImportError: # hg < 1.6 - no pushkey. def _listkeys(self, namespace): # trees are ordered, so the keys are the non-negative integers. d = {} i = 0 try: for line in self.opener(namespace): d[("%d" % i)] = line.rstrip('\n\r') i += 1 return d except: return {} setattr(type(repo), 'listkeys', _listkeys)
def reposetup(ui, repo): # Pushing keys is disabled; unclear whether/how it should work. pushfunc = lambda *x: False x = [_nsnormalize(s) for s in ui.configlist('trees', 'namespaces', [])] try: for ns in [_ns(ui, {})] + x: pushkey.register(ns, pushfunc, genlistkeys(ns)) except exceptions.ImportError: # hg < 1.6 - no pushkey. def _listkeys(self, namespace): # trees are ordered, so the keys are the non-negative integers. d = {} i = 0 try: for line in _repo_opener(self, namespace): d[("%d" % i)] = line.rstrip('\n\r') i += 1 return d except: return {} setattr(type(repo), 'listkeys', _listkeys)