def check_read_access(username, cvsrepo, cvspath):
# extract project unix name (group name) and fetch
# the group information from DB
path_elements = string.split(cvsrepo, '/')
group_name = path_elements[len(path_elements) - 1]
group_id = group.set_group_info_from_name(group_name)
# if the file path exists as such then it's a directory
# else add the ,v extension because it's a file
path = cvsrepo + '/' + cvspath
if not os.path.exists(path):
path = path + ',v'
# if file was removed, allow access anyway.
if not os.path.exists(path):
return True
mode = os.stat(path)[stat.ST_MODE]
mode_repo = os.stat(cvsrepo)[stat.ST_MODE]
#print "Content-type: text/html\n"
#print user.user_is_member(group_id, '0')
# A directory that is not world readable can only be viewed
# through viewvc if the user is a project member
# Since we only removes read access on top directory,
# we need to also check it.
if group_id and ((mode & stat.S_IROTH) == 0 or (mode_repo & stat.S_IROTH)
== 0) and not user.user_is_member(group_id, '0'):
return False
else:
return True
def check_read_access(username, svnrepo, svnpath):
if user.user_is_super_user():
return True
if user.user_is_restricted():
group_name = get_group_from_svnrepo_path(svnrepo)
group_id = group.set_group_info_from_name(group_name)
if not user.user_is_member(group_id):
return False
# make sure that usernames are lowercase
username = username.lower()
return __check_read_access_with_epel_viewvc(username, svnrepo, svnpath)
def check_read_access(username, svnrepo, svnpath):
# make sure that usernames are lowercase
username = get_name_for_svn_access(svnrepo, username)
if user.user_is_super_user():
return True
if user.user_is_restricted():
group_name = get_group_from_svnrepo_path(svnrepo)
group_id = group.set_group_info_from_name(group_name)
if not user.user_is_member(group_id):
return False
return __check_read_access_with_epel_viewvc(username, svnrepo, svnpath)
def check_read_access(username, svnrepo, svnpath):
global SVNACCESS, SVNGROUPS
# make sure that usernames are lowercase
username = get_name_for_svn_access(svnrepo, username)
#f = open('/tmp/viewvc.log', 'a');
#f.write(svnrepo+": "+username+"\n");
#f.close();
if user.user_is_super_user():
return True
if user.user_is_restricted():
path_elements = string.split(svnrepo,'/')
group_name = path_elements[len(path_elements)-1]
group_id = group.set_group_info_from_name(group_name)
if not user.user_is_member(group_id):
return False
if SVNACCESS is None:
fetch_access_file(svnrepo)
perm = ''
path = '/'+svnpath
while True:
if SVNACCESS.has_key(username) and SVNACCESS[username].has_key(path):
perm = SVNACCESS[username][path]
#print "match: SVNACCESS[",username,"][",path,"]",perm
break
elif SVNACCESS.has_key('*') and SVNACCESS['*'].has_key(path):
perm = SVNACCESS['*'][path]
#print "match: SVNACCESS[*][",path,"]",perm
break
else:
# see if it maches higher in the path
if path == '/': break
idx = string.rfind(path,'/')
if idx == 0:
path = '/'
else:
path = path[:idx]
if perm == 'r' or perm == 'rw':
return True
else:
return False
def check_read_access(username, svnrepo, svnpath):
global SVNACCESS, SVNGROUPS
# make sure that usernames are lowercase
username = get_name_for_svn_access(svnrepo, username)
#f = open('/tmp/viewvc.log', 'a');
#f.write(svnrepo+": "+username+"\n");
#f.close();
if user.user_is_super_user():
return True
if user.user_is_restricted():
path_elements = string.split(svnrepo, '/')
group_name = path_elements[len(path_elements) - 1]
group_id = group.set_group_info_from_name(group_name)
if not user.user_is_member(group_id):
return False
if SVNACCESS is None:
fetch_access_file(svnrepo)
perm = ''
path = '/' + svnpath
while True:
if SVNACCESS.has_key(username) and SVNACCESS[username].has_key(path):
perm = SVNACCESS[username][path]
#print "match: SVNACCESS[",username,"][",path,"]",perm
break
elif SVNACCESS.has_key('*') and SVNACCESS['*'].has_key(path):
perm = SVNACCESS['*'][path]
#print "match: SVNACCESS[*][",path,"]",perm
break
else:
# see if it maches higher in the path
if path == '/': break
idx = string.rfind(path, '/')
if idx == 0:
path = '/'
else:
path = path[:idx]
if perm == 'r' or perm == 'rw':
return True
else:
return False
def check_read_access(username, cvsrepo, cvspath):
# extract project unix name (group name) and fetch
# the group information from DB
path_elements = string.split(cvsrepo,'/')
group_name = path_elements[len(path_elements)-1]
group_id = group.set_group_info_from_name(group_name)
# if the file path exists as such then it's a directory
# else add the ,v extension because it's a file
path = cvsrepo+'/'+cvspath
if not os.path.exists(path):
path = path+',v'
# if file was removed, allow access anyway.
if not os.path.exists(path):
return True
mode = os.stat(path)[stat.ST_MODE]
mode_repo = os.stat(cvsrepo)[stat.ST_MODE]
#print "Content-type: text/html\n"
#print user.user_is_member(group_id, '0')
# A directory that is not world readable can only be viewed
# through viewvc if the user is a project member
# Since we only removes read access on top directory,
# we need to also check it.
if group_id and ((mode & stat.S_IROTH) == 0 or (mode_repo & stat.S_IROTH) == 0) and not user.user_is_member(group_id, '0'):
return False
else:
return True
