Mercurial > hg-stable
changeset 36883:02bea04b4c54
hgweb: transition permissions hooks to modern request type (API)
We're trying to remove ``wsgirequest``. The permissions hooks don't
do anything they can't do with our new request type. So let's
pass that in.
This was the last use of ``wsgirequest`` in the wire protocol code!
.. api::
hgweb.hgweb_mod.permhooks no longer take a ``wsgirequest`` instance
as an argument.
Differential Revision: https://phab.mercurial-scm.org/D2793
author | Gregory Szorc <gregory.szorc@gmail.com> |
---|---|
date | Sat, 10 Mar 2018 18:19:27 -0800 |
parents | 97f44b0720e2 |
children | ccb70a77f746 |
files | mercurial/hgweb/common.py mercurial/hgweb/hgweb_mod.py mercurial/wireprotoserver.py tests/test-http-bundle1.t tests/test-http.t tests/test-largefiles-wireproto.t |
diffstat | 6 files changed, 11 insertions(+), 13 deletions(-) [+] |
line wrap: on
line diff
--- a/mercurial/hgweb/common.py Sat Mar 10 20:16:20 2018 -0800 +++ b/mercurial/hgweb/common.py Sat Mar 10 18:19:27 2018 -0800 @@ -46,7 +46,7 @@ authentication info). Return if op allowed, else raise an ErrorResponse exception.''' - user = req.env.get(r'REMOTE_USER') + user = req.remoteuser deny_read = hgweb.configlist('web', 'deny_read') if deny_read and (not user or ismember(hgweb.repo.ui, user, deny_read)): @@ -62,14 +62,13 @@ return # enforce that you can only push using POST requests - if req.env[r'REQUEST_METHOD'] != r'POST': + if req.method != 'POST': msg = 'push requires POST request' raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg) # require ssl by default for pushing, auth info cannot be sniffed # and replayed - scheme = req.env.get('wsgi.url_scheme') - if hgweb.configbool('web', 'push_ssl') and scheme != 'https': + if hgweb.configbool('web', 'push_ssl') and req.urlscheme != 'https': raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required') deny = hgweb.configlist('web', 'deny_push')
--- a/mercurial/hgweb/hgweb_mod.py Sat Mar 10 20:16:20 2018 -0800 +++ b/mercurial/hgweb/hgweb_mod.py Sat Mar 10 18:19:27 2018 -0800 @@ -322,7 +322,7 @@ res.headers['Content-Security-Policy'] = rctx.csp handled = wireprotoserver.handlewsgirequest( - rctx, wsgireq, req, res, self.check_perm) + rctx, req, res, self.check_perm) if handled: return res.sendresponse() @@ -380,7 +380,7 @@ # check read permissions non-static content if cmd != 'static': - self.check_perm(rctx, wsgireq, None) + self.check_perm(rctx, req, None) if cmd == '': req.qsparams['cmd'] = tmpl.cache['default']
--- a/mercurial/wireprotoserver.py Sat Mar 10 20:16:20 2018 -0800 +++ b/mercurial/wireprotoserver.py Sat Mar 10 18:19:27 2018 -0800 @@ -148,13 +148,12 @@ def iscmd(cmd): return cmd in wireproto.commands -def handlewsgirequest(rctx, wsgireq, req, res, checkperm): +def handlewsgirequest(rctx, req, res, checkperm): """Possibly process a wire protocol request. If the current request is a wire protocol request, the request is processed by this function. - ``wsgireq`` is a ``wsgirequest`` instance. ``req`` is a ``parsedrequest`` instance. ``res`` is a ``wsgiresponse`` instance. @@ -197,7 +196,7 @@ return True proto = httpv1protocolhandler(req, repo.ui, - lambda perm: checkperm(rctx, wsgireq, perm)) + lambda perm: checkperm(rctx, req, perm)) # The permissions checker should be the only thing that can raise an # ErrorResponse. It is kind of a layer violation to catch an hgweb
--- a/tests/test-http-bundle1.t Sat Mar 10 20:16:20 2018 -0800 +++ b/tests/test-http-bundle1.t Sat Mar 10 18:19:27 2018 -0800 @@ -177,7 +177,7 @@ > import base64 > from mercurial.hgweb import common > def perform_authentication(hgweb, req, op): - > auth = req.env.get('HTTP_AUTHORIZATION') + > auth = req.headers.get('Authorization') > if not auth: > raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who', > [('WWW-Authenticate', 'Basic Realm="mercurial"')])
--- a/tests/test-http.t Sat Mar 10 20:16:20 2018 -0800 +++ b/tests/test-http.t Sat Mar 10 18:19:27 2018 -0800 @@ -168,7 +168,7 @@ > import base64 > from mercurial.hgweb import common > def perform_authentication(hgweb, req, op): - > auth = req.env.get('HTTP_AUTHORIZATION') + > auth = req.headers.get('Authorization') > if not auth: > raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who', > [('WWW-Authenticate', 'Basic Realm="mercurial"')]) @@ -510,7 +510,7 @@ > from mercurial import util > from mercurial.hgweb import common > def perform_authentication(hgweb, req, op): - > cookie = req.env.get('HTTP_COOKIE') + > cookie = req.headers.get('Cookie') > if not cookie: > raise common.ErrorResponse(common.HTTP_SERVER_ERROR, 'no-cookie') > raise common.ErrorResponse(common.HTTP_SERVER_ERROR, 'Cookie: %s' % cookie)
--- a/tests/test-largefiles-wireproto.t Sat Mar 10 20:16:20 2018 -0800 +++ b/tests/test-largefiles-wireproto.t Sat Mar 10 18:19:27 2018 -0800 @@ -424,7 +424,7 @@ > import base64 > from mercurial.hgweb import common > def perform_authentication(hgweb, req, op): - > auth = req.env.get('HTTP_AUTHORIZATION') + > auth = req.headers.get('Authorization') > if not auth: > raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who', > [('WWW-Authenticate', 'Basic Realm="mercurial"')])