hgext/acl.py
author Gregory Szorc <gregory.szorc@gmail.com>
Sat, 25 Jun 2016 07:26:43 -0700
changeset 29411 e1778b9c8d53
parent 28883 032c4c2f802a
child 29841 d5883fd055c6
permissions -rw-r--r--
sslutil: abort when unable to verify peer connection (BC) Previously, when we connected to a server and were unable to verify its certificate against a trusted certificate authority we would issue a warning and continue to connect. This is obviously not great behavior because the x509 certificate model is based upon trust of specific CAs. Failure to enforce that trust erodes security. This behavior was defined several years ago when Python did not support loading the system trusted CA store (Python 2.7.9's backports of Python 3's improvements to the "ssl" module enabled this). This commit changes behavior when connecting to abort if the peer certificate can't be validated. With an empty/default Mercurial configuration, the peer certificate can be validated if Python is able to load the system trusted CA store. Environments able to load the system trusted CA store include: * Python 2.7.9+ on most platforms and installations * Python 2.7 distributions with a modern ssl module (e.g. RHEL7's patched 2.7.5 package) * Python shipped on OS X Environments unable to load the system trusted CA store include: * Python 2.6 * Python 2.7 on many existing Linux installs (because they don't ship 2.7.9+ or haven't backported modern ssl module) * Python 2.7.9+ on some installs where Python is unable to locate the system CA store (this is hopefully rare) Users of these Pythongs will need to configure Mercurial to load the system CA store using web.cacerts. This should ideally be performed by packagers (by setting web.cacerts in the global/system hgrc file). Where Mercurial packagers aren't setting this, the linked URL in the new abort message can contain instructions for users. In the future, we may want to add more code for finding the system CA store. For example, many Linux distributions have the CA store at well-known locations (such as /etc/ssl/certs/ca-certificates.crt in the case of Ubuntu). This will enable CA loading to "just work" on more Python configurations and will be best for our users since they won't have to change anything after upgrading to a Mercurial with this patch. We may also want to consider distributing a trusted CA store with Mercurial. Although we should think long and hard about that because most systems have a global CA store and Mercurial should almost certainly use the same store used by everything else on the system.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
2344
ae12e5a2c4a3 add acl extension, to limit who can push to subdirs of central repo.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
     1
# acl.py - changeset access control for mercurial
ae12e5a2c4a3 add acl extension, to limit who can push to subdirs of central repo.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
     2
#
ae12e5a2c4a3 add acl extension, to limit who can push to subdirs of central repo.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
     3
# Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
ae12e5a2c4a3 add acl extension, to limit who can push to subdirs of central repo.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
     4
#
8225
46293a0c7e9f updated license to be explicit about GPL version 2
Martin Geisler <mg@lazybytes.net>
parents: 8142
diff changeset
     5
# This software may be used and distributed according to the terms of the
10263
25e572394f5c Update license to GPLv2+
Matt Mackall <mpm@selenic.com>
parents: 10112
diff changeset
     6
# GNU General Public License version 2 or any later version.
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
     7
8935
f4f0e902b750 extensions: change descriptions for hook-providing extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8894
diff changeset
     8
'''hooks for controlling repository access
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
     9
11095
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    10
This hook makes it possible to allow or deny write access to given
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    11
branches and paths of a repository when receiving incoming changesets
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    12
via pretxnchangegroup and pretxncommit.
9250
00986b9ed649 acl: wrap docstrings at 70 characters
Martin Geisler <mg@lazybytes.net>
parents: 9201
diff changeset
    13
00986b9ed649 acl: wrap docstrings at 70 characters
Martin Geisler <mg@lazybytes.net>
parents: 9201
diff changeset
    14
The authorization is matched based on the local user name on the
00986b9ed649 acl: wrap docstrings at 70 characters
Martin Geisler <mg@lazybytes.net>
parents: 9201
diff changeset
    15
system where the hook runs, and not the committer of the original
00986b9ed649 acl: wrap docstrings at 70 characters
Martin Geisler <mg@lazybytes.net>
parents: 9201
diff changeset
    16
changeset (since the latter is merely informative).
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
    17
9250
00986b9ed649 acl: wrap docstrings at 70 characters
Martin Geisler <mg@lazybytes.net>
parents: 9201
diff changeset
    18
The acl hook is best used along with a restricted shell like hgsh,
11095
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    19
preventing authenticating users from doing anything other than pushing
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    20
or pulling. The hook is not safe to use if users have interactive
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    21
shell access, as they can then disable the hook. Nor is it safe if
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    22
remote users share an account, because then there is no way to
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    23
distinguish them.
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
    24
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
    25
The order in which access checks are performed is:
11094
c7adea82d495 acl: fix reST syntax
Martin Geisler <mg@aragost.com>
parents: 11092
diff changeset
    26
c7adea82d495 acl: fix reST syntax
Martin Geisler <mg@aragost.com>
parents: 11092
diff changeset
    27
1) Deny  list for branches (section ``acl.deny.branches``)
c7adea82d495 acl: fix reST syntax
Martin Geisler <mg@aragost.com>
parents: 11092
diff changeset
    28
2) Allow list for branches (section ``acl.allow.branches``)
c7adea82d495 acl: fix reST syntax
Martin Geisler <mg@aragost.com>
parents: 11092
diff changeset
    29
3) Deny  list for paths    (section ``acl.deny``)
c7adea82d495 acl: fix reST syntax
Martin Geisler <mg@aragost.com>
parents: 11092
diff changeset
    30
4) Allow list for paths    (section ``acl.allow``)
11042
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
    31
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
    32
The allow and deny sections take key-value pairs.
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
    33
11094
c7adea82d495 acl: fix reST syntax
Martin Geisler <mg@aragost.com>
parents: 11092
diff changeset
    34
Branch-based Access Control
17267
979b107eaea2 doc: unify section level between help topics
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 16957
diff changeset
    35
---------------------------
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
    36
11095
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    37
Use the ``acl.deny.branches`` and ``acl.allow.branches`` sections to
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    38
have branch-based access control. Keys in these sections can be
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    39
either:
11057
7f0796a0b35c acl: fix ReST syntax in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11042
diff changeset
    40
11095
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    41
- a branch name, or
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    42
- an asterisk, to match any branch;
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
    43
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
    44
The corresponding values can be either:
11094
c7adea82d495 acl: fix reST syntax
Martin Geisler <mg@aragost.com>
parents: 11092
diff changeset
    45
11095
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    46
- a comma-separated list containing users and groups, or
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    47
- an asterisk, to match anyone;
11042
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
    48
16957
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
    49
You can add the "!" prefix to a user or group name to invert the sense
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
    50
of the match.
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
    51
11094
c7adea82d495 acl: fix reST syntax
Martin Geisler <mg@aragost.com>
parents: 11092
diff changeset
    52
Path-based Access Control
17267
979b107eaea2 doc: unify section level between help topics
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 16957
diff changeset
    53
-------------------------
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
    54
11095
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    55
Use the ``acl.deny`` and ``acl.allow`` sections to have path-based
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    56
access control. Keys in these sections accept a subtree pattern (with
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    57
a glob syntax by default). The corresponding values follow the same
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    58
syntax as the other sections above.
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
    59
11094
c7adea82d495 acl: fix reST syntax
Martin Geisler <mg@aragost.com>
parents: 11092
diff changeset
    60
Groups
17267
979b107eaea2 doc: unify section level between help topics
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 16957
diff changeset
    61
------
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
    62
11095
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    63
Group names must be prefixed with an ``@`` symbol. Specifying a group
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    64
name has the same effect as specifying all the users in that group.
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
    65
11115
b3d5619f1f2b acl: update docstring to describe section [acl.groups]
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11114
diff changeset
    66
You can define group members in the ``acl.groups`` section.
b3d5619f1f2b acl: update docstring to describe section [acl.groups]
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11114
diff changeset
    67
If a group name is not defined there, and Mercurial is running under
b3d5619f1f2b acl: update docstring to describe section [acl.groups]
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11114
diff changeset
    68
a Unix-like system, the list of users will be taken from the OS.
b3d5619f1f2b acl: update docstring to describe section [acl.groups]
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11114
diff changeset
    69
Otherwise, an exception will be raised.
b3d5619f1f2b acl: update docstring to describe section [acl.groups]
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11114
diff changeset
    70
11094
c7adea82d495 acl: fix reST syntax
Martin Geisler <mg@aragost.com>
parents: 11092
diff changeset
    71
Example Configuration
17267
979b107eaea2 doc: unify section level between help topics
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 16957
diff changeset
    72
---------------------
11094
c7adea82d495 acl: fix reST syntax
Martin Geisler <mg@aragost.com>
parents: 11092
diff changeset
    73
c7adea82d495 acl: fix reST syntax
Martin Geisler <mg@aragost.com>
parents: 11092
diff changeset
    74
::
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
    75
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
    76
  [hooks]
11042
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
    77
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
    78
  # Use this if you want to check access restrictions at commit time
11042
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
    79
  pretxncommit.acl = python:hgext.acl.hook
11423
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
    80
11095
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    81
  # Use this if you want to check access restrictions for pull, push,
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
    82
  # bundle and serve.
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
    83
  pretxnchangegroup.acl = python:hgext.acl.hook
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
    84
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
    85
  [acl]
11131
0b6fd18ab8af acl: clarify acl.sources, fix typo
Patrick Mezard <pmezard@gmail.com>
parents: 11115
diff changeset
    86
  # Allow or deny access for incoming changes only if their source is
0b6fd18ab8af acl: clarify acl.sources, fix typo
Patrick Mezard <pmezard@gmail.com>
parents: 11115
diff changeset
    87
  # listed here, let them pass otherwise. Source is "serve" for all
0b6fd18ab8af acl: clarify acl.sources, fix typo
Patrick Mezard <pmezard@gmail.com>
parents: 11115
diff changeset
    88
  # remote access (http or ssh), "push", "pull" or "bundle" when the
0b6fd18ab8af acl: clarify acl.sources, fix typo
Patrick Mezard <pmezard@gmail.com>
parents: 11115
diff changeset
    89
  # related commands are run locally.
0b6fd18ab8af acl: clarify acl.sources, fix typo
Patrick Mezard <pmezard@gmail.com>
parents: 11115
diff changeset
    90
  # Default: serve
8893
cc0593af30d4 acl: help improvements
Cédric Duval <cedricduval@free.fr>
parents: 8873
diff changeset
    91
  sources = serve
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
    92
11423
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
    93
  [acl.deny.branches]
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
    94
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
    95
  # Everyone is denied to the frozen branch:
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
    96
  frozen-branch = *
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
    97
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
    98
  # A bad user is denied on all branches:
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
    99
  * = bad-user
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   100
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   101
  [acl.allow.branches]
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   102
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   103
  # A few users are allowed on branch-a:
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   104
  branch-a = user-1, user-2, user-3
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   105
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   106
  # Only one user is allowed on branch-b:
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   107
  branch-b = user-1
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   108
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   109
  # The super user is allowed on any branch:
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   110
  * = super-user
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   111
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   112
  # Everyone is allowed on branch-for-tests:
776f9784b34b acl: delete trailing whitespace in docstring
Martin Geisler <mg@lazybytes.net>
parents: 11140
diff changeset
   113
  branch-for-tests = *
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   114
11042
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   115
  [acl.deny]
11095
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
   116
  # This list is checked first. If a match is found, acl.allow is not
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
   117
  # checked. All users are granted access if acl.deny is not present.
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
   118
  # Format for both lists: glob pattern = user, ..., @group, ...
11042
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   119
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   120
  # To match everyone, use an asterisk for the user:
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   121
  # my/glob/pattern = *
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   122
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   123
  # user6 will not have write access to any file:
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   124
  ** = user6
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   125
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   126
  # Group "hg-denied" will not have write access to any file:
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   127
  ** = @hg-denied
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   128
17537
31f32a96e1e3 Merge spelling fixes
Bryan O'Sullivan <bryano@fb.com>
parents: 17487
diff changeset
   129
  # Nobody will be able to change "DONT-TOUCH-THIS.txt", despite
11095
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
   130
  # everyone being able to change all other files. See below.
17537
31f32a96e1e3 Merge spelling fixes
Bryan O'Sullivan <bryano@fb.com>
parents: 17487
diff changeset
   131
  src/main/resources/DONT-TOUCH-THIS.txt = *
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
   132
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
   133
  [acl.allow]
11131
0b6fd18ab8af acl: clarify acl.sources, fix typo
Patrick Mezard <pmezard@gmail.com>
parents: 11115
diff changeset
   134
  # if acl.allow is not present, all users are allowed by default
11042
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   135
  # empty acl.allow = no users allowed
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   136
11095
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
   137
  # User "doc_writer" has write access to any file under the "docs"
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
   138
  # folder:
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
   139
  docs/** = doc_writer
11042
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   140
11095
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
   141
  # User "jack" and group "designers" have write access to any file
d56124931909 acl: more consistent docstring
Martin Geisler <mg@aragost.com>
parents: 11094
diff changeset
   142
  # under the "images" folder:
11042
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   143
  images/** = jack, @designers
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   144
16499
0b463f52b948 doc: fix explanation comment in acl extension
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 15207
diff changeset
   145
  # Everyone (except for "user6" and "@hg-denied" - see acl.deny above)
0b463f52b948 doc: fix explanation comment in acl extension
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 15207
diff changeset
   146
  # will have write access to any file under the "resources" folder
0b463f52b948 doc: fix explanation comment in acl extension
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 15207
diff changeset
   147
  # (except for 1 file. See acl.deny):
11042
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   148
  src/main/resources/** = *
d82f3651cd13 acl: updated doc string to reflect recent changes
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11041
diff changeset
   149
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
   150
  .hgtags = release_engineer
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
   151
16957
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   152
Examples using the "!" prefix
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   153
.............................
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   154
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   155
Suppose there's a branch that only a given user (or group) should be able to
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   156
push to, and you don't want to restrict access to any other branch that may
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   157
be created.
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   158
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   159
The "!" prefix allows you to prevent anyone except a given user or group to
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   160
push changesets in a given branch or path.
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   161
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   162
In the examples below, we will:
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   163
1) Deny access to branch "ring" to anyone but user "gollum"
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   164
2) Deny access to branch "lake" to anyone but members of the group "hobbit"
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   165
3) Deny access to a file to anyone but user "gollum"
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   166
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   167
::
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   168
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   169
  [acl.allow.branches]
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   170
  # Empty
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   171
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   172
  [acl.deny.branches]
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   173
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   174
  # 1) only 'gollum' can commit to branch 'ring';
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   175
  # 'gollum' and anyone else can still commit to any other branch.
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   176
  ring = !gollum
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   177
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   178
  # 2) only members of the group 'hobbit' can commit to branch 'lake';
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   179
  # 'hobbit' members and anyone else can still commit to any other branch.
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   180
  lake = !@hobbit
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   181
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   182
  # You can also deny access based on file paths:
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   183
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   184
  [acl.allow]
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   185
  # Empty
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   186
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   187
  [acl.deny]
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   188
  # 3) only 'gollum' can change the file below;
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   189
  # 'gollum' and anyone else can still change any other file.
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   190
  /misty/mountains/cave/ring = !gollum
d7b608149f6c acl: user docs for the "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16956
diff changeset
   191
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8846
diff changeset
   192
'''
2344
ae12e5a2c4a3 add acl extension, to limit who can push to subdirs of central repo.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
   193
28089
a1163ee26e4a acl: use absolute_import
Gregory Szorc <gregory.szorc@gmail.com>
parents: 26587
diff changeset
   194
from __future__ import absolute_import
a1163ee26e4a acl: use absolute_import
Gregory Szorc <gregory.szorc@gmail.com>
parents: 26587
diff changeset
   195
a1163ee26e4a acl: use absolute_import
Gregory Szorc <gregory.szorc@gmail.com>
parents: 26587
diff changeset
   196
import getpass
a1163ee26e4a acl: use absolute_import
Gregory Szorc <gregory.szorc@gmail.com>
parents: 26587
diff changeset
   197
3891
6b4127c7d52a Simplify i18n imports
Matt Mackall <mpm@selenic.com>
parents: 3877
diff changeset
   198
from mercurial.i18n import _
28089
a1163ee26e4a acl: use absolute_import
Gregory Szorc <gregory.szorc@gmail.com>
parents: 26587
diff changeset
   199
from mercurial import (
a1163ee26e4a acl: use absolute_import
Gregory Szorc <gregory.szorc@gmail.com>
parents: 26587
diff changeset
   200
    error,
a1163ee26e4a acl: use absolute_import
Gregory Szorc <gregory.szorc@gmail.com>
parents: 26587
diff changeset
   201
    match,
a1163ee26e4a acl: use absolute_import
Gregory Szorc <gregory.szorc@gmail.com>
parents: 26587
diff changeset
   202
    util,
a1163ee26e4a acl: use absolute_import
Gregory Szorc <gregory.szorc@gmail.com>
parents: 26587
diff changeset
   203
)
11041
623fe42a649e acl: add support for OS-level groups using @group syntax
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10955
diff changeset
   204
28883
032c4c2f802a pycompat: switch to util.urlreq/util.urlerr for py3 compat
timeless <timeless@mozdev.org>
parents: 28089
diff changeset
   205
urlreq = util.urlreq
032c4c2f802a pycompat: switch to util.urlreq/util.urlerr for py3 compat
timeless <timeless@mozdev.org>
parents: 28089
diff changeset
   206
25186
80c5b2666a96 extensions: document that `testedwith = 'internal'` is special
Augie Fackler <augie@google.com>
parents: 19872
diff changeset
   207
# Note for extension authors: ONLY specify testedwith = 'internal' for
80c5b2666a96 extensions: document that `testedwith = 'internal'` is special
Augie Fackler <augie@google.com>
parents: 19872
diff changeset
   208
# extensions which SHIP WITH MERCURIAL. Non-mainline extensions should
80c5b2666a96 extensions: document that `testedwith = 'internal'` is special
Augie Fackler <augie@google.com>
parents: 19872
diff changeset
   209
# be specifying the version(s) of Mercurial they are tested with, or
80c5b2666a96 extensions: document that `testedwith = 'internal'` is special
Augie Fackler <augie@google.com>
parents: 19872
diff changeset
   210
# leave the attribute unspecified.
16743
38caf405d010 hgext: mark all first-party extensions as such
Augie Fackler <raf@durin42.com>
parents: 16499
diff changeset
   211
testedwith = 'internal'
38caf405d010 hgext: mark all first-party extensions as such
Augie Fackler <raf@durin42.com>
parents: 16499
diff changeset
   212
11114
62714143742f acl: support for group definitions in section [acl.groups], which take precedence over OS-level groups
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11095
diff changeset
   213
def _getusers(ui, group):
62714143742f acl: support for group definitions in section [acl.groups], which take precedence over OS-level groups
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11095
diff changeset
   214
62714143742f acl: support for group definitions in section [acl.groups], which take precedence over OS-level groups
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11095
diff changeset
   215
    # First, try to use group definition from section [acl.groups]
62714143742f acl: support for group definitions in section [acl.groups], which take precedence over OS-level groups
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11095
diff changeset
   216
    hgrcusers = ui.configlist('acl.groups', group)
62714143742f acl: support for group definitions in section [acl.groups], which take precedence over OS-level groups
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11095
diff changeset
   217
    if hgrcusers:
62714143742f acl: support for group definitions in section [acl.groups], which take precedence over OS-level groups
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11095
diff changeset
   218
        return hgrcusers
62714143742f acl: support for group definitions in section [acl.groups], which take precedence over OS-level groups
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11095
diff changeset
   219
62714143742f acl: support for group definitions in section [acl.groups], which take precedence over OS-level groups
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11095
diff changeset
   220
    ui.debug('acl: "%s" not defined in [acl.groups]\n' % group)
62714143742f acl: support for group definitions in section [acl.groups], which take precedence over OS-level groups
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11095
diff changeset
   221
    # If no users found in group definition, get users from OS-level group
11140
1f26cf0a3663 acl: improve undefined group error handling
Patrick Mezard <pmezard@gmail.com>
parents: 11138
diff changeset
   222
    try:
1f26cf0a3663 acl: improve undefined group error handling
Patrick Mezard <pmezard@gmail.com>
parents: 11138
diff changeset
   223
        return util.groupmembers(group)
1f26cf0a3663 acl: improve undefined group error handling
Patrick Mezard <pmezard@gmail.com>
parents: 11138
diff changeset
   224
    except KeyError:
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25792
diff changeset
   225
        raise error.Abort(_("group '%s' is undefined") % group)
11041
623fe42a649e acl: add support for OS-level groups using @group syntax
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10955
diff changeset
   226
11114
62714143742f acl: support for group definitions in section [acl.groups], which take precedence over OS-level groups
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11095
diff changeset
   227
def _usermatch(ui, user, usersorgroups):
11041
623fe42a649e acl: add support for OS-level groups using @group syntax
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10955
diff changeset
   228
623fe42a649e acl: add support for OS-level groups using @group syntax
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10955
diff changeset
   229
    if usersorgroups == '*':
623fe42a649e acl: add support for OS-level groups using @group syntax
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10955
diff changeset
   230
        return True
623fe42a649e acl: add support for OS-level groups using @group syntax
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10955
diff changeset
   231
623fe42a649e acl: add support for OS-level groups using @group syntax
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10955
diff changeset
   232
    for ug in usersorgroups.replace(',', ' ').split():
16956
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   233
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   234
        if ug.startswith('!'):
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   235
            # Test for excluded user or group. Format:
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   236
            # if ug is a user  name: !username
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   237
            # if ug is a group name: !@groupname
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   238
            ug = ug[1:]
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   239
            if not ug.startswith('@') and user != ug \
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   240
                or ug.startswith('@') and user not in _getusers(ui, ug[1:]):
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   241
                return True
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   242
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   243
        # Test for user or group. Format:
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   244
        # if ug is a user  name: username
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   245
        # if ug is a group name: @groupname
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   246
        elif user == ug \
c49cf339b5bb acl: use of "!" prefix in user or group names
Elifarley Callado Coelho Cruz
parents: 16767
diff changeset
   247
             or ug.startswith('@') and user in _getusers(ui, ug[1:]):
11041
623fe42a649e acl: add support for OS-level groups using @group syntax
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10955
diff changeset
   248
            return True
623fe42a649e acl: add support for OS-level groups using @group syntax
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10955
diff changeset
   249
623fe42a649e acl: add support for OS-level groups using @group syntax
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10955
diff changeset
   250
    return False
2344
ae12e5a2c4a3 add acl extension, to limit who can push to subdirs of central repo.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
   251
6766
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   252
def buildmatch(ui, repo, user, key):
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   253
    '''return tuple of (match function, list enabled).'''
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   254
    if not ui.has_section(key):
9467
4c041f1ee1b4 do not attempt to translate ui.debug output
Martin Geisler <mg@lazybytes.net>
parents: 9250
diff changeset
   255
        ui.debug('acl: %s not enabled\n' % key)
6766
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   256
        return None
2344
ae12e5a2c4a3 add acl extension, to limit who can push to subdirs of central repo.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
   257
6766
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   258
    pats = [pat for pat, users in ui.configitems(key)
11114
62714143742f acl: support for group definitions in section [acl.groups], which take precedence over OS-level groups
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11095
diff changeset
   259
            if _usermatch(ui, user, users)]
9467
4c041f1ee1b4 do not attempt to translate ui.debug output
Martin Geisler <mg@lazybytes.net>
parents: 9250
diff changeset
   260
    ui.debug('acl: %s enabled, %d entries for user %s\n' %
6766
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   261
             (key, len(pats), user))
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   262
16765
754e98e0a615 acl: added some comments to easily identify branch- and path-based verifications
Elifarley Callado Coelho Cruz
parents: 16764
diff changeset
   263
    # Branch-based ACL
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   264
    if not repo:
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   265
        if pats:
16766
9d778f80ad2a acl: perform some computations earlier, so that returned lambda functions are simpler
Elifarley Callado Coelho Cruz
parents: 16765
diff changeset
   266
            # If there's an asterisk (meaning "any branch"), always return True;
9d778f80ad2a acl: perform some computations earlier, so that returned lambda functions are simpler
Elifarley Callado Coelho Cruz
parents: 16765
diff changeset
   267
            # Otherwise, test if b is in pats
9d778f80ad2a acl: perform some computations earlier, so that returned lambda functions are simpler
Elifarley Callado Coelho Cruz
parents: 16765
diff changeset
   268
            if '*' in pats:
9d778f80ad2a acl: perform some computations earlier, so that returned lambda functions are simpler
Elifarley Callado Coelho Cruz
parents: 16765
diff changeset
   269
                return util.always
9d778f80ad2a acl: perform some computations earlier, so that returned lambda functions are simpler
Elifarley Callado Coelho Cruz
parents: 16765
diff changeset
   270
            return lambda b: b in pats
16764
ffb68b9dbaa9 acl: 'util.never' used
Elifarley Callado Coelho Cruz
parents: 16763
diff changeset
   271
        return util.never
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   272
16765
754e98e0a615 acl: added some comments to easily identify branch- and path-based verifications
Elifarley Callado Coelho Cruz
parents: 16764
diff changeset
   273
    # Path-based ACL
6766
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   274
    if pats:
8567
fea40a677d43 match: add some default args
Matt Mackall <mpm@selenic.com>
parents: 8566
diff changeset
   275
        return match.match(repo.root, '', pats)
16767
363bde4224c8 acl: 'util.never' can be used instead of a more complex expression
Elifarley Callado Coelho Cruz
parents: 16766
diff changeset
   276
    return util.never
2344
ae12e5a2c4a3 add acl extension, to limit who can push to subdirs of central repo.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
   277
ae12e5a2c4a3 add acl extension, to limit who can push to subdirs of central repo.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
   278
def hook(ui, repo, hooktype, node=None, source=None, **kwargs):
10955
470a6ace7574 Added support for 'pretxncommit', so that one can call the ACL hook at
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10801
diff changeset
   279
    if hooktype not in ['pretxnchangegroup', 'pretxncommit']:
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25792
diff changeset
   280
        raise error.Abort(_('config error - hook type "%s" cannot stop '
10955
470a6ace7574 Added support for 'pretxncommit', so that one can call the ACL hook at
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10801
diff changeset
   281
                           'incoming changesets nor commits') % hooktype)
470a6ace7574 Added support for 'pretxncommit', so that one can call the ACL hook at
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10801
diff changeset
   282
    if (hooktype == 'pretxnchangegroup' and
470a6ace7574 Added support for 'pretxncommit', so that one can call the ACL hook at
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 10801
diff changeset
   283
        source not in ui.config('acl', 'sources', 'serve').split()):
9467
4c041f1ee1b4 do not attempt to translate ui.debug output
Martin Geisler <mg@lazybytes.net>
parents: 9250
diff changeset
   284
        ui.debug('acl: changes have source "%s" - skipping\n' % source)
2344
ae12e5a2c4a3 add acl extension, to limit who can push to subdirs of central repo.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
   285
        return
ae12e5a2c4a3 add acl extension, to limit who can push to subdirs of central repo.
Vadim Gelfer <vadim.gelfer@gmail.com>
parents:
diff changeset
   286
8846
b30775386d40 acl: support for getting authenticated user from web server (issue298)
Henrik Stuart <hg@hstuart.dk>
parents: 8682
diff changeset
   287
    user = None
b30775386d40 acl: support for getting authenticated user from web server (issue298)
Henrik Stuart <hg@hstuart.dk>
parents: 8682
diff changeset
   288
    if source == 'serve' and 'url' in kwargs:
b30775386d40 acl: support for getting authenticated user from web server (issue298)
Henrik Stuart <hg@hstuart.dk>
parents: 8682
diff changeset
   289
        url = kwargs['url'].split(':')
b30775386d40 acl: support for getting authenticated user from web server (issue298)
Henrik Stuart <hg@hstuart.dk>
parents: 8682
diff changeset
   290
        if url[0] == 'remote' and url[1].startswith('http'):
28883
032c4c2f802a pycompat: switch to util.urlreq/util.urlerr for py3 compat
timeless <timeless@mozdev.org>
parents: 28089
diff changeset
   291
            user = urlreq.unquote(url[3])
8846
b30775386d40 acl: support for getting authenticated user from web server (issue298)
Henrik Stuart <hg@hstuart.dk>
parents: 8682
diff changeset
   292
b30775386d40 acl: support for getting authenticated user from web server (issue298)
Henrik Stuart <hg@hstuart.dk>
parents: 8682
diff changeset
   293
    if user is None:
b30775386d40 acl: support for getting authenticated user from web server (issue298)
Henrik Stuart <hg@hstuart.dk>
parents: 8682
diff changeset
   294
        user = getpass.getuser()
b30775386d40 acl: support for getting authenticated user from web server (issue298)
Henrik Stuart <hg@hstuart.dk>
parents: 8682
diff changeset
   295
15207
0f7f9f06c759 acl: more descriptive error messages
Elifarley Callado Coelho Cruz
parents: 12778
diff changeset
   296
    ui.debug('acl: checking access for user "%s"\n' % user)
0f7f9f06c759 acl: more descriptive error messages
Elifarley Callado Coelho Cruz
parents: 12778
diff changeset
   297
25792
dd166d42e7b2 acl: mark deprecated config option
Matt Mackall <mpm@selenic.com>
parents: 25186
diff changeset
   298
    # deprecated config: acl.config
6766
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   299
    cfg = ui.config('acl', 'config')
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   300
    if cfg:
19872
681f7b9213a4 check-code: check for spaces around = for named parameters
Mads Kiilerich <madski@unity3d.com>
parents: 17537
diff changeset
   301
        ui.readconfig(cfg, sections=['acl.groups', 'acl.allow.branches',
681f7b9213a4 check-code: check for spaces around = for named parameters
Mads Kiilerich <madski@unity3d.com>
parents: 17537
diff changeset
   302
            'acl.deny.branches', 'acl.allow', 'acl.deny'])
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   303
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   304
    allowbranches = buildmatch(ui, None, user, 'acl.allow.branches')
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   305
    denybranches = buildmatch(ui, None, user, 'acl.deny.branches')
6766
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   306
    allow = buildmatch(ui, repo, user, 'acl.allow')
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   307
    deny = buildmatch(ui, repo, user, 'acl.deny')
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   308
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   309
    for rev in xrange(repo[node], len(repo)):
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   310
        ctx = repo[rev]
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   311
        branch = ctx.branch()
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   312
        if denybranches and denybranches(branch):
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25792
diff changeset
   313
            raise error.Abort(_('acl: user "%s" denied on branch "%s"'
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   314
                               ' (changeset "%s")')
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   315
                               % (user, branch, ctx))
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   316
        if allowbranches and not allowbranches(branch):
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25792
diff changeset
   317
            raise error.Abort(_('acl: user "%s" not allowed on branch "%s"'
11092
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   318
                               ' (changeset "%s")')
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   319
                               % (user, branch, ctx))
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   320
        ui.debug('acl: branch access granted: "%s" on branch "%s"\n'
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   321
        % (ctx, branch))
2dd91779eb27 acl: add support for branch-based access control
Elifarley Callado Coelho Cruz <elifarley@gmail.com>
parents: 11058
diff changeset
   322
6766
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   323
        for f in ctx.files():
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   324
            if deny and deny(f):
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25792
diff changeset
   325
                raise error.Abort(_('acl: user "%s" denied on "%s"'
15207
0f7f9f06c759 acl: more descriptive error messages
Elifarley Callado Coelho Cruz
parents: 12778
diff changeset
   326
                ' (changeset "%s")') % (user, f, ctx))
6766
e81d2bd66908 acl: refactoring
Matt Mackall <mpm@selenic.com>
parents: 6750
diff changeset
   327
            if allow and not allow(f):
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25792
diff changeset
   328
                raise error.Abort(_('acl: user "%s" not allowed on "%s"'
15207
0f7f9f06c759 acl: more descriptive error messages
Elifarley Callado Coelho Cruz
parents: 12778
diff changeset
   329
                ' (changeset "%s")') % (user, f, ctx))
0f7f9f06c759 acl: more descriptive error messages
Elifarley Callado Coelho Cruz
parents: 12778
diff changeset
   330
        ui.debug('acl: path access granted: "%s"\n' % ctx)