Mercurial: hgext/acl.py comparison

comparison hgext/acl.py @ 8846:b30775386d40

acl: support for getting authenticated user from web server (issue298) Previously, the acl extension just read the current system user, which is fine for direct file system access and SSH, but will not work for HTTP(S) as that would return the web server process user identity rather than the authenticated user. An empty user is returned if the user is not authenticated.

author	Henrik Stuart <hg@hstuart.dk>
date	Sun, 07 Jun 2009 20:31:38 +0200
parents	cc7da5aae4cd
children	e872ef2e6758

comparison

equal deleted inserted replaced

-:296767acbb55
+:b30775386d40
 #   glob pattern = user4, user5
 #   ** = user6
 from mercurial.i18n import _
 from mercurial import util, match
-import getpass
+import getpass, urllib
 def buildmatch(ui, repo, user, key):
 '''return tuple of (match function, list enabled).'''
 if not ui.has_section(key):
 ui.debug(_('acl: %s not enabled\n') % key)
 'incoming changesets') % hooktype)
 if source not in ui.config('acl', 'sources', 'serve').split():
 ui.debug(_('acl: changes have source "%s" - skipping\n') % source)
 return
-user = getpass.getuser()
+user = None
+if source == 'serve' and 'url' in kwargs:
+url = kwargs['url'].split(':')
+if url[0] == 'remote' and url[1].startswith('http'):
+user = urllib.unquote(url[2])
+if user is None:
+user = getpass.getuser()
 cfg = ui.config('acl', 'config')
 if cfg:
 ui.readconfig(cfg, sections = ['acl.allow', 'acl.deny'])
 allow = buildmatch(ui, repo, user, 'acl.allow')
 deny = buildmatch(ui, repo, user, 'acl.deny')

Mercurial > hg

comparison hgext/acl.py @ 8846:b30775386d40