10 updating to branch default |
47 updating to branch default |
11 1 files updated, 0 files merged, 0 files removed, 0 files unresolved |
48 1 files updated, 0 files merged, 0 files removed, 0 files unresolved |
12 $ cd test2 |
49 $ cd test2 |
13 $ echo a >> a |
50 $ echo a >> a |
14 $ hg ci -mb |
51 $ hg ci -mb |
|
52 $ hg book bm -r 0 |
15 $ cd ../test |
53 $ cd ../test |
16 |
54 |
17 expect authorization error: all users denied |
55 web.deny_read=* prevents access to wire protocol for all users |
|
56 |
|
57 $ cat > .hg/hgrc <<EOF |
|
58 > [web] |
|
59 > deny_read = * |
|
60 > EOF |
|
61 |
|
62 $ hg serve -p $HGPORT -d --pid-file hg.pid |
|
63 $ cat hg.pid > $DAEMON_PIDS |
|
64 |
|
65 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=capabilities' |
|
66 200 Script output follows |
|
67 |
|
68 lookup changegroupsubset branchmap pushkey known getbundle unbundlehash batch streamreqs=generaldelta,revlogv1 $USUAL_BUNDLE2_CAPS_SERVER$ unbundle=HG10GZ,HG10BZ,HG10UN httpheader=1024 httpmediatype=0.1rx,0.1tx,0.2tx compression=$BUNDLE2_COMPRESSIONS$ (no-eol) |
|
69 |
|
70 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=stream_out' |
|
71 401 read not authorized |
|
72 |
|
73 0 |
|
74 read not authorized |
|
75 [1] |
|
76 |
|
77 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=listkeys' --requestheader 'x-hgarg-1=namespace=phases' |
|
78 401 read not authorized |
|
79 |
|
80 0 |
|
81 read not authorized |
|
82 [1] |
|
83 |
|
84 TODO batch command doesn't check permissions |
|
85 |
|
86 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=listkeys+namespace%3Dphases' |
|
87 200 Script output follows |
|
88 |
|
89 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
90 publishing True (no-eol) |
|
91 |
|
92 TODO custom commands don't check permissions |
|
93 |
|
94 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
95 200 Script output follows |
|
96 |
|
97 read-only command no defined permissions |
|
98 |
|
99 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
100 401 read not authorized |
|
101 |
|
102 0 |
|
103 read not authorized |
|
104 [1] |
|
105 |
|
106 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
107 200 Script output follows |
|
108 |
|
109 write command no defined permissions |
|
110 |
|
111 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
112 401 read not authorized |
|
113 |
|
114 0 |
|
115 read not authorized |
|
116 [1] |
|
117 |
|
118 $ hg --cwd ../test2 pull http://localhost:$HGPORT/ |
|
119 pulling from http://localhost:$HGPORT/ |
|
120 searching for changes |
|
121 no changes found |
|
122 abort: authorization failed |
|
123 [255] |
|
124 |
|
125 $ killdaemons.py |
|
126 |
|
127 web.deny_read=* with REMOTE_USER set still locks out clients |
|
128 |
|
129 $ REMOTE_USER=authed_user hg serve -p $HGPORT -d --pid-file hg.pid |
|
130 $ cat hg.pid > $DAEMON_PIDS |
|
131 |
|
132 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=capabilities' |
|
133 200 Script output follows |
|
134 |
|
135 lookup changegroupsubset branchmap pushkey known getbundle unbundlehash batch streamreqs=generaldelta,revlogv1 $USUAL_BUNDLE2_CAPS_SERVER$ unbundle=HG10GZ,HG10BZ,HG10UN httpheader=1024 httpmediatype=0.1rx,0.1tx,0.2tx compression=$BUNDLE2_COMPRESSIONS$ (no-eol) |
|
136 |
|
137 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=stream_out' |
|
138 401 read not authorized |
|
139 |
|
140 0 |
|
141 read not authorized |
|
142 [1] |
|
143 |
|
144 TODO batch command doesn't check permissions |
|
145 |
|
146 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=listkeys+namespace%3Dphases' |
|
147 200 Script output follows |
|
148 |
|
149 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
150 publishing True (no-eol) |
|
151 |
|
152 TODO custom commands don't check permissions |
|
153 |
|
154 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
155 200 Script output follows |
|
156 |
|
157 read-only command no defined permissions |
|
158 |
|
159 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
160 401 read not authorized |
|
161 |
|
162 0 |
|
163 read not authorized |
|
164 [1] |
|
165 |
|
166 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
167 200 Script output follows |
|
168 |
|
169 write command no defined permissions |
|
170 |
|
171 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
172 401 read not authorized |
|
173 |
|
174 0 |
|
175 read not authorized |
|
176 [1] |
|
177 |
|
178 $ hg --cwd ../test2 pull http://localhost:$HGPORT/ |
|
179 pulling from http://localhost:$HGPORT/ |
|
180 searching for changes |
|
181 no changes found |
|
182 abort: authorization failed |
|
183 [255] |
|
184 |
|
185 $ killdaemons.py |
|
186 |
|
187 web.deny_read=<user> denies access to unauthenticated user |
|
188 |
|
189 $ cat > .hg/hgrc <<EOF |
|
190 > [web] |
|
191 > deny_read = baduser1,baduser2 |
|
192 > EOF |
|
193 |
|
194 $ hg serve -p $HGPORT -d --pid-file hg.pid |
|
195 $ cat hg.pid > $DAEMON_PIDS |
|
196 |
|
197 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=listkeys' --requestheader 'x-hgarg-1=namespace=phases' |
|
198 401 read not authorized |
|
199 |
|
200 0 |
|
201 read not authorized |
|
202 [1] |
|
203 |
|
204 TODO batch command doesn't check permissions |
|
205 |
|
206 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=listkeys+namespace%3Dphases' |
|
207 200 Script output follows |
|
208 |
|
209 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
210 publishing True (no-eol) |
|
211 |
|
212 TODO custom commands don't check permissions |
|
213 |
|
214 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
215 200 Script output follows |
|
216 |
|
217 read-only command no defined permissions |
|
218 |
|
219 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
220 401 read not authorized |
|
221 |
|
222 0 |
|
223 read not authorized |
|
224 [1] |
|
225 |
|
226 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
227 200 Script output follows |
|
228 |
|
229 write command no defined permissions |
|
230 |
|
231 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
232 401 read not authorized |
|
233 |
|
234 0 |
|
235 read not authorized |
|
236 [1] |
|
237 |
|
238 $ hg --cwd ../test2 pull http://localhost:$HGPORT/ |
|
239 pulling from http://localhost:$HGPORT/ |
|
240 searching for changes |
|
241 no changes found |
|
242 abort: authorization failed |
|
243 [255] |
|
244 |
|
245 $ killdaemons.py |
|
246 |
|
247 web.deny_read=<user> denies access to users in deny list |
|
248 |
|
249 $ REMOTE_USER=baduser2 hg serve -p $HGPORT -d --pid-file hg.pid |
|
250 $ cat hg.pid > $DAEMON_PIDS |
|
251 |
|
252 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=listkeys' --requestheader 'x-hgarg-1=namespace=phases' |
|
253 401 read not authorized |
|
254 |
|
255 0 |
|
256 read not authorized |
|
257 [1] |
|
258 |
|
259 TODO batch command doesn't check permissions |
|
260 |
|
261 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=listkeys+namespace%3Dphases' |
|
262 200 Script output follows |
|
263 |
|
264 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
265 publishing True (no-eol) |
|
266 |
|
267 TODO custom commands don't check permissions |
|
268 |
|
269 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
270 200 Script output follows |
|
271 |
|
272 read-only command no defined permissions |
|
273 |
|
274 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
275 401 read not authorized |
|
276 |
|
277 0 |
|
278 read not authorized |
|
279 [1] |
|
280 |
|
281 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
282 200 Script output follows |
|
283 |
|
284 write command no defined permissions |
|
285 |
|
286 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
287 401 read not authorized |
|
288 |
|
289 0 |
|
290 read not authorized |
|
291 [1] |
|
292 |
|
293 $ hg --cwd ../test2 pull http://localhost:$HGPORT/ |
|
294 pulling from http://localhost:$HGPORT/ |
|
295 searching for changes |
|
296 no changes found |
|
297 abort: authorization failed |
|
298 [255] |
|
299 |
|
300 $ killdaemons.py |
|
301 |
|
302 web.deny_read=<user> allows access to authenticated users not in list |
|
303 |
|
304 $ REMOTE_USER=gooduser hg serve -p $HGPORT -d --pid-file hg.pid |
|
305 $ cat hg.pid > $DAEMON_PIDS |
|
306 |
|
307 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=listkeys' --requestheader 'x-hgarg-1=namespace=phases' |
|
308 200 Script output follows |
|
309 |
|
310 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
311 publishing True (no-eol) |
|
312 |
|
313 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=listkeys+namespace%3Dphases' |
|
314 200 Script output follows |
|
315 |
|
316 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
317 publishing True (no-eol) |
|
318 |
|
319 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
320 200 Script output follows |
|
321 |
|
322 read-only command no defined permissions |
|
323 |
|
324 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
325 200 Script output follows |
|
326 |
|
327 read-only command w/ defined permissions |
|
328 |
|
329 TODO custom commands don't check permissions |
|
330 |
|
331 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
332 200 Script output follows |
|
333 |
|
334 write command no defined permissions |
|
335 |
|
336 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
337 405 push requires POST request |
|
338 |
|
339 0 |
|
340 push requires POST request |
|
341 [1] |
|
342 |
|
343 $ hg --cwd ../test2 pull http://localhost:$HGPORT/ |
|
344 pulling from http://localhost:$HGPORT/ |
|
345 searching for changes |
|
346 no changes found |
|
347 |
|
348 $ killdaemons.py |
|
349 |
|
350 web.allow_read=* allows reads for unauthenticated users |
|
351 |
|
352 $ cat > .hg/hgrc <<EOF |
|
353 > [web] |
|
354 > allow_read = * |
|
355 > EOF |
|
356 |
|
357 $ hg serve -p $HGPORT -d --pid-file hg.pid |
|
358 $ cat hg.pid > $DAEMON_PIDS |
|
359 |
|
360 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=listkeys' --requestheader 'x-hgarg-1=namespace=phases' |
|
361 200 Script output follows |
|
362 |
|
363 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
364 publishing True (no-eol) |
|
365 |
|
366 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=listkeys+namespace%3Dphases' |
|
367 200 Script output follows |
|
368 |
|
369 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
370 publishing True (no-eol) |
|
371 |
|
372 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
373 200 Script output follows |
|
374 |
|
375 read-only command no defined permissions |
|
376 |
|
377 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
378 200 Script output follows |
|
379 |
|
380 read-only command w/ defined permissions |
|
381 |
|
382 TODO custom commands don't check permissions |
|
383 |
|
384 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
385 200 Script output follows |
|
386 |
|
387 write command no defined permissions |
|
388 |
|
389 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
390 405 push requires POST request |
|
391 |
|
392 0 |
|
393 push requires POST request |
|
394 [1] |
|
395 |
|
396 $ hg --cwd ../test2 pull http://localhost:$HGPORT/ |
|
397 pulling from http://localhost:$HGPORT/ |
|
398 searching for changes |
|
399 no changes found |
|
400 |
|
401 $ killdaemons.py |
|
402 |
|
403 web.allow_read=* allows read for authenticated user |
|
404 |
|
405 $ REMOTE_USER=authed_user hg serve -p $HGPORT -d --pid-file hg.pid |
|
406 $ cat hg.pid > $DAEMON_PIDS |
|
407 |
|
408 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=listkeys' --requestheader 'x-hgarg-1=namespace=phases' |
|
409 200 Script output follows |
|
410 |
|
411 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
412 publishing True (no-eol) |
|
413 |
|
414 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=listkeys+namespace%3Dphases' |
|
415 200 Script output follows |
|
416 |
|
417 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
418 publishing True (no-eol) |
|
419 |
|
420 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
421 200 Script output follows |
|
422 |
|
423 read-only command no defined permissions |
|
424 |
|
425 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
426 200 Script output follows |
|
427 |
|
428 read-only command w/ defined permissions |
|
429 |
|
430 TODO custom commands don't check permissions |
|
431 |
|
432 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
433 200 Script output follows |
|
434 |
|
435 write command no defined permissions |
|
436 |
|
437 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
438 405 push requires POST request |
|
439 |
|
440 0 |
|
441 push requires POST request |
|
442 [1] |
|
443 |
|
444 $ hg --cwd ../test2 pull http://localhost:$HGPORT/ |
|
445 pulling from http://localhost:$HGPORT/ |
|
446 searching for changes |
|
447 no changes found |
|
448 |
|
449 $ killdaemons.py |
|
450 |
|
451 web.allow_read=<user> does not allow unauthenticated users to read |
|
452 |
|
453 $ cat > .hg/hgrc <<EOF |
|
454 > [web] |
|
455 > allow_read = gooduser |
|
456 > EOF |
|
457 |
|
458 $ hg serve -p $HGPORT -d --pid-file hg.pid |
|
459 $ cat hg.pid > $DAEMON_PIDS |
|
460 |
|
461 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=listkeys' --requestheader 'x-hgarg-1=namespace=phases' |
|
462 401 read not authorized |
|
463 |
|
464 0 |
|
465 read not authorized |
|
466 [1] |
|
467 |
|
468 TODO batch command doesn't check permissions |
|
469 |
|
470 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=listkeys+namespace%3Dphases' |
|
471 200 Script output follows |
|
472 |
|
473 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
474 publishing True (no-eol) |
|
475 |
|
476 TODO custom commands don't check permissions |
|
477 |
|
478 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
479 200 Script output follows |
|
480 |
|
481 read-only command no defined permissions |
|
482 |
|
483 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
484 401 read not authorized |
|
485 |
|
486 0 |
|
487 read not authorized |
|
488 [1] |
|
489 |
|
490 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
491 200 Script output follows |
|
492 |
|
493 write command no defined permissions |
|
494 |
|
495 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
496 401 read not authorized |
|
497 |
|
498 0 |
|
499 read not authorized |
|
500 [1] |
|
501 |
|
502 $ hg --cwd ../test2 pull http://localhost:$HGPORT/ |
|
503 pulling from http://localhost:$HGPORT/ |
|
504 searching for changes |
|
505 no changes found |
|
506 abort: authorization failed |
|
507 [255] |
|
508 |
|
509 $ killdaemons.py |
|
510 |
|
511 web.allow_read=<user> does not allow user not in list to read |
|
512 |
|
513 $ REMOTE_USER=baduser hg serve -p $HGPORT -d --pid-file hg.pid |
|
514 $ cat hg.pid > $DAEMON_PIDS |
|
515 |
|
516 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=listkeys' --requestheader 'x-hgarg-1=namespace=phases' |
|
517 401 read not authorized |
|
518 |
|
519 0 |
|
520 read not authorized |
|
521 [1] |
|
522 |
|
523 TODO batch command doesn't check permissions |
|
524 |
|
525 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=listkeys+namespace%3Dphases' |
|
526 200 Script output follows |
|
527 |
|
528 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
529 publishing True (no-eol) |
|
530 |
|
531 TODO custom commands don't check permissions |
|
532 |
|
533 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
534 200 Script output follows |
|
535 |
|
536 read-only command no defined permissions |
|
537 |
|
538 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
539 401 read not authorized |
|
540 |
|
541 0 |
|
542 read not authorized |
|
543 [1] |
|
544 |
|
545 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
546 200 Script output follows |
|
547 |
|
548 write command no defined permissions |
|
549 |
|
550 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
551 401 read not authorized |
|
552 |
|
553 0 |
|
554 read not authorized |
|
555 [1] |
|
556 |
|
557 $ hg --cwd ../test2 pull http://localhost:$HGPORT/ |
|
558 pulling from http://localhost:$HGPORT/ |
|
559 searching for changes |
|
560 no changes found |
|
561 abort: authorization failed |
|
562 [255] |
|
563 |
|
564 $ killdaemons.py |
|
565 |
|
566 web.allow_read=<user> allows read from user in list |
|
567 |
|
568 $ REMOTE_USER=gooduser hg serve -p $HGPORT -d --pid-file hg.pid |
|
569 $ cat hg.pid > $DAEMON_PIDS |
|
570 |
|
571 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=listkeys' --requestheader 'x-hgarg-1=namespace=phases' |
|
572 200 Script output follows |
|
573 |
|
574 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
575 publishing True (no-eol) |
|
576 |
|
577 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=listkeys+namespace%3Dphases' |
|
578 200 Script output follows |
|
579 |
|
580 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
581 publishing True (no-eol) |
|
582 |
|
583 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
584 200 Script output follows |
|
585 |
|
586 read-only command no defined permissions |
|
587 |
|
588 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
589 200 Script output follows |
|
590 |
|
591 read-only command w/ defined permissions |
|
592 |
|
593 TODO custom commands don't check permissions |
|
594 |
|
595 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
596 200 Script output follows |
|
597 |
|
598 write command no defined permissions |
|
599 |
|
600 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
601 405 push requires POST request |
|
602 |
|
603 0 |
|
604 push requires POST request |
|
605 [1] |
|
606 |
|
607 $ hg --cwd ../test2 pull http://localhost:$HGPORT/ |
|
608 pulling from http://localhost:$HGPORT/ |
|
609 searching for changes |
|
610 no changes found |
|
611 |
|
612 $ killdaemons.py |
|
613 |
|
614 web.deny_read takes precedence over web.allow_read |
|
615 |
|
616 $ cat > .hg/hgrc <<EOF |
|
617 > [web] |
|
618 > allow_read = baduser |
|
619 > deny_read = baduser |
|
620 > EOF |
|
621 |
|
622 $ REMOTE_USER=baduser hg serve -p $HGPORT -d --pid-file hg.pid |
|
623 $ cat hg.pid > $DAEMON_PIDS |
|
624 |
|
625 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=listkeys' --requestheader 'x-hgarg-1=namespace=phases' |
|
626 401 read not authorized |
|
627 |
|
628 0 |
|
629 read not authorized |
|
630 [1] |
|
631 |
|
632 TODO batch command doesn't check permissions |
|
633 |
|
634 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=listkeys+namespace%3Dphases' |
|
635 200 Script output follows |
|
636 |
|
637 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
638 publishing True (no-eol) |
|
639 |
|
640 TODO custom commands don't check permissions |
|
641 |
|
642 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
643 200 Script output follows |
|
644 |
|
645 read-only command no defined permissions |
|
646 |
|
647 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
648 401 read not authorized |
|
649 |
|
650 0 |
|
651 read not authorized |
|
652 [1] |
|
653 |
|
654 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
655 200 Script output follows |
|
656 |
|
657 write command no defined permissions |
|
658 |
|
659 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
660 401 read not authorized |
|
661 |
|
662 0 |
|
663 read not authorized |
|
664 [1] |
|
665 |
|
666 $ hg --cwd ../test2 pull http://localhost:$HGPORT/ |
|
667 pulling from http://localhost:$HGPORT/ |
|
668 searching for changes |
|
669 no changes found |
|
670 abort: authorization failed |
|
671 [255] |
|
672 |
|
673 $ killdaemons.py |
|
674 |
|
675 web.allow-pull=false denies read access to repo |
|
676 |
|
677 $ cat > .hg/hgrc <<EOF |
|
678 > [web] |
|
679 > allow-pull = false |
|
680 > EOF |
|
681 |
|
682 $ hg serve -p $HGPORT -d --pid-file hg.pid |
|
683 $ cat hg.pid > $DAEMON_PIDS |
|
684 |
|
685 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=capabilities' |
|
686 200 Script output follows |
|
687 |
|
688 lookup changegroupsubset branchmap pushkey known getbundle unbundlehash batch streamreqs=generaldelta,revlogv1 $USUAL_BUNDLE2_CAPS_SERVER$ unbundle=HG10GZ,HG10BZ,HG10UN httpheader=1024 httpmediatype=0.1rx,0.1tx,0.2tx compression=$BUNDLE2_COMPRESSIONS$ (no-eol) |
|
689 |
|
690 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=listkeys' --requestheader 'x-hgarg-1=namespace=phases' |
|
691 401 pull not authorized |
|
692 |
|
693 0 |
|
694 pull not authorized |
|
695 [1] |
|
696 |
|
697 TODO batch command doesn't check permissions |
|
698 |
|
699 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=listkeys+namespace%3Dphases' |
|
700 200 Script output follows |
|
701 |
|
702 cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b 1 |
|
703 publishing True (no-eol) |
|
704 |
|
705 TODO custom commands don't check permissions |
|
706 |
|
707 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
708 200 Script output follows |
|
709 |
|
710 read-only command no defined permissions |
|
711 |
|
712 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
713 401 pull not authorized |
|
714 |
|
715 0 |
|
716 pull not authorized |
|
717 [1] |
|
718 |
|
719 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
720 200 Script output follows |
|
721 |
|
722 write command no defined permissions |
|
723 |
|
724 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
725 405 push requires POST request |
|
726 |
|
727 0 |
|
728 push requires POST request |
|
729 [1] |
|
730 |
|
731 $ hg --cwd ../test2 pull http://localhost:$HGPORT/ |
|
732 pulling from http://localhost:$HGPORT/ |
|
733 searching for changes |
|
734 no changes found |
|
735 abort: authorization failed |
|
736 [255] |
|
737 |
|
738 $ killdaemons.py |
|
739 |
|
740 Attempting a write command with HTTP GET fails |
|
741 |
|
742 $ cat > .hg/hgrc <<EOF |
|
743 > EOF |
|
744 |
|
745 $ REQUEST_METHOD=GET hg serve -p $HGPORT -d --pid-file hg.pid |
|
746 $ cat hg.pid > $DAEMON_PIDS |
|
747 |
|
748 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
749 405 push requires POST request |
|
750 |
|
751 0 |
|
752 push requires POST request |
|
753 [1] |
|
754 |
|
755 TODO batch command doesn't check permissions |
|
756 |
|
757 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=pushkey+namespace%3Dbookmarks%2Ckey%3Dbm%2Cold%3D%2Cnew%3Dcb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
758 200 Script output follows |
|
759 |
|
760 1 |
|
761 |
|
762 $ hg bookmarks |
|
763 bm 0:cb9a9f314b8b |
|
764 $ hg bookmark -d bm |
|
765 |
|
766 TODO custom commands don't check permissions |
|
767 |
|
768 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
769 200 Script output follows |
|
770 |
|
771 write command no defined permissions |
|
772 |
|
773 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
774 405 push requires POST request |
|
775 |
|
776 0 |
|
777 push requires POST request |
|
778 [1] |
|
779 |
|
780 $ killdaemons.py |
|
781 |
|
782 Attempting a write command with an unknown HTTP verb fails |
|
783 |
|
784 $ REQUEST_METHOD=someverb hg serve -p $HGPORT -d --pid-file hg.pid |
|
785 $ cat hg.pid > $DAEMON_PIDS |
|
786 |
|
787 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
788 405 push requires POST request |
|
789 |
|
790 0 |
|
791 push requires POST request |
|
792 [1] |
|
793 |
|
794 TODO batch command doesn't check permissions |
|
795 |
|
796 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=pushkey+namespace%3Dbookmarks%2Ckey%3Dbm%2Cold%3D%2Cnew%3Dcb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
797 200 Script output follows |
|
798 |
|
799 1 |
|
800 |
|
801 $ hg bookmarks |
|
802 bm 0:cb9a9f314b8b |
|
803 $ hg bookmark -d bm |
|
804 |
|
805 TODO custom commands don't check permissions |
|
806 |
|
807 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
808 200 Script output follows |
|
809 |
|
810 write command no defined permissions |
|
811 |
|
812 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
813 405 push requires POST request |
|
814 |
|
815 0 |
|
816 push requires POST request |
|
817 [1] |
|
818 |
|
819 $ killdaemons.py |
|
820 |
|
821 Pushing on a plaintext channel is disabled by default |
|
822 |
|
823 $ cat > .hg/hgrc <<EOF |
|
824 > EOF |
|
825 |
|
826 $ REQUEST_METHOD=POST hg serve -p $HGPORT -d --pid-file hg.pid |
|
827 $ cat hg.pid > $DAEMON_PIDS |
|
828 |
|
829 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
830 403 ssl required |
|
831 |
|
832 0 |
|
833 ssl required |
|
834 [1] |
|
835 |
|
836 TODO batch command doesn't check permissions |
|
837 |
|
838 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=pushkey+namespace%3Dbookmarks%2Ckey%3Dbm%2Cold%3D%2Cnew%3Dcb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
839 200 Script output follows |
|
840 |
|
841 1 |
|
842 |
|
843 $ hg bookmarks |
|
844 bm 0:cb9a9f314b8b |
|
845 $ hg book -d bm |
|
846 |
|
847 TODO custom commands don't check permissions |
|
848 |
|
849 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
850 200 Script output follows |
|
851 |
|
852 write command no defined permissions |
|
853 |
|
854 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
855 403 ssl required |
|
856 |
|
857 0 |
|
858 ssl required |
|
859 [1] |
|
860 |
|
861 Reset server to remove REQUEST_METHOD hack to test hg client |
|
862 |
|
863 $ killdaemons.py |
|
864 $ hg serve -p $HGPORT -d --pid-file hg.pid |
|
865 $ cat hg.pid > $DAEMON_PIDS |
|
866 |
|
867 $ hg --cwd ../test2 push -B bm http://localhost:$HGPORT/ |
|
868 pushing to http://localhost:$HGPORT/ |
|
869 searching for changes |
|
870 no changes found |
|
871 abort: HTTP Error 403: ssl required |
|
872 [255] |
|
873 |
|
874 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
|
875 pushing to http://localhost:$HGPORT/ |
|
876 searching for changes |
|
877 abort: HTTP Error 403: ssl required |
|
878 [255] |
|
879 |
|
880 $ killdaemons.py |
|
881 |
|
882 web.deny_push=* denies pushing to unauthenticated users |
18 |
883 |
19 $ cat > .hg/hgrc <<EOF |
884 $ cat > .hg/hgrc <<EOF |
20 > [web] |
885 > [web] |
21 > push_ssl = false |
886 > push_ssl = false |
22 > deny_push = * |
887 > deny_push = * |
23 > EOF |
888 > EOF |
24 |
889 |
|
890 $ REQUEST_METHOD=POST hg serve -p $HGPORT -d --pid-file hg.pid |
|
891 $ cat hg.pid > $DAEMON_PIDS |
|
892 |
|
893 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
894 401 push not authorized |
|
895 |
|
896 0 |
|
897 push not authorized |
|
898 [1] |
|
899 |
|
900 TODO batch command doesn't check permissions |
|
901 |
|
902 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=pushkey+namespace%3Dbookmarks%2Ckey%3Dbm%2Cold%3D%2Cnew%3Dcb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
903 200 Script output follows |
|
904 |
|
905 1 |
|
906 |
|
907 $ hg bookmarks |
|
908 bm 0:cb9a9f314b8b |
|
909 $ hg book -d bm |
|
910 |
|
911 TODO custom commands don't check permissions |
|
912 |
|
913 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
914 200 Script output follows |
|
915 |
|
916 write command no defined permissions |
|
917 |
|
918 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
919 401 push not authorized |
|
920 |
|
921 0 |
|
922 push not authorized |
|
923 [1] |
|
924 |
|
925 Reset server to remove REQUEST_METHOD hack to test hg client |
|
926 |
|
927 $ killdaemons.py |
25 $ hg serve -p $HGPORT -d --pid-file hg.pid |
928 $ hg serve -p $HGPORT -d --pid-file hg.pid |
26 $ cat hg.pid > $DAEMON_PIDS |
929 $ cat hg.pid > $DAEMON_PIDS |
27 |
930 |
|
931 $ hg --cwd ../test2 push -B bm http://localhost:$HGPORT/ |
|
932 pushing to http://localhost:$HGPORT/ |
|
933 searching for changes |
|
934 no changes found |
|
935 abort: authorization failed |
|
936 [255] |
|
937 |
28 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
938 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
29 pushing to http://localhost:$HGPORT/ |
939 pushing to http://localhost:$HGPORT/ |
30 searching for changes |
940 searching for changes |
31 abort: authorization failed |
941 abort: authorization failed |
32 [255] |
942 [255] |
33 |
943 |
34 $ killdaemons.py |
944 $ killdaemons.py |
35 |
945 |
36 expect authorization error: some users denied, users must be authenticated |
946 web.deny_push=* denies pushing to authenticated users |
|
947 |
|
948 $ REMOTE_USER=someuser REQUEST_METHOD=POST hg serve -p $HGPORT -d --pid-file hg.pid |
|
949 $ cat hg.pid > $DAEMON_PIDS |
|
950 |
|
951 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
952 401 push not authorized |
|
953 |
|
954 0 |
|
955 push not authorized |
|
956 [1] |
|
957 |
|
958 TODO batch command doesn't check permissions |
|
959 |
|
960 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=pushkey+namespace%3Dbookmarks%2Ckey%3Dbm%2Cold%3D%2Cnew%3Dcb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
961 200 Script output follows |
|
962 |
|
963 1 |
|
964 |
|
965 $ hg bookmarks |
|
966 bm 0:cb9a9f314b8b |
|
967 $ hg book -d bm |
|
968 |
|
969 TODO custom commands don't check permissions |
|
970 |
|
971 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
972 200 Script output follows |
|
973 |
|
974 write command no defined permissions |
|
975 |
|
976 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
977 401 push not authorized |
|
978 |
|
979 0 |
|
980 push not authorized |
|
981 [1] |
|
982 |
|
983 Reset server to remove REQUEST_METHOD hack to test hg client |
|
984 |
|
985 $ killdaemons.py |
|
986 $ REMOTE_USER=someuser hg serve -p $HGPORT -d --pid-file hg.pid |
|
987 $ cat hg.pid > $DAEMON_PIDS |
|
988 |
|
989 $ hg --cwd ../test2 push -B bm http://localhost:$HGPORT/ |
|
990 pushing to http://localhost:$HGPORT/ |
|
991 searching for changes |
|
992 no changes found |
|
993 abort: authorization failed |
|
994 [255] |
|
995 |
|
996 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
|
997 pushing to http://localhost:$HGPORT/ |
|
998 searching for changes |
|
999 abort: authorization failed |
|
1000 [255] |
|
1001 |
|
1002 $ killdaemons.py |
|
1003 |
|
1004 web.deny_push=<user> denies pushing to user in list |
37 |
1005 |
38 $ cat > .hg/hgrc <<EOF |
1006 $ cat > .hg/hgrc <<EOF |
39 > [web] |
1007 > [web] |
40 > push_ssl = false |
1008 > push_ssl = false |
41 > deny_push = unperson |
1009 > deny_push = baduser |
42 > EOF |
1010 > EOF |
43 |
1011 |
|
1012 $ REMOTE_USER=baduser REQUEST_METHOD=POST hg serve -p $HGPORT -d --pid-file hg.pid |
|
1013 $ cat hg.pid > $DAEMON_PIDS |
|
1014 |
|
1015 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1016 401 push not authorized |
|
1017 |
|
1018 0 |
|
1019 push not authorized |
|
1020 [1] |
|
1021 |
|
1022 TODO batch command doesn't check permissions |
|
1023 |
|
1024 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=pushkey+namespace%3Dbookmarks%2Ckey%3Dbm%2Cold%3D%2Cnew%3Dcb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1025 200 Script output follows |
|
1026 |
|
1027 1 |
|
1028 |
|
1029 $ hg bookmarks |
|
1030 bm 0:cb9a9f314b8b |
|
1031 $ hg book -d bm |
|
1032 |
|
1033 TODO custom commands don't check permissions |
|
1034 |
|
1035 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
1036 200 Script output follows |
|
1037 |
|
1038 write command no defined permissions |
|
1039 |
|
1040 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
1041 401 push not authorized |
|
1042 |
|
1043 0 |
|
1044 push not authorized |
|
1045 [1] |
|
1046 |
|
1047 Reset server to remove REQUEST_METHOD hack to test hg client |
|
1048 |
|
1049 $ killdaemons.py |
|
1050 $ REMOTE_USER=baduser hg serve -p $HGPORT -d --pid-file hg.pid |
|
1051 $ cat hg.pid > $DAEMON_PIDS |
|
1052 |
|
1053 $ hg --cwd ../test2 push -B bm http://localhost:$HGPORT/ |
|
1054 pushing to http://localhost:$HGPORT/ |
|
1055 searching for changes |
|
1056 no changes found |
|
1057 abort: authorization failed |
|
1058 [255] |
|
1059 |
|
1060 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
|
1061 pushing to http://localhost:$HGPORT/ |
|
1062 searching for changes |
|
1063 abort: authorization failed |
|
1064 [255] |
|
1065 |
|
1066 $ killdaemons.py |
|
1067 |
|
1068 web.deny_push=<user> denies pushing to user not in list because allow-push isn't set |
|
1069 |
|
1070 $ REMOTE_USER=gooduser REQUEST_METHOD=POST hg serve -p $HGPORT -d --pid-file hg.pid |
|
1071 $ cat hg.pid > $DAEMON_PIDS |
|
1072 |
|
1073 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1074 401 push not authorized |
|
1075 |
|
1076 0 |
|
1077 push not authorized |
|
1078 [1] |
|
1079 |
|
1080 TODO batch command doesn't check permissions |
|
1081 |
|
1082 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=pushkey+namespace%3Dbookmarks%2Ckey%3Dbm%2Cold%3D%2Cnew%3Dcb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1083 200 Script output follows |
|
1084 |
|
1085 1 |
|
1086 |
|
1087 $ hg bookmarks |
|
1088 bm 0:cb9a9f314b8b |
|
1089 $ hg book -d bm |
|
1090 |
|
1091 TODO custom commands don't check permissions |
|
1092 |
|
1093 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
1094 200 Script output follows |
|
1095 |
|
1096 write command no defined permissions |
|
1097 |
|
1098 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
1099 401 push not authorized |
|
1100 |
|
1101 0 |
|
1102 push not authorized |
|
1103 [1] |
|
1104 |
|
1105 Reset server to remove REQUEST_METHOD hack to test hg client |
|
1106 |
|
1107 $ killdaemons.py |
|
1108 $ REMOTE_USER=gooduser hg serve -p $HGPORT -d --pid-file hg.pid |
|
1109 $ cat hg.pid > $DAEMON_PIDS |
|
1110 |
|
1111 $ hg --cwd ../test2 push -B bm http://localhost:$HGPORT/ |
|
1112 pushing to http://localhost:$HGPORT/ |
|
1113 searching for changes |
|
1114 no changes found |
|
1115 abort: authorization failed |
|
1116 [255] |
|
1117 |
|
1118 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
|
1119 pushing to http://localhost:$HGPORT/ |
|
1120 searching for changes |
|
1121 abort: authorization failed |
|
1122 [255] |
|
1123 |
|
1124 $ killdaemons.py |
|
1125 |
|
1126 web.allow-push=* allows pushes from unauthenticated users |
|
1127 |
|
1128 $ cat > .hg/hgrc <<EOF |
|
1129 > [web] |
|
1130 > push_ssl = false |
|
1131 > allow-push = * |
|
1132 > EOF |
|
1133 |
|
1134 $ REQUEST_METHOD=POST hg serve -p $HGPORT -d --pid-file hg.pid |
|
1135 $ cat hg.pid > $DAEMON_PIDS |
|
1136 |
|
1137 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1138 200 Script output follows |
|
1139 |
|
1140 1 |
|
1141 |
|
1142 $ hg bookmarks |
|
1143 bm 0:cb9a9f314b8b |
|
1144 $ hg book -d bm |
|
1145 |
|
1146 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
1147 200 Script output follows |
|
1148 |
|
1149 write command no defined permissions |
|
1150 |
|
1151 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
1152 200 Script output follows |
|
1153 |
|
1154 write command w/ defined permissions |
|
1155 |
|
1156 Reset server to remove REQUEST_METHOD hack to test hg client |
|
1157 |
|
1158 $ killdaemons.py |
44 $ hg serve -p $HGPORT -d --pid-file hg.pid |
1159 $ hg serve -p $HGPORT -d --pid-file hg.pid |
45 $ cat hg.pid > $DAEMON_PIDS |
1160 $ cat hg.pid > $DAEMON_PIDS |
|
1161 |
|
1162 $ hg --cwd ../test2 push -B bm http://localhost:$HGPORT/ |
|
1163 pushing to http://localhost:$HGPORT/ |
|
1164 searching for changes |
|
1165 no changes found |
|
1166 exporting bookmark bm |
|
1167 [1] |
|
1168 |
|
1169 $ hg book -d bm |
|
1170 |
46 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
1171 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
47 pushing to http://localhost:$HGPORT/ |
1172 pushing to http://localhost:$HGPORT/ |
48 searching for changes |
1173 searching for changes |
49 abort: authorization failed |
1174 remote: adding changesets |
50 [255] |
1175 remote: adding manifests |
51 |
1176 remote: adding file changes |
52 $ killdaemons.py |
1177 remote: added 1 changesets with 1 changes to 1 files |
|
1178 |
|
1179 $ hg strip -r 1: |
|
1180 saved backup bundle to $TESTTMP/test/.hg/strip-backup/ba677d0156c1-eea704d7-backup.hg |
|
1181 |
|
1182 $ killdaemons.py |
|
1183 |
|
1184 web.allow-push=* allows pushes from authenticated users |
|
1185 |
|
1186 $ REMOTE_USER=someuser REQUEST_METHOD=POST hg serve -p $HGPORT -d --pid-file hg.pid |
|
1187 $ cat hg.pid > $DAEMON_PIDS |
|
1188 |
|
1189 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1190 200 Script output follows |
|
1191 |
|
1192 1 |
|
1193 |
|
1194 $ hg bookmarks |
|
1195 bm 0:cb9a9f314b8b |
|
1196 $ hg book -d bm |
|
1197 |
|
1198 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
1199 200 Script output follows |
|
1200 |
|
1201 write command no defined permissions |
|
1202 |
|
1203 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
1204 200 Script output follows |
|
1205 |
|
1206 write command w/ defined permissions |
|
1207 |
|
1208 Reset server to remove REQUEST_METHOD hack to test hg client |
|
1209 |
|
1210 $ killdaemons.py |
|
1211 $ REMOTE_USER=someuser hg serve -p $HGPORT -d --pid-file hg.pid |
|
1212 $ cat hg.pid > $DAEMON_PIDS |
|
1213 |
|
1214 $ hg --cwd ../test2 push -B bm http://localhost:$HGPORT/ |
|
1215 pushing to http://localhost:$HGPORT/ |
|
1216 searching for changes |
|
1217 no changes found |
|
1218 exporting bookmark bm |
|
1219 [1] |
|
1220 |
|
1221 $ hg book -d bm |
|
1222 |
|
1223 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
|
1224 pushing to http://localhost:$HGPORT/ |
|
1225 searching for changes |
|
1226 remote: adding changesets |
|
1227 remote: adding manifests |
|
1228 remote: adding file changes |
|
1229 remote: added 1 changesets with 1 changes to 1 files |
|
1230 |
|
1231 $ hg strip -r 1: |
|
1232 saved backup bundle to $TESTTMP/test/.hg/strip-backup/ba677d0156c1-eea704d7-backup.hg |
|
1233 |
|
1234 $ killdaemons.py |
|
1235 |
|
1236 web.allow-push=<user> denies push to user not in list |
|
1237 |
|
1238 $ cat > .hg/hgrc <<EOF |
|
1239 > [web] |
|
1240 > push_ssl = false |
|
1241 > allow-push = gooduser |
|
1242 > EOF |
|
1243 |
|
1244 $ REMOTE_USER=baduser REQUEST_METHOD=POST hg serve -p $HGPORT -d --pid-file hg.pid |
|
1245 $ cat hg.pid > $DAEMON_PIDS |
|
1246 |
|
1247 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1248 401 push not authorized |
|
1249 |
|
1250 0 |
|
1251 push not authorized |
|
1252 [1] |
|
1253 |
|
1254 TODO batch command doesn't check permissions |
|
1255 |
|
1256 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=pushkey+namespace%3Dbookmarks%2Ckey%3Dbm%2Cold%3D%2Cnew%3Dcb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1257 200 Script output follows |
|
1258 |
|
1259 1 |
|
1260 |
|
1261 $ hg bookmarks |
|
1262 bm 0:cb9a9f314b8b |
|
1263 $ hg book -d bm |
|
1264 |
|
1265 TODO custom commands don't check permissions |
|
1266 |
|
1267 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
1268 200 Script output follows |
|
1269 |
|
1270 write command no defined permissions |
|
1271 |
|
1272 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
1273 401 push not authorized |
|
1274 |
|
1275 0 |
|
1276 push not authorized |
|
1277 [1] |
|
1278 |
|
1279 Reset server to remove REQUEST_METHOD hack to test hg client |
|
1280 |
|
1281 $ killdaemons.py |
|
1282 $ REMOTE_USER=baduser hg serve -p $HGPORT -d --pid-file hg.pid |
|
1283 $ cat hg.pid > $DAEMON_PIDS |
|
1284 |
|
1285 $ hg --cwd ../test2 push -B bm http://localhost:$HGPORT/ |
|
1286 pushing to http://localhost:$HGPORT/ |
|
1287 searching for changes |
|
1288 no changes found |
|
1289 abort: authorization failed |
|
1290 [255] |
|
1291 |
|
1292 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
|
1293 pushing to http://localhost:$HGPORT/ |
|
1294 searching for changes |
|
1295 abort: authorization failed |
|
1296 [255] |
|
1297 |
|
1298 $ killdaemons.py |
|
1299 |
|
1300 web.allow-push=<user> allows push from user in list |
|
1301 |
|
1302 $ REMOTE_USER=gooduser REQUEST_METHOD=POST hg serve -p $HGPORT -d --pid-file hg.pid |
|
1303 $ cat hg.pid > $DAEMON_PIDS |
|
1304 |
|
1305 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1306 200 Script output follows |
|
1307 |
|
1308 1 |
|
1309 |
|
1310 $ hg bookmarks |
|
1311 bm 0:cb9a9f314b8b |
|
1312 $ hg book -d bm |
|
1313 |
|
1314 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=pushkey+namespace%3Dbookmarks%2Ckey%3Dbm%2Cold%3D%2Cnew%3Dcb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1315 200 Script output follows |
|
1316 |
|
1317 1 |
|
1318 |
|
1319 $ hg bookmarks |
|
1320 bm 0:cb9a9f314b8b |
|
1321 $ hg book -d bm |
|
1322 |
|
1323 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
1324 200 Script output follows |
|
1325 |
|
1326 write command no defined permissions |
|
1327 |
|
1328 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
1329 200 Script output follows |
|
1330 |
|
1331 write command w/ defined permissions |
|
1332 |
|
1333 Reset server to remove REQUEST_METHOD hack to test hg client |
|
1334 |
|
1335 $ killdaemons.py |
|
1336 $ REMOTE_USER=gooduser hg serve -p $HGPORT -d --pid-file hg.pid |
|
1337 $ cat hg.pid > $DAEMON_PIDS |
|
1338 |
|
1339 $ hg --cwd ../test2 push -B bm http://localhost:$HGPORT/ |
|
1340 pushing to http://localhost:$HGPORT/ |
|
1341 searching for changes |
|
1342 no changes found |
|
1343 exporting bookmark bm |
|
1344 [1] |
|
1345 |
|
1346 $ hg book -d bm |
|
1347 |
|
1348 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
|
1349 pushing to http://localhost:$HGPORT/ |
|
1350 searching for changes |
|
1351 remote: adding changesets |
|
1352 remote: adding manifests |
|
1353 remote: adding file changes |
|
1354 remote: added 1 changesets with 1 changes to 1 files |
|
1355 |
|
1356 $ hg strip -r 1: |
|
1357 saved backup bundle to $TESTTMP/test/.hg/strip-backup/ba677d0156c1-eea704d7-backup.hg |
|
1358 |
|
1359 $ killdaemons.py |
|
1360 |
|
1361 web.deny_push takes precedence over web.allow_push |
|
1362 |
|
1363 $ cat > .hg/hgrc <<EOF |
|
1364 > [web] |
|
1365 > push_ssl = false |
|
1366 > allow-push = someuser |
|
1367 > deny_push = someuser |
|
1368 > EOF |
|
1369 |
|
1370 $ REMOTE_USER=someuser REQUEST_METHOD=POST hg serve -p $HGPORT -d --pid-file hg.pid |
|
1371 $ cat hg.pid > $DAEMON_PIDS |
|
1372 |
|
1373 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1374 401 push not authorized |
|
1375 |
|
1376 0 |
|
1377 push not authorized |
|
1378 [1] |
|
1379 |
|
1380 TODO batch command doesn't check permissions |
|
1381 |
|
1382 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=pushkey+namespace%3Dbookmarks%2Ckey%3Dbm%2Cold%3D%2Cnew%3Dcb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1383 200 Script output follows |
|
1384 |
|
1385 1 |
|
1386 |
|
1387 $ hg bookmarks |
|
1388 bm 0:cb9a9f314b8b |
|
1389 $ hg book -d bm |
|
1390 |
|
1391 TODO custom commands don't check permissions |
|
1392 |
|
1393 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
1394 200 Script output follows |
|
1395 |
|
1396 write command no defined permissions |
|
1397 |
|
1398 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
1399 401 push not authorized |
|
1400 |
|
1401 0 |
|
1402 push not authorized |
|
1403 [1] |
|
1404 |
|
1405 Reset server to remove REQUEST_METHOD hack to test hg client |
|
1406 |
|
1407 $ killdaemons.py |
|
1408 $ REMOTE_USER=someuser hg serve -p $HGPORT -d --pid-file hg.pid |
|
1409 $ cat hg.pid > $DAEMON_PIDS |
|
1410 |
|
1411 $ hg --cwd ../test2 push -B bm http://localhost:$HGPORT/ |
|
1412 pushing to http://localhost:$HGPORT/ |
|
1413 searching for changes |
|
1414 no changes found |
|
1415 abort: authorization failed |
|
1416 [255] |
|
1417 |
|
1418 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
|
1419 pushing to http://localhost:$HGPORT/ |
|
1420 searching for changes |
|
1421 abort: authorization failed |
|
1422 [255] |
|
1423 |
|
1424 $ killdaemons.py |
|
1425 |
|
1426 web.allow-push has no effect if web.deny_read is set |
|
1427 |
|
1428 $ cat > .hg/hgrc <<EOF |
|
1429 > [web] |
|
1430 > push_ssl = false |
|
1431 > allow-push = * |
|
1432 > deny_read = * |
|
1433 > EOF |
|
1434 |
|
1435 $ REQUEST_METHOD=POST REMOTE_USER=someuser hg serve -p $HGPORT -d --pid-file hg.pid |
|
1436 $ cat hg.pid > $DAEMON_PIDS |
|
1437 |
|
1438 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=pushkey' --requestheader 'x-hgarg-1=namespace=bookmarks&key=bm&old=&new=cb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1439 401 read not authorized |
|
1440 |
|
1441 0 |
|
1442 read not authorized |
|
1443 [1] |
|
1444 |
|
1445 TODO batch command doesn't check permissions |
|
1446 |
|
1447 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=batch' --requestheader 'x-hgarg-1=cmds=pushkey+namespace%3Dbookmarks%2Ckey%3Dbm%2Cold%3D%2Cnew%3Dcb9a9f314b8b07ba71012fcdbc544b5a4d82ff5b' |
|
1448 200 Script output follows |
|
1449 |
|
1450 1 |
|
1451 |
|
1452 $ hg bookmarks |
|
1453 bm 0:cb9a9f314b8b |
|
1454 $ hg book -d bm |
|
1455 |
|
1456 TODO custom commands don't check permissions |
|
1457 |
|
1458 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadnoperm' |
|
1459 200 Script output follows |
|
1460 |
|
1461 read-only command no defined permissions |
|
1462 |
|
1463 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customreadwithperm' |
|
1464 401 read not authorized |
|
1465 |
|
1466 0 |
|
1467 read not authorized |
|
1468 [1] |
|
1469 |
|
1470 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritenoperm' |
|
1471 200 Script output follows |
|
1472 |
|
1473 write command no defined permissions |
|
1474 |
|
1475 $ get-with-headers.py $LOCALIP:$HGPORT '?cmd=customwritewithperm' |
|
1476 401 read not authorized |
|
1477 |
|
1478 0 |
|
1479 read not authorized |
|
1480 [1] |
|
1481 |
|
1482 Reset server to remove REQUEST_METHOD hack to test hg client |
|
1483 |
|
1484 $ killdaemons.py |
|
1485 $ REMOTE_USER=someuser hg serve -p $HGPORT -d --pid-file hg.pid |
|
1486 $ cat hg.pid > $DAEMON_PIDS |
|
1487 |
|
1488 $ hg --cwd ../test2 push -B bm http://localhost:$HGPORT/ |
|
1489 pushing to http://localhost:$HGPORT/ |
|
1490 searching for changes |
|
1491 abort: authorization failed |
|
1492 [255] |
|
1493 |
|
1494 $ hg --cwd ../test2 push http://localhost:$HGPORT/ |
|
1495 pushing to http://localhost:$HGPORT/ |
|
1496 searching for changes |
|
1497 abort: authorization failed |
|
1498 [255] |
|
1499 |
|
1500 $ killdaemons.py |