Mercurial > hg
view tests/test-trusted.py.out @ 37766:925707ac2855
lfs: add the 'Authorization' property to the Batch API response, if present
The client copies all of these properties under 'header' to the HTTP Headers of
the subsequent GET or PUT request that it performs. That allows the Basic HTTP
authentication used to authorize the Batch API request to also authorize the
upload/download action.
There's likely further work to do here. There's an 'authenticated' boolean key
in the Batch API response that can be set, and there is an 'LFS-Authenticate'
header that is used instead of 'WWW-Authenticate'[1]. (We likely need to
support both, since some hosting solutions are likely to only respond with the
latter.) In any event, this works with SCM Manager, so there is real world
benefit.
I'm limiting the headers returned to 'Basic', because that's all the lfs spec
calls out. In practice, I've seen gitbucket emit custom header content[2].
[1] https://github.com/git-lfs/git-lfs/blob/master/docs/api/batch.md#response-errors
[2] https://github.com/gitbucket/gitbucket/blob/35655f33c7713f08515ed640ece0948acd6d6168/src/main/scala/gitbucket/core/servlet/GitRepositoryServlet.scala#L119
author | Matt Harbison <matt_harbison@yahoo.com> |
---|---|
date | Fri, 06 Apr 2018 11:13:47 -0400 |
parents | 75e4bae56068 |
children | 73ccba60aaa1 |
line wrap: on
line source
# same user, same group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # same user, different group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # different user, same group not trusting file .hg/hgrc from untrusted user abc, group bar trusted global = /some/path untrusted . . global = /some/path . . local = /another/path # different user, same group, but we trust the group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def trusted global = /some/path untrusted . . global = /some/path . . local = /another/path # different user, different group, but we trust the user trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # different user, different group, but we trust the group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # different user, different group, but we trust the user and the group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # we trust all users # different user, different group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # we trust all groups # different user, different group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # we trust all users and groups # different user, different group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # we don't get confused by users and groups with the same name # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def trusted global = /some/path untrusted . . global = /some/path . . local = /another/path # list of user names # different user, different group, but we trust the user trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # list of group names # different user, different group, but we trust the group trusted global = /some/path local = /another/path untrusted . . global = /some/path . . local = /another/path # Can't figure out the name of the user running this process # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def trusted global = /some/path untrusted . . global = /some/path . . local = /another/path # prints debug warnings # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def trusted ignoring untrusted configuration option paths.local = /another/path global = /some/path untrusted . . global = /some/path . ignoring untrusted configuration option paths.local = /another/path . local = /another/path # report_untrusted enabled without debug hides warnings # different user, different group trusted global = /some/path untrusted . . global = /some/path . . local = /another/path # report_untrusted enabled with debug shows warnings # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def trusted ignoring untrusted configuration option paths.local = /another/path global = /some/path untrusted . . global = /some/path . ignoring untrusted configuration option paths.local = /another/path . local = /another/path # ui.readconfig sections quux # read trusted, untrusted, new ui, trusted not trusting file foobar from untrusted user abc, group def trusted: ignoring untrusted configuration option foobar.baz = quux None untrusted: quux # error handling # file doesn't exist # same user, same group # different user, different group # parse error # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def ('foo', '.hg/hgrc:1') # same user, same group ('foo', '.hg/hgrc:1') # access typed information # different user, different group not trusting file .hg/hgrc from untrusted user abc, group def # suboptions, trusted and untrusted (None, []) ('main', [('one', 'one'), ('two', 'two')]) # path, trusted and untrusted None .hg/monty/python # bool, trusted and untrusted False True # int, trusted and untrusted 0 42 # bytes, trusted and untrusted 0 84934656 # list, trusted and untrusted [] ['spam', 'ham', 'eggs']