Mercurial > hg
view tests/test-hgweb-auth.py @ 39811:ae20f52437e9
wireprotov2: advertise recognized path filter prefixes
While the wire protocol doesn't yet support it, we'll eventually
have commands that accept narrow patterns to specify the set of
files relevant to a command.
For security and performance reasons, only specific filter types
are allowed.
This commit teaches the server to advertise the set of allowed
filter types. By doing so, clients can e.g. validate user-specified
patterns against the server's abilities without having to send
a command to retrieve data.
Having the data in the capabilities data structure will also serve
as a check against unwanted BC.
Differential Revision: https://phab.mercurial-scm.org/D4616
| author | Gregory Szorc <gregory.szorc@gmail.com> |
|---|---|
| date | Mon, 17 Sep 2018 09:49:28 -0700 |
| parents | 32bc3815efae |
| children | c53f0ead5781 |
line wrap: on
line source
from __future__ import absolute_import, print_function from mercurial import demandimport; demandimport.enable() from mercurial import ( error, pycompat, ui as uimod, url, util, ) from mercurial.utils import ( stringutil, ) urlerr = util.urlerr urlreq = util.urlreq class myui(uimod.ui): def interactive(self): return False origui = myui.load() def writeauth(items): ui = origui.copy() for name, value in items.items(): ui.setconfig('auth', name, value) return ui def test(auth, urls=None): print('CFG:', pycompat.sysstr(stringutil.pprint(auth, bprefix=True))) prefixes = set() for k in auth: prefixes.add(k.split('.', 1)[0]) for p in prefixes: for name in ('.username', '.password'): if (p + name) not in auth: auth[p + name] = p auth = dict((k, v) for k, v in auth.items() if v is not None) ui = writeauth(auth) def _test(uri): print('URI:', uri) try: pm = url.passwordmgr(ui, urlreq.httppasswordmgrwithdefaultrealm()) u, authinfo = util.url(uri).authinfo() if authinfo is not None: pm.add_password(*authinfo) print(' ', pm.find_user_password('test', u)) except error.Abort: print(' ','abort') if not urls: urls = [ 'http://example.org/foo', 'http://example.org/foo/bar', 'http://example.org/bar', 'https://example.org/foo', 'https://example.org/foo/bar', 'https://example.org/bar', 'https://x@example.org/bar', 'https://y@example.org/bar', ] for u in urls: _test(u) print('\n*** Test in-uri schemes\n') test({'x.prefix': 'http://example.org'}) test({'x.prefix': 'https://example.org'}) test({'x.prefix': 'http://example.org', 'x.schemes': 'https'}) test({'x.prefix': 'https://example.org', 'x.schemes': 'http'}) print('\n*** Test separately configured schemes\n') test({'x.prefix': 'example.org', 'x.schemes': 'http'}) test({'x.prefix': 'example.org', 'x.schemes': 'https'}) test({'x.prefix': 'example.org', 'x.schemes': 'http https'}) print('\n*** Test prefix matching\n') test({'x.prefix': 'http://example.org/foo', 'y.prefix': 'http://example.org/bar'}) test({'x.prefix': 'http://example.org/foo', 'y.prefix': 'http://example.org/foo/bar'}) test({'x.prefix': '*', 'y.prefix': 'https://example.org/bar'}) print('\n*** Test user matching\n') test({'x.prefix': 'http://example.org/foo', 'x.username': None, 'x.password': 'xpassword'}, urls=['http://y@example.org/foo']) test({'x.prefix': 'http://example.org/foo', 'x.username': None, 'x.password': 'xpassword', 'y.prefix': 'http://example.org/foo', 'y.username': 'y', 'y.password': 'ypassword'}, urls=['http://y@example.org/foo']) test({'x.prefix': 'http://example.org/foo/bar', 'x.username': None, 'x.password': 'xpassword', 'y.prefix': 'http://example.org/foo', 'y.username': 'y', 'y.password': 'ypassword'}, urls=['http://y@example.org/foo/bar']) def testauthinfo(fullurl, authurl): print('URIs:', fullurl, authurl) pm = urlreq.httppasswordmgrwithdefaultrealm() pm.add_password(*util.url(fullurl).authinfo()[1]) print(pm.find_user_password('test', authurl)) print('\n*** Test urllib2 and util.url\n') testauthinfo('http://user@example.com:8080/foo', 'http://example.com:8080/foo')