Mercurial > hg
view mercurial/wireprototypes.py @ 37047:fddcb51b5084
wireproto: define permissions-based routing of HTTPv2 wire protocol
Now that we have a scaffolding for serving version 2 of the HTTP
protocol, let's start implementing it.
A good place to start is URL routing and basic request processing
semantics. We can focus on content types, capabilities detect, etc
later.
Version 2 of the HTTP wire protocol encodes the needed permissions
of the request in the URL path. The reasons for this are documented
in the added documentation. In short, a) it makes it really easy and
fail proof for server administrators to implement path-based
authentication and b) it will enable clients to realize very early in
a server exchange that authentication will be required to complete
the operation. This latter point avoids all kinds of complexity and
problems, like dealing with Expect: 100-continue and clients finding
out later during `hg push` that they need to provide authentication.
This will avoid the current badness where clients send a full bundle,
get an HTTP 403, provide authentication, then retransmit the bundle.
In order to implement command checking, we needed to implement a
protocol handler for the new wire protocol. Our handler is just
small enough to run the code we've implemented.
Tests for the defined functionality have been added.
I very much want to refactor the permissions checking code and define
a better response format. But this can be done later. Nothing is
covered by backwards compatibility at this point.
Differential Revision: https://phab.mercurial-scm.org/D2836
author | Gregory Szorc <gregory.szorc@gmail.com> |
---|---|
date | Mon, 19 Mar 2018 16:43:47 -0700 |
parents | 1cfef5693203 |
children | 27527d8cff5c |
line wrap: on
line source
# Copyright 2018 Gregory Szorc <gregory.szorc@gmail.com> # # This software may be used and distributed according to the terms of the # GNU General Public License version 2 or any later version. from __future__ import absolute_import import abc # Names of the SSH protocol implementations. SSHV1 = 'ssh-v1' # These are advertised over the wire. Increment the counters at the end # to reflect BC breakages. SSHV2 = 'exp-ssh-v2-0001' HTTPV2 = 'exp-http-v2-0001' # All available wire protocol transports. TRANSPORTS = { SSHV1: { 'transport': 'ssh', 'version': 1, }, SSHV2: { 'transport': 'ssh', 'version': 2, }, 'http-v1': { 'transport': 'http', 'version': 1, }, HTTPV2: { 'transport': 'http', 'version': 2, } } class bytesresponse(object): """A wire protocol response consisting of raw bytes.""" def __init__(self, data): self.data = data class ooberror(object): """wireproto reply: failure of a batch of operation Something failed during a batch call. The error message is stored in `self.message`. """ def __init__(self, message): self.message = message class pushres(object): """wireproto reply: success with simple integer return The call was successful and returned an integer contained in `self.res`. """ def __init__(self, res, output): self.res = res self.output = output class pusherr(object): """wireproto reply: failure The call failed. The `self.res` attribute contains the error message. """ def __init__(self, res, output): self.res = res self.output = output class streamres(object): """wireproto reply: binary stream The call was successful and the result is a stream. Accepts a generator containing chunks of data to be sent to the client. ``prefer_uncompressed`` indicates that the data is expected to be uncompressable and that the stream should therefore use the ``none`` engine. """ def __init__(self, gen=None, prefer_uncompressed=False): self.gen = gen self.prefer_uncompressed = prefer_uncompressed class streamreslegacy(object): """wireproto reply: uncompressed binary stream The call was successful and the result is a stream. Accepts a generator containing chunks of data to be sent to the client. Like ``streamres``, but sends an uncompressed data for "version 1" clients using the application/mercurial-0.1 media type. """ def __init__(self, gen=None): self.gen = gen class baseprotocolhandler(object): """Abstract base class for wire protocol handlers. A wire protocol handler serves as an interface between protocol command handlers and the wire protocol transport layer. Protocol handlers provide methods to read command arguments, redirect stdio for the duration of the request, handle response types, etc. """ __metaclass__ = abc.ABCMeta @abc.abstractproperty def name(self): """The name of the protocol implementation. Used for uniquely identifying the transport type. """ @abc.abstractmethod def getargs(self, args): """return the value for arguments in <args> returns a list of values (same order as <args>)""" @abc.abstractmethod def forwardpayload(self, fp): """Read the raw payload and forward to a file. The payload is read in full before the function returns. """ @abc.abstractmethod def mayberedirectstdio(self): """Context manager to possibly redirect stdio. The context manager yields a file-object like object that receives stdout and stderr output when the context manager is active. Or it yields ``None`` if no I/O redirection occurs. The intent of this context manager is to capture stdio output so it may be sent in the response. Some transports support streaming stdio to the client in real time. For these transports, stdio output won't be captured. """ @abc.abstractmethod def client(self): """Returns a string representation of this client (as bytes).""" @abc.abstractmethod def addcapabilities(self, repo, caps): """Adds advertised capabilities specific to this protocol. Receives the list of capabilities collected so far. Returns a list of capabilities. The passed in argument can be returned. """ @abc.abstractmethod def checkperm(self, perm): """Validate that the client has permissions to perform a request. The argument is the permission required to proceed. If the client doesn't have that permission, the exception should raise or abort in a protocol specific manner. """