Mercurial > hg
changeset 9250:00986b9ed649
acl: wrap docstrings at 70 characters
author | Martin Geisler <mg@lazybytes.net> |
---|---|
date | Sun, 26 Jul 2009 01:37:17 +0200 |
parents | 16f4cfc69e4f |
children | 6bddba3973bc |
files | hgext/acl.py |
diffstat | 1 files changed, 16 insertions(+), 14 deletions(-) [+] |
line wrap: on
line diff
--- a/hgext/acl.py Sun Jul 26 01:33:00 2009 +0200 +++ b/hgext/acl.py Sun Jul 26 01:37:17 2009 +0200 @@ -8,18 +8,19 @@ '''hooks for controlling repository access -This hook makes it possible to allow or deny write access to portions of a -repository when receiving incoming changesets. +This hook makes it possible to allow or deny write access to portions +of a repository when receiving incoming changesets. + +The authorization is matched based on the local user name on the +system where the hook runs, and not the committer of the original +changeset (since the latter is merely informative). -The authorization is matched based on the local user name on the system where -the hook runs, and not the committer of the original changeset (since the -latter is merely informative). - -The acl hook is best used along with a restricted shell like hgsh, preventing -authenticating users from doing anything other than pushing or pulling. The -hook is not safe to use if users have interactive shell access, as they can -then disable the hook. Nor is it safe if remote users share an account, -because then there is no way to distinguish them. +The acl hook is best used along with a restricted shell like hgsh, +preventing authenticating users from doing anything other than +pushing or pulling. The hook is not safe to use if users have +interactive shell access, as they can then disable the hook. +Nor is it safe if remote users share an account, because then there +is no way to distinguish them. To use this hook, configure the acl extension in your hgrc like this:: @@ -34,9 +35,10 @@ # ("serve" == ssh or http, "push", "pull", "bundle") sources = serve -The allow and deny sections take a subtree pattern as key (with a glob syntax -by default), and a comma separated list of users as the corresponding value. -The deny list is checked before the allow list is. :: +The allow and deny sections take a subtree pattern as key (with a glob +syntax by default), and a comma separated list of users as the +corresponding value. The deny list is checked before the allow list +is. :: [acl.allow] # If acl.allow is not present, all users are allowed by default.