changeset 36877:02bea04b4c54

hgweb: transition permissions hooks to modern request type (API) We're trying to remove ``wsgirequest``. The permissions hooks don't do anything they can't do with our new request type. So let's pass that in. This was the last use of ``wsgirequest`` in the wire protocol code! .. api:: hgweb.hgweb_mod.permhooks no longer take a ``wsgirequest`` instance as an argument. Differential Revision: https://phab.mercurial-scm.org/D2793
author Gregory Szorc <gregory.szorc@gmail.com>
date Sat, 10 Mar 2018 18:19:27 -0800
parents 97f44b0720e2
children ccb70a77f746
files mercurial/hgweb/common.py mercurial/hgweb/hgweb_mod.py mercurial/wireprotoserver.py tests/test-http-bundle1.t tests/test-http.t tests/test-largefiles-wireproto.t
diffstat 6 files changed, 11 insertions(+), 13 deletions(-) [+]
line wrap: on
line diff
--- a/mercurial/hgweb/common.py	Sat Mar 10 20:16:20 2018 -0800
+++ b/mercurial/hgweb/common.py	Sat Mar 10 18:19:27 2018 -0800
@@ -46,7 +46,7 @@
     authentication info). Return if op allowed, else raise an ErrorResponse
     exception.'''
 
-    user = req.env.get(r'REMOTE_USER')
+    user = req.remoteuser
 
     deny_read = hgweb.configlist('web', 'deny_read')
     if deny_read and (not user or ismember(hgweb.repo.ui, user, deny_read)):
@@ -62,14 +62,13 @@
         return
 
     # enforce that you can only push using POST requests
-    if req.env[r'REQUEST_METHOD'] != r'POST':
+    if req.method != 'POST':
         msg = 'push requires POST request'
         raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg)
 
     # require ssl by default for pushing, auth info cannot be sniffed
     # and replayed
-    scheme = req.env.get('wsgi.url_scheme')
-    if hgweb.configbool('web', 'push_ssl') and scheme != 'https':
+    if hgweb.configbool('web', 'push_ssl') and req.urlscheme != 'https':
         raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required')
 
     deny = hgweb.configlist('web', 'deny_push')
--- a/mercurial/hgweb/hgweb_mod.py	Sat Mar 10 20:16:20 2018 -0800
+++ b/mercurial/hgweb/hgweb_mod.py	Sat Mar 10 18:19:27 2018 -0800
@@ -322,7 +322,7 @@
             res.headers['Content-Security-Policy'] = rctx.csp
 
         handled = wireprotoserver.handlewsgirequest(
-            rctx, wsgireq, req, res, self.check_perm)
+            rctx, req, res, self.check_perm)
         if handled:
             return res.sendresponse()
 
@@ -380,7 +380,7 @@
 
             # check read permissions non-static content
             if cmd != 'static':
-                self.check_perm(rctx, wsgireq, None)
+                self.check_perm(rctx, req, None)
 
             if cmd == '':
                 req.qsparams['cmd'] = tmpl.cache['default']
--- a/mercurial/wireprotoserver.py	Sat Mar 10 20:16:20 2018 -0800
+++ b/mercurial/wireprotoserver.py	Sat Mar 10 18:19:27 2018 -0800
@@ -148,13 +148,12 @@
 def iscmd(cmd):
     return cmd in wireproto.commands
 
-def handlewsgirequest(rctx, wsgireq, req, res, checkperm):
+def handlewsgirequest(rctx, req, res, checkperm):
     """Possibly process a wire protocol request.
 
     If the current request is a wire protocol request, the request is
     processed by this function.
 
-    ``wsgireq`` is a ``wsgirequest`` instance.
     ``req`` is a ``parsedrequest`` instance.
     ``res`` is a ``wsgiresponse`` instance.
 
@@ -197,7 +196,7 @@
         return True
 
     proto = httpv1protocolhandler(req, repo.ui,
-                                  lambda perm: checkperm(rctx, wsgireq, perm))
+                                  lambda perm: checkperm(rctx, req, perm))
 
     # The permissions checker should be the only thing that can raise an
     # ErrorResponse. It is kind of a layer violation to catch an hgweb
--- a/tests/test-http-bundle1.t	Sat Mar 10 20:16:20 2018 -0800
+++ b/tests/test-http-bundle1.t	Sat Mar 10 18:19:27 2018 -0800
@@ -177,7 +177,7 @@
   > import base64
   > from mercurial.hgweb import common
   > def perform_authentication(hgweb, req, op):
-  >     auth = req.env.get('HTTP_AUTHORIZATION')
+  >     auth = req.headers.get('Authorization')
   >     if not auth:
   >         raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who',
   >                 [('WWW-Authenticate', 'Basic Realm="mercurial"')])
--- a/tests/test-http.t	Sat Mar 10 20:16:20 2018 -0800
+++ b/tests/test-http.t	Sat Mar 10 18:19:27 2018 -0800
@@ -168,7 +168,7 @@
   > import base64
   > from mercurial.hgweb import common
   > def perform_authentication(hgweb, req, op):
-  >     auth = req.env.get('HTTP_AUTHORIZATION')
+  >     auth = req.headers.get('Authorization')
   >     if not auth:
   >         raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who',
   >                 [('WWW-Authenticate', 'Basic Realm="mercurial"')])
@@ -510,7 +510,7 @@
   > from mercurial import util
   > from mercurial.hgweb import common
   > def perform_authentication(hgweb, req, op):
-  >     cookie = req.env.get('HTTP_COOKIE')
+  >     cookie = req.headers.get('Cookie')
   >     if not cookie:
   >         raise common.ErrorResponse(common.HTTP_SERVER_ERROR, 'no-cookie')
   >     raise common.ErrorResponse(common.HTTP_SERVER_ERROR, 'Cookie: %s' % cookie)
--- a/tests/test-largefiles-wireproto.t	Sat Mar 10 20:16:20 2018 -0800
+++ b/tests/test-largefiles-wireproto.t	Sat Mar 10 18:19:27 2018 -0800
@@ -424,7 +424,7 @@
   > import base64
   > from mercurial.hgweb import common
   > def perform_authentication(hgweb, req, op):
-  >     auth = req.env.get('HTTP_AUTHORIZATION')
+  >     auth = req.headers.get('Authorization')
   >     if not auth:
   >         raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who',
   >                 [('WWW-Authenticate', 'Basic Realm="mercurial"')])