hgweb: transition permissions hooks to modern request type (API)
We're trying to remove ``wsgirequest``. The permissions hooks don't
do anything they can't do with our new request type. So let's
pass that in.
This was the last use of ``wsgirequest`` in the wire protocol code!
.. api::
hgweb.hgweb_mod.permhooks no longer take a ``wsgirequest`` instance
as an argument.
Differential Revision: https://phab.mercurial-scm.org/D2793
--- a/mercurial/hgweb/common.py Sat Mar 10 20:16:20 2018 -0800
+++ b/mercurial/hgweb/common.py Sat Mar 10 18:19:27 2018 -0800
@@ -46,7 +46,7 @@
authentication info). Return if op allowed, else raise an ErrorResponse
exception.'''
- user = req.env.get(r'REMOTE_USER')
+ user = req.remoteuser
deny_read = hgweb.configlist('web', 'deny_read')
if deny_read and (not user or ismember(hgweb.repo.ui, user, deny_read)):
@@ -62,14 +62,13 @@
return
# enforce that you can only push using POST requests
- if req.env[r'REQUEST_METHOD'] != r'POST':
+ if req.method != 'POST':
msg = 'push requires POST request'
raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg)
# require ssl by default for pushing, auth info cannot be sniffed
# and replayed
- scheme = req.env.get('wsgi.url_scheme')
- if hgweb.configbool('web', 'push_ssl') and scheme != 'https':
+ if hgweb.configbool('web', 'push_ssl') and req.urlscheme != 'https':
raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required')
deny = hgweb.configlist('web', 'deny_push')
--- a/mercurial/hgweb/hgweb_mod.py Sat Mar 10 20:16:20 2018 -0800
+++ b/mercurial/hgweb/hgweb_mod.py Sat Mar 10 18:19:27 2018 -0800
@@ -322,7 +322,7 @@
res.headers['Content-Security-Policy'] = rctx.csp
handled = wireprotoserver.handlewsgirequest(
- rctx, wsgireq, req, res, self.check_perm)
+ rctx, req, res, self.check_perm)
if handled:
return res.sendresponse()
@@ -380,7 +380,7 @@
# check read permissions non-static content
if cmd != 'static':
- self.check_perm(rctx, wsgireq, None)
+ self.check_perm(rctx, req, None)
if cmd == '':
req.qsparams['cmd'] = tmpl.cache['default']
--- a/mercurial/wireprotoserver.py Sat Mar 10 20:16:20 2018 -0800
+++ b/mercurial/wireprotoserver.py Sat Mar 10 18:19:27 2018 -0800
@@ -148,13 +148,12 @@
def iscmd(cmd):
return cmd in wireproto.commands
-def handlewsgirequest(rctx, wsgireq, req, res, checkperm):
+def handlewsgirequest(rctx, req, res, checkperm):
"""Possibly process a wire protocol request.
If the current request is a wire protocol request, the request is
processed by this function.
- ``wsgireq`` is a ``wsgirequest`` instance.
``req`` is a ``parsedrequest`` instance.
``res`` is a ``wsgiresponse`` instance.
@@ -197,7 +196,7 @@
return True
proto = httpv1protocolhandler(req, repo.ui,
- lambda perm: checkperm(rctx, wsgireq, perm))
+ lambda perm: checkperm(rctx, req, perm))
# The permissions checker should be the only thing that can raise an
# ErrorResponse. It is kind of a layer violation to catch an hgweb
--- a/tests/test-http-bundle1.t Sat Mar 10 20:16:20 2018 -0800
+++ b/tests/test-http-bundle1.t Sat Mar 10 18:19:27 2018 -0800
@@ -177,7 +177,7 @@
> import base64
> from mercurial.hgweb import common
> def perform_authentication(hgweb, req, op):
- > auth = req.env.get('HTTP_AUTHORIZATION')
+ > auth = req.headers.get('Authorization')
> if not auth:
> raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who',
> [('WWW-Authenticate', 'Basic Realm="mercurial"')])
--- a/tests/test-http.t Sat Mar 10 20:16:20 2018 -0800
+++ b/tests/test-http.t Sat Mar 10 18:19:27 2018 -0800
@@ -168,7 +168,7 @@
> import base64
> from mercurial.hgweb import common
> def perform_authentication(hgweb, req, op):
- > auth = req.env.get('HTTP_AUTHORIZATION')
+ > auth = req.headers.get('Authorization')
> if not auth:
> raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who',
> [('WWW-Authenticate', 'Basic Realm="mercurial"')])
@@ -510,7 +510,7 @@
> from mercurial import util
> from mercurial.hgweb import common
> def perform_authentication(hgweb, req, op):
- > cookie = req.env.get('HTTP_COOKIE')
+ > cookie = req.headers.get('Cookie')
> if not cookie:
> raise common.ErrorResponse(common.HTTP_SERVER_ERROR, 'no-cookie')
> raise common.ErrorResponse(common.HTTP_SERVER_ERROR, 'Cookie: %s' % cookie)
--- a/tests/test-largefiles-wireproto.t Sat Mar 10 20:16:20 2018 -0800
+++ b/tests/test-largefiles-wireproto.t Sat Mar 10 18:19:27 2018 -0800
@@ -424,7 +424,7 @@
> import base64
> from mercurial.hgweb import common
> def perform_authentication(hgweb, req, op):
- > auth = req.env.get('HTTP_AUTHORIZATION')
+ > auth = req.headers.get('Authorization')
> if not auth:
> raise common.ErrorResponse(common.HTTP_UNAUTHORIZED, 'who',
> [('WWW-Authenticate', 'Basic Realm="mercurial"')])