Mercurial Mercurial > hg / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hgweb: move readallowed to a standalone function
authorGregory Szorc <gregory.szorc@gmail.com>
Sun, 11 Mar 2018 10:15:33 -0700
changeset 36890 f8d6d9b29b39
parent 36889 fc4e31297ffb
child 36891 04af43e0a997
hgweb: move readallowed to a standalone function hgwebdir s kind of large. Let's make the class smaller by moving things that don't need to be there. Differential Revision: https://phab.mercurial-scm.org/D2812
mercurial/hgweb/hgwebdir_mod.py file | annotate | diff | comparison | revisions 
--- a/mercurial/hgweb/hgwebdir_mod.py	Sun Mar 11 15:51:13 2018 -0700
+++ b/mercurial/hgweb/hgwebdir_mod.py	Sun Mar 11 10:15:33 2018 -0700
@@ -110,6 +110,28 @@
 
     return name, pycompat.bytestr(port), path
 
+def readallowed(ui, req):
+    """Check allow_read and deny_read config options of a repo's ui object
+    to determine user permissions.  By default, with neither option set (or
+    both empty), allow all users to read the repo.  There are two ways a
+    user can be denied read access:  (1) deny_read is not empty, and the
+    user is unauthenticated or deny_read contains user (or *), and (2)
+    allow_read is not empty and the user is not in allow_read.  Return True
+    if user is allowed to read the repo, else return False."""
+
+    user = req.remoteuser
+
+    deny_read = ui.configlist('web', 'deny_read', untrusted=True)
+    if deny_read and (not user or ismember(ui, user, deny_read)):
+        return False
+
+    allow_read = ui.configlist('web', 'allow_read', untrusted=True)
+    # by default, allow reading if no allow_read option has been set
+    if not allow_read or ismember(ui, user, allow_read):
+        return True
+
+    return False
+
 class hgwebdir(object):
     """HTTP server for multiple repositories.
 
@@ -200,28 +222,6 @@
         wsgireq = requestmod.wsgirequest(env, respond)
         return self.run_wsgi(wsgireq)
 
-    def readallowed(self, ui, req):
-        """Check allow_read and deny_read config options of a repo's ui object
-        to determine user permissions.  By default, with neither option set (or
-        both empty), allow all users to read the repo.  There are two ways a
-        user can be denied read access:  (1) deny_read is not empty, and the
-        user is unauthenticated or deny_read contains user (or *), and (2)
-        allow_read is not empty and the user is not in allow_read.  Return True
-        if user is allowed to read the repo, else return False."""
-
-        user = req.remoteuser
-
-        deny_read = ui.configlist('web', 'deny_read', untrusted=True)
-        if deny_read and (not user or ismember(ui, user, deny_read)):
-            return False
-
-        allow_read = ui.configlist('web', 'allow_read', untrusted=True)
-        # by default, allow reading if no allow_read option has been set
-        if (not allow_read) or ismember(ui, user, allow_read):
-            return True
-
-        return False
-
     def run_wsgi(self, wsgireq):
         profile = self.ui.configbool('profiling', 'enabled')
         with profiling.profile(self.ui, enabled=profile):
@@ -429,7 +429,7 @@
                 if u.configbool("web", "hidden", untrusted=True):
                     continue
 
-                if not self.readallowed(u, req):
+                if not readallowed(u, req):
                     continue
 
                 # update time with local timezone
Mercurial