PageRenderTime 46ms CodeModel.GetById 18ms RepoModel.GetById 1ms app.codeStats 0ms

/mercurial/hgweb/common.py

https://bitbucket.org/mirror/mercurial/
Python | 192 lines | 177 code | 5 blank | 10 comment | 2 complexity | e2e545d18c1f0ed5705a01767fa2986f MD5 | raw file
Possible License(s): GPL-2.0 
    

  1. # hgweb/common.py - Utility functions needed by hgweb_mod and hgwebdir_mod
    2. 

  2. #
    3. 

  3. # Copyright 21 May 2005 - (c) 2005 Jake Edge <jake@edge2.net>
    4. 

  4. # Copyright 2005, 2006 Matt Mackall <mpm@selenic.com>
    5. 

  5. #
    6. 

  6. # This software may be used and distributed according to the terms of the
    7. 

  7. # GNU General Public License version 2 or any later version.
    8. 

  8. 

  9. import errno, mimetypes, os
    10. 

  10. 

  11. HTTP_OK = 200
    12. 

  12. HTTP_NOT_MODIFIED = 304
    13. 

  13. HTTP_BAD_REQUEST = 400
    14. 

  14. HTTP_UNAUTHORIZED = 401
    15. 

  15. HTTP_FORBIDDEN = 403
    16. 

  16. HTTP_NOT_FOUND = 404
    17. 

  17. HTTP_METHOD_NOT_ALLOWED = 405
    18. 

  18. HTTP_SERVER_ERROR = 500
    19. 

  19. 

  20. 

  21. def ismember(ui, username, userlist):
    22. 

  22.     """Check if username is a member of userlist.
    23. 

    24. 

  24.     If userlist has a single '*' member, all users are considered members.
    25. 

  25.     Can be overridden by extensions to provide more complex authorization
    26. 

  26.     schemes.
    27. 

  27.     """
    28. 

  28.     return userlist == ['*'] or username in userlist
    29. 

  29. 

  30. def checkauthz(hgweb, req, op):
    31. 

  31.     '''Check permission for operation based on request data (including
    32. 

  32.     authentication info). Return if op allowed, else raise an ErrorResponse
    33. 

  33.     exception.'''
    34. 

    35. 

  35.     user = req.env.get('REMOTE_USER')
    36. 

  36. 

  37.     deny_read = hgweb.configlist('web', 'deny_read')
    38. 

  38.     if deny_read and (not user or ismember(hgweb.repo.ui, user, deny_read)):
    39. 

  39.         raise ErrorResponse(HTTP_UNAUTHORIZED, 'read not authorized')
    40. 

  40. 

  41.     allow_read = hgweb.configlist('web', 'allow_read')
    42. 

  42.     if allow_read and (not ismember(hgweb.repo.ui, user, allow_read)):
    43. 

  43.         raise ErrorResponse(HTTP_UNAUTHORIZED, 'read not authorized')
    44. 

  44. 

  45.     if op == 'pull' and not hgweb.allowpull:
    46. 

  46.         raise ErrorResponse(HTTP_UNAUTHORIZED, 'pull not authorized')
    47. 

  47.     elif op == 'pull' or op is None: # op is None for interface requests
    48. 

  48.         return
    49. 

  49. 

  50.     # enforce that you can only push using POST requests
    51. 

  51.     if req.env['REQUEST_METHOD'] != 'POST':
    52. 

  52.         msg = 'push requires POST request'
    53. 

  53.         raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg)
    54. 

  54. 

  55.     # require ssl by default for pushing, auth info cannot be sniffed
    56. 

  56.     # and replayed
    57. 

  57.     scheme = req.env.get('wsgi.url_scheme')
    58. 

  58.     if hgweb.configbool('web', 'push_ssl', True) and scheme != 'https':
    59. 

  59.         raise ErrorResponse(HTTP_FORBIDDEN, 'ssl required')
    60. 

  60. 

  61.     deny = hgweb.configlist('web', 'deny_push')
    62. 

  62.     if deny and (not user or ismember(hgweb.repo.ui, user, deny)):
    63. 

  63.         raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized')
    64. 

  64. 

  65.     allow = hgweb.configlist('web', 'allow_push')
    66. 

  66.     if not (allow and ismember(hgweb.repo.ui, user, allow)):
    67. 

  67.         raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized')
    68. 

  68. 

  69. # Hooks for hgweb permission checks; extensions can add hooks here.
    70. 

  70. # Each hook is invoked like this: hook(hgweb, request, operation),
    71. 

  71. # where operation is either read, pull or push. Hooks should either
    72. 

  72. # raise an ErrorResponse exception, or just return.
    73. 

  73. #
    74. 

  74. # It is possible to do both authentication and authorization through
    75. 

  75. # this.
    76. 

  76. permhooks = [checkauthz]
    77. 

  77. 

  78. 

  79. class ErrorResponse(Exception):
    80. 

  80.     def __init__(self, code, message=None, headers=[]):
    81. 

  81.         if message is None:
    82. 

  82.             message = _statusmessage(code)
    83. 

  83.         Exception.__init__(self)
    84. 

  84.         self.code = code
    85. 

  85.         self.message = message
    86. 

  86.         self.headers = headers
    87. 

  87.     def __str__(self):
    88. 

  88.         return self.message
    89. 

  89. 

  90. class continuereader(object):
    91. 

  91.     def __init__(self, f, write):
    92. 

  92.         self.f = f
    93. 

  93.         self._write = write
    94. 

  94.         self.continued = False
    95. 

  95. 

  96.     def read(self, amt=-1):
    97. 

  97.         if not self.continued:
    98. 

  98.             self.continued = True
    99. 

  99.             self._write('HTTP/1.1 100 Continue\r\n\r\n')
    100. 

  100.         return self.f.read(amt)
    101. 

  101. 

  102.     def __getattr__(self, attr):
    103. 

  103.         if attr in ('close', 'readline', 'readlines', '__iter__'):
    104. 

  104.             return getattr(self.f, attr)
    105. 

  105.         raise AttributeError
    106. 

  106. 

  107. def _statusmessage(code):
    108. 

  108.     from BaseHTTPServer import BaseHTTPRequestHandler
    109. 

  109.     responses = BaseHTTPRequestHandler.responses
    110. 

  110.     return responses.get(code, ('Error', 'Unknown error'))[0]
    111. 

  111. 

  112. def statusmessage(code, message=None):
    113. 

  113.     return '%d %s' % (code, message or _statusmessage(code))
    114. 

  114. 

  115. def get_stat(spath):
    116. 

  116.     """stat changelog if it exists, spath otherwise"""
    117. 

  117.     cl_path = os.path.join(spath, "00changelog.i")
    118. 

  118.     if os.path.exists(cl_path):
    119. 

  119.         return os.stat(cl_path)
    120. 

  120.     else:
    121. 

  121.         return os.stat(spath)
    122. 

  122. 

  123. def get_mtime(spath):
    124. 

  124.     return get_stat(spath).st_mtime
    125. 

  125. 

  126. def staticfile(directory, fname, req):
    127. 

  127.     """return a file inside directory with guessed Content-Type header
    128. 

    129. 

  129.     fname always uses '/' as directory separator and isn't allowed to
    130. 

  130.     contain unusual path components.
    131. 

  131.     Content-Type is guessed using the mimetypes module.
    132. 

  132.     Return an empty string if fname is illegal or file not found.
    133. 

  133. 

  134.     """
    135. 

  135.     parts = fname.split('/')
    136. 

  136.     for part in parts:
    137. 

  137.         if (part in ('', os.curdir, os.pardir) or
    138. 

  138.             os.sep in part or os.altsep is not None and os.altsep in part):
    139. 

  139.             return
    140. 

  140.     fpath = os.path.join(*parts)
    141. 

  141.     if isinstance(directory, str):
    142. 

  142.         directory = [directory]
    143. 

  143.     for d in directory:
    144. 

  144.         path = os.path.join(d, fpath)
    145. 

  145.         if os.path.exists(path):
    146. 

  146.             break
    147. 

  147.     try:
    148. 

  148.         os.stat(path)
    149. 

  149.         ct = mimetypes.guess_type(path)[0] or "text/plain"
    150. 

  150.         fp = open(path, 'rb')
    151. 

  151.         data = fp.read()
    152. 

  152.         fp.close()
    153. 

  153.         req.respond(HTTP_OK, ct, body=data)
    154. 

  154.     except TypeError:
    155. 

  155.         raise ErrorResponse(HTTP_SERVER_ERROR, 'illegal filename')
    156. 

  156.     except OSError, err:
    157. 

  157.         if err.errno == errno.ENOENT:
    158. 

  158.             raise ErrorResponse(HTTP_NOT_FOUND)
    159. 

  159.         else:
    160. 

  160.             raise ErrorResponse(HTTP_SERVER_ERROR, err.strerror)
    161. 

  161. 

  162. def paritygen(stripecount, offset=0):
    163. 

  163.     """count parity of horizontal stripes for easier reading"""
    164. 

  164.     if stripecount and offset:
    165. 

  165.         # account for offset, e.g. due to building the list in reverse
    166. 

  166.         count = (stripecount + offset) % stripecount
    167. 

  167.         parity = (stripecount + offset) / stripecount & 1
    168. 

  168.     else:
    169. 

  169.         count = 0
    170. 

  170.         parity = 0
    171. 

  171.     while True:
    172. 

  172.         yield parity
    173. 

  173.         count += 1
    174. 

  174.         if stripecount and count >= stripecount:
    175. 

  175.             parity = 1 - parity
    176. 

  176.             count = 0
    177. 

  177. 

  178. def get_contact(config):
    179. 

  179.     """Return repo contact information or empty string.
    180. 

    181. 

  181.     web.contact is the primary source, but if that is not set, try
    182. 

  182.     ui.username or $EMAIL as a fallback to display something useful.
    183. 

  183.     """
    184. 

  184.     return (config("web", "contact") or
    185. 

  185.             config("ui", "username") or
    186. 

  186.             os.environ.get("EMAIL") or "")
    187. 

  187. 

  188. def caching(web, req):
    189. 

  189.     tag = str(web.mtime)
    190. 

  190.     if req.env.get('HTTP_IF_NONE_MATCH') == tag:
    191. 

  191.         raise ErrorResponse(HTTP_NOT_MODIFIED)
    192. 

  192.     req.headers.append(('ETag', tag))
    193. 

  193.