D2812: hgweb: move readallowed to a standalone function
This revision was automatically updated to reflect the committed changes. Closed by commit rHGf8d6d9b29b39: hgweb: move readallowed to a standalone function (authored by indygreg, committed by ). REPOSITORY rHG Mercurial CHANGES SINCE LAST UPDATE https://phab.mercurial-scm.org/D2812?vs=6878=6942 REVISION DETAIL https://phab.mercurial-scm.org/D2812 AFFECTED FILES mercurial/hgweb/hgwebdir_mod.py CHANGE DETAILS diff --git a/mercurial/hgweb/hgwebdir_mod.py b/mercurial/hgweb/hgwebdir_mod.py --- a/mercurial/hgweb/hgwebdir_mod.py +++ b/mercurial/hgweb/hgwebdir_mod.py @@ -110,6 +110,28 @@ return name, pycompat.bytestr(port), path +def readallowed(ui, req): +"""Check allow_read and deny_read config options of a repo's ui object +to determine user permissions. By default, with neither option set (or +both empty), allow all users to read the repo. There are two ways a +user can be denied read access: (1) deny_read is not empty, and the +user is unauthenticated or deny_read contains user (or *), and (2) +allow_read is not empty and the user is not in allow_read. Return True +if user is allowed to read the repo, else return False.""" + +user = req.remoteuser + +deny_read = ui.configlist('web', 'deny_read', untrusted=True) +if deny_read and (not user or ismember(ui, user, deny_read)): +return False + +allow_read = ui.configlist('web', 'allow_read', untrusted=True) +# by default, allow reading if no allow_read option has been set +if not allow_read or ismember(ui, user, allow_read): +return True + +return False + class hgwebdir(object): """HTTP server for multiple repositories. @@ -200,28 +222,6 @@ wsgireq = requestmod.wsgirequest(env, respond) return self.run_wsgi(wsgireq) -def readallowed(self, ui, req): -"""Check allow_read and deny_read config options of a repo's ui object -to determine user permissions. By default, with neither option set (or -both empty), allow all users to read the repo. There are two ways a -user can be denied read access: (1) deny_read is not empty, and the -user is unauthenticated or deny_read contains user (or *), and (2) -allow_read is not empty and the user is not in allow_read. Return True -if user is allowed to read the repo, else return False.""" - -user = req.remoteuser - -deny_read = ui.configlist('web', 'deny_read', untrusted=True) -if deny_read and (not user or ismember(ui, user, deny_read)): -return False - -allow_read = ui.configlist('web', 'allow_read', untrusted=True) -# by default, allow reading if no allow_read option has been set -if (not allow_read) or ismember(ui, user, allow_read): -return True - -return False - def run_wsgi(self, wsgireq): profile = self.ui.configbool('profiling', 'enabled') with profiling.profile(self.ui, enabled=profile): @@ -429,7 +429,7 @@ if u.configbool("web", "hidden", untrusted=True): continue -if not self.readallowed(u, req): +if not readallowed(u, req): continue # update time with local timezone To: indygreg, #hg-reviewers, durin42 Cc: mercurial-devel ___ Mercurial-devel mailing list Mercurial-devel@mercurial-scm.org https://www.mercurial-scm.org/mailman/listinfo/mercurial-devel
D2812: hgweb: move readallowed to a standalone function
indygreg created this revision. Herald added a subscriber: mercurial-devel. Herald added a reviewer: hg-reviewers. REVISION SUMMARY hgwebdir s kind of large. Let's make the class smaller by moving things that don't need to be there. REPOSITORY rHG Mercurial REVISION DETAIL https://phab.mercurial-scm.org/D2812 AFFECTED FILES mercurial/hgweb/hgwebdir_mod.py CHANGE DETAILS diff --git a/mercurial/hgweb/hgwebdir_mod.py b/mercurial/hgweb/hgwebdir_mod.py --- a/mercurial/hgweb/hgwebdir_mod.py +++ b/mercurial/hgweb/hgwebdir_mod.py @@ -110,6 +110,28 @@ return name, pycompat.bytestr(port), path +def readallowed(ui, req): +"""Check allow_read and deny_read config options of a repo's ui object +to determine user permissions. By default, with neither option set (or +both empty), allow all users to read the repo. There are two ways a +user can be denied read access: (1) deny_read is not empty, and the +user is unauthenticated or deny_read contains user (or *), and (2) +allow_read is not empty and the user is not in allow_read. Return True +if user is allowed to read the repo, else return False.""" + +user = req.remoteuser + +deny_read = ui.configlist('web', 'deny_read', untrusted=True) +if deny_read and (not user or ismember(ui, user, deny_read)): +return False + +allow_read = ui.configlist('web', 'allow_read', untrusted=True) +# by default, allow reading if no allow_read option has been set +if not allow_read or ismember(ui, user, allow_read): +return True + +return False + class hgwebdir(object): """HTTP server for multiple repositories. @@ -200,28 +222,6 @@ wsgireq = requestmod.wsgirequest(env, respond) return self.run_wsgi(wsgireq) -def readallowed(self, ui, req): -"""Check allow_read and deny_read config options of a repo's ui object -to determine user permissions. By default, with neither option set (or -both empty), allow all users to read the repo. There are two ways a -user can be denied read access: (1) deny_read is not empty, and the -user is unauthenticated or deny_read contains user (or *), and (2) -allow_read is not empty and the user is not in allow_read. Return True -if user is allowed to read the repo, else return False.""" - -user = req.remoteuser - -deny_read = ui.configlist('web', 'deny_read', untrusted=True) -if deny_read and (not user or ismember(ui, user, deny_read)): -return False - -allow_read = ui.configlist('web', 'allow_read', untrusted=True) -# by default, allow reading if no allow_read option has been set -if (not allow_read) or ismember(ui, user, allow_read): -return True - -return False - def run_wsgi(self, wsgireq): profile = self.ui.configbool('profiling', 'enabled') with profiling.profile(self.ui, enabled=profile): @@ -429,7 +429,7 @@ if u.configbool("web", "hidden", untrusted=True): continue -if not self.readallowed(u, req): +if not readallowed(u, req): continue # update time with local timezone To: indygreg, #hg-reviewers Cc: mercurial-devel ___ Mercurial-devel mailing list Mercurial-devel@mercurial-scm.org https://www.mercurial-scm.org/mailman/listinfo/mercurial-devel