Preconditions: - "Central" repository on windows, with access by https, iis as web server, Active Directory authentication - "Local" repository, of user John on windows, with mercurial.ini which contains: [ui] username = Mary Activity: - John clone central repository, authenticating as John - John make some changes in local repository and commits them - John push his changes, authenticating as John Result: - gh log in "central" repository shows that author of changes is Mary Expected behavior: - gh log in "central" repository should show that author of changes is John, because the user who pushed changes was authenticated as John. I used tortoiseHg on "local" repository to get this result, but i guess it use standart hg commands and that the same behavior is a common one on any platform and client. I consider it really critical because anyone can commit code using name he likes.
This is a FAQ/duplicate. If you don't trust John, you shouldn't give him push access. Mercurial assumes John owns his machine and thus there is nothing the "central" repository can do to prevent him from making a "mary" account on his machine, or modifying hg to pretend to be Mary. Furthermore, some people (like myself) use this capability daily to do their work.
@sp Here are some suggestions: 1. You can maintain a pushlog like Mozilla does. This will record which user pushed the changesets. I’m not sure if they shared the extension, but the sonichg extension also seems to be doing it, and it’s also relatively easy to concoct one yourself. 2. You can configure a pre-incoming hook which checks that all pushed changesets have the full name + email address of the authenticated user authenticated, and aborts otherwise.
--- Bug imported by bugzilla@serpentine.com 2012-05-12 09:26 EDT --- This bug was previously known as _bug_ 3190 at http://mercurial.selenic.com/bts/issue3190