[PATCH 0 of 3] support for branch-based access control

Elifarley Callado Coelho Cruz elifarley at gmail.com
Thu Apr 29 16:02:39 CDT 2010


Checking for branch violations first can spare us from performing a costlier
file-by-file check.

Oh, I'll also add this line before the 2 for loops:

+ if (deny and len(deny)) or (allow and len(allow)):

Opinions?


On Thu, Apr 29, 2010 at 16:42, Bill Barry <after.fallout at gmail.com> wrote:

> Welcome to the list. Next time you send a patch, please remember that it is
> preferred to send them inline instead of attachments here. This makes it far
> easier to reply to the patches. Your patch might get refused without even
> being looked at because of this.
>
> My initial reaction reading these patches is that something is wrong in
> patch 1 here:
>
> +    for rev in xrange(repo[node], len(repo)):
> +        branch = repo[rev].branch()
> +        if deny and deny(branch):
> +            raise util.Abort(_('acl: user "%s" denied on branch "%s"')
> +            % (user, branch))
> +        if allow and not allow(branch):
> +            raise util.Abort(_('acl: user "%s" not allowed on branch
> "%s"')
> +            % (user, branch))
> +        ui.debug('acl: allowing user "%s" on branch "%s"\n' % (user,
> branch))
> +
> +    allow = _buildmatch(ui, repo, user, ALLOW_FILES)
> +    deny = _buildmatch(ui, repo, user, DENY_FILES)
>
>    for rev in xrange(repo[node], len(repo)):
>        ctx = repo[rev]
>
> It seems incorrect to be doing this for loop twice.
>
> elifarley at gmail.com wrote:
>
>> Now it is possible to allow or deny write access to named branches of a
>> repository when receiving incoming changesets (via 'pretxncommit' and
>> 'pretxnchangegroup').
>>
>> This functionality is found on Subversion, so users migrating from SVN may
>> find it useful.
>>
>>
>>  hgext/acl.py       |  42 +++++++++++++++++++++++------
>>  hgext/acl.py       |  68 ++++++++++++++++++++++++++++++++++++++----------
>>  tests/test-acl.out |  75
>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++
>>  3 files changed, 162 insertions(+), 23 deletions(-)
>> _______________________________________________
>> Mercurial-devel mailing list
>> Mercurial-devel at selenic.com
>> http://selenic.com/mailman/listinfo/mercurial-devel
>>
>>
>>
>
>


-- 
Elifarley Cruz

Profile: http://bit.ly/9hrz0P
Professional info: http://br.linkedin.com/in/elifarley
Google Reader: http://bit.ly/2W7JK2
Bookmarks: http://delicious.com/elifarley
http://twitter.com/elifarley
http://elifarley.amplify.com/
-

" Do not believe anything because it is said by an authority, or if it  is
said to come from angels, or from Gods, or from an inspired source.
Believe it only if you have explored it in your own heart and mind and body
and found it to be true.  Work out your own path, through diligence."
- Gautama Buddha
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://selenic.com/pipermail/mercurial-devel/attachments/20100429/f03c1cd5/attachment.htm>


More information about the Mercurial-devel mailing list