[PATCH 10 of 21 RFC] censor: add common censorship validation routine which consults config
michaeljedgar at gmail.com
michaeljedgar at gmail.com
Wed Sep 10 19:26:11 CDT 2014
# HG changeset patch
# User Mike Edgar <adgar at google.com>
# Date 1410380674 14400
# Wed Sep 10 16:24:34 2014 -0400
# Node ID 0e39cc243f575ec9b0b7e3c49e852952a146e34a
# Parent 4bbfce796c8e21ba2c40abb93f30bb49cb04b7a6
censor: add common censorship validation routine which consults config
Some commands, upon encountering censored file contents, will want to proceed
despite the integrity violation. For example, `hg verify` should not report an
error if it expects certain file contents to be missing.
The question of whether a file revision is expected to be censored is one of
policy, and may vary by system, user and repository. The censor module will
be responsible for implementing various built-in policies, selected using the
config option "censor.allow". This change includes two choices for
censor.allow: "all" and "hgcensored".
"all" does no verification: all censored data is allowed.
"hgcensored" verifies censored file revisions against a tracked .hgcensored
file in the repository root. Censored file data should be replaced by a
pointer to a changeset in which the .hgcensored file contains the censored
file and node.
A future "signed" policy could extend "hgcensored" by requiring that the
pointed-to changeset be signed by trusted GPG certificates.
diff -r 4bbfce796c8e -r 0e39cc243f57 mercurial/censor.py
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mercurial/censor.py Wed Sep 10 16:24:34 2014 -0400
@@ -0,0 +1,29 @@
+# censor.py - support functions for retroactively censoring file revision data
+#
+# This software may be used and distributed according to the terms of the
+# GNU General Public License version 2 or any later version.
+
+from node import bin, hex
+import filelog
+
+def allowed(repo, f, node):
+ """Return whether the given file may be censored at the given revision."""
+ mode = repo.ui.config("censor", "allow", "hgcensor")
+ if mode == "all":
+ return True
+ elif mode == "hgcensor":
+ flog = repo.file(f)
+ frev = flog.rev(node)
+ meta = filelog.parsemeta(flog.censormeta(frev))[0]
+ commit = bin(meta["censored"])
+ repo.ui.note("%s claims to be censored by commit %s\n"
+ % (f, hex(commit)))
+ if commit not in repo:
+ return False
+ censored = repo[commit].filectx('.hgcensored').data()
+ # TODO: Verify a common ancestor exists between the censored revision
+ # and the given commit which altered .hgcensored
+ expected = '%s %s' % (repo.store.encode(f), hex(flog.node(frev)))
+ return expected in censored
+ else:
+ return False
More information about the Mercurial-devel
mailing list