D2812: hgweb: move readallowed to a standalone function
indygreg (Gregory Szorc)
phabricator at mercurial-scm.org
Mon Mar 12 21:16:24 UTC 2018
indygreg created this revision.
Herald added a subscriber: mercurial-devel.
Herald added a reviewer: hg-reviewers.
REVISION SUMMARY
hgwebdir s kind of large. Let's make the class smaller by
moving things that don't need to be there.
REPOSITORY
rHG Mercurial
REVISION DETAIL
https://phab.mercurial-scm.org/D2812
AFFECTED FILES
mercurial/hgweb/hgwebdir_mod.py
CHANGE DETAILS
diff --git a/mercurial/hgweb/hgwebdir_mod.py b/mercurial/hgweb/hgwebdir_mod.py
--- a/mercurial/hgweb/hgwebdir_mod.py
+++ b/mercurial/hgweb/hgwebdir_mod.py
@@ -110,6 +110,28 @@
return name, pycompat.bytestr(port), path
+def readallowed(ui, req):
+ """Check allow_read and deny_read config options of a repo's ui object
+ to determine user permissions. By default, with neither option set (or
+ both empty), allow all users to read the repo. There are two ways a
+ user can be denied read access: (1) deny_read is not empty, and the
+ user is unauthenticated or deny_read contains user (or *), and (2)
+ allow_read is not empty and the user is not in allow_read. Return True
+ if user is allowed to read the repo, else return False."""
+
+ user = req.remoteuser
+
+ deny_read = ui.configlist('web', 'deny_read', untrusted=True)
+ if deny_read and (not user or ismember(ui, user, deny_read)):
+ return False
+
+ allow_read = ui.configlist('web', 'allow_read', untrusted=True)
+ # by default, allow reading if no allow_read option has been set
+ if not allow_read or ismember(ui, user, allow_read):
+ return True
+
+ return False
+
class hgwebdir(object):
"""HTTP server for multiple repositories.
@@ -200,28 +222,6 @@
wsgireq = requestmod.wsgirequest(env, respond)
return self.run_wsgi(wsgireq)
- def readallowed(self, ui, req):
- """Check allow_read and deny_read config options of a repo's ui object
- to determine user permissions. By default, with neither option set (or
- both empty), allow all users to read the repo. There are two ways a
- user can be denied read access: (1) deny_read is not empty, and the
- user is unauthenticated or deny_read contains user (or *), and (2)
- allow_read is not empty and the user is not in allow_read. Return True
- if user is allowed to read the repo, else return False."""
-
- user = req.remoteuser
-
- deny_read = ui.configlist('web', 'deny_read', untrusted=True)
- if deny_read and (not user or ismember(ui, user, deny_read)):
- return False
-
- allow_read = ui.configlist('web', 'allow_read', untrusted=True)
- # by default, allow reading if no allow_read option has been set
- if (not allow_read) or ismember(ui, user, allow_read):
- return True
-
- return False
-
def run_wsgi(self, wsgireq):
profile = self.ui.configbool('profiling', 'enabled')
with profiling.profile(self.ui, enabled=profile):
@@ -429,7 +429,7 @@
if u.configbool("web", "hidden", untrusted=True):
continue
- if not self.readallowed(u, req):
+ if not readallowed(u, req):
continue
# update time with local timezone
To: indygreg, #hg-reviewers
Cc: mercurial-devel
More information about the Mercurial-devel
mailing list