198 |
198 |
199 def __call__(self, env, respond): |
199 def __call__(self, env, respond): |
200 wsgireq = requestmod.wsgirequest(env, respond) |
200 wsgireq = requestmod.wsgirequest(env, respond) |
201 return self.run_wsgi(wsgireq) |
201 return self.run_wsgi(wsgireq) |
202 |
202 |
203 def read_allowed(self, ui, wsgireq): |
203 def readallowed(self, ui, req): |
204 """Check allow_read and deny_read config options of a repo's ui object |
204 """Check allow_read and deny_read config options of a repo's ui object |
205 to determine user permissions. By default, with neither option set (or |
205 to determine user permissions. By default, with neither option set (or |
206 both empty), allow all users to read the repo. There are two ways a |
206 both empty), allow all users to read the repo. There are two ways a |
207 user can be denied read access: (1) deny_read is not empty, and the |
207 user can be denied read access: (1) deny_read is not empty, and the |
208 user is unauthenticated or deny_read contains user (or *), and (2) |
208 user is unauthenticated or deny_read contains user (or *), and (2) |
209 allow_read is not empty and the user is not in allow_read. Return True |
209 allow_read is not empty and the user is not in allow_read. Return True |
210 if user is allowed to read the repo, else return False.""" |
210 if user is allowed to read the repo, else return False.""" |
211 |
211 |
212 user = wsgireq.env.get('REMOTE_USER') |
212 user = req.remoteuser |
213 |
213 |
214 deny_read = ui.configlist('web', 'deny_read', untrusted=True) |
214 deny_read = ui.configlist('web', 'deny_read', untrusted=True) |
215 if deny_read and (not user or ismember(ui, user, deny_read)): |
215 if deny_read and (not user or ismember(ui, user, deny_read)): |
216 return False |
216 return False |
217 |
217 |
327 return tmpl('error', error=err.message or '') |
327 return tmpl('error', error=err.message or '') |
328 finally: |
328 finally: |
329 tmpl = None |
329 tmpl = None |
330 |
330 |
331 def makeindex(self, wsgireq, tmpl, subdir=""): |
331 def makeindex(self, wsgireq, tmpl, subdir=""): |
|
332 req = wsgireq.req |
332 |
333 |
333 def archivelist(ui, nodeid, url): |
334 def archivelist(ui, nodeid, url): |
334 allowed = ui.configlist("web", "allow_archive", untrusted=True) |
335 allowed = ui.configlist("web", "allow_archive", untrusted=True) |
335 archives = [] |
336 archives = [] |
336 for typ, spec in hgweb_mod.archivespecs.iteritems(): |
337 for typ, spec in hgweb_mod.archivespecs.iteritems(): |
426 return u.config(section, name, default, untrusted=True) |
427 return u.config(section, name, default, untrusted=True) |
427 |
428 |
428 if u.configbool("web", "hidden", untrusted=True): |
429 if u.configbool("web", "hidden", untrusted=True): |
429 continue |
430 continue |
430 |
431 |
431 if not self.read_allowed(u, wsgireq): |
432 if not self.readallowed(u, req): |
432 continue |
433 continue |
433 |
434 |
434 # update time with local timezone |
435 # update time with local timezone |
435 try: |
436 try: |
436 r = hg.repository(self.ui, path) |
437 r = hg.repository(self.ui, path) |
478 yield row |
479 yield row |
479 |
480 |
480 self.refresh() |
481 self.refresh() |
481 sortable = ["name", "description", "contact", "lastchange"] |
482 sortable = ["name", "description", "contact", "lastchange"] |
482 sortcolumn, descending = sortdefault |
483 sortcolumn, descending = sortdefault |
483 if 'sort' in wsgireq.req.qsparams: |
484 if 'sort' in req.qsparams: |
484 sortcolumn = wsgireq.req.qsparams['sort'] |
485 sortcolumn = req.qsparams['sort'] |
485 descending = sortcolumn.startswith('-') |
486 descending = sortcolumn.startswith('-') |
486 if descending: |
487 if descending: |
487 sortcolumn = sortcolumn[1:] |
488 sortcolumn = sortcolumn[1:] |
488 if sortcolumn not in sortable: |
489 if sortcolumn not in sortable: |
489 sortcolumn = "" |
490 sortcolumn = "" |