Mercurial Mercurial > mercurial / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
tests/test-trusted.py.out
author Gregory Szorc <gregory.szorc@gmail.com>
Wed, 07 Mar 2018 16:02:24 -0800
changeset 36800 0b18604db95e
parent 31472 75e4bae56068
child 41352 73ccba60aaa1
permissions -rw-r--r--
wireproto: declare permissions requirements in @wireprotocommand (API) With the security patches from 4.5.2 merged into default, we now have a per-command attribute defining what permissions are needed to run that command. We now have a richer @wireprotocommand that can be extended to record additional command metadata. So we port the permissions mechanism to be based on @wireprotocommand. .. api:: hgweb_mod.perms and wireproto.permissions have been removed. Wire protocol commands should declare their required permissions in the @wireprotocommand decorator. Differential Revision: https://phab.mercurial-scm.org/D2718

# same user, same group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# same user, different group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# different user, same group
not trusting file .hg/hgrc from untrusted user abc, group bar
trusted
    global = /some/path
untrusted
. . global = /some/path
. . local = /another/path

# different user, same group, but we trust the group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
    global = /some/path
untrusted
. . global = /some/path
. . local = /another/path

# different user, different group, but we trust the user
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# different user, different group, but we trust the group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# different user, different group, but we trust the user and the group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# we trust all users
# different user, different group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# we trust all groups
# different user, different group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# we trust all users and groups
# different user, different group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# we don't get confused by users and groups with the same name
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
    global = /some/path
untrusted
. . global = /some/path
. . local = /another/path

# list of user names
# different user, different group, but we trust the user
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# list of group names
# different user, different group, but we trust the group
trusted
    global = /some/path
    local = /another/path
untrusted
. . global = /some/path
. . local = /another/path

# Can't figure out the name of the user running this process
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
    global = /some/path
untrusted
. . global = /some/path
. . local = /another/path

# prints debug warnings
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
ignoring untrusted configuration option paths.local = /another/path
    global = /some/path
untrusted
. . global = /some/path
. ignoring untrusted configuration option paths.local = /another/path
. local = /another/path

# report_untrusted enabled without debug hides warnings
# different user, different group
trusted
    global = /some/path
untrusted
. . global = /some/path
. . local = /another/path

# report_untrusted enabled with debug shows warnings
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
ignoring untrusted configuration option paths.local = /another/path
    global = /some/path
untrusted
. . global = /some/path
. ignoring untrusted configuration option paths.local = /another/path
. local = /another/path

# ui.readconfig sections
quux

# read trusted, untrusted, new ui, trusted
not trusting file foobar from untrusted user abc, group def
trusted:
ignoring untrusted configuration option foobar.baz = quux
None
untrusted:
quux

# error handling
# file doesn't exist
# same user, same group
# different user, different group

# parse error
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
('foo', '.hg/hgrc:1')
# same user, same group
('foo', '.hg/hgrc:1')

# access typed information
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
# suboptions, trusted and untrusted
(None, []) ('main', [('one', 'one'), ('two', 'two')])
# path, trusted and untrusted
None .hg/monty/python
# bool, trusted and untrusted
False True
# int, trusted and untrusted
0 42
# bytes, trusted and untrusted
0 84934656
# list, trusted and untrusted
[] ['spam', 'ham', 'eggs']
mercurial