narrow_widen_acl: enforce narrowacl in narrow_widen (SEC)
Reviewer note: this was sent by the author as a simple bugfix, but can be
considered a security patch, since it allows users to access things outside
of the ACL, hence the (SEC) prefix.
However, this affects the `narrow` extention which is still marked as
experimental and has relatively few users aside from large companies with
their own security layers on top from what we can gather.
We feel (Alphare: or at least, I feel) like pinging the packaging list is
enough in this case.
$ . "$TESTDIR/helpers-testrepo.sh"
Testing that hghave does not crash when checking features
$ hghave --test-features 2>/dev/null
Testing hghave extensibility for third party tools
$ cat > hghaveaddon.py <<EOF
> import hghave
> @hghave.check("custom", "custom hghave feature")
> def has_custom():
> return True
> EOF
(invocation via run-tests.py)
$ cat > test-hghaveaddon.t <<EOF
> #require custom
> $ echo foo
> foo
> EOF
$ ( \
> testrepohgenv; \
> "$PYTHON" $TESTDIR/run-tests.py --with-hg=$HGTEST_REAL_HG -j 1 \
> $HGTEST_RUN_TESTS_PURE test-hghaveaddon.t \
> )
running 1 tests using 1 parallel processes
.
# Ran 1 tests, 0 skipped, 0 failed.
(invocation via command line)
$ unset TESTDIR
$ hghave custom
(terminate with exit code 2 at failure of importing hghaveaddon.py)
$ rm hghaveaddon.*
$ cat > hghaveaddon.py <<NO_CHECK_EOF
> importing this file should cause syntax error
> NO_CHECK_EOF
$ hghave custom
failed to import hghaveaddon.py from '.': invalid syntax (hghaveaddon.py, line 1)
[2]