121
|
1 # hgweb/hgweb_mod.py - Web interface for a repository.
|
|
2 #
|
|
3 # Copyright 21 May 2005 - (c) 2005 Jake Edge <jake@edge2.net>
|
|
4 # Copyright 2005-2007 Matt Mackall <mpm@selenic.com>
|
|
5 #
|
|
6 # This software may be used and distributed according to the terms of the
|
|
7 # GNU General Public License version 2, incorporated herein by reference.
|
|
8
|
|
9 import os
|
122
|
10 from upmana.mercurial import ui, hg, hook, error, encoding, templater
|
121
|
11 from common import get_mtime, ErrorResponse
|
|
12 from common import HTTP_OK, HTTP_BAD_REQUEST, HTTP_NOT_FOUND, HTTP_SERVER_ERROR
|
|
13 from common import HTTP_UNAUTHORIZED, HTTP_METHOD_NOT_ALLOWED
|
|
14 from request import wsgirequest
|
|
15 import webcommands, protocol, webutil
|
|
16
|
|
17 perms = {
|
|
18 'changegroup': 'pull',
|
|
19 'changegroupsubset': 'pull',
|
|
20 'unbundle': 'push',
|
|
21 'stream_out': 'pull',
|
|
22 }
|
|
23
|
|
24 class hgweb(object):
|
|
25 def __init__(self, repo, name=None):
|
|
26 if isinstance(repo, str):
|
|
27 u = ui.ui()
|
|
28 u.setconfig('ui', 'report_untrusted', 'off')
|
|
29 u.setconfig('ui', 'interactive', 'off')
|
|
30 self.repo = hg.repository(u, repo)
|
|
31 else:
|
|
32 self.repo = repo
|
|
33
|
|
34 hook.redirect(True)
|
|
35 self.mtime = -1
|
|
36 self.reponame = name
|
|
37 self.archives = 'zip', 'gz', 'bz2'
|
|
38 self.stripecount = 1
|
|
39 # a repo owner may set web.templates in .hg/hgrc to get any file
|
|
40 # readable by the user running the CGI script
|
|
41 self.templatepath = self.config('web', 'templates')
|
|
42
|
|
43 # The CGI scripts are often run by a user different from the repo owner.
|
|
44 # Trust the settings from the .hg/hgrc files by default.
|
|
45 def config(self, section, name, default=None, untrusted=True):
|
|
46 return self.repo.ui.config(section, name, default,
|
|
47 untrusted=untrusted)
|
|
48
|
|
49 def configbool(self, section, name, default=False, untrusted=True):
|
|
50 return self.repo.ui.configbool(section, name, default,
|
|
51 untrusted=untrusted)
|
|
52
|
|
53 def configlist(self, section, name, default=None, untrusted=True):
|
|
54 return self.repo.ui.configlist(section, name, default,
|
|
55 untrusted=untrusted)
|
|
56
|
|
57 def refresh(self):
|
|
58 mtime = get_mtime(self.repo.root)
|
|
59 if mtime != self.mtime:
|
|
60 self.mtime = mtime
|
|
61 self.repo = hg.repository(self.repo.ui, self.repo.root)
|
|
62 self.maxchanges = int(self.config("web", "maxchanges", 10))
|
|
63 self.stripecount = int(self.config("web", "stripes", 1))
|
|
64 self.maxshortchanges = int(self.config("web", "maxshortchanges", 60))
|
|
65 self.maxfiles = int(self.config("web", "maxfiles", 10))
|
|
66 self.allowpull = self.configbool("web", "allowpull", True)
|
|
67 encoding.encoding = self.config("web", "encoding",
|
|
68 encoding.encoding)
|
|
69
|
|
70 def run(self):
|
|
71 if not os.environ.get('GATEWAY_INTERFACE', '').startswith("CGI/1."):
|
|
72 raise RuntimeError("This function is only intended to be "
|
|
73 "called while running as a CGI script.")
|
|
74 import mercurial.hgweb.wsgicgi as wsgicgi
|
|
75 wsgicgi.launch(self)
|
|
76
|
|
77 def __call__(self, env, respond):
|
|
78 req = wsgirequest(env, respond)
|
|
79 return self.run_wsgi(req)
|
|
80
|
|
81 def run_wsgi(self, req):
|
|
82
|
|
83 self.refresh()
|
|
84
|
|
85 # work with CGI variables to create coherent structure
|
|
86 # use SCRIPT_NAME, PATH_INFO and QUERY_STRING as well as our REPO_NAME
|
|
87
|
|
88 req.url = req.env['SCRIPT_NAME']
|
|
89 if not req.url.endswith('/'):
|
|
90 req.url += '/'
|
|
91 if 'REPO_NAME' in req.env:
|
|
92 req.url += req.env['REPO_NAME'] + '/'
|
|
93
|
|
94 if 'PATH_INFO' in req.env:
|
|
95 parts = req.env['PATH_INFO'].strip('/').split('/')
|
|
96 repo_parts = req.env.get('REPO_NAME', '').split('/')
|
|
97 if parts[:len(repo_parts)] == repo_parts:
|
|
98 parts = parts[len(repo_parts):]
|
|
99 query = '/'.join(parts)
|
|
100 else:
|
|
101 query = req.env['QUERY_STRING'].split('&', 1)[0]
|
|
102 query = query.split(';', 1)[0]
|
|
103
|
|
104 # process this if it's a protocol request
|
|
105 # protocol bits don't need to create any URLs
|
|
106 # and the clients always use the old URL structure
|
|
107
|
|
108 cmd = req.form.get('cmd', [''])[0]
|
|
109 if cmd and cmd in protocol.__all__:
|
|
110 if query:
|
|
111 raise ErrorResponse(HTTP_NOT_FOUND)
|
|
112 try:
|
|
113 if cmd in perms:
|
|
114 try:
|
|
115 self.check_perm(req, perms[cmd])
|
|
116 except ErrorResponse, inst:
|
|
117 if cmd == 'unbundle':
|
|
118 req.drain()
|
|
119 raise
|
|
120 method = getattr(protocol, cmd)
|
|
121 return method(self.repo, req)
|
|
122 except ErrorResponse, inst:
|
|
123 req.respond(inst, protocol.HGTYPE)
|
|
124 if not inst.message:
|
|
125 return []
|
|
126 return '0\n%s\n' % inst.message,
|
|
127
|
|
128 # translate user-visible url structure to internal structure
|
|
129
|
|
130 args = query.split('/', 2)
|
|
131 if 'cmd' not in req.form and args and args[0]:
|
|
132
|
|
133 cmd = args.pop(0)
|
|
134 style = cmd.rfind('-')
|
|
135 if style != -1:
|
|
136 req.form['style'] = [cmd[:style]]
|
|
137 cmd = cmd[style+1:]
|
|
138
|
|
139 # avoid accepting e.g. style parameter as command
|
|
140 if hasattr(webcommands, cmd):
|
|
141 req.form['cmd'] = [cmd]
|
|
142 else:
|
|
143 cmd = ''
|
|
144
|
|
145 if cmd == 'static':
|
|
146 req.form['file'] = ['/'.join(args)]
|
|
147 else:
|
|
148 if args and args[0]:
|
|
149 node = args.pop(0)
|
|
150 req.form['node'] = [node]
|
|
151 if args:
|
|
152 req.form['file'] = args
|
|
153
|
|
154 if cmd == 'archive':
|
|
155 fn = req.form['node'][0]
|
|
156 for type_, spec in self.archive_specs.iteritems():
|
|
157 ext = spec[2]
|
|
158 if fn.endswith(ext):
|
|
159 req.form['node'] = [fn[:-len(ext)]]
|
|
160 req.form['type'] = [type_]
|
|
161
|
|
162 # process the web interface request
|
|
163
|
|
164 try:
|
|
165 tmpl = self.templater(req)
|
|
166 ctype = tmpl('mimetype', encoding=encoding.encoding)
|
|
167 ctype = templater.stringify(ctype)
|
|
168
|
|
169 # check read permissions non-static content
|
|
170 if cmd != 'static':
|
|
171 self.check_perm(req, None)
|
|
172
|
|
173 if cmd == '':
|
|
174 req.form['cmd'] = [tmpl.cache['default']]
|
|
175 cmd = req.form['cmd'][0]
|
|
176
|
|
177 if cmd not in webcommands.__all__:
|
|
178 msg = 'no such method: %s' % cmd
|
|
179 raise ErrorResponse(HTTP_BAD_REQUEST, msg)
|
|
180 elif cmd == 'file' and 'raw' in req.form.get('style', []):
|
|
181 self.ctype = ctype
|
|
182 content = webcommands.rawfile(self, req, tmpl)
|
|
183 else:
|
|
184 content = getattr(webcommands, cmd)(self, req, tmpl)
|
|
185 req.respond(HTTP_OK, ctype)
|
|
186
|
|
187 return content
|
|
188
|
|
189 except error.LookupError, err:
|
|
190 req.respond(HTTP_NOT_FOUND, ctype)
|
|
191 msg = str(err)
|
|
192 if 'manifest' not in msg:
|
|
193 msg = 'revision not found: %s' % err.name
|
|
194 return tmpl('error', error=msg)
|
|
195 except (error.RepoError, error.RevlogError), inst:
|
|
196 req.respond(HTTP_SERVER_ERROR, ctype)
|
|
197 return tmpl('error', error=str(inst))
|
|
198 except ErrorResponse, inst:
|
|
199 req.respond(inst, ctype)
|
|
200 return tmpl('error', error=inst.message)
|
|
201
|
|
202 def templater(self, req):
|
|
203
|
|
204 # determine scheme, port and server name
|
|
205 # this is needed to create absolute urls
|
|
206
|
|
207 proto = req.env.get('wsgi.url_scheme')
|
|
208 if proto == 'https':
|
|
209 proto = 'https'
|
|
210 default_port = "443"
|
|
211 else:
|
|
212 proto = 'http'
|
|
213 default_port = "80"
|
|
214
|
|
215 port = req.env["SERVER_PORT"]
|
|
216 port = port != default_port and (":" + port) or ""
|
|
217 urlbase = '%s://%s%s' % (proto, req.env['SERVER_NAME'], port)
|
|
218 staticurl = self.config("web", "staticurl") or req.url + 'static/'
|
|
219 if not staticurl.endswith('/'):
|
|
220 staticurl += '/'
|
|
221
|
|
222 # some functions for the templater
|
|
223
|
|
224 def header(**map):
|
|
225 yield tmpl('header', encoding=encoding.encoding, **map)
|
|
226
|
|
227 def footer(**map):
|
|
228 yield tmpl("footer", **map)
|
|
229
|
|
230 def motd(**map):
|
|
231 yield self.config("web", "motd", "")
|
|
232
|
|
233 # figure out which style to use
|
|
234
|
|
235 vars = {}
|
|
236 style = self.config("web", "style", "paper")
|
|
237 if 'style' in req.form:
|
|
238 style = req.form['style'][0]
|
|
239 vars['style'] = style
|
|
240
|
|
241 start = req.url[-1] == '?' and '&' or '?'
|
|
242 sessionvars = webutil.sessionvars(vars, start)
|
|
243 mapfile = templater.stylemap(style, self.templatepath)
|
|
244
|
|
245 if not self.reponame:
|
|
246 self.reponame = (self.config("web", "name")
|
|
247 or req.env.get('REPO_NAME')
|
|
248 or req.url.strip('/') or self.repo.root)
|
|
249
|
|
250 # create the templater
|
|
251
|
|
252 tmpl = templater.templater(mapfile,
|
|
253 defaults={"url": req.url,
|
|
254 "staticurl": staticurl,
|
|
255 "urlbase": urlbase,
|
|
256 "repo": self.reponame,
|
|
257 "header": header,
|
|
258 "footer": footer,
|
|
259 "motd": motd,
|
|
260 "sessionvars": sessionvars
|
|
261 })
|
|
262 return tmpl
|
|
263
|
|
264 def archivelist(self, nodeid):
|
|
265 allowed = self.configlist("web", "allow_archive")
|
|
266 for i, spec in self.archive_specs.iteritems():
|
|
267 if i in allowed or self.configbool("web", "allow" + i):
|
|
268 yield {"type" : i, "extension" : spec[2], "node" : nodeid}
|
|
269
|
|
270 archive_specs = {
|
|
271 'bz2': ('application/x-tar', 'tbz2', '.tar.bz2', None),
|
|
272 'gz': ('application/x-tar', 'tgz', '.tar.gz', None),
|
|
273 'zip': ('application/zip', 'zip', '.zip', None),
|
|
274 }
|
|
275
|
|
276 def check_perm(self, req, op):
|
|
277 '''Check permission for operation based on request data (including
|
|
278 authentication info). Return if op allowed, else raise an ErrorResponse
|
|
279 exception.'''
|
|
280
|
|
281 user = req.env.get('REMOTE_USER')
|
|
282
|
|
283 deny_read = self.configlist('web', 'deny_read')
|
|
284 if deny_read and (not user or deny_read == ['*'] or user in deny_read):
|
|
285 raise ErrorResponse(HTTP_UNAUTHORIZED, 'read not authorized')
|
|
286
|
|
287 allow_read = self.configlist('web', 'allow_read')
|
|
288 result = (not allow_read) or (allow_read == ['*'])
|
|
289 if not (result or user in allow_read):
|
|
290 raise ErrorResponse(HTTP_UNAUTHORIZED, 'read not authorized')
|
|
291
|
|
292 if op == 'pull' and not self.allowpull:
|
|
293 raise ErrorResponse(HTTP_UNAUTHORIZED, 'pull not authorized')
|
|
294 elif op == 'pull' or op is None: # op is None for interface requests
|
|
295 return
|
|
296
|
|
297 # enforce that you can only push using POST requests
|
|
298 if req.env['REQUEST_METHOD'] != 'POST':
|
|
299 msg = 'push requires POST request'
|
|
300 raise ErrorResponse(HTTP_METHOD_NOT_ALLOWED, msg)
|
|
301
|
|
302 # require ssl by default for pushing, auth info cannot be sniffed
|
|
303 # and replayed
|
|
304 scheme = req.env.get('wsgi.url_scheme')
|
|
305 if self.configbool('web', 'push_ssl', True) and scheme != 'https':
|
|
306 raise ErrorResponse(HTTP_OK, 'ssl required')
|
|
307
|
|
308 deny = self.configlist('web', 'deny_push')
|
|
309 if deny and (not user or deny == ['*'] or user in deny):
|
|
310 raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized')
|
|
311
|
|
312 allow = self.configlist('web', 'allow_push')
|
|
313 result = allow and (allow == ['*'] or user in allow)
|
|
314 if not result:
|
|
315 raise ErrorResponse(HTTP_UNAUTHORIZED, 'push not authorized')
|