kallithea: rhodecode/lib/middleware/simplegit.py annotate

annotate rhodecode/lib/middleware/simplegit.py @ 2090:2632a49cb402 beta

fixes issue #372 - improved detection of git operation, that caused to return bad data and created a security bug

author	Marcin Kuzminski <marcin@python-works.com>
date	Fri, 02 Mar 2012 21:53:19 +0200
parents	9f0fe6777833
children	ecd59c28f432 f0649c7cf94a

rev	line source
903 04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	1 # -- coding: utf-8 --
04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	2 """
04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	3 rhodecode.lib.middleware.simplegit
04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	5
04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	6 SimpleGit middleware for handling git protocol request (push/clone etc.)
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 989 diff changeset	7 It's implemented with basic auth function
6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 989 diff changeset	8
903 04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	9 :created_on: Apr 28, 2010
04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	10 :author: marcink
1824 89efedac4e6c 2012 copyrights Marcin Kuzminski <marcin@python-works.com> parents: 1818 diff changeset	11 :copyright: (C) 2010-2012 Marcin Kuzminski <marcin@python-works.com>
903 04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	12 :license: GPLv3, see COPYING for more details.
04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	13 """
1206 a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	14 # This program is free software: you can redistribute it and/or modify
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	15 # it under the terms of the GNU General Public License as published by
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	16 # the Free Software Foundation, either version 3 of the License, or
a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	17 # (at your option) any later version.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 989 diff changeset	18 #
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	19 # This program is distributed in the hope that it will be useful,
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	20 # but WITHOUT ANY WARRANTY; without even the implied warranty of
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	21 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	22 # GNU General Public License for more details.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 989 diff changeset	23 #
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	24 # You should have received a copy of the GNU General Public License
1206 a671db5bdd58 fixed license issue #149 Marcin Kuzminski <marcin@python-works.com> parents: 1203 diff changeset	25 # along with this program. If not, see <http://www.gnu.org/licenses/>.
635 fd63782c4426 Fixed age, for new vcs implementation. Removed all obsolete date formatters Marcin Kuzminski <marcin@python-works.com> parents: 625 diff changeset	26
903 04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	27 import os
2052 320806ff6be2 fixes git-protocol with Marcin Kuzminski <marcin@python-works.com> parents: 2026 diff changeset	28 import re
903 04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	29 import logging
04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	30 import traceback
635 fd63782c4426 Fixed age, for new vcs implementation. Removed all obsolete date formatters Marcin Kuzminski <marcin@python-works.com> parents: 625 diff changeset	31
625 d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	32 from dulwich import server as dulserver
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	33
2007 324ac367a4da Added VCS into rhodecode core for faster and easier deployments of new versions Marcin Kuzminski <marcin@python-works.com> parents: 1824 diff changeset	34
625 d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	35 class SimpleGitUploadPackHandler(dulserver.UploadPackHandler):
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	36
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	37 def handle(self):
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	38 write = lambda x: self.proto.write_sideband(1, x)
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	39
1275 2723276285ae pep8ify middlewares Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	40 graph_walker = dulserver.ProtocolGraphWalker(self,
2723276285ae pep8ify middlewares Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	41 self.repo.object_store,
2723276285ae pep8ify middlewares Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	42 self.repo.get_peeled)
625 d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	43 objects_iter = self.repo.fetch_objects(
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	44 graph_walker.determine_wants, graph_walker, self.progress,
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	45 get_tagged=self.get_tagged)
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	46
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	47 # Do they want any objects?
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	48 if objects_iter is None or len(objects_iter) == 0:
625 d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	49 return
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	50
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	51 self.progress("counting objects: %d, done.\n" % len(objects_iter))
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	52 dulserver.write_pack_objects(dulserver.ProtocolFile(None, write),
1275 2723276285ae pep8ify middlewares Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	53 objects_iter, len(objects_iter))
625 d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	54 messages = []
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	55 messages.append('thank you for using rhodecode')
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	56
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	57 for msg in messages:
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	58 self.progress(msg + "\n")
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	59 # we are done
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	60 self.proto.write("0000")
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	61
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	62 dulserver.DEFAULT_HANDLERS = {
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	63 'git-upload-pack': SimpleGitUploadPackHandler,
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	64 'git-receive-pack': dulserver.ReceivePackHandler,
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	65 }
d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	66
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	67 from dulwich.repo import Repo
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	68 from dulwich.web import HTTPGitApplication
903 04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	69
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	70 from paste.httpheaders import REMOTE_USER, AUTH_TYPE
903 04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	71
1401 b7563ad4e7ee Unicode fixes, added safe_str method for global str() operations +better test sandboxing Marcin Kuzminski <marcin@python-works.com> parents: 1293 diff changeset	72 from rhodecode.lib import safe_str
1761 b265be1c6093 Wrapped calls for git and hg middleware in extra block that clears db Session. Marcin Kuzminski <marcin@python-works.com> parents: 1630 diff changeset	73 from rhodecode.lib.base import BaseVCSController
b265be1c6093 Wrapped calls for git and hg middleware in extra block that clears db Session. Marcin Kuzminski <marcin@python-works.com> parents: 1630 diff changeset	74 from rhodecode.lib.auth import get_container_username
b265be1c6093 Wrapped calls for git and hg middleware in extra block that clears db Session. Marcin Kuzminski <marcin@python-works.com> parents: 1630 diff changeset	75 from rhodecode.lib.utils import is_valid_repo
1497 71738535ed78 Removed deprecated usage of UserModel() in simplehg and simplegit Marcin Kuzminski <marcin@python-works.com> parents: 1496 diff changeset	76 from rhodecode.model.db import User
903 04c9bb9ca6d6 code docs, updates Marcin Kuzminski <marcin@python-works.com> parents: 902 diff changeset	77
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	78 from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	79
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	80 log = logging.getLogger(__name__)
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	81
1275 2723276285ae pep8ify middlewares Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	82
2061 9f0fe6777833 merge pull request #32 from codingtony Marcin Kuzminski <marcin@python-works.com> parents: 2060 diff changeset	83 GIT_PROTO_PAT = re.compile(r'^/(.+)/(info/refs\|git-upload-pack\|git-receive-pack)')
2052 320806ff6be2 fixes git-protocol with Marcin Kuzminski <marcin@python-works.com> parents: 2026 diff changeset	84
2058 fb51a6fc10ae updated CONTRIBUTORS Marcin Kuzminski <marcin@python-works.com> parents: 2057 diff changeset	85
2060 572855f7a392 reverted git fix as it broke pushing Marcin Kuzminski <marcin@python-works.com> parents: 2058 diff changeset	86 def is_git(environ):
2061 9f0fe6777833 merge pull request #32 from codingtony Marcin Kuzminski <marcin@python-works.com> parents: 2060 diff changeset	87 path_info = environ['PATH_INFO']
9f0fe6777833 merge pull request #32 from codingtony Marcin Kuzminski <marcin@python-works.com> parents: 2060 diff changeset	88 isgit_path = GIT_PROTO_PAT.match(path_info)
9f0fe6777833 merge pull request #32 from codingtony Marcin Kuzminski <marcin@python-works.com> parents: 2060 diff changeset	89 log.debug('is a git path %s pathinfo : %s' % (isgit_path, path_info))
9f0fe6777833 merge pull request #32 from codingtony Marcin Kuzminski <marcin@python-works.com> parents: 2060 diff changeset	90 return isgit_path
2052 320806ff6be2 fixes git-protocol with Marcin Kuzminski <marcin@python-works.com> parents: 2026 diff changeset	91
2058 fb51a6fc10ae updated CONTRIBUTORS Marcin Kuzminski <marcin@python-works.com> parents: 2057 diff changeset	92
1761 b265be1c6093 Wrapped calls for git and hg middleware in extra block that clears db Session. Marcin Kuzminski <marcin@python-works.com> parents: 1630 diff changeset	93 class SimpleGit(BaseVCSController):
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	94
1761 b265be1c6093 Wrapped calls for git and hg middleware in extra block that clears db Session. Marcin Kuzminski <marcin@python-works.com> parents: 1630 diff changeset	95 def _handle_request(self, environ, start_response):
2061 9f0fe6777833 merge pull request #32 from codingtony Marcin Kuzminski <marcin@python-works.com> parents: 2060 diff changeset	96
2060 572855f7a392 reverted git fix as it broke pushing Marcin Kuzminski <marcin@python-works.com> parents: 2058 diff changeset	97 if not is_git(environ):
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	98 return self.application(environ, start_response)
665 070f32743632 Moved out reposcan into hg Model. Marcin Kuzminski <marcin@python-works.com> parents: 655 diff changeset	99
655 aefc371a2531 propagate changes for #48 into simplegit. Marcin Kuzminski <marcin@python-works.com> parents: 643 diff changeset	100 proxy_key = 'HTTP_X_REAL_IP'
aefc371a2531 propagate changes for #48 into simplegit. Marcin Kuzminski <marcin@python-works.com> parents: 643 diff changeset	101 def_key = 'REMOTE_ADDR'
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	102 ipaddr = environ.get(proxy_key, environ.get(def_key, '0.0.0.0'))
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	103 username = None
898 9c4851dce8e6 fixed error propagation when using git/mercurial requests Marcin Kuzminski <marcin@python-works.com> parents: 756 diff changeset	104 # skip passing error to error controller
9c4851dce8e6 fixed error propagation when using git/mercurial requests Marcin Kuzminski <marcin@python-works.com> parents: 756 diff changeset	105 environ['pylons.status_code_redirect'] = True
665 070f32743632 Moved out reposcan into hg Model. Marcin Kuzminski <marcin@python-works.com> parents: 655 diff changeset	106
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	107 #======================================================================
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	108 # EXTRACT REPOSITORY NAME FROM ENV
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	109 #======================================================================
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	110 try:
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	111 repo_name = self.__get_repository(environ)
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	112 log.debug('Extracted repo name is %s' % repo_name)
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	113 except:
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	114 return HTTPInternalServerError()(environ, start_response)
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	115
2060 572855f7a392 reverted git fix as it broke pushing Marcin Kuzminski <marcin@python-works.com> parents: 2058 diff changeset	116 #======================================================================
572855f7a392 reverted git fix as it broke pushing Marcin Kuzminski <marcin@python-works.com> parents: 2058 diff changeset	117 # GET ACTION PULL or PUSH
572855f7a392 reverted git fix as it broke pushing Marcin Kuzminski <marcin@python-works.com> parents: 2058 diff changeset	118 #======================================================================
572855f7a392 reverted git fix as it broke pushing Marcin Kuzminski <marcin@python-works.com> parents: 2058 diff changeset	119 action = self.__get_action(environ)
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	120
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	121 #======================================================================
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	122 # CHECK ANONYMOUS PERMISSION
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	123 #======================================================================
2090 2632a49cb402 fixes issue #372 Marcin Kuzminski <marcin@python-works.com> parents: 2061 diff changeset	124
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	125 if action in ['pull', 'push']:
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	126 anonymous_user = self.__get_user('default')
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	127 username = anonymous_user.username
2026 c6e288dcb4a2 improved logging in git/hg middlewares Marcin Kuzminski <marcin@python-works.com> parents: 2021 diff changeset	128 anonymous_perm = self._check_permission(action, anonymous_user,
1761 b265be1c6093 Wrapped calls for git and hg middleware in extra block that clears db Session. Marcin Kuzminski <marcin@python-works.com> parents: 1630 diff changeset	129 repo_name)
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	130
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	131 if anonymous_perm is not True or anonymous_user.active is False:
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	132 if anonymous_perm is not True:
1275 2723276285ae pep8ify middlewares Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	133 log.debug('Not enough credentials to access this '
2723276285ae pep8ify middlewares Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	134 'repository as anonymous user')
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	135 if anonymous_user.active is False:
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	136 log.debug('Anonymous access is disabled, running '
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	137 'authentication')
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	138 #==============================================================
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 989 diff changeset	139 # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	140 # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	141 #==============================================================
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	142
1630 25d8e4836bc2 Improved container-based auth support for middleware Liad Shani <liadff@gmail.com> parents: 1620 diff changeset	143 # Attempting to retrieve username from the container
25d8e4836bc2 Improved container-based auth support for middleware Liad Shani <liadff@gmail.com> parents: 1620 diff changeset	144 username = get_container_username(environ, self.config)
25d8e4836bc2 Improved container-based auth support for middleware Liad Shani <liadff@gmail.com> parents: 1620 diff changeset	145
25d8e4836bc2 Improved container-based auth support for middleware Liad Shani <liadff@gmail.com> parents: 1620 diff changeset	146 # If not authenticated by the container, running basic auth
25d8e4836bc2 Improved container-based auth support for middleware Liad Shani <liadff@gmail.com> parents: 1620 diff changeset	147 if not username:
1401 b7563ad4e7ee Unicode fixes, added safe_str method for global str() operations +better test sandboxing Marcin Kuzminski <marcin@python-works.com> parents: 1293 diff changeset	148 self.authenticate.realm = \
b7563ad4e7ee Unicode fixes, added safe_str method for global str() operations +better test sandboxing Marcin Kuzminski <marcin@python-works.com> parents: 1293 diff changeset	149 safe_str(self.config['rhodecode_realm'])
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	150 result = self.authenticate(environ)
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	151 if isinstance(result, str):
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	152 AUTH_TYPE.update(environ, 'basic')
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	153 REMOTE_USER.update(environ, result)
1630 25d8e4836bc2 Improved container-based auth support for middleware Liad Shani <liadff@gmail.com> parents: 1620 diff changeset	154 username = result
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	155 else:
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	156 return result.wsgi_application(environ, start_response)
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	157
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	158 #==============================================================
1630 25d8e4836bc2 Improved container-based auth support for middleware Liad Shani <liadff@gmail.com> parents: 1620 diff changeset	159 # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	160 #==============================================================
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	161 if action in ['pull', 'push']:
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	162 try:
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	163 user = self.__get_user(username)
1620 41696fc73c4d Fixed middleware to prevent deactivated users from authenticating Liad Shani <liadff@gmail.com> parents: 1619 diff changeset	164 if user is None or not user.active:
1818 cf51bbfb120e auto white-space removal Marcin Kuzminski <marcin@python-works.com> parents: 1813 diff changeset	165 return HTTPForbidden()(environ, start_response)
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	166 username = user.username
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	167 except:
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	168 log.error(traceback.format_exc())
1275 2723276285ae pep8ify middlewares Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	169 return HTTPInternalServerError()(environ,
2723276285ae pep8ify middlewares Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	170 start_response)
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	171
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	172 #check permissions for this repository
2090 2632a49cb402 fixes issue #372 Marcin Kuzminski <marcin@python-works.com> parents: 2061 diff changeset	173 perm = self._check_permission(action, user, repo_name)
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	174 if perm is not True:
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	175 return HTTPForbidden()(environ, start_response)
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	176
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	177 #===================================================================
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	178 # GIT REQUEST HANDLING
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	179 #===================================================================
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	180 repo_path = safe_str(os.path.join(self.basepath, repo_name))
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	181 log.debug('Repository path is %s' % repo_path)
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	182
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	183 # quick check if that dir exists...
1507 7d687ed11929 changed check_... functions from their stupid names to something less retarded :) Marcin Kuzminski <marcin@python-works.com> parents: 1506 diff changeset	184 if is_valid_repo(repo_name, self.basepath) is False:
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	185 return HTTPNotFound()(environ, start_response)
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	186
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	187 try:
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	188 #invalidate cache on push
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	189 if action == 'push':
1761 b265be1c6093 Wrapped calls for git and hg middleware in extra block that clears db Session. Marcin Kuzminski <marcin@python-works.com> parents: 1630 diff changeset	190 self._invalidate_cache(repo_name)
2026 c6e288dcb4a2 improved logging in git/hg middlewares Marcin Kuzminski <marcin@python-works.com> parents: 2021 diff changeset	191 log.info('%s action on GIT repo "%s"' % (action, repo_name))
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	192 app = self.__make_app(repo_name, repo_path)
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	193 return app(environ, start_response)
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	194 except Exception:
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	195 log.error(traceback.format_exc())
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	196 return HTTPInternalServerError()(environ, start_response)
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	197
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	198 def __make_app(self, repo_name, repo_path):
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	199 """
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	200 Make an wsgi application using dulserver
1818 cf51bbfb120e auto white-space removal Marcin Kuzminski <marcin@python-works.com> parents: 1813 diff changeset	201
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	202 :param repo_name: name of the repository
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	203 :param repo_path: full path to the repository
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	204 """
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	205 _d = {'/' + repo_name: Repo(repo_path)}
1275 2723276285ae pep8ify middlewares Marcin Kuzminski <marcin@python-works.com> parents: 1206 diff changeset	206 backend = dulserver.DictBackend(_d)
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	207 gitserve = HTTPGitApplication(backend)
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	208
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	209 return gitserve
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	210
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	211 def __get_repository(self, environ):
1496 f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	212 """
f4fed0b32103 Rewrote git middleware with the same pattern as recent fix for #176 Marcin Kuzminski <marcin@python-works.com> parents: 1401 diff changeset	213 Get's repository name out of PATH_INFO header
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 989 diff changeset	214
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	215 :param environ: environ where PATH_INFO is stored
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	216 """
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	217 try:
1813 a8c66e870bd0 implements #285: Implemented non changeable urls for clone url, and web views Marcin Kuzminski <marcin@python-works.com> parents: 1761 diff changeset	218 environ['PATH_INFO'] = self._get_by_id(environ['PATH_INFO'])
2061 9f0fe6777833 merge pull request #32 from codingtony Marcin Kuzminski <marcin@python-works.com> parents: 2060 diff changeset	219 repo_name = GIT_PROTO_PAT.match(environ['PATH_INFO']).group(1)
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	220 except:
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	221 log.error(traceback.format_exc())
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	222 raise
2052 320806ff6be2 fixes git-protocol with Marcin Kuzminski <marcin@python-works.com> parents: 2026 diff changeset	223
918 b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	224 return repo_name
b2d5868cc4b8 fixes #97 in simplehg and simplegit, force casting to headers Marcin Kuzminski <marcin@python-works.com> parents: 903 diff changeset	225
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	226 def __get_user(self, username):
1530 04027bdb876c Refactoring of model get functions Marcin Kuzminski <marcin@python-works.com> parents: 1507 diff changeset	227 return User.get_by_username(username)
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	228
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	229 def __get_action(self, environ):
2090 2632a49cb402 fixes issue #372 Marcin Kuzminski <marcin@python-works.com> parents: 2061 diff changeset	230 """
2632a49cb402 fixes issue #372 Marcin Kuzminski <marcin@python-works.com> parents: 2061 diff changeset	231 Maps git request commands into a pull or push command.
1203 6832ef664673 source code cleanup: remove trailing white space, normalize file endings Marcin Kuzminski <marcin@python-works.com> parents: 989 diff changeset	232
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	233 :param environ:
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	234 """
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	235 service = environ['QUERY_STRING'].split('=')
2090 2632a49cb402 fixes issue #372 Marcin Kuzminski <marcin@python-works.com> parents: 2061 diff changeset	236
620 19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	237 if len(service) > 1:
19a62a5490fe added base simple git middleware, for future usage Marcin Kuzminski <marcin@python-works.com> parents: diff changeset	238 service_cmd = service[1]
2058 fb51a6fc10ae updated CONTRIBUTORS Marcin Kuzminski <marcin@python-works.com> parents: 2057 diff changeset	239 mapping = {
fb51a6fc10ae updated CONTRIBUTORS Marcin Kuzminski <marcin@python-works.com> parents: 2057 diff changeset	240 'git-receive-pack': 'push',
fb51a6fc10ae updated CONTRIBUTORS Marcin Kuzminski <marcin@python-works.com> parents: 2057 diff changeset	241 'git-upload-pack': 'pull',
fb51a6fc10ae updated CONTRIBUTORS Marcin Kuzminski <marcin@python-works.com> parents: 2057 diff changeset	242 }
2090 2632a49cb402 fixes issue #372 Marcin Kuzminski <marcin@python-works.com> parents: 2061 diff changeset	243 op = mapping[service_cmd]
2632a49cb402 fixes issue #372 Marcin Kuzminski <marcin@python-works.com> parents: 2061 diff changeset	244 self._git_stored_op = op
2632a49cb402 fixes issue #372 Marcin Kuzminski <marcin@python-works.com> parents: 2061 diff changeset	245 return op
625 d5372213db98 some hacking on simplegit middleware Marcin Kuzminski <marcin@python-works.com> parents: 620 diff changeset	246 else:
2090 2632a49cb402 fixes issue #372 Marcin Kuzminski <marcin@python-works.com> parents: 2061 diff changeset	247 # try to fallback to stored variable as we don't know if the last
2632a49cb402 fixes issue #372 Marcin Kuzminski <marcin@python-works.com> parents: 2061 diff changeset	248 # operation is pull/push
2632a49cb402 fixes issue #372 Marcin Kuzminski <marcin@python-works.com> parents: 2061 diff changeset	249 op = getattr(self, '_git_stored_op', 'pull')
2632a49cb402 fixes issue #372 Marcin Kuzminski <marcin@python-works.com> parents: 2061 diff changeset	250 return op

Mercurial > kallithea

annotate rhodecode/lib/middleware/simplegit.py @ 2090:2632a49cb402 beta