Mercurial > kallithea
diff rhodecode/lib/base.py @ 2668:f0851f37d6be beta
Implementes #509 require SSL flag now works for both git and mercurial.
- check is done at earlies possible stage
- if detected protocol is not https and flag require is there RhodeCode will
return HTTP Error 406: Not Acceptable, before even checking credentials
- removed push_ssl flag from mercurial UI objects since that would duplicate logic
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Thu, 26 Jul 2012 23:03:26 +0200 |
parents | 7a5eeafb1a9a |
children | a221706dab50 |
line wrap: on
line diff
--- a/rhodecode/lib/base.py Thu Jul 26 22:22:31 2012 +0200 +++ b/rhodecode/lib/base.py Thu Jul 26 23:03:26 2012 +0200 @@ -23,7 +23,7 @@ from rhodecode.lib.utils import get_repo_slug, invalidate_cache from rhodecode.model import meta -from rhodecode.model.db import Repository +from rhodecode.model.db import Repository, RhodeCodeUi from rhodecode.model.notification import NotificationModel from rhodecode.model.scm import ScmModel @@ -145,6 +145,21 @@ def _get_ip_addr(self, environ): return _get_ip_addr(environ) + def _check_ssl(self, environ, start_response): + """ + Checks the SSL check flag and returns False if SSL is not present + and required True otherwise + """ + org_proto = environ['wsgi._org_proto'] + #check if we have SSL required ! if not it's a bad request ! + require_ssl = str2bool(RhodeCodeUi.get_by_key('push_ssl')\ + .scalar().ui_value) + if require_ssl and org_proto == 'http': + log.debug('proto is %s and SSL is required BAD REQUEST !' + % org_proto) + return False + return True + def __call__(self, environ, start_response): start = time.time() try: