Files
@ 0cf121eae2fe
Branch filter:
Location: kallithea/docs/usage/locking.rst - annotation
0cf121eae2fe
1.1 KiB
text/prs.fallenstein.rst
tests: fix caching issue in test_ip_restriction_git
Following test failure is observed in
TestVCSOperations.test_ip_restriction_git:
―――――――――――――― TestVCSOperations.test_ip_restriction_git ――――――――――――――――――
kallithea/tests/other/test_vcs_operations.py:584: in test_ip_restriction_git
assert re.search(r'\b403\b', stderr)
E assert None
E + where None = <function search at 0x7fb9772da578>('\\b403\\b', "Cloning into '/tmp/kallithea-test-SZhXDz/vcs_operations-krPNvZ'...\n")
E + where <function search at 0x7fb9772da578> = re.search
------------------------- Captured stdout call ----------------------------
*** CMD git clone http://test_admin:test12@127.0.0.1:45291/vcs_test_git /tmp/kallithea-test-SZhXDz/vcs_operations-krPNvZ ***
stderr: "Cloning into '/tmp/kallithea-test-SZhXDz/vcs_operations-krPNvZ'...\n"
The test is setting up IP restrictions, verifying that access is no longer
possible, then clears the restriction. There already were sleeps after
clearing the restrictions, in order for the cache to expire and have the
setting take effect.
But there was no sleep on the enabling of the IP restriction, allowing
situations where the code would still run without restriction, and thus
allow the access, failing the test.
The failure has only been observed on test_ip_restriction_git, but the
change is also made for test_ip_restriction_hg.
The existing sleeps after restriction clearing are moved up to the 'finally'
clause to make it clear to which code they belong.
Following test failure is observed in
TestVCSOperations.test_ip_restriction_git:
―――――――――――――― TestVCSOperations.test_ip_restriction_git ――――――――――――――――――
kallithea/tests/other/test_vcs_operations.py:584: in test_ip_restriction_git
assert re.search(r'\b403\b', stderr)
E assert None
E + where None = <function search at 0x7fb9772da578>('\\b403\\b', "Cloning into '/tmp/kallithea-test-SZhXDz/vcs_operations-krPNvZ'...\n")
E + where <function search at 0x7fb9772da578> = re.search
------------------------- Captured stdout call ----------------------------
*** CMD git clone http://test_admin:test12@127.0.0.1:45291/vcs_test_git /tmp/kallithea-test-SZhXDz/vcs_operations-krPNvZ ***
stderr: "Cloning into '/tmp/kallithea-test-SZhXDz/vcs_operations-krPNvZ'...\n"
The test is setting up IP restrictions, verifying that access is no longer
possible, then clears the restriction. There already were sleeps after
clearing the restrictions, in order for the cache to expire and have the
setting take effect.
But there was no sleep on the enabling of the IP restriction, allowing
situations where the code would still run without restriction, and thus
allow the access, failing the test.
The failure has only been observed on test_ip_restriction_git, but the
change is also made for test_ip_restriction_hg.
The existing sleeps after restriction clearing are moved up to the 'finally'
clause to make it clear to which code they belong.
aa17c7a1b8a5 aa17c7a1b8a5 8d065db04909 8d065db04909 8d065db04909 aa17c7a1b8a5 5ae8e644aa88 8d065db04909 03bbd33bc084 03bbd33bc084 5ae8e644aa88 5ae8e644aa88 8d065db04909 aa17c7a1b8a5 5ae8e644aa88 8d065db04909 aa17c7a1b8a5 8d065db04909 5ae8e644aa88 8d065db04909 aa17c7a1b8a5 8d065db04909 8d065db04909 5ae8e644aa88 8d065db04909 aa17c7a1b8a5 8d065db04909 8d065db04909 | .. _locking:
==================
Repository locking
==================
Kallithea has a *repository locking* feature, disabled by default. When
enabled, every initial clone and every pull gives users (with write permission)
the exclusive right to do a push.
When repository locking is enabled, repositories get a ``locked`` flag.
The hg/git commands ``hg/git clone``, ``hg/git pull``,
and ``hg/git push`` influence this state:
- A ``clone`` or ``pull`` action locks the target repository
if the user has write/admin permissions on this repository.
- Kallithea will remember the user who locked the repository so only this
specific user can unlock the repo by performing a ``push``
command.
- Every other command on a locked repository from this user and every command
from any other user will result in an HTTP return code 423 (Locked).
Additionally, the HTTP error will mention the user that locked the repository
(e.g., “repository <repo> locked by user <user>”).
Each repository can be manually unlocked by an administrator from the
repository settings menu.
|