#check permissions for this repository

                perm = self._check_permission(action, user, repo_name, ip_addr)

                if not perm:

                    return HTTPForbidden()(environ, start_response)

        # extras are injected into UI object and later available

        # in hooks executed by rhodecode

        from rhodecode import CONFIG

        server_url = get_server_url(environ)

        extras = {

            'ip': ip_addr,

            'username': username,

            'action': action,

            'repository': repo_name,

            'scm': 'git',

            'config': CONFIG['__file__'],

            'server_url': server_url,

            'make_lock': None,

            'locked_by': [None, None]

        }

        #===================================================================

        # GIT REQUEST HANDLING

        #===================================================================

        log.debug('Repository path is %s' % repo_path)

        # CHECK LOCKING only if it's not ANONYMOUS USER

        if username != User.DEFAULT_USER:

            log.debug('Checking locking on repository')

            (make_lock,

             locked,

             locked_by) = self._check_locking_state(

                            environ=environ, action=action,

                            repo=repo_name, user_id=user.user_id

                       )

            # store the make_lock for later evaluation in hooks

            extras.update({'make_lock': make_lock,

                           'locked_by': locked_by})

        # set the environ variables for this request

        os.environ['RC_SCM_DATA'] = json.dumps(extras)

        fix_PATH()

        log.debug('HOOKS extras is %s' % extras)

        baseui = make_ui('db')

        self.__inject_extras(repo_path, baseui, extras)

        try:

            self._handle_githooks(repo_name, action, baseui, environ)

            log.info('%s action on GIT repo "%s" by "%s" from %s' %

            app = self.__make_app(repo_name, repo_path, extras)

            return app(environ, start_response)

        except HTTPLockedRC, e:

            _code = CONFIG.get('lock_ret_code')

            log.debug('Repository LOCKED ret code %s!' % (_code))

            return e(environ, start_response)

        except Exception:

            log.error(traceback.format_exc())

            return HTTPInternalServerError()(environ, start_response)

        finally:

            # invalidate cache on push

            if action == 'push':

                self._invalidate_cache(repo_name)

    def __make_app(self, repo_name, repo_path, extras):

        """

        Make an wsgi application using dulserver

        :param repo_name: name of the repository

        :param repo_path: full path to the repository

        """

        from rhodecode.lib.middleware.pygrack import make_wsgi_app

        app = make_wsgi_app(

                #check permissions for this repository

                perm = self._check_permission(action, user, repo_name, ip_addr)

                if not perm:

                    return HTTPForbidden()(environ, start_response)

        # extras are injected into mercurial UI object and later available

        # in hg hooks executed by rhodecode

        from rhodecode import CONFIG

        server_url = get_server_url(environ)

        extras = {

            'ip': ip_addr,

            'username': username,

            'action': action,

            'repository': repo_name,

            'scm': 'hg',

            'config': CONFIG['__file__'],

            'server_url': server_url,

            'make_lock': None,

            'locked_by': [None, None]

        }

        #======================================================================

        # MERCURIAL REQUEST HANDLING

        #======================================================================

        log.debug('Repository path is %s' % repo_path)

        # CHECK LOCKING only if it's not ANONYMOUS USER

        if username != User.DEFAULT_USER:

            log.debug('Checking locking on repository')

            (make_lock,

             locked,

             locked_by) = self._check_locking_state(

                            environ=environ, action=action,

                            repo=repo_name, user_id=user.user_id

                       )

            # store the make_lock for later evaluation in hooks

            extras.update({'make_lock': make_lock,

                           'locked_by': locked_by})

        # set the environ variables for this request

        os.environ['RC_SCM_DATA'] = json.dumps(extras)

        fix_PATH()

        log.debug('HOOKS extras is %s' % extras)

        baseui = make_ui('db')

        self.__inject_extras(repo_path, baseui, extras)

        try:

            log.info('%s action on HG repo "%s" by "%s" from %s' %

            app = self.__make_app(repo_path, baseui, extras)

            return app(environ, start_response)

        except RepoError, e:

            if str(e).find('not found') != -1:

                return HTTPNotFound()(environ, start_response)

        except HTTPLockedRC, e:

            _code = CONFIG.get('lock_ret_code')

            log.debug('Repository LOCKED ret code %s!' % (_code))

            return e(environ, start_response)

        except Exception:

            log.error(traceback.format_exc())

            return HTTPInternalServerError()(environ, start_response)

        finally:

            # invalidate cache on push

            if action == 'push':

                self._invalidate_cache(repo_name)

    def __make_app(self, repo_name, baseui, extras):

        """

        Make an wsgi application using hgweb, and inject generated baseui

        instance, additionally inject some extras into ui object

        """

        return hgweb_mod.hgweb(repo_name, name=repo_name, baseui=baseui)