kallithea Changeset - 5bd42279930c

Changeset - 5bd42279930c

Parent rev.

Child rev.

[Not reviewed]

beta

0 1 0

Marcin Kuzminski - 14 years ago 2011-09-29 22:32:13
marcin@python-works.com

#176 LookupError: 00changelog.i@66f0739d7517: no node
- fixed mercurial concurency bug. While there were many concurrent request to different repos at one time, sometimes there were race conditions that caused mercurial backend to mix up repository instance with current repo path from environ, a major rewrite of the middleware fixed that.

1 file changed with 52 insertions and 45 deletions:

rhodecode/lib/middleware/simplehg.py

0 comments (0 inline, 0 general)

rhodecode/lib/middleware/simplehg.py

➞

Show inline comments

@@ @@ -8,200 +8,203 @@ @@
     :created_on: Apr 28, 2010
     :author: marcink
     :copyright: (C) 2009-2010 Marcin Kuzminski <marcin@python-works.com>
     :license: GPLv3, see COPYING for more details.
 """
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 import os
 import logging
 import traceback
 from mercurial.error import RepoError
 from mercurial.hgweb import hgweb
 from mercurial.hgweb.request import wsgiapplication
 from mercurial.hgweb import hgweb_mod
 from paste.auth.basic import AuthBasicAuthenticator
 from paste.httpheaders import REMOTE_USER, AUTH_TYPE
 from rhodecode.lib import safe_str
 from rhodecode.lib.auth import authfunc, HasPermissionAnyMiddleware
 from rhodecode.lib.utils import make_ui, invalidate_cache, \
     check_repo_fast, ui_sections
 from rhodecode.model.user import UserModel
 from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError
 log = logging.getLogger(__name__)
 def is_mercurial(environ):
     """Returns True if request's target is mercurial server - header
     ``HTTP_ACCEPT`` of such request would start with ``application/mercurial``.
     """
     http_accept = environ.get('HTTP_ACCEPT')
     if http_accept and http_accept.startswith('application/mercurial'):
         return True
     return False
 class SimpleHg(object):
     def __init__(self, application, config):
         self.application = application
         self.config = config
         # base path of repo locations
         self.basepath = self.config['base_path']
         #authenticate this mercurial request using authfunc
         self.authenticate = AuthBasicAuthenticator('', authfunc)
         self.ipaddr = '0.0.0.0'
         self.repo_name = None
         self.username = None
         self.action = None
     def __call__(self, environ, start_response):
         if not is_mercurial(environ):
             return self.application(environ, start_response)
         proxy_key = 'HTTP_X_REAL_IP'
         def_key = 'REMOTE_ADDR'
         self.ipaddr = environ.get(proxy_key, environ.get(def_key, '0.0.0.0'))
         ipaddr = environ.get(proxy_key, environ.get(def_key, '0.0.0.0'))
         # skip passing error to error controller
         environ['pylons.status_code_redirect'] = True
         #======================================================================
         # EXTRACT REPOSITORY NAME FROM ENV
         #======================================================================
         try:
             repo_name = environ['REPO_NAME'] = self.__get_repository(environ)
             log.debug('Extracted repo name is %s' % repo_name)
         except:
             return HTTPInternalServerError()(environ, start_response)
         #======================================================================
         # GET ACTION PULL or PUSH
         #======================================================================
         self.action = self.__get_action(environ)
         try:
             #==================================================================
             # GET REPOSITORY NAME
             #==================================================================
             self.repo_name = self.__get_repository(environ)
         except:
             return HTTPInternalServerError()(environ, start_response)
         action = self.__get_action(environ)
         #======================================================================
         # CHECK ANONYMOUS PERMISSION
         #======================================================================
-        if self.action in ['pull', 'push']:
         if action in ['pull', 'push']:
             anonymous_user = self.__get_user('default')
             self.username = anonymous_user.username
             anonymous_perm = self.__check_permission(self.action,
             username = anonymous_user.username
             anonymous_perm = self.__check_permission(action,
                                                      anonymous_user,
-                                                     self.repo_name)
                                                      repo_name)
             if anonymous_perm is not True or anonymous_user.active is False:
                 if anonymous_perm is not True:
                     log.debug('Not enough credentials to access this '
                               'repository as anonymous user')
                 if anonymous_user.active is False:
                     log.debug('Anonymous access is disabled, running '
                               'authentication')
                 #==============================================================
                 # DEFAULT PERM FAILED OR ANONYMOUS ACCESS IS DISABLED SO WE
                 # NEED TO AUTHENTICATE AND ASK FOR AUTH USER PERMISSIONS
                 #==============================================================
                 if not REMOTE_USER(environ):
                     self.authenticate.realm = \
                         safe_str(self.config['rhodecode_realm'])
                     result = self.authenticate(environ)
                     if isinstance(result, str):
                         AUTH_TYPE.update(environ, 'basic')
                         REMOTE_USER.update(environ, result)
                     else:
                         return result.wsgi_application(environ, start_response)
                 #==============================================================
                 # CHECK PERMISSIONS FOR THIS REQUEST USING GIVEN USERNAME FROM
                 # BASIC AUTH
                 #==============================================================
-                if self.action in ['pull', 'push']:
                 if action in ['pull', 'push']:
                     username = REMOTE_USER(environ)
                     try:
                         user = self.__get_user(username)
-                        self.username = user.username
                         username = user.username
                     except:
                         log.error(traceback.format_exc())
                         return HTTPInternalServerError()(environ,
                                                          start_response)
                     #check permissions for this repository
                     perm = self.__check_permission(self.action, user,
                                                    self.repo_name)
                     perm = self.__check_permission(action, user,
                                                    repo_name)
                     if perm is not True:
                         return HTTPForbidden()(environ, start_response)
         self.extras = {'ip': self.ipaddr,
                        'username': self.username,
                        'action': self.action,
                        'repository': self.repo_name}
         extras = {'ip': ipaddr,
                   'username': username,
                   'action': action,
                   'repository': repo_name}
         #======================================================================
         # MERCURIAL REQUEST HANDLING
         #======================================================================
         environ['PATH_INFO'] = '/'  # since we wrap into hgweb, reset the path
         self.baseui = make_ui('db')
         self.basepath = self.config['base_path']
         self.repo_path = os.path.join(self.basepath, self.repo_name)
         repo_path = safe_str(os.path.join(self.basepath, repo_name))
         log.debug('Repository path is %s' % repo_path)
         baseui = make_ui('db')
         self.__inject_extras(repo_path, baseui, extras)
         #quick check if that dir exists...
         if check_repo_fast(self.repo_name, self.basepath):
         # quick check if that dir exists...
         if check_repo_fast(repo_name, self.basepath):
             return HTTPNotFound()(environ, start_response)
         try:
             app = wsgiapplication(self.__make_app)
             #invalidate cache on push
             if action == 'push':
                 self.__invalidate_cache(repo_name)
             app = self.__make_app(repo_path, baseui, extras)
             return app(environ, start_response)
         except RepoError, e:
             if str(e).find('not found') != -1:
                 return HTTPNotFound()(environ, start_response)
         except Exception:
             log.error(traceback.format_exc())
             return HTTPInternalServerError()(environ, start_response)
         #invalidate cache on push
         if self.action == 'push':
             self.__invalidate_cache(self.repo_name)
         return app(environ, start_response)
     def __make_app(self):
     def __make_app(self, repo_name, baseui, extras):
         """
         Make an wsgi application using hgweb, and inject generated baseui
         instance, additionally inject some extras into ui object
         """
         self.__inject_extras(self.baseui, self.extras)
         return hgweb(str(self.repo_path), baseui=self.baseui)
         return hgweb_mod.hgweb(repo_name, name=repo_name, baseui=baseui)
     def __check_permission(self, action, user, repo_name):
         """
         Checks permissions using action (push/pull) user and repository
         name
         :param action: push or pull action
         :param user: user instance
         :param repo_name: repository name
         """
         if action == 'push':
             if not HasPermissionAnyMiddleware('repository.write',
                                               'repository.admin')(user,
                                                                   repo_name):
                 return False
         else:
             #any other action need at least read permission
             if not HasPermissionAnyMiddleware('repository.read',
                                               'repository.write',
                                               'repository.admin')(user,
                                                                   repo_name):
                 return False
@@ @@ -233,48 +236,52 @@ class SimpleHg(object): @@
         This should always return a valid command string
         :param environ:
         """
         mapping = {'changegroup': 'pull',
                    'changegroupsubset': 'pull',
                    'stream_out': 'pull',
                    'listkeys': 'pull',
                    'unbundle': 'push',
                    'pushkey': 'push', }
         for qry in environ['QUERY_STRING'].split('&'):
             if qry.startswith('cmd'):
                 cmd = qry.split('=')[-1]
                 if cmd in mapping:
                     return mapping[cmd]
                 else:
                     return 'pull'
     def __invalidate_cache(self, repo_name):
         """we know that some change was made to repositories and we should
         invalidate the cache to see the changes right away but only for
         push requests"""
         invalidate_cache('get_repo_cached_%s' % repo_name)
     def __inject_extras(self, baseui, extras={}):
+    def __inject_extras(self,repo_path, baseui, extras={}):
         """
         Injects some extra params into baseui instance
         also overwrites global settings with those takes from local hgrc file
         :param baseui: baseui instance
         :param extras: dict with extra params to put into baseui
         """
         hgrc = os.path.join(self.repo_path, '.hg', 'hgrc')
         hgrc = os.path.join(repo_path, '.hg', 'hgrc')
         # make our hgweb quiet so it doesn't print output
         baseui.setconfig('ui', 'quiet', 'true')
         #inject some additional parameters that will be available in ui
         #for hooks
         for k, v in extras.items():
             baseui.setconfig('rhodecode_extras', k, v)
         repoui = make_ui('file', hgrc, False)
         if repoui:
             #overwrite our ui instance with the section from hgrc file
             for section in ui_sections:
                 for k, v in repoui.configitems(section):
                     baseui.setconfig(section, k, v)

0 comments (0 inline, 0 general)