kallithea Changeset - aaacb075c3f3

Changeset - aaacb075c3f3

Parent rev.

Child rev.

[Not reviewed]

default

0 2 0

Mads Kiilerich - 9 years ago 2017-01-04 23:16:08
mads@kiilerich.com

hg: return 400 Bad Request for hg commands that not are commands

Avoid throwing bare Exceptions which requires framework specific testing.
Instead, return a reasonable http error code and make the test more framework
independent.

The "helpful" message will just be a description of the http exception and not
sent to the client.

2 files changed with 15 insertions and 21 deletions:

kallithea/lib/middleware/simplehg.py

kallithea/tests/functional/test_admin_repos.py

0 comments (0 inline, 0 general)

kallithea/lib/middleware/simplehg.py

➞

Show inline comments

@@ @@ -34,7 +34,7 @@ import traceback @@
 from paste.httpheaders import REMOTE_USER, AUTH_TYPE
 from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError, \
     HTTPNotAcceptable
+    HTTPNotAcceptable, HTTPBadRequest
 from kallithea.model.db import User
 from kallithea.lib.utils2 import safe_str, safe_unicode, fix_PATH, get_server_url, \
@@ @@ -65,7 +65,6 @@ def is_mercurial(environ): @@
+    )
     return ishg_path
 class SimpleHg(BaseVCSController):
     def _handle_request(self, environ, start_response):
@@ @@ -97,7 +96,10 @@ class SimpleHg(BaseVCSController): @@
         #======================================================================
         # GET ACTION PULL or PUSH
         #======================================================================
         action = self.__get_action(environ)
         try:
             action = self.__get_action(environ)
         except HTTPBadRequest as e:
             return e(environ, start_response)
         #======================================================================
         # CHECK ANONYMOUS PERMISSION
@@ @@ -259,27 +261,19 @@ class SimpleHg(BaseVCSController): @@
     def __get_action(self, environ):
         """
         Maps mercurial request commands into a clone,pull or push command.
         This should always return a valid command string
         Maps mercurial request commands into a pull or push command.
-        :param environ:
+        Raises HTTPBadRequest if the request environment doesn't look like a hg client.
         """
         mapping = {'changegroup': 'pull',
                    'changegroupsubset': 'pull',
                    'stream_out': 'pull',
                    'listkeys': 'pull',
                    'unbundle': 'push',
                    'pushkey': 'push', }
         mapping = {'unbundle': 'push',
                    'pushkey': 'push'}
         for qry in environ['QUERY_STRING'].split('&'):
             if qry.startswith('cmd'):
                 cmd = qry.split('=')[-1]
                 if cmd in mapping:
                     return mapping[cmd]
                 return mapping.get(cmd, 'pull')
                 return 'pull'
         raise Exception('Unable to detect pull/push action !!'
                         'Are you using non standard command or client ?')
         # Note: the client doesn't get the helpful error message
         raise HTTPBadRequest('Unable to detect pull/push action! Are you using non standard command or client?')
     def __inject_extras(self, repo_path, baseui, extras=None):
         """

kallithea/tests/functional/test_admin_repos.py

➞

Show inline comments

@@ @@ -612,6 +612,6 @@ class TestAdminReposControllerHG(_BaseTe @@
     OTHER_TYPE = 'git'
     def test_permanent_url_protocol_access(self):
         with pytest.raises(Exception) as e:
             self.app.get(url('summary_home', repo_name='_1'), extra_environ={'HTTP_ACCEPT': 'application/mercurial'})
         assert 'Unable to detect pull/push action' in str(e)
         # 400 Bad Request - Unable to detect pull/push action
         self.app.get(url('summary_home', repo_name='_1'), extra_environ={'HTTP_ACCEPT': 'application/mercurial'},
                      status=400)

0 comments (0 inline, 0 general)