kallithea Changeset - d14328af601e

Changeset - d14328af601e

Parent rev.

Child rev.

[Not reviewed]

default

0 4 0

Mads Kiilerich - 7 years ago 2019-01-07 02:08:38
mads@kiilerich.com

middleware: minor cleanup and alignment between VCSs to clarify how things work

4 files changed with 22 insertions and 25 deletions:

kallithea/lib/base.py

kallithea/lib/middleware/simplegit.py

kallithea/lib/middleware/simplehg.py

kallithea/lib/utils.py

0 comments (0 inline, 0 general)

kallithea/lib/base.py

➞

Show inline comments

@@ @@ -55,13 +55,13 @@ from kallithea.lib.auth import AuthUser, @@
 from kallithea.lib.compat import json
 from kallithea.lib.utils import get_repo_slug
 from kallithea.lib.exceptions import UserCreationError
 from kallithea.lib.vcs.exceptions import RepositoryError, EmptyRepositoryError, ChangesetDoesNotExistError
 from kallithea.model import meta
-from kallithea.model.db import PullRequest, Repository, Ui, User, Setting
 from kallithea.model.db import PullRequest, Repository, User, Setting
 from kallithea.model.scm import ScmModel
 log = logging.getLogger(__name__)
 def render(template_path):
@@ @@ -99,17 +99,17 @@ def _get_ip_addr(environ): @@
     ip = environ.get(def_key, '0.0.0.0')
     return _filter_proxy(ip)
 def _get_access_path(environ):
-    path = environ.get('PATH_INFO')
+    """Return PATH_INFO from environ ... using tg.original_request if available."""
     org_req = environ.get('tg.original_request')
     if org_req:
         path = org_req.environ.get('PATH_INFO')
     return path
     if org_req is not None:
         environ = org_req.environ
     return environ.get('PATH_INFO')
 def log_in_user(user, remember, is_external_auth, ip_addr):
     """
     Log a `User` in and update session and cookies. If `remember` is True,
     the session cookie is set to expire in a year; otherwise, it expires at
@@ @@ -207,13 +207,13 @@ class BaseVCSController(object): @@
     def parse_request(cls, environ):
         """If request is parsed as a request for this VCS, return a namespace with the parsed request.
         If the request is unknown, return None.
         """
         raise NotImplementedError()
-    def _authorize(self, environ, start_response, action, repo_name, ip_addr):
     def _authorize(self, environ, action, repo_name, ip_addr):
         """Authenticate and authorize user.
         Since we're dealing with a VCS client and not a browser, we only
         support HTTP basic authentication, either directly via raw header
         inspection, or by using container authentication to delegate the
         authentication to the web server.

kallithea/lib/middleware/simplegit.py

➞

Show inline comments

@@ @@ -25,19 +25,17 @@ Original author and date, and relevant c @@
 :copyright: (c) 2013 RhodeCode GmbH, and others.
 :license: GPLv3, see LICENSE.md for more details.
 """
 import os
 import re
 import logging
 import traceback
 from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError, \
     HTTPNotAcceptable, HTTPBadRequest
 from webob.exc import HTTPNotFound, HTTPInternalServerError, HTTPBadRequest
 from kallithea.model.db import Ui, Repository
 from kallithea.lib.utils2 import safe_str, safe_unicode, get_server_url, \
     _set_extras
 from kallithea.lib.base import BaseVCSController
 from kallithea.lib.utils import make_ui, is_valid_repo
@@ @@ -80,13 +78,12 @@ class SimpleGit(BaseVCSController): @@
                 service = None
                 action = cmd_mapping.get(cmd)
         return parsed_request
     def _handle_request(self, parsed_request, environ, start_response):
         ip_addr = self._get_ip_addr(environ)
         # skip passing error to error controller
         environ['pylons.status_code_redirect'] = True
         # quick check if repo exists...
         if not is_valid_repo(parsed_request.repo_name, self.basepath, self.scm_alias):
             raise HTTPNotFound()
@@ @@ -95,35 +92,35 @@ class SimpleGit(BaseVCSController): @@
             # Note: the client doesn't get the helpful error message
             raise HTTPBadRequest('Unable to detect pull/push action for %r! Are you using a nonstandard command or client?' % parsed_request.repo_name)
         #======================================================================
         # CHECK PERMISSIONS
         #======================================================================
         user, response_app = self._authorize(environ, start_response, parsed_request.action, parsed_request.repo_name, ip_addr)
         ip_addr = self._get_ip_addr(environ)
         user, response_app = self._authorize(environ, parsed_request.action, parsed_request.repo_name, ip_addr)
         if response_app is not None:
             return response_app(environ, start_response)
         # extras are injected into Mercurial UI object and later available
         # in hooks executed by Kallithea
         from kallithea import CONFIG
         server_url = get_server_url(environ)
         extras = {
             'ip': ip_addr,
             'username': user.username,
             'action': parsed_request.action,
             'repository': parsed_request.repo_name,
             'scm': self.scm_alias,
             'config': CONFIG['__file__'],
-            'server_url': server_url,
+            'server_url': get_server_url(environ),
+        }
         #===================================================================
         # GIT REQUEST HANDLING
         #===================================================================
         #======================================================================
         # REQUEST HANDLING
         #======================================================================
         log.debug('HOOKS extras is %s', extras)
-        _set_extras(extras or {})
         _set_extras(extras)
         try:
             log.info('%s action on %s repo "%s" by "%s" from %s',
                      parsed_request.action, self.scm_alias, parsed_request.repo_name, safe_str(user.username), ip_addr)
             app = self._make_app(parsed_request)
             return app(environ, start_response)

kallithea/lib/middleware/simplehg.py

➞

Show inline comments

@@ @@ -30,14 +30,13 @@ Original author and date, and relevant c @@
 import os
 import logging
 import traceback
 import urllib
 from webob.exc import HTTPNotFound, HTTPForbidden, HTTPInternalServerError, \
     HTTPNotAcceptable, HTTPBadRequest
 from webob.exc import HTTPNotFound, HTTPInternalServerError, HTTPBadRequest
 from kallithea.lib.utils2 import safe_str, safe_unicode, get_server_url, \
     _set_extras
 from kallithea.lib.base import BaseVCSController
 from kallithea.lib.utils import make_ui, is_valid_repo
 from kallithea.lib.vcs.utils.hgcompat import RepoError, hgweb_mod
@@ @@ -134,13 +133,12 @@ class SimpleHg(BaseVCSController): @@
                         action = cmd_mapping.get(cmd, 'push')
                     break # only process one cmd
         return parsed_request
     def _handle_request(self, parsed_request, environ, start_response):
         ip_addr = self._get_ip_addr(environ)
         # skip passing error to error controller
         environ['pylons.status_code_redirect'] = True
         # quick check if repo exists...
         if not is_valid_repo(parsed_request.repo_name, self.basepath, self.scm_alias):
             raise HTTPNotFound()
@@ @@ -149,34 +147,35 @@ class SimpleHg(BaseVCSController): @@
             # Note: the client doesn't get the helpful error message
             raise HTTPBadRequest('Unable to detect pull/push action for %r! Are you using a nonstandard command or client?' % parsed_request.repo_name)
         #======================================================================
         # CHECK PERMISSIONS
         #======================================================================
         user, response_app = self._authorize(environ, start_response, parsed_request.action, parsed_request.repo_name, ip_addr)
         ip_addr = self._get_ip_addr(environ)
         user, response_app = self._authorize(environ, parsed_request.action, parsed_request.repo_name, ip_addr)
         if response_app is not None:
             return response_app(environ, start_response)
         # extras are injected into Mercurial UI object and later available
         # in hooks executed by Kallithea
         from kallithea import CONFIG
         server_url = get_server_url(environ)
         extras = {
             'ip': ip_addr,
             'username': user.username,
             'action': parsed_request.action,
             'repository': parsed_request.repo_name,
             'scm': self.scm_alias,
             'config': CONFIG['__file__'],
-            'server_url': server_url,
+            'server_url': get_server_url(environ),
+        }
         #======================================================================
-        # MERCURIAL REQUEST HANDLING
         # REQUEST HANDLING
         #======================================================================
         log.debug('HOOKS extras is %s', extras)
-        _set_extras(extras or {})
         _set_extras(extras)
         try:
             log.info('%s action on %s repo "%s" by "%s" from %s',
                      parsed_request.action, self.scm_alias, parsed_request.repo_name, safe_str(user.username), ip_addr)
             app = self._make_app(parsed_request)
             return app(environ, start_response)

kallithea/lib/utils.py

➞

Show inline comments

@@ @@ -265,12 +265,13 @@ def is_valid_repo(repo_name, base_path, @@
     :param repo_name:
     :param base_path:
     :param scm:
     :return True: if given path is a valid repository
     """
     # TODO: paranoid security checks?
     full_path = os.path.join(safe_str(base_path), safe_str(repo_name))
     try:
         scm_ = get_scm(full_path)
         if scm:
             return scm_[0] == scm

0 comments (0 inline, 0 general)