Forward-port tweak to forbiddenre support made in r1817 on the 1.0.x branch.
* lib/vcauth/forbiddenre/__init__.py (ViewVCAuthorizer._check_root_path_access): Lose 'rootname' and 'path_parts' parameters and logic to combine them; just accept the combined form as a new 'root_path' parameter. (ViewVCAuthorizer.check_root_access): Update call to _check_root_path_access(). (ViewVCAuthorizer.check_path_access): Do root and path combination here, and Update call to _check_root_path_access(). * viewvc.conf.dist (forbiddenre.forbidden): Update documentation and examples. git-svn-id: http://viewvc.tigris.org/svn/viewvc/trunk@1818 8cb11bc2-c004-0410-86c3-e597b4017df7remotes/log-paging
parent
301281228b
commit
8916fe3969
|
@ -32,24 +32,27 @@ class ViewVCAuthorizer(vcauth.GenericViewVCAuthorizer):
|
|||
self.forbidden = map(lambda x: _split_regexp(string.strip(x)),
|
||||
filter(None, string.split(forbidden, ',')))
|
||||
|
||||
def _check_root_path_access(self, rootname, path_parts):
|
||||
path = rootname
|
||||
if path_parts:
|
||||
path = path + '/' + string.join(path_parts, '/')
|
||||
|
||||
def _check_root_path_access(self, root_path):
|
||||
default = 1
|
||||
for forbidden, negated in self.forbidden:
|
||||
if negated:
|
||||
default = 0
|
||||
if forbidden.search(path):
|
||||
if forbidden.search(root_path):
|
||||
return 1
|
||||
elif forbidden.search(path):
|
||||
elif forbidden.search(root_path):
|
||||
return 0
|
||||
return default
|
||||
|
||||
def check_root_access(self, rootname):
|
||||
return self._check_root_path_access(rootname, None)
|
||||
return self._check_root_path_access(rootname)
|
||||
|
||||
def check_path_access(self, rootname, path_parts, pathtype, rev=None):
|
||||
return self._check_root_path_access(rootname, path_parts)
|
||||
root_path = rootname
|
||||
if path_parts:
|
||||
root_path = root_path + '/' + string.join(path_parts, '/')
|
||||
if pathtype == vclib.DIR:
|
||||
root_path = root_path + '/'
|
||||
else:
|
||||
root_path = root_path + '/'
|
||||
return self._check_root_path_access(root_path)
|
||||
|
||||
|
|
|
@ -748,7 +748,8 @@ forbidden =
|
|||
# path "/trunk/www/index.html" in the repository whose root name is
|
||||
# "svnrepos", this authorizer will check the path
|
||||
# "svnrepos/trunk/www/index.html" against the list of forbidden
|
||||
# regular expressions.
|
||||
# regular expressions. Directory paths will be terminated by a forward
|
||||
# slash.
|
||||
#
|
||||
# Like the "forbidden" authorizer...
|
||||
#
|
||||
|
@ -766,11 +767,17 @@ forbidden =
|
|||
# Disallow files named "PRIVATE", but allow all others:
|
||||
# forbidden = /PRIVATE$
|
||||
#
|
||||
# Disallow the "hidden" repository, allowing all others:
|
||||
# forbidden = ^hidden(/|$)
|
||||
#
|
||||
# Allow only the "example1" and "example2" roots and the paths inside them,
|
||||
# disallowing all others (which can be done in multiple ways):
|
||||
# forbidden = !^example1(/|$), !^example2(/|$)/
|
||||
# forbidden = !^example[12](/|$)
|
||||
#
|
||||
# Only allow visibility of HTML files and the directories that hold them:
|
||||
# forbidden = !^([^/]+|.*(/|\.html))$
|
||||
#
|
||||
forbidden =
|
||||
|
||||
#---------------------------------------------------------------------------
|
||||
|
|
Loading…
Reference in New Issue