Mercurial > hg > mercurial-crew-with-dirclash
comparison tests/test-trusted.py @ 3537:3b07e223534b
Only read .hg/hgrc files from trusted users/groups
The list of trusted users and groups is specified in the [trusted]
section of a hgrc; the current user is always trusted; "*" can be
used to trust all users/groups.
Global hgrc files are always read.
On Windows (and other systems that don't have the pwd and grp modules),
all .hg/hgrc files are read.
This is essentially the same patch that was previously applied as
revision 494521a3f142.
author | Alexis S. L. Carvalho <alexis@cecm.usp.br> |
---|---|
date | Thu, 26 Oct 2006 19:25:44 +0200 |
parents | |
children | 9b52239dc740 |
comparison
equal
deleted
inserted
replaced
3536:ef80b13df85a | 3537:3b07e223534b |
---|---|
1 #!/usr/bin/env python | |
2 # Since it's not easy to write a test that portably deals | |
3 # with files from different users/groups, we cheat a bit by | |
4 # monkey-patching some functions in the util module | |
5 | |
6 import os | |
7 from mercurial import ui, util | |
8 | |
9 hgrc = os.environ['HGRCPATH'] | |
10 | |
11 def testui(user='foo', group='bar', tusers=(), tgroups=(), | |
12 cuser='foo', cgroup='bar', debug=False): | |
13 # user, group => owners of the file | |
14 # tusers, tgroups => trusted users/groups | |
15 # cuser, cgroup => user/group of the current process | |
16 | |
17 # write a global hgrc with the list of trusted users/groups and | |
18 # some setting so that we can be sure it was read | |
19 f = open(hgrc, 'w') | |
20 f.write('[paths]\n') | |
21 f.write('global = /some/path\n\n') | |
22 | |
23 if tusers or tgroups: | |
24 f.write('[trusted]\n') | |
25 if tusers: | |
26 f.write('users = %s\n' % ', '.join(tusers)) | |
27 if tgroups: | |
28 f.write('groups = %s\n' % ', '.join(tgroups)) | |
29 f.close() | |
30 | |
31 # override the functions that give names to uids and gids | |
32 def username(uid=None): | |
33 if uid is None: | |
34 return cuser | |
35 return user | |
36 util.username = username | |
37 | |
38 def groupname(gid=None): | |
39 if gid is None: | |
40 return 'bar' | |
41 return group | |
42 util.groupname = groupname | |
43 | |
44 # try to read everything | |
45 #print '# File belongs to user %s, group %s' % (user, group) | |
46 #print '# trusted users = %s; trusted groups = %s' % (tusers, tgroups) | |
47 kind = ('different', 'same') | |
48 who = ('', 'user', 'group', 'user and the group') | |
49 trusted = who[(user in tusers) + 2*(group in tgroups)] | |
50 if trusted: | |
51 trusted = ', but we trust the ' + trusted | |
52 print '# %s user, %s group%s' % (kind[user == cuser], kind[group == cgroup], | |
53 trusted) | |
54 | |
55 parentui = ui.ui() | |
56 parentui.updateopts(debug=debug) | |
57 u = ui.ui(parentui=parentui) | |
58 u.readconfig('.hg/hgrc') | |
59 for name, path in u.configitems('paths'): | |
60 print ' ', name, '=', path | |
61 print | |
62 | |
63 return u | |
64 | |
65 os.mkdir('repo') | |
66 os.chdir('repo') | |
67 os.mkdir('.hg') | |
68 f = open('.hg/hgrc', 'w') | |
69 f.write('[paths]\n') | |
70 f.write('local = /another/path\n\n') | |
71 f.close() | |
72 | |
73 #print '# Everything is run by user foo, group bar\n' | |
74 | |
75 # same user, same group | |
76 testui() | |
77 # same user, different group | |
78 testui(group='def') | |
79 # different user, same group | |
80 testui(user='abc') | |
81 # ... but we trust the group | |
82 testui(user='abc', tgroups=['bar']) | |
83 # different user, different group | |
84 testui(user='abc', group='def') | |
85 # ... but we trust the user | |
86 testui(user='abc', group='def', tusers=['abc']) | |
87 # ... but we trust the group | |
88 testui(user='abc', group='def', tgroups=['def']) | |
89 # ... but we trust the user and the group | |
90 testui(user='abc', group='def', tusers=['abc'], tgroups=['def']) | |
91 # ... but we trust all users | |
92 print '# we trust all users' | |
93 testui(user='abc', group='def', tusers=['*']) | |
94 # ... but we trust all groups | |
95 print '# we trust all groups' | |
96 testui(user='abc', group='def', tgroups=['*']) | |
97 # ... but we trust the whole universe | |
98 print '# we trust all users and groups' | |
99 testui(user='abc', group='def', tusers=['*'], tgroups=['*']) | |
100 # ... check that users and groups are in different namespaces | |
101 print "# we don't get confused by users and groups with the same name" | |
102 testui(user='abc', group='def', tusers=['def'], tgroups=['abc']) | |
103 # ... lists of user names work | |
104 print "# list of user names" | |
105 testui(user='abc', group='def', tusers=['foo', 'xyz', 'abc', 'bleh'], | |
106 tgroups=['bar', 'baz', 'qux']) | |
107 # ... lists of group names work | |
108 print "# list of group names" | |
109 testui(user='abc', group='def', tusers=['foo', 'xyz', 'bleh'], | |
110 tgroups=['bar', 'def', 'baz', 'qux']) | |
111 | |
112 print "# Can't figure out the name of the user running this process" | |
113 testui(user='abc', group='def', cuser=None) |