Mercurial > hg > mercurial-crew-with-dirclash
comparison tests/test-trusted.py @ 3010:494521a3f142
Only read .hg/hgrc files from trusted users/groups
The list of trusted users and groups is specified in the [trusted]
section of a hgrc; the current user is always trusted; "*" can be
used to trust all users/groups.
Global hgrc files are always read.
On Windows (and other systems that don't have the pwd and grp modules),
all .hg/hgrc files are read.
author | Alexis S. L. Carvalho <alexis@cecm.usp.br> |
---|---|
date | Tue, 22 Aug 2006 20:45:03 -0300 |
parents | |
children |
comparison
equal
deleted
inserted
replaced
3009:abcd6ae3cf5a | 3010:494521a3f142 |
---|---|
1 #!/usr/bin/env python | |
2 # Since it's not easy to write a test that portably deals | |
3 # with files from different users/groups, we cheat a bit by | |
4 # monkey-patching some functions in the util module | |
5 | |
6 import os | |
7 from mercurial import ui, util | |
8 | |
9 hgrc = os.environ['HGRCPATH'] | |
10 | |
11 def testui(user='foo', group='bar', tusers=(), tgroups=(), | |
12 cuser='foo', cgroup='bar'): | |
13 # user, group => owners of the file | |
14 # tusers, tgroups => trusted users/groups | |
15 # cuser, cgroup => user/group of the current process | |
16 | |
17 # write a global hgrc with the list of trusted users/groups and | |
18 # some setting so that we can be sure it was read | |
19 f = open(hgrc, 'w') | |
20 f.write('[paths]\n') | |
21 f.write('global = /some/path\n\n') | |
22 | |
23 if tusers or tgroups: | |
24 f.write('[trusted]\n') | |
25 if tusers: | |
26 f.write('users = %s\n' % ', '.join(tusers)) | |
27 if tgroups: | |
28 f.write('groups = %s\n' % ', '.join(tgroups)) | |
29 f.close() | |
30 | |
31 # override the functions that give names to uids and gids | |
32 def username(uid=None): | |
33 if uid is None: | |
34 return cuser | |
35 return user | |
36 util.username = username | |
37 | |
38 def groupname(gid=None): | |
39 if gid is None: | |
40 return 'bar' | |
41 return group | |
42 util.groupname = groupname | |
43 | |
44 # try to read everything | |
45 #print '# File belongs to user %s, group %s' % (user, group) | |
46 #print '# trusted users = %s; trusted groups = %s' % (tusers, tgroups) | |
47 kind = ('different', 'same') | |
48 who = ('', 'user', 'group', 'user and the group') | |
49 trusted = who[(user in tusers) + 2*(group in tgroups)] | |
50 if trusted: | |
51 trusted = ', but we trust the ' + trusted | |
52 print '# %s user, %s group%s' % (kind[user == cuser], kind[group == cgroup], | |
53 trusted) | |
54 | |
55 parentui = ui.ui() | |
56 u = ui.ui(parentui=parentui) | |
57 u.readconfig('.hg/hgrc') | |
58 for name, path in u.configitems('paths'): | |
59 print name, '=', path | |
60 print | |
61 | |
62 return u | |
63 | |
64 os.mkdir('repo') | |
65 os.chdir('repo') | |
66 os.mkdir('.hg') | |
67 f = open('.hg/hgrc', 'w') | |
68 f.write('[paths]\n') | |
69 f.write('local = /another/path\n\n') | |
70 f.close() | |
71 | |
72 #print '# Everything is run by user foo, group bar\n' | |
73 | |
74 # same user, same group | |
75 testui() | |
76 # same user, different group | |
77 testui(group='def') | |
78 # different user, same group | |
79 testui(user='abc') | |
80 # ... but we trust the group | |
81 testui(user='abc', tgroups=['bar']) | |
82 # different user, different group | |
83 testui(user='abc', group='def') | |
84 # ... but we trust the user | |
85 testui(user='abc', group='def', tusers=['abc']) | |
86 # ... but we trust the group | |
87 testui(user='abc', group='def', tgroups=['def']) | |
88 # ... but we trust the user and the group | |
89 testui(user='abc', group='def', tusers=['abc'], tgroups=['def']) | |
90 # ... but we trust all users | |
91 print '# we trust all users' | |
92 testui(user='abc', group='def', tusers=['*']) | |
93 # ... but we trust all groups | |
94 print '# we trust all groups' | |
95 testui(user='abc', group='def', tgroups=['*']) | |
96 # ... but we trust the whole universe | |
97 print '# we trust all users and groups' | |
98 testui(user='abc', group='def', tusers=['*'], tgroups=['*']) | |
99 # ... check that users and groups are in different namespaces | |
100 print "# we don't get confused by users and groups with the same name" | |
101 testui(user='abc', group='def', tusers=['def'], tgroups=['abc']) | |
102 # ... lists of user names work | |
103 print "# list of user names" | |
104 testui(user='abc', group='def', tusers=['foo', 'xyz', 'abc', 'bleh'], | |
105 tgroups=['bar', 'baz', 'qux']) | |
106 # ... lists of group names work | |
107 print "# list of group names" | |
108 testui(user='abc', group='def', tusers=['foo', 'xyz', 'bleh'], | |
109 tgroups=['bar', 'def', 'baz', 'qux']) | |
110 | |
111 print "# Can't figure out the name of the user running this process" | |
112 testui(user='abc', group='def', cuser=None) |