Mercurial > hg > mercurial-crew-with-dirclash

view contrib/hg-ssh @ 5192:33015dac5df5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
convert: fix mercurial_sink.putcommit Changeset 4ebc8693ce72 added some code to putcommit to avoid creating a revision that touches no files, but this can break regular conversions from some repositories: - conceptually, since we're converting a repo, we should try to make the new hg repo as similar as possible to the original repo - we should create a new changeset, even if the original revision didn't touch any files (maybe the commit message had some important bit); - even if a "regular" revision that doesn't touch any file may seem weird (and maybe even broken), it's completely legitimate for a merge revision to not touch any file, and, if we just skip it, the converted repo will end up with wrong history and possibly an extra head. As an example, say the crew and main hg repos are sync'ed. Somebody sends an important patch to the mailing list. Matt quickly applies and pushes it. But at the same time somebody also applies it to crew and pushes it. Suppose the commit message ended up being a bit different (say, there was a typo and somebody didn't fix it) or that the date ended up being different (because of different patch-applying scripts): the changeset hashes will be different, but the manifests will be the same. Since both changesets were pushed to public repos, it's hard to recall them. If both are merged, the manifest from the resulting merge revision will have the exact same contents as its parents - i.e. the merge revision really doesn't touch any file at all. To keep the file filtering stuff "working", the generic code was changed to skip empty revisions if we're filtering the repo, fixing a bug in the process (we want parents[0] instead of tip).
author Alexis S. L. Carvalho <alexis@cecm.usp.br>
date Fri, 17 Aug 2007 20:18:05 -0300
parents 831ebc408ffb
children 55860a45bbf2
line wrap: on
line source

#!/usr/bin/env python
#
# Copyright 2005-2007 by Intevation GmbH <intevation@intevation.de>
# Author(s):
# Thomas Arendsen Hein <thomas@intevation.de>
#
# This software may be used and distributed according to the terms
# of the GNU General Public License, incorporated herein by reference.

"""
hg-ssh - a wrapper for ssh access to a limited set of mercurial repos

To be used in ~/.ssh/authorized_keys with the "command" option, see sshd(8):
command="hg-ssh path/to/repo1 /path/to/repo2 ~/repo3 ~user/repo4" ssh-dss ...
(probably together with these other useful options:
 no-port-forwarding,no-X11-forwarding,no-agent-forwarding)

This allows pull/push over ssh to to the repositories given as arguments.

If all your repositories are subdirectories of a common directory, you can
allow shorter paths with:
command="cd path/to/my/repositories && hg-ssh repo1 subdir/repo2"

You can use pattern matching of your normal shell, e.g.:
command="cd repos && hg-ssh user/thomas/* projects/{mercurial,foo}"
"""

from mercurial import dispatch

import sys, os

cwd = os.getcwd()
allowed_paths = [os.path.normpath(os.path.join(cwd, os.path.expanduser(path)))
                 for path in sys.argv[1:]]
orig_cmd = os.getenv('SSH_ORIGINAL_COMMAND', '?')

if orig_cmd.startswith('hg -R ') and orig_cmd.endswith(' serve --stdio'):
    path = orig_cmd[6:-14]
    repo = os.path.normpath(os.path.join(cwd, os.path.expanduser(path)))
    if repo in allowed_paths:
        dispatch.dispatch(['-R', repo, 'serve', '--stdio'])
    else:
        sys.stderr.write("Illegal repository %r\n" % repo)
        sys.exit(-1)
else:
    sys.stderr.write("Illegal command %r\n" % orig_cmd)
    sys.exit(-1)