loggerhead

Merge lp:~beuno/loggerhead/serve-config into lp:loggerhead

  1. serve-config
  2. Merge into trunk-rich
Proposed by Martin Albisetti
Status: Merged
Merged at revision: not available
Proposed branch: lp:~beuno/loggerhead/serve-config
Merge into: lp:loggerhead
Diff against target: None lines
To merge this branch: bzr merge lp:~beuno/loggerhead/serve-config
Reviewer Review Type Date Requested Status
Michael Hudson-Doyle Approve
Matt Nordhoff Needs Fixing
Review via email: mp+6821@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Martin Albisetti (beuno) wrote :

This branch does the following:
- Allows hiding branches with serve-branches
- Tests it
- Adds some mising copyright headers
- Renames README.txt to README

Revision history for this message
Matt Nordhoff (mnordhoff) wrote :

Without doing a real review, I spotted a couple trivial whitespace issues:

* The copyright headers tend to have 2 spaces between "2009" and "Canonical".

* TestEmptyBranch's docstring starts with a space.

Aside from that, one question: What about using 403 Forbidden for hidden branches instead of 404 Not Found? Obviously it'd reveal their existence, but it's also more true to a setting named "serve_http = False". Sort of. Maybe. :D

Revision history for this message
Adrian Wilkins (adrian-wilkins) wrote :

> What about using 403 Forbidden for hidden
> branches instead of 404 Not Found? Obviously it'd reveal their existence, but
> it's also more true to a setting named "serve_http = False". Sort of. Maybe.
> :D

I've noted that some servers go the other way, and pitch a 403 for requests to non-existent branches as well. This is either "more secure" or "of dubious helpfulness", depending on your point of view.

Revision history for this message
Matt Nordhoff (mnordhoff) wrote :

> > What about using 403 Forbidden for hidden
> > branches instead of 404 Not Found? Obviously it'd reveal their existence,
> but
> > it's also more true to a setting named "serve_http = False". Sort of. Maybe.
> > :D
>
> I've noted that some servers go the other way, and pitch a 403 for requests to
> non-existent branches as well. This is either "more secure" or "of dubious
> helpfulness", depending on your point of view.

For truly non-existent branches, I vote 404.

For hidden branches, IMO 403 is correct, but I can accept 404 for the privacy aspect.

Anyway, what do you want to do here? I'm okay either way. :)

Revision history for this message
Matt Nordhoff (mnordhoff) wrote :

I approve, pending the 403 vs. 404 bikeshed I started, but someone more knowledgeable than me should verify that you didn't miss any entry points.

Serving .bzr is broken -- see lp:~jelmer/loggerhead/fix-bzrserve or lp:~mnordhoff/loggerhead/380026-fix-serving-branches, but there are conflicts between them and this branch, and I'd prefer that you fix them. I could probably handle it myself, but it'd mostly be guesswork, trying random things until it stopped spewing 500 Internal Server Errors.

review: Needs Fixing
lp:~beuno/loggerhead/serve-config updated
361. By Martin Albisetti

Fixed whitespace and other trivial bits from the review

Revision history for this message
Martin Albisetti (beuno) wrote :

> * The copyright headers tend to have 2 spaces between "2009" and "Canonical".
>
> * TestEmptyBranch's docstring starts with a space.

Done.

> Aside from that, one question: What about using 403 Forbidden for hidden
> branches instead of 404 Not Found? Obviously it'd reveal their existence, but
> it's also more true to a setting named "serve_http = False". Sort of. Maybe.
> :D

I chose 404 because it gives out less about what's available. I feel that if we spit out a 403, there has to be some sort of ACL or way of viewing them, when there actually isn't.

Revision history for this message
Matt Nordhoff (mnordhoff) wrote :

> I approve, pending the 403 vs. 404 bikeshed I started, but someone more
> knowledgeable than me should verify that you didn't miss any entry points.
>
> Serving .bzr is broken -- see lp:~jelmer/loggerhead/fix-bzrserve or
> lp:~mnordhoff/loggerhead/380026-fix-serving-branches, but there are conflicts
> between them and this branch, and I'd prefer that you fix them. I could
> probably handle it myself, but it'd mostly be guesswork, trying random things
> until it stopped spewing 500 Internal Server Errors.

Also: I think you should use ConfigObj's as_bool method instead of "== 'False'".

Revision history for this message
Matt Nordhoff (mnordhoff) wrote :

> Serving .bzr is broken -- see lp:~jelmer/loggerhead/fix-bzrserve or
> lp:~mnordhoff/loggerhead/380026-fix-serving-branches, but there are conflicts
> between them and this branch, and I'd prefer that you fix them. I could
> probably handle it myself, but it'd mostly be guesswork, trying random things
> until it stopped spewing 500 Internal Server Errors.

Those branches have now landed, FYI.

lp:~beuno/loggerhead/serve-config updated
362. By Martin Albisetti

Merge from trunk and fix conflict by refactoring the code

Revision history for this message
Martin Albisetti (beuno) wrote :

Ok, merged with trunk and resolved conflicts by refactoring.
All tests pass :)

Revision history for this message
Martin Albisetti (beuno) wrote :

> Also: I think you should use ConfigObj's as_bool method instead of "==
> 'False'".

Would you be so kind as to point me to an example of this?

Revision history for this message
Matt Nordhoff (mnordhoff) wrote :

I just noticed that a few tabs got introduced into the code:

$ ack-grep --python '\t'
loggerhead/apps/transport.py
111: bzrdir = BzrDir.open_containing_from_transport(
112: self.transport.clone(path_info))
113: branch = bzrdir.open_branch()
114: if branch.get_config().get_user_option('http_serve') == 'False':
115: raise httpexceptions.HTTPNotFound()
117: return

loggerhead/controllers/directory_ui.py
75: if b.get_config().get_user_option('http_serve') == 'False':

Revision history for this message
Matt Nordhoff (mnordhoff) wrote :

Martin Albisetti wrote:
> Ok, merged with trunk and resolved conflicts by refactoring.
> All tests pass :)

I fixed the tabs and a couple other trivial things in
lp:~mnordhoff/loggerhead/serve-config.

However, now there's a different issue: When serving branches on a
remote transport, trying to access .bzr/ results in a
TooManyConcurrentRequests traceback from the
BzrDir.open_containing_from_transport() call in check_is_a_branch().

E.g.:

serve-config$ bzr serve --directory .. &
serve-config$ ./serve-branches bzr://localhost/ &
serve-config$ bzr log -r -1 http://localhost:8080/serve-config/

Revision history for this message
Matt Nordhoff (mnordhoff) wrote :

Martin Albisetti wrote:
>> Also: I think you should use ConfigObj's as_bool method instead of "==
>> 'False'".
>
> Would you be so kind as to point me to an example of this?

Sorry, I dunno. When going through Bazaar's configuration system, I'm
not sure if it's possible to use it.

lp:~beuno/loggerhead/serve-config updated
363. By Martin Albisetti

Merge in Peng's tab fixes

Revision history for this message
Michael Hudson-Doyle (mwhudson) wrote :

I guess this is bb:comment... two points:

1) I'm not sure what checking in branch.py and in transport.py really gains you -- I think just checking in branch.py would be OK?

2) '== "False"' as a condition check is pretty icky, I think at least 'false' should be accepted too. It's unfortunate that bzrlib doesn't let you at the as_bool method of configobj. Perhaps we can just paste in a version of that as a standalone function? And file a bug on bzrlib.

Let's chat about these points on IRC sometime.

review: Needs Information
Revision history for this message
Martin Albisetti (beuno) wrote :

 > 1) I'm not sure what checking in branch.py and in transport.py really gains
> you -- I think just checking in branch.py would be OK?

Checking in transport.py blocks serving branches as well I think.

> 2) '== "False"' as a condition check is pretty icky, I think at least 'false'
> should be accepted too. It's unfortunate that bzrlib doesn't let you at the
> as_bool method of configobj. Perhaps we can just paste in a version of that
> as a standalone function? And file a bug on bzrlib.
>
> Let's chat about these points on IRC sometime.

Sure, ping me.

lp:~beuno/loggerhead/serve-config updated
364. By Martin Albisetti

Merge from trunk

365. By Martin Albisetti

Add deprecation warning to start-loggerhead

Revision history for this message
Michael Hudson-Doyle (mwhudson) wrote :

Land it, let's deal with the fallout later :)

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'NEWS'
--- NEWS 2009-05-17 11:10:38 +0000
+++ NEWS 2009-05-27 12:51:51 +0000
@@ -115,6 +115,10 @@
115115
116 - Fix 'bzr serve --http' errors. (Matt Nordhoff, #377551)116 - Fix 'bzr serve --http' errors. (Matt Nordhoff, #377551)
117117
118 - Added the option to hide branches by setting http_serve = False
119 in locations.conf (Martin Albisetti)
120
121
1181.10 [22Dec2008]1221.10 [22Dec2008]
119---------------123---------------
120124
121125
=== renamed file 'README.txt' => 'README'
--- README.txt 2009-03-17 22:31:42 +0000
+++ README 2009-05-27 12:52:49 +0000
@@ -1,7 +1,7 @@
1LOGGERHEAD1LOGGERHEAD
2==========2==========
33
4[ Version 1.6 for Bazaar 1.6 ]4[ Version 1.10 for Bazaar 1.6 ]
55
6Loggerhead is a web viewer for Bazaar branches. It can be used to6Loggerhead is a web viewer for Bazaar branches. It can be used to
7navigate a branch history, annotate files, perform searches... all the7navigate a branch history, annotate files, perform searches... all the
@@ -63,31 +63,14 @@
63USING A CONFIG FILE63USING A CONFIG FILE
64-------------------64-------------------
6565
66Previous versions of Loggerhead read their configuration from a config66To hide branches from being displayed, add to ``~/.bazaar/locations.conf``,
67file. This mode of operation is still supported by the67under the branch's section:
68'start-loggerhead' script. A 'loggerhead.conf.example' file is68
69included in the source which has comments explaining the various69 [/path/to/branch]
70options.70 http_serve = False
7171
72Loggerhead can then be started by running::72
7373More configuration options to come soon.
74 $ ./start-loggerhead
75
76This will run loggerhead in the background, listening on port 8080 by
77default.
78
79To stop Loggerhead, run::
80
81 $ ./stop-loggerhead
82
83In the configuration file you can configure projects, and branches per
84project. The idea is that you could be publishing several (possibly
85unrelated) projects through the same loggerhead instance, and several
86branches for the same project. See the "loggerhead.conf.example" file
87included with the source.
88
89A debug and access log are stored in the logs/ folder, relative to
90the location of the start-loggerhead script.
9174
9275
93SERVING LOGGERHEAD FROM BEHIND APACHE76SERVING LOGGERHEAD FROM BEHIND APACHE
@@ -107,13 +90,14 @@
107run behind a proxy at the root of a site, but if you're running it at90run behind a proxy at the root of a site, but if you're running it at
108some path into the site, you'll need to specify is using '--prefix=/some_path'.91some path into the site, you'll need to specify is using '--prefix=/some_path'.
10992
110FILES CHANGED CACHE93
111-------------------94SEARCH
11295------
113To speed up the display of the changelog view for large trees,96
114loggerhead can be configured to cache the files changes between97Search is currently supported by using the bzr-search plugin (available
115revisions. Set the 'cachepath' value in the config file.98at: ``https://launchpad.net/bzr-search``
11699You need to have the plugin installed and each branch indexed to allow
100searching on branches.
117101
118SUPPORT102SUPPORT
119-------103-------
120104
=== modified file 'loggerhead/apps/branch.py'
--- loggerhead/apps/branch.py 2009-05-13 11:34:09 +0000
+++ loggerhead/apps/branch.py 2009-05-27 09:55:41 +0000
@@ -1,3 +1,19 @@
1# Copyright (C) 2008, 2009 Canonical Ltd.
2#
3# This program is free software; you can redistribute it and/or modify
4# it under the terms of the GNU General Public License as published by
5# the Free Software Foundation; either version 2 of the License, or
6# (at your option) any later version.
7#
8# This program is distributed in the hope that it will be useful,
9# but WITHOUT ANY WARRANTY; without even the implied warranty of
10# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11# GNU General Public License for more details.
12#
13# You should have received a copy of the GNU General Public License
14# along with this program; if not, write to the Free Software
15# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
16#
1"""The WSGI application for serving a Bazaar branch."""17"""The WSGI application for serving a Bazaar branch."""
218
3import logging19import logging
@@ -113,6 +129,10 @@
113 return self.branch.get_config().get_user_option('public_branch')129 return self.branch.get_config().get_user_option('public_branch')
114130
115 def app(self, environ, start_response):131 def app(self, environ, start_response):
132 # Check again if the branch is blocked from being served, this is
133 # mostly for tests. It's already checked in apps/transport.py
134 if self.branch.get_config().get_user_option('http_serve') == 'False':
135 raise httpexceptions.HTTPNotFound()
116 self._url_base = environ['SCRIPT_NAME']136 self._url_base = environ['SCRIPT_NAME']
117 self._static_url_base = environ.get('loggerhead.static.url')137 self._static_url_base = environ.get('loggerhead.static.url')
118 if self._static_url_base is None:138 if self._static_url_base is None:
119139
=== modified file 'loggerhead/apps/transport.py'
--- loggerhead/apps/transport.py 2009-05-04 20:28:50 +0000
+++ loggerhead/apps/transport.py 2009-05-27 09:55:41 +0000
@@ -1,6 +1,23 @@
1# Copyright (C) 2008, 2009 Canonical Ltd.
2#
3# This program is free software; you can redistribute it and/or modify
4# it under the terms of the GNU General Public License as published by
5# the Free Software Foundation; either version 2 of the License, or
6# (at your option) any later version.
7#
8# This program is distributed in the hope that it will be useful,
9# but WITHOUT ANY WARRANTY; without even the implied warranty of
10# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11# GNU General Public License for more details.
12#
13# You should have received a copy of the GNU General Public License
14# along with this program; if not, write to the Free Software
15# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
16#
1"""Serve branches at urls that mimic a transport's file system layout."""17"""Serve branches at urls that mimic a transport's file system layout."""
218
3from bzrlib import branch, errors, lru_cache, urlutils19from bzrlib import branch, errors, lru_cache, urlutils
20from bzrlib.bzrdir import BzrDir
421
5from paste.request import path_info_pop22from paste.request import path_info_pop
6from paste import httpexceptions23from paste import httpexceptions
@@ -63,7 +80,10 @@
63 raise httpexceptions.HTTPNotFound()80 raise httpexceptions.HTTPNotFound()
64 return self.app_for_non_branch(environ)(environ, start_response)81 return self.app_for_non_branch(environ)(environ, start_response)
65 else:82 else:
66 return self.app_for_branch(b)(environ, start_response)83 if b.get_config().get_user_option('http_serve') == 'False':
84 raise httpexceptions.HTTPNotFound()
85 else:
86 return self.app_for_branch(b)(environ, start_response)
6787
6888
69class BranchesFromTransportRoot(object):89class BranchesFromTransportRoot(object):
@@ -82,6 +102,14 @@
82 elif environ['PATH_INFO'] == '/favicon.ico':102 elif environ['PATH_INFO'] == '/favicon.ico':
83 return favicon_app(environ, start_response)103 return favicon_app(environ, start_response)
84 elif '/.bzr/' in environ['PATH_INFO']:104 elif '/.bzr/' in environ['PATH_INFO']:
105 try:
106 bzrdir = BzrDir.open_containing_from_transport(
107 self.transport.clone(environ['PATH_INFO']))
108 branch = bzrdir.open_branch()
109 if branch.get_config().get_user_option('http_serve') == 'False':
110 raise httpexceptions.HTTPNotFound()
111 except errors.NotBranchError:
112 pass
85 app = urlparser.make_static(None, self.transport)113 app = urlparser.make_static(None, self.transport)
86 return app(environ, start_response)114 return app(environ, start_response)
87 else:115 else:
88116
=== modified file 'loggerhead/controllers/directory_ui.py'
--- loggerhead/controllers/directory_ui.py 2009-05-05 18:37:26 +0000
+++ loggerhead/controllers/directory_ui.py 2009-05-26 16:21:53 +0000
@@ -72,6 +72,8 @@
72 for d in listing:72 for d in listing:
73 try:73 try:
74 b = branch.Branch.open_from_transport(self.transport.clone(d))74 b = branch.Branch.open_from_transport(self.transport.clone(d))
75 if b.get_config().get_user_option('http_serve') == 'False':
76 continue
75 except:77 except:
76 if not stat.S_ISDIR(self.transport.stat(d).st_mode):78 if not stat.S_ISDIR(self.transport.stat(d).st_mode):
77 continue79 continue
7880
=== modified file 'loggerhead/tests/test_simple.py'
--- loggerhead/tests/test_simple.py 2009-02-18 10:40:22 +0000
+++ loggerhead/tests/test_simple.py 2009-05-27 12:44:28 +0000
@@ -1,8 +1,26 @@
1# Copyright (C) 2008, 2009 Canonical Ltd.
2#
3# This program is free software; you can redistribute it and/or modify
4# it under the terms of the GNU General Public License as published by
5# the Free Software Foundation; either version 2 of the License, or
6# (at your option) any later version.
7#
8# This program is distributed in the hope that it will be useful,
9# but WITHOUT ANY WARRANTY; without even the implied warranty of
10# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11# GNU General Public License for more details.
12#
13# You should have received a copy of the GNU General Public License
14# along with this program; if not, write to the Free Software
15# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
16#
17
1import cgi18import cgi
2import logging19import logging
320
4from bzrlib.tests import TestCaseWithTransport21from bzrlib.tests import TestCaseWithTransport
5from bzrlib.util.configobj.configobj import ConfigObj22from bzrlib.util.configobj.configobj import ConfigObj
23from bzrlib import config
624
7from loggerhead.apps.branch import BranchWSGIApp25from loggerhead.apps.branch import BranchWSGIApp
8from paste.fixture import TestApp26from paste.fixture import TestApp
@@ -103,6 +121,7 @@
103121
104122
105class TestEmptyBranch(BasicTests):123class TestEmptyBranch(BasicTests):
124 """ Test that an empty branch doesn't break"""
106125
107 def setUp(self):126 def setUp(self):
108 BasicTests.setUp(self)127 BasicTests.setUp(self)
@@ -118,3 +137,22 @@
118 res = app.get('/files')137 res = app.get('/files')
119 res.mustcontain('No revisions!')138 res.mustcontain('No revisions!')
120139
140
141class TestHiddenBranch(BasicTests):
142 """
143 Test that hidden branches aren't shown
144 FIXME: not tested that it doesn't show up on listings
145 """
146
147 def setUp(self):
148 BasicTests.setUp(self)
149 self.createBranch()
150 locations = config.locations_config_filename()
151 config.ensure_config_dir_exists()
152 open(locations, 'wb').write('[%s]\nhttp_serve = False'
153 % (self.tree.branch.base,))
154
155 def test_no_access(self):
156 app = self.setUpLoggerhead()
157 res = app.get('/changes', status=404)
158

Subscribers

People subscribed via source and target branches