turnip

Merge ~twom/turnip:code-import-support-for-checkRefPermissions into turnip:master

  1. Git
  2. lp:~twom/turnip
  3. code-import-support-for-checkRefPermissions
  4. Merge into master
Proposed by Tom Wardill
Status: Merged
Approved by: Colin Watson
Approved revision: 0de65c59a1c616586f2a19bba43cd349b359852c
Merge reported by: Otto Co-Pilot
Merged at revision: not available
Proposed branch: ~twom/turnip:code-import-support-for-checkRefPermissions
Merge into: turnip:master
Diff against target: 99 lines (+37/-13)
2 files modified
turnip/pack/git.py (+15/-13)
turnip/pack/tests/test_functional.py (+22/-0)
Reviewer Review Type Date Requested Status
Colin Watson (community) Approve
Review via email: mp+357744@code.launchpad.net

Commit message

Check for more auth methods in checkRefPermissions

Description of the change

Allow http auth.

To post a comment you must log in.
~twom/turnip:code-import-support-for-checkRefPermissions updated
e1990a9... by Tom Wardill

Correct method naming style

0de65c5... by Tom Wardill

Remove typo

Revision history for this message
Colin Watson (cjwatson) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/turnip/pack/git.py b/turnip/pack/git.py
index d45e1db..79c6194 100644
--- a/turnip/pack/git.py
+++ b/turnip/pack/git.py
@@ -214,6 +214,19 @@ class PackServerProtocol(PackProxyProtocol):
214 self.sendPacket(ERROR_PREFIX + message + b'\n')214 self.sendPacket(ERROR_PREFIX + message + b'\n')
215 self.transport.loseConnection()215 self.transport.loseConnection()
216216
217 def createAuthParams(self, params):
218 auth_params = {}
219 for key, value in params.items():
220 if key.startswith(b'turnip-authenticated-'):
221 decoded_key = key[len(b'turnip-authenticated-'):].decode(
222 'utf-8')
223 auth_params[decoded_key] = value
224 if 'uid' in auth_params:
225 auth_params['uid'] = int(auth_params['uid'])
226 if params.get(b'turnip-can-authenticate') == b'yes':
227 auth_params['can-authenticate'] = True
228 return auth_params
229
217230
218class GitProcessProtocol(protocol.ProcessProtocol):231class GitProcessProtocol(protocol.ProcessProtocol):
219232
@@ -421,9 +434,7 @@ class PackBackendProtocol(PackServerProtocol):
421 if params.pop(b'turnip-advertise-refs', None):434 if params.pop(b'turnip-advertise-refs', None):
422 args.append(b'--advertise-refs')435 args.append(b'--advertise-refs')
423 args.append(self.path)436 args.append(self.path)
424 uid = params.get('turnip-authenticated-uid')437 auth_params = self.createAuthParams(params)
425 uid = int(uid) if uid else None
426 auth_params = {'uid': uid}
427 self.spawnGit(subcmd,438 self.spawnGit(subcmd,
428 args,439 args,
429 write_operation=write_operation,440 write_operation=write_operation,
@@ -549,16 +560,7 @@ class PackVirtServerProtocol(PackProxyServerProtocol):
549 permission = b'read' if command == b'git-upload-pack' else b'write'560 permission = b'read' if command == b'git-upload-pack' else b'write'
550 proxy = xmlrpc.Proxy(self.factory.virtinfo_endpoint, allowNone=True)561 proxy = xmlrpc.Proxy(self.factory.virtinfo_endpoint, allowNone=True)
551 try:562 try:
552 auth_params = {}563 auth_params = self.createAuthParams(params)
553 for key, value in params.items():
554 if key.startswith(b'turnip-authenticated-'):
555 decoded_key = key[len(b'turnip-authenticated-'):].decode(
556 'utf-8')
557 auth_params[decoded_key] = value
558 if 'uid' in auth_params:
559 auth_params['uid'] = int(auth_params['uid'])
560 if params.get(b'turnip-can-authenticate') == b'yes':
561 auth_params['can-authenticate'] = True
562 self.log.info("Translating request.")564 self.log.info("Translating request.")
563 translated = yield proxy.callRemote(565 translated = yield proxy.callRemote(
564 b'translatePath', pathname, permission, auth_params)566 b'translatePath', pathname, permission, auth_params)
diff --git a/turnip/pack/tests/test_functional.py b/turnip/pack/tests/test_functional.py
index 6f0a838..6de8489 100644
--- a/turnip/pack/tests/test_functional.py
+++ b/turnip/pack/tests/test_functional.py
@@ -106,6 +106,7 @@ class FakeVirtInfoService(xmlrpc.XMLRPC):
106 self.translations = []106 self.translations = []
107 self.authentications = []107 self.authentications = []
108 self.push_notifications = []108 self.push_notifications = []
109 self.ref_permissions_checks = []
109 self.ref_permissions = {}110 self.ref_permissions = {}
110111
111 def xmlrpc_translatePath(self, pathname, permission, auth_params):112 def xmlrpc_translatePath(self, pathname, permission, auth_params):
@@ -130,6 +131,7 @@ class FakeVirtInfoService(xmlrpc.XMLRPC):
130 self.push_notifications.append(path)131 self.push_notifications.append(path)
131132
132 def xmlrpc_checkRefPermissions(self, path, ref_paths, auth_params):133 def xmlrpc_checkRefPermissions(self, path, ref_paths, auth_params):
134 self.ref_permissions_checks.append((path, ref_paths, auth_params))
133 return self.ref_permissions135 return self.ref_permissions
134136
135137
@@ -677,6 +679,26 @@ class TestSmartHTTPFrontendWithAuthFunctional(TestSmartHTTPFrontendFunctional):
677 {b'can-authenticate': True, b'user': b'test-user'})],679 {b'can-authenticate': True, b'user': b'test-user'})],
678 self.virtinfo.translations)680 self.virtinfo.translations)
679681
682 @defer.inlineCallbacks
683 def test_authenticated_push(self):
684 test_root = self.useFixture(TempDir()).path
685 clone = os.path.join(test_root, 'clone')
686 yield self.assertCommandSuccess((b'git', b'clone', self.url, clone))
687 yield self.assertCommandSuccess(
688 (b'git', b'config', b'user.name', b'Test User'), path=clone)
689 yield self.assertCommandSuccess(
690 (b'git', b'config', b'user.email', b'test@example.com'),
691 path=clone)
692 yield self.assertCommandSuccess(
693 (b'git', b'commit', b'--allow-empty', b'-m', b'Committed test'),
694 path=clone)
695 yield self.assertCommandSuccess(
696 (b'git', b'push', b'origin', b'master'), path=clone)
697 self.assertEqual(
698 [(self.internal_name, [b'refs/heads/master'],
699 {b'can-authenticate': True, b'user': b'test-user'})],
700 self.virtinfo.ref_permissions_checks)
701
680702
681class TestSmartSSHServiceFunctional(FrontendFunctionalTestMixin, TestCase):703class TestSmartSSHServiceFunctional(FrontendFunctionalTestMixin, TestCase):
682704

Subscribers

People subscribed via source and target branches