ACLs and Web Interfaces
Jeff Abbott
fdiv_bug at sniping.org
Wed Mar 5 05:32:42 GMT 2008
James Westby wrote:
> On Tue, 2008-03-04 at 15:56 -0500, Jeff Abbott wrote:
>> Something that Mercurial's hgweb supports is the ability to tell it "all
>> my repos live below here" with the [collections] section in the hgweb
>> config. hgweb walks that file system path and finds any repos it can,
>> and presents them to the user if it can access that location with the
>> credentials it's running under. Usually, when running with mod_python
>> in Apache, that's the apache user, but if you add mod_auth_kerb into the
>> equation to authenticate users to the Kerberos realm, and mod_waklog to
>> run CGI and mod_python scripts with the Kerberos-authenticated user's
>> credentials, hgweb will only show them the repositories in AFS that they
>> can read.
>
> bazaar-webserve is a fork of hgweb, so it may not be that difficult.
... You're right, that wasn't that difficult.
It's been a rainy, blustery evening, so I decided to sit inside and hack
at bzr-webserve. The result is that it now has some of the
functionality that hgweb has that I so appreciate.
I've published a branch at:
https://code.launchpad.net/~fdivbug/bzr-webserve/collections
Python hasn't been my primary language for quite some time, and I'm
still rather new to the Bazaar and bzr-webserve codebases, so please let
me know if there are better ways to do what I've done.
What I've added is this. There's a new config option in the
bzr-webserve config file, in the [DEFAULT] section, called
"collections". It's a comma-delimited set of paths -- or a single path
-- that will be walked looking for Bazaar branches. Any that are found
will have their .bzr/branch/branch.conf files read, and the following
settings will be pulled out of the [web] section of that file:
name
repopath
author
description
email
mapfile
tararchive
profile
encoding
These have the exact same meanings there as they do in the main
bzr-webserve config. In essence what it's doing is adding any branches
it finds to the bzr-webserve ConfigObj instance as though they were
explicitly specified in sections the main bzr-webserve config.
I have no idea how to proceed from here, really. If there are any valid
criticisms of my code I will happily change it to account for those
concerns, but once the code is up to snuff I guess I'd need Goffredo to
merge it; are you around, Signor Baroncelli?
Thanks,
Jeff
More information about the bazaar
mailing list