Web Authorization
Alexis S. L. Carvalho
alexis at cecm.usp.br
Wed Jul 4 12:29:42 CDT 2007
> Tony Morris wrote:
> > I am wondering if there is an intended use for authorizing web users to
> > specific directories within a repository. I tried the acl-hook only to
> > find that it will attempt authorization as the user that apache is
> > running as.
The acl extension uses the standard python getpass.getuser() function
which will look at some environment variables before using the current
user id. IOW, adding something like this to the cgi script should work
(completely untested):
import os
os.environ['LOGNAME'] = os.environ.get('REMOTE_USER', '')
(This is just setting the $LOGNAME environment variable to the same
value of $REMOTE_USER. There's probably some way to do the same using
.htaccess, but my apache-fu is not that great.)
This will obviously work only for push - right now there's no way to
limit pull access on a per-directory basis.
Alexis
More information about the Mercurial
mailing list