hgweb's biggest problem - was: Mercurial push, abort: authorization failed.

[Hans Meine]

On Friday 05 June 2009 19:05:05 Piotr Byzia wrote:
> This was so obvious, that I haven't make sure it's right. chown to www-
> data solved my problem immediately :-)
> What a pity that mistakes like that are not more verbose.

AFAICS, this is hgweb's biggest downside.  I had problems in the past myself, 
and I see huge numbers of postings on this list which are due to problems with 
wrong permissions etc.

I think it would be very good if hg would explicitly and clearly report 
problems such as:
- wrong owner/perms of .hgrc (not evaluated)
- no read/write permissions on repo
and probably more, which I don't remember right now.

If that's considered to be a security problem (IIRC all exceptions are 
explicitly caught and silenced, probably for security reasons), there should 
be an option to turn it off, but I think it should be on by default.  If 
that's really a problem - and I think it might be, due to non-controllable 
output in tracebacks - one might add a big red warning on the served HTML 
pages like:

"Congratulations! Your hgweb basic setup has been successful.  After testing 
cloning and pushing, please add '<insert name of debug_traceback option here> 
= off' to your .hgrc to finish the installation."

Wouldn't you agree?
 Hans