{ "info": { "author": "Jeffrey Kyllo", "author_email": "jkyllo@echospiral.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 1 - Planning", "Environment :: Plugins", "Intended Audience :: Developers", "Intended Audience :: System Administrators", "License :: OSI Approved :: GNU General Public License v2 or later (GPLv2+)", "Natural Language :: English", "Operating System :: OS Independent", "Programming Language :: Python", "Topic :: Software Development :: Version Control" ], "description": "=========\nhgwebinit\n=========\n\n*hgwebinit* is a Mercurial extension for hgweb that allows for remote creation\nof repositories. At this time hgwebinit creates repositories implicitly if the \nrequesting user has permission to do so. This can easily create repositories \nunintentionally if the user simply misspells a repo or path. The primary use \nis for creating new repositories within collections but it is not currently \nlimited to that.\n\nNote that there are better tools out there for create repositories. The goal of\nthis extension is to provide an easy-to-use option that gets the basic job done.\nFeedback is certainly welcome as this is in an early stage.\n\nThe intent for future versions is to move to implementing tighter security\nmeasures in the permission model and to potentially implement an init command in\nthe wire protocol. This would prevent some confusion on the part of the user \nand allow for more fine-grained authorization.\n\nInstallation and Configuration\n==============================\n\n*hgwebinit* is available on bitbucket (primary) and github (mirror):\n\n* https://bitbucket.org/j3hyde/hgwebinit\n* https://github.com/j3hyde/hgwebinit\n\n*hgwebinit* may be installed from the Python Package Index using::\n\n\teasy_install hgwebinit\n\nor, via *pip*::\n\n\tpip install hgwebinit\n\nThis will download the current version of *hgwebinit* and get you ready. Next\nyou will want to configure your hgweb installation to also use hgwebinit. Here\nis an *hgweb.ini* for example::\n\n\t[paths]\n\t/trunk=/repos/*\n\n\t[web]\n\tallow_push = *\n\tpush_ssl = false\n\tallow_create = *\n\timplicit_init = true\n\n\t[extensions]\n\thgwebinit=\n\nhgwebinit will allow for creation of new repositories within collections or as \nsub-repositories. A direct conflict or a path outside of configure paths is \ndenied. In the above configuration, all users are allowed to create new \nrepositories. Set *allow_create* to a list of users a la *allow_push* to let \nthose users create new repositories.\n\nSecurity and Implementation Considerations\n==========================================\nAlthough there are security implications in doing this, they are not the ones \nthat most people think of. When searching for ways to create repositories \nremotely you are presented a couple options. One is to use hg via ssh. The \nothers basically consist of using bitbucket's web interface or similar. New \ncomers then often ask \"what if I want to create a repository via http?\" They \nare almost always confronted with the answer of \"you can't do that because it \nwould be insecure.\"\n\nPlease understand that whenever you put a server up on the Internet you must be\nconscious of security. The mechanisms provided by this extension are useful but\nnot complete. Please take precautions to lock down your server and ensure the\nright people are doing only things you have allowed them to do. \n\nSecurity: User permissions (authorization)\n------------------------------------------\n\n*hgweb* runs as the web server user (e.g. www-data under many Apache\nconfigurations) and file system-level permissions are only checked for that\nuser. *hgweb* then does some permissions processing on top of that.\n\n*hgweb* handles read and push permissions on a per-user basis given that the\nuser was authenticated at all. What is needed is a permission model for\nrepository creation in addition to the current read and push permissions. This\nextension adds a configuration for *allow_create* and *deny_create*. These are\nsimilar to the existing *allow_push* and *deny_push* configurations. In fact,\nat present a user must have both read and create permission in order to create\na repository implicitly.\n\nNote that when considering user permissions it is important to recognize the\nroll of *hgweb*. When using a repository via SSH or locally, authorization is\ndelegated to the file system on which the repository is stored. If the user\ncannot use hg to read/write the repository then that is it - mission failed.\n\nIn the case of *hgweb*, relying on file system permissions is insufficient.\nInstead *hgweb* implements its read and push permissions. *hgweb* is acting as\nan authorization layer for *hy*. This is an important distinction because it is\nunique to repositories hosted for HTTP access. For that reason, *hgwebinit*\nincludes permission for initializing a new repository.\n\nLastly consider that a user who is accessing a repository locally (this also\napplies to many SSH-based cases) has more access to the repository than they\nwould when accessing that same repository via HTTP. In particular, *hgweb*\nprovides no method that would destroy information in the repository. An\nauthenticated user can push new information and can read existing information\nbut they cannot remove commits or delete the repository. Conversely any user\nwith file-system permissions to the repository can actually delete it entirely.\nIn this sense *hgweb* actually provides more protection for the repository. \n\nSecurity: User identity (authentication)\n----------------------------------------\n\nWhen using a remote repository it is important to consider that the \nauthenticated user may not be the one identified in the commit log. This is \ntrue of *mercurial* in general and is not specific to *hgweb* or *hgwebinit*.\nConsider that authenticating via SSH gives someone full access to the\nrepository. They can then commit using whatever name and email they wish. If\nthis poses major risk for your project or organization then please consider the\nextension for *mercurial* that allows for signing commits using gpg.\nAlternatively an extension that verifies that the commit identity matches the\nauthenticated user would be quite handy.\n\nSide Effects\n------------\nIn the current state *hgwebinit* allows for creating new repositories but does\nso implicitly. When a properly authorized user tries to push to or read from a\npath that doesn't match a repository, a new repository is created on the fly.\nThe requested operation is then completed as normal. This means that any\nproperly authorized user who misspells a repository path is going to create a\nnew repository.\n\nThis comes back to the topic of destructive edits because removing the\nproblematic repository is now necessary. With direct repository access one can\nsimply delete it. Allowing such destructive access from the Internet is\nprobably not wise and it is not the intent of this extension to allow such\nactions. Repairing that situation should be handled by someone with sufficient\nrepository access.\n\nRoadmap\n=======\n\nProtocol Complexity\n-------------------\n\nThe roadmap for this extension includes an addition to the hg protocol in order\nto support explicit creation of repositories. In other words, we want a user\nwith this extension installed to be able to type\n**hg init https://server.com/remote_repo**, get authenticated and authorized and\nend up with a new repository, just as they asked.\n\nAlthough this adds to the HTTP protocol it would essentially close a feature gap\nwhen compared to the functionality afforded by SSH connections. Consider that\na user with sufficient file system permissions is able to initialize a new\nrepository anywhere.\n\nHg Scope Creep\n--------------\n\nThe issue with adding commands an functionality like this is that it could open\na door for new feature requests.\n\nFirst consider that it would be a great problem to have. Users desiring \nfunctionality either provides input to Hg developers or provides ideas for\nextension authors.\n\nSecondly, that scope creep could be prevented or controlled through the\ndissemination of information. The goal of *hgwebinit* is essentialy to gain\nparity with the SSH implementation while retaining a reasonable level of\nsecurity. Given that, other crazy-cool authorization mechanisms are outside the\nscope of this extension and should be considered for development as new\nprojects.", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://bitbucket.org/j3hyde/hgwebinit", "keywords": null, "license": "UNKNOWN", "maintainer": null, "maintainer_email": null, "name": "hgwebinit", "package_url": "https://pypi.org/project/hgwebinit/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/hgwebinit/", "project_urls": { "Download": "UNKNOWN", "Homepage": "https://bitbucket.org/j3hyde/hgwebinit" }, "release_url": "https://pypi.org/project/hgwebinit/0.1.0/", "requires_dist": null, "requires_python": null, "summary": "Mercurial hgweb init support.", "version": "0.1.0" }, "last_serial": 792923, "releases": { "0.1.0": [ { "comment_text": "", "digests": { "md5": "9f0745ca1ed3a0af7df60f29e9412a70", "sha256": "dbf19b1434f61df4196ff2be5ca9ff7f11539bd8f319affe0f284c8fb1a7af40" }, "downloads": -1, "filename": "hgwebinit-0.1.0-py2.7.egg", "has_sig": false, "md5_digest": "9f0745ca1ed3a0af7df60f29e9412a70", "packagetype": "bdist_egg", "python_version": "2.7", "requires_python": null, "size": 17727, "upload_time": "2013-01-27T05:44:59", "url": "https://files.pythonhosted.org/packages/6c/58/5f18963a4b874f4c50360db9dfea929b9f3200479410e012e4138655a50c/hgwebinit-0.1.0-py2.7.egg" }, { "comment_text": "", "digests": { "md5": "42880047f19e120c64dfefb52bb7874d", "sha256": "e9af947e1037b9212de98a05ffe753d2576c1946a8f145047bf0e4db6c15d41e" }, "downloads": -1, "filename": "hgwebinit-0.1.0.zip", "has_sig": false, "md5_digest": "42880047f19e120c64dfefb52bb7874d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 17927, "upload_time": "2013-01-27T05:45:01", "url": "https://files.pythonhosted.org/packages/43/e3/713a45baaad8582068fcac99bb8f36511905c20e5c7ea016ca9cd98dea2f/hgwebinit-0.1.0.zip" } ], "0.1.0dev": [ { "comment_text": "", "digests": { "md5": "296e107e8e87e540511d13104dddbe21", "sha256": "68bd7310c83985717eab623af6a4c7a0a0f3a2497650ee761acdabe4f35c2ae2" }, "downloads": -1, "filename": "hgwebinit-0.1.0dev-py2.7.egg", "has_sig": false, "md5_digest": "296e107e8e87e540511d13104dddbe21", "packagetype": "bdist_egg", "python_version": "2.7", "requires_python": null, "size": 17730, "upload_time": "2013-01-27T05:43:45", "url": "https://files.pythonhosted.org/packages/b6/ad/96b4cff7f36c1b2631466f6b91be3adcc1efab2a4da643b8d17adde02739/hgwebinit-0.1.0dev-py2.7.egg" }, { "comment_text": "", "digests": { "md5": "0daae075a2a1dae476bbc1767434f447", "sha256": "f86774c84c533074161fe40167a4e8c628b69b0c3887d37250b9e1863321c776" }, "downloads": -1, "filename": "hgwebinit-0.1.0dev.zip", "has_sig": false, "md5_digest": "0daae075a2a1dae476bbc1767434f447", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 17996, "upload_time": "2013-01-27T05:43:46", "url": "https://files.pythonhosted.org/packages/6c/f7/56d101fa3842b94ea666f9dc077d997b305dd93b639cecb1095c14776b68/hgwebinit-0.1.0dev.zip" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "9f0745ca1ed3a0af7df60f29e9412a70", "sha256": "dbf19b1434f61df4196ff2be5ca9ff7f11539bd8f319affe0f284c8fb1a7af40" }, "downloads": -1, "filename": "hgwebinit-0.1.0-py2.7.egg", "has_sig": false, "md5_digest": "9f0745ca1ed3a0af7df60f29e9412a70", "packagetype": "bdist_egg", "python_version": "2.7", "requires_python": null, "size": 17727, "upload_time": "2013-01-27T05:44:59", "url": "https://files.pythonhosted.org/packages/6c/58/5f18963a4b874f4c50360db9dfea929b9f3200479410e012e4138655a50c/hgwebinit-0.1.0-py2.7.egg" }, { "comment_text": "", "digests": { "md5": "42880047f19e120c64dfefb52bb7874d", "sha256": "e9af947e1037b9212de98a05ffe753d2576c1946a8f145047bf0e4db6c15d41e" }, "downloads": -1, "filename": "hgwebinit-0.1.0.zip", "has_sig": false, "md5_digest": "42880047f19e120c64dfefb52bb7874d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 17927, "upload_time": "2013-01-27T05:45:01", "url": "https://files.pythonhosted.org/packages/43/e3/713a45baaad8582068fcac99bb8f36511905c20e5c7ea016ca9cd98dea2f/hgwebinit-0.1.0.zip" } ] }