Controlling access via hgweb.config

Question

I would like to be able to control access to some mercurial repositories on my server. I thought an easy solution would be to have all limited users have a username that ends with "_external". I would then change the deny_push and deny_read on some .hgrc files to give them access as needed. I setup up my hgweb.config file like below, but the deny_push and deny_read lines are ignored. Is this the correct syntax? Is there a better way to accomplish my goal (I looked into Rhodecode, but it seems to be pretty crashy on Windows).

[web]
style = gitweb
baseurl = /hg
allow_push = *
push_ssl = false
deny_push = *_external
deny_read = *_external

score 2 · Accepted Answer · answered Aug 23 '11 at 19:04

2

The best option you have is to setup a list with the usernames:

allow_push = user1, user2
deny_push = user3, user5
deny_read = user4

The problem with your syntax is that, you are first allowing push for everybody and then trying to limit the users.

answered Aug 23 '11 at 19:04

Murilo

131
1
3

Is there a way to configure the file with a regex so I don't have to put every user on the white/black list? – Jake Pearson Aug 23 '11 at 19:09
I don't think you can do that. Mercurial reads the config file and take action based on that. – Murilo Aug 23 '11 at 19:23

score 1 · Answer 2 · answered Sep 06 '11 at 16:50

1

mercurial-server can do this for you. This means connecting to your repository over ssh rather than over http, and authenticating using ssh keypairs, but in my experience that's far more convenient anyway.

answered Sep 06 '11 at 16:50

Paul Crowley

1,656
1
14
26

Controlling access via hgweb.config

2 Answers2