Rejecting a push based on commiter name

I've recently set up a mercurial repsoitory. All pusing is done via ssh. Currently only users with an LDAP account can push changes to the repository. However, given tha开发者_如何学编程t when commiting to a local repository any commiter name can be used using the --user. It is possible to have the situation where a commiter name does not match the LDAP account name. I want to avoid this.

What would be the best way to ensure this does not happen? Would a hook be the best way to deal with this problem? I would not want this to be a local hook, but hook that would live on same machine as the repository. It would need to check whether a commiter name matched the LDAP account on the event of a push, and if it doesn't send an appropriate error message back.

Does this seem like a sensible way to proceed or am I going about the problem in the wrong way?

If you just want to check that the username is correct, it should be possible when using Mercurial Server because every push is authenticated with a user's ssh key and you will find the key name in the $REMOTE_USER environment variable, so a hook of type pretxncommit (i.e., after changes have been applied) can check that the author name and the key name match and then can reject and rollback the commit if it doesn't.

E.g., if you have the convention of having all the keys stored in paths like: coders/"name"_rsa.pub

then this code should do the check:

if [ "$REMOTE_USER" != "coders/`hg tip --template "{author}\n"`_rsa.pub" ]
   then
      echo "reject msg.." ; exit 1
fi

However, there might be a problem when a user has just pulled changes from an other repository (i.e., commits that were made by other people) and pushes them to your repository with his/her key. Then the hook will reject them even if the usernames were correct in the first commits.. with hg, we can forward changesets between repositories even with a list of various usernames.. But if this is not a case you will encounter then you might try this..