[projects/pld-builder.new.git] / PLD_Builder / acl.py

# vi: encoding=utf-8 ts=8 sts=4 sw=4 et

import ConfigParser
import string
import fnmatch
import os
import stat

import path
import log
import status
from mailer import Message
from config import config

class User:
    def __init__(self, p, login):
        self.login = login
        self.privs = []
        self.gpg_emails = []
        self.mailto = ""
        self.change_requester = False

        if p.has_option(login, "gpg_emails"):
            self.gpg_emails = string.split(p.get(login, "gpg_emails"))
        else:
            log.panic("acl: [%s] has no gpg_emails" % login)

        if p.has_option(login, "mailto"):
            self.mailto = p.get(login, "mailto")
        else:
            if len(self.gpg_emails) > 0:
                self.mailto = self.gpg_emails[0]

        if p.has_option(login, "change_requester"):
            self.change_requester = True

        if p.has_option(login, "privs"):
            for p in string.split(p.get(login, "privs")):
                l = string.split(p, ":")
                if len(l) == 2:
                    p+=":*"
                if len(l) not in (2,3) or l[0] == "" or l[1] == "":
                    log.panic("acl: invalid priv format: '%s' [%s]" % (p, login))
                else:
                    self.privs.append(p)
        else:
            log.panic("acl: [%s] has no privs" % login)

    def can_do(self, what, where, branch=None):
        if branch:
            action = "%s:%s:%s" % (what, where, branch)
        else:
            action = "%s:%s:N-A" % (what, where)
        for priv in self.privs:
            if priv[0] == "!":
                ret = 0
                priv = priv[1:]
            else:
                ret = 1
            pwhat,pwhere,pbranch=priv.split(":")
            for pbranch in pbranch.split(","):
                priv="%s:%s:%s" % (pwhat,pwhere,pbranch)
                if fnmatch.fnmatch(action, priv):
                    return ret
        return 0

    def check_priority(self, prio, where):
        for priv in self.privs:
            val,builder=priv.split(":")[0:2]
            if fnmatch.fnmatch(where, builder):
                try:
                    val=int(val)
                except ValueError:
                    continue
                if prio>=val:
                    return prio
                else:
                    return val
        return prio

    def mail_to(self):
        return self.mailto

    def message_to(self):
        m = Message()
        m.set_headers(to = self.mail_to(), cc = config.builder_list)
        return m

    def get_login(self):
        return self.login

class ACL_Conf:
    def __init__(self):
        self.reload()

    def try_reload(self):
        mtime = os.stat(path.acl_conf)[stat.ST_MTIME]
        if mtime != self.acl_conf_mtime:
            log.notice("acl.conf has changed, reloading...")
            self.reload()
            return True
        return False

    def reload(self):
        self.acl_conf_mtime = os.stat(path.acl_conf)[stat.ST_MTIME]
        self.current_user = None
        status.push("reading acl.conf")
        p = ConfigParser.ConfigParser()
        p.readfp(open(path.acl_conf))
        self.users = {}
        for login in p.sections():
            if self.users.has_key(login):
                log.panic("acl: duplicate login: %s" % login)
                continue
            user = User(p, login)
            for e in user.gpg_emails:
                if self.users.has_key(e):
                    log.panic("acl: user email colision %s <-> %s" % \
                              (self.users[e].login, login))
                else:
                    self.users[e] = user
            self.users[login] = user
        status.pop()

    def user_by_email(self, ems):
        for e in ems:
            if self.users.has_key(e):
                return self.users[e]
        return None

    def user_by_login(self, l):
        return self.users[l]

    def user(self, l):
        if not self.users.has_key(l):
            log.panic("no such user: %s" % l)
        return self.users[l]

    def set_current_user(self, u):
        self.current_user = u
        if u != None:
            status.email = u.mail_to()

    def current_user_login(self):
        if self.current_user != None:
            return self.current_user.login
        else:
            return ""

acl = ACL_Conf()
Commit	Line	Data
dfff8bd5 MM	1	# vi: encoding=utf-8 ts=8 sts=4 sw=4 et
dfff8bd5 MM	2
57b6e61d MM	3	import ConfigParser
57b6e61d MM	4	import string
7906d44d	5	import fnmatch
e3e3d74f	6	import os
2f2bdae3	7	import stat
57b6e61d MM	8
	9	import path
	10	import log
bdc3292c	11	import status
b5a39692 MM	12	from mailer import Message
b5a39692 MM	13	from config import config
57b6e61d MM	14
57b6e61d MM	15	class User:
dfff8bd5 MM	16	def __init__(self, p, login):
	17	self.login = login
	18	self.privs = []
	19	self.gpg_emails = []
	20	self.mailto = ""
cba0beaa	21	self.change_requester = False
e6376553	22
dfff8bd5 MM	23	if p.has_option(login, "gpg_emails"):
	24	self.gpg_emails = string.split(p.get(login, "gpg_emails"))
	25	else:
	26	log.panic("acl: [%s] has no gpg_emails" % login)
e6376553	27
dfff8bd5 MM	28	if p.has_option(login, "mailto"):
	29	self.mailto = p.get(login, "mailto")
	30	else:
	31	if len(self.gpg_emails) > 0:
	32	self.mailto = self.gpg_emails[0]
e6376553	33
cba0beaa KK	34	if p.has_option(login, "change_requester"):
	35	self.change_requester = True
	36
dfff8bd5 MM	37	if p.has_option(login, "privs"):
	38	for p in string.split(p.get(login, "privs")):
	39	l = string.split(p, ":")
	40	if len(l) == 2:
	41	p+=":*"
	42	if len(l) not in (2,3) or l[0] == "" or l[1] == "":
	43	log.panic("acl: invalid priv format: '%s' [%s]" % (p, login))
	44	else:
	45	self.privs.append(p)
57b6e61d	46	else:
dfff8bd5	47	log.panic("acl: [%s] has no privs" % login)
57b6e61d	48
dfff8bd5 MM	49	def can_do(self, what, where, branch=None):
	50	if branch:
	51	action = "%s:%s:%s" % (what, where, branch)
	52	else:
	53	action = "%s:%s:N-A" % (what, where)
	54	for priv in self.privs:
	55	if priv[0] == "!":
	56	ret = 0
	57	priv = priv[1:]
	58	else:
	59	ret = 1
	60	pwhat,pwhere,pbranch=priv.split(":")
	61	for pbranch in pbranch.split(","):
	62	priv="%s:%s:%s" % (pwhat,pwhere,pbranch)
	63	if fnmatch.fnmatch(action, priv):
	64	return ret
	65	return 0
57b6e61d	66
dfff8bd5 MM	67	def check_priority(self, prio, where):
	68	for priv in self.privs:
	69	val,builder=priv.split(":")[0:2]
	70	if fnmatch.fnmatch(where, builder):
	71	try:
	72	val=int(val)
	73	except ValueError:
	74	continue
	75	if prio>=val:
	76	return prio
	77	else:
	78	return val
dfff8bd5	79	return prio
60e340de	80
dfff8bd5 MM	81	def mail_to(self):
dfff8bd5 MM	82	return self.mailto
57b6e61d	83
dfff8bd5 MM	84	def message_to(self):
	85	m = Message()
	86	m.set_headers(to = self.mail_to(), cc = config.builder_list)
	87	return m
b5a39692	88
dfff8bd5 MM	89	def get_login(self):
dfff8bd5 MM	90	return self.login
57b6e61d	91
20b64239	92	class ACL_Conf:
dfff8bd5	93	def __init__(self):
e3e3d74f AM	94	self.reload()
	95
	96	def try_reload(self):
2f2bdae3	97	mtime = os.stat(path.acl_conf)[stat.ST_MTIME]
e3e3d74f AM	98	if mtime != self.acl_conf_mtime:
	99	log.notice("acl.conf has changed, reloading...")
	100	self.reload()
e3e3d74f AM	101	return True
	102	return False
	103
	104	def reload(self):
0ff341f8	105	self.acl_conf_mtime = os.stat(path.acl_conf)[stat.ST_MTIME]
dfff8bd5 MM	106	self.current_user = None
	107	status.push("reading acl.conf")
	108	p = ConfigParser.ConfigParser()
	109	p.readfp(open(path.acl_conf))
	110	self.users = {}
	111	for login in p.sections():
	112	if self.users.has_key(login):
	113	log.panic("acl: duplicate login: %s" % login)
	114	continue
	115	user = User(p, login)
	116	for e in user.gpg_emails:
	117	if self.users.has_key(e):
	118	log.panic("acl: user email colision %s <-> %s" % \
	119	(self.users[e].login, login))
	120	else:
	121	self.users[e] = user
	122	self.users[login] = user
	123	status.pop()
e6376553	124
dfff8bd5 MM	125	def user_by_email(self, ems):
	126	for e in ems:
	127	if self.users.has_key(e):
	128	return self.users[e]
	129	return None
57b6e61d	130
cba0beaa KK	131	def user_by_login(self, l):
	132	return self.users[l]
	133
dfff8bd5 MM	134	def user(self, l):
	135	if not self.users.has_key(l):
	136	log.panic("no such user: %s" % l)
	137	return self.users[l]
2e33eed1	138
dfff8bd5 MM	139	def set_current_user(self, u):
	140	self.current_user = u
	141	if u != None:
	142	status.email = u.mail_to()
6b44a683	143
dfff8bd5 MM	144	def current_user_login(self):
	145	if self.current_user != None:
	146	return self.current_user.login
	147	else:
	148	return ""
6b44a683	149
57b6e61d	150	acl = ACL_Conf()