[projects/pld-builder.new.git] / PLD_Builder / request_handler.py

import email
import string
import time
import os
import StringIO
import sys

import gpg
import request
import log
import path
from acl import acl
from lock import lock
from bqueue import B_Queue

def check_double_id(id):
  id_nl = id + "\n"
  
  ids = open(path.processed_ids_file)
  for i in ids.xreadlines():
    if i == id_nl:
      # FIXME: security email here
      log.alert("request %s already processed" % r.id)
      return 1
  ids.close()
  
  ids = open(path.processed_ids_file, "a")
  ids.write(id_nl)
  ids.close()

  return 0

def handle_group(r, user):
  lock("request")
  if check_double_id(r.id):
    return
    
  if not user.can_do("src", "src"):
    msg ="user %s is not allowed to src:src" % (user.get_login())
    log.error(msg)
    user.notify_about_failure(msg)
    return
    
  for batch in r.batches:
    for bld in batch.builders:
      if not user.can_do("binary", bld):
        msg ="user %s is not allowed to binary:%s" % (user.get_login(), bld)
        log.error(msg)
        user.notify_about_failure(msg)
        return

  r.requester = user.get_login()
  r.time = time.time()
  log.notice("queued %s from %s" % (r.id, user.get_login()))
  q = B_Queue(path.queue_file)
  q.lock(0)
  q.read()
  q.add(r)
  q.write()
  q.unlock()

def handle_request(f):
  sio = StringIO.StringIO()
  sio.write(f.read())
  sio.seek(0)
  (em, body) = gpg.verify_sig(sio)
  user = acl.user(em)
  if user == None:
    # FIXME: security email here
    log.alert("invalid signature, or not in acl %s" % em)
    return
  r = request.parse_request(body)
  if r.kind == 'group':
    handle_group(r, user)
  else:
    msg = "%s: don't know how to handle requests of this kind '%s'" \
                % (user.get_login(), r.kind)
    log.alert(msg)
    user.notify_about_failure(msg)

def main():
  handle_request(sys.stdin)
  sys.exit(0)

main()
Commit	Line	Data
57b6e61d MM	1	import email
	2	import string
	3	import time
	4	import os
	5	import StringIO
cc94eb63	6	import sys
57b6e61d MM	7
	8	import gpg
	9	import request
	10	import log
	11	import path
	12	from acl import acl
	13	from lock import lock
	14	from bqueue import B_Queue
	15
	16	def check_double_id(id):
	17	id_nl = id + "\n"
	18
	19	ids = open(path.processed_ids_file)
	20	for i in ids.xreadlines():
	21	if i == id_nl:
	22	# FIXME: security email here
	23	log.alert("request %s already processed" % r.id)
	24	return 1
	25	ids.close()
	26
	27	ids = open(path.processed_ids_file, "a")
	28	ids.write(id_nl)
	29	ids.close()
	30
	31	return 0
	32
34738db3	33	def handle_group(r, user):
57b6e61d	34	lock("request")
57b6e61d MM	35	if check_double_id(r.id):
	36	return
	37
	38	if not user.can_do("src", "src"):
	39	msg ="user %s is not allowed to src:src" % (user.get_login())
	40	log.error(msg)
	41	user.notify_about_failure(msg)
	42	return
	43
	44	for batch in r.batches:
	45	for bld in batch.builders:
	46	if not user.can_do("binary", bld):
	47	msg ="user %s is not allowed to binary:%s" % (user.get_login(), bld)
	48	log.error(msg)
	49	user.notify_about_failure(msg)
	50	return
	51
34738db3	52	r.requester = user.get_login()
57b6e61d MM	53	r.time = time.time()
	54	log.notice("queued %s from %s" % (r.id, user.get_login()))
	55	q = B_Queue(path.queue_file)
	56	q.lock(0)
	57	q.read()
	58	q.add(r)
	59	q.write()
	60	q.unlock()
	61
	62	def handle_request(f):
	63	sio = StringIO.StringIO()
	64	sio.write(f.read())
	65	sio.seek(0)
	66	(em, body) = gpg.verify_sig(sio)
	67	user = acl.user(em)
	68	if user == None:
	69	# FIXME: security email here
	70	log.alert("invalid signature, or not in acl %s" % em)
	71	return
	72	r = request.parse_request(body)
57b6e61d	73	if r.kind == 'group':
34738db3	74	handle_group(r, user)
57b6e61d MM	75	else:
	76	msg = "%s: don't know how to handle requests of this kind '%s'" \
	77	% (user.get_login(), r.kind)
	78	log.alert(msg)
	79	user.notify_about_failure(msg)
cc94eb63	80
1f62bccc	81	def main():
cc94eb63 MM	82	handle_request(sys.stdin)
cc94eb63 MM	83	sys.exit(0)
1f62bccc MM	84
1f62bccc MM	85	main()