]>
Commit | Line | Data |
---|---|---|
57b6e61d MM |
1 | import email |
2 | import string | |
3 | import time | |
4 | import os | |
5 | import StringIO | |
cc94eb63 | 6 | import sys |
57b6e61d MM |
7 | |
8 | import gpg | |
9 | import request | |
10 | import log | |
11 | import path | |
12 | from acl import acl | |
13 | from lock import lock | |
14 | from bqueue import B_Queue | |
15 | ||
16 | def check_double_id(id): | |
17 | id_nl = id + "\n" | |
18 | ||
19 | ids = open(path.processed_ids_file) | |
20 | for i in ids.xreadlines(): | |
21 | if i == id_nl: | |
22 | # FIXME: security email here | |
23 | log.alert("request %s already processed" % r.id) | |
24 | return 1 | |
25 | ids.close() | |
26 | ||
27 | ids = open(path.processed_ids_file, "a") | |
28 | ids.write(id_nl) | |
29 | ids.close() | |
30 | ||
31 | return 0 | |
32 | ||
34738db3 | 33 | def handle_group(r, user): |
57b6e61d | 34 | lock("request") |
57b6e61d MM |
35 | if check_double_id(r.id): |
36 | return | |
37 | ||
38 | if not user.can_do("src", "src"): | |
39 | msg ="user %s is not allowed to src:src" % (user.get_login()) | |
40 | log.error(msg) | |
41 | user.notify_about_failure(msg) | |
42 | return | |
43 | ||
44 | for batch in r.batches: | |
45 | for bld in batch.builders: | |
46 | if not user.can_do("binary", bld): | |
47 | msg ="user %s is not allowed to binary:%s" % (user.get_login(), bld) | |
48 | log.error(msg) | |
49 | user.notify_about_failure(msg) | |
50 | return | |
51 | ||
34738db3 | 52 | r.requester = user.get_login() |
57b6e61d MM |
53 | r.time = time.time() |
54 | log.notice("queued %s from %s" % (r.id, user.get_login())) | |
55 | q = B_Queue(path.queue_file) | |
56 | q.lock(0) | |
57 | q.read() | |
58 | q.add(r) | |
59 | q.write() | |
60 | q.unlock() | |
61 | ||
62 | def handle_request(f): | |
63 | sio = StringIO.StringIO() | |
64 | sio.write(f.read()) | |
65 | sio.seek(0) | |
66 | (em, body) = gpg.verify_sig(sio) | |
67 | user = acl.user(em) | |
68 | if user == None: | |
69 | # FIXME: security email here | |
70 | log.alert("invalid signature, or not in acl %s" % em) | |
71 | return | |
72 | r = request.parse_request(body) | |
57b6e61d | 73 | if r.kind == 'group': |
34738db3 | 74 | handle_group(r, user) |
57b6e61d MM |
75 | else: |
76 | msg = "%s: don't know how to handle requests of this kind '%s'" \ | |
77 | % (user.get_login(), r.kind) | |
78 | log.alert(msg) | |
79 | user.notify_about_failure(msg) | |
cc94eb63 | 80 | |
1f62bccc | 81 | def main(): |
cc94eb63 MM |
82 | handle_request(sys.stdin) |
83 | sys.exit(0) | |
1f62bccc MM |
84 | |
85 | main() |