]>
Commit | Line | Data |
---|---|---|
57b6e61d MM |
1 | import email |
2 | import string | |
3 | import time | |
4 | import os | |
5 | import StringIO | |
cc94eb63 | 6 | import sys |
57b6e61d MM |
7 | |
8 | import gpg | |
9 | import request | |
10 | import log | |
11 | import path | |
12 | from acl import acl | |
13 | from lock import lock | |
14 | from bqueue import B_Queue | |
15 | ||
16 | def check_double_id(id): | |
17 | id_nl = id + "\n" | |
18 | ||
19 | ids = open(path.processed_ids_file) | |
20 | for i in ids.xreadlines(): | |
21 | if i == id_nl: | |
22 | # FIXME: security email here | |
23 | log.alert("request %s already processed" % r.id) | |
24 | return 1 | |
25 | ids.close() | |
26 | ||
27 | ids = open(path.processed_ids_file, "a") | |
28 | ids.write(id_nl) | |
29 | ids.close() | |
30 | ||
31 | return 0 | |
32 | ||
33 | def handle_group(r): | |
34 | lock("request") | |
35 | user = r.acl_user | |
36 | if check_double_id(r.id): | |
37 | return | |
38 | ||
39 | if not user.can_do("src", "src"): | |
40 | msg ="user %s is not allowed to src:src" % (user.get_login()) | |
41 | log.error(msg) | |
42 | user.notify_about_failure(msg) | |
43 | return | |
44 | ||
45 | for batch in r.batches: | |
46 | for bld in batch.builders: | |
47 | if not user.can_do("binary", bld): | |
48 | msg ="user %s is not allowed to binary:%s" % (user.get_login(), bld) | |
49 | log.error(msg) | |
50 | user.notify_about_failure(msg) | |
51 | return | |
52 | ||
53 | r.time = time.time() | |
54 | log.notice("queued %s from %s" % (r.id, user.get_login())) | |
55 | q = B_Queue(path.queue_file) | |
56 | q.lock(0) | |
57 | q.read() | |
58 | q.add(r) | |
59 | q.write() | |
60 | q.unlock() | |
61 | ||
62 | def handle_request(f): | |
63 | sio = StringIO.StringIO() | |
64 | sio.write(f.read()) | |
65 | sio.seek(0) | |
66 | (em, body) = gpg.verify_sig(sio) | |
67 | user = acl.user(em) | |
68 | if user == None: | |
69 | # FIXME: security email here | |
70 | log.alert("invalid signature, or not in acl %s" % em) | |
71 | return | |
72 | r = request.parse_request(body) | |
73 | r.acl_user = user | |
74 | if r.kind == 'group': | |
75 | handle_group(r) | |
76 | else: | |
77 | msg = "%s: don't know how to handle requests of this kind '%s'" \ | |
78 | % (user.get_login(), r.kind) | |
79 | log.alert(msg) | |
80 | user.notify_about_failure(msg) | |
cc94eb63 MM |
81 | |
82 | def go(): | |
83 | handle_request(sys.stdin) | |
84 | sys.exit(0) |