[projects/pld-builder.new.git] / PLD_Builder / request_handler.py

import email
import string
import time
import os
import StringIO
import sys

import gpg
import request
import log
import path
from acl import acl
from lock import lock
from bqueue import B_Queue

def check_double_id(id):
  id_nl = id + "\n"
  
  ids = open(path.processed_ids_file)
  for i in ids.xreadlines():
    if i == id_nl:
      # FIXME: security email here
      log.alert("request %s already processed" % r.id)
      return 1
  ids.close()
  
  ids = open(path.processed_ids_file, "a")
  ids.write(id_nl)
  ids.close()

  return 0

def handle_group(r):
  lock("request")
  user = r.acl_user
  if check_double_id(r.id):
    return
    
  if not user.can_do("src", "src"):
    msg ="user %s is not allowed to src:src" % (user.get_login())
    log.error(msg)
    user.notify_about_failure(msg)
    return
    
  for batch in r.batches:
    for bld in batch.builders:
      if not user.can_do("binary", bld):
        msg ="user %s is not allowed to binary:%s" % (user.get_login(), bld)
        log.error(msg)
        user.notify_about_failure(msg)
        return

  r.time = time.time()
  log.notice("queued %s from %s" % (r.id, user.get_login()))
  q = B_Queue(path.queue_file)
  q.lock(0)
  q.read()
  q.add(r)
  q.write()
  q.unlock()

def handle_request(f):
  sio = StringIO.StringIO()
  sio.write(f.read())
  sio.seek(0)
  (em, body) = gpg.verify_sig(sio)
  user = acl.user(em)
  if user == None:
    # FIXME: security email here
    log.alert("invalid signature, or not in acl %s" % em)
    return
  r = request.parse_request(body)
  r.acl_user = user
  if r.kind == 'group':
    handle_group(r)
  else:
    msg = "%s: don't know how to handle requests of this kind '%s'" \
                % (user.get_login(), r.kind)
    log.alert(msg)
    user.notify_about_failure(msg)

def go():
  handle_request(sys.stdin)
  sys.exit(0)
Commit	Line	Data
57b6e61d MM	1	import email
	2	import string
	3	import time
	4	import os
	5	import StringIO
cc94eb63	6	import sys
57b6e61d MM	7
	8	import gpg
	9	import request
	10	import log
	11	import path
	12	from acl import acl
	13	from lock import lock
	14	from bqueue import B_Queue
	15
	16	def check_double_id(id):
	17	id_nl = id + "\n"
	18
	19	ids = open(path.processed_ids_file)
	20	for i in ids.xreadlines():
	21	if i == id_nl:
	22	# FIXME: security email here
	23	log.alert("request %s already processed" % r.id)
	24	return 1
	25	ids.close()
	26
	27	ids = open(path.processed_ids_file, "a")
	28	ids.write(id_nl)
	29	ids.close()
	30
	31	return 0
	32
	33	def handle_group(r):
	34	lock("request")
	35	user = r.acl_user
	36	if check_double_id(r.id):
	37	return
	38
	39	if not user.can_do("src", "src"):
	40	msg ="user %s is not allowed to src:src" % (user.get_login())
	41	log.error(msg)
	42	user.notify_about_failure(msg)
	43	return
	44
	45	for batch in r.batches:
	46	for bld in batch.builders:
	47	if not user.can_do("binary", bld):
	48	msg ="user %s is not allowed to binary:%s" % (user.get_login(), bld)
	49	log.error(msg)
	50	user.notify_about_failure(msg)
	51	return
	52
	53	r.time = time.time()
	54	log.notice("queued %s from %s" % (r.id, user.get_login()))
	55	q = B_Queue(path.queue_file)
	56	q.lock(0)
	57	q.read()
	58	q.add(r)
	59	q.write()
	60	q.unlock()
	61
	62	def handle_request(f):
	63	sio = StringIO.StringIO()
	64	sio.write(f.read())
	65	sio.seek(0)
	66	(em, body) = gpg.verify_sig(sio)
	67	user = acl.user(em)
	68	if user == None:
	69	# FIXME: security email here
	70	log.alert("invalid signature, or not in acl %s" % em)
71	return
72	r = request.parse_request(body)
73	r.acl_user = user
74	if r.kind == 'group':
75	handle_group(r)
76	else:
77	msg = "%s: don't know how to handle requests of this kind '%s'" \
78	% (user.get_login(), r.kind)
79	log.alert(msg)
80	user.notify_about_failure(msg)
cc94eb63 MM	81
	82	def go():
	83	handle_request(sys.stdin)
	84	sys.exit(0)