def save(self, targetname, bugzilla_email):
person = People.by_username(turbogears.identity.current.user_name)
target = People.by_username(targetname)
if not can_edit_user(person, target):
turbogears.flash(_("You do not have permission to edit '%s'") % target.username)
turbogears.redirect('/bugzilla')
return dict()
new_configs = {'bugzilla_email': bugzilla_email}
cur_configs = Configs.query.filter_by(person_id=target.id, application='bugzilla').all()
if bugzilla_email == None:
session.delete(cur_configs[0])
turbogears.flash(_("Bugzilla specific email removed! This means your bugzilla email must be set to: %s" % target.email))
turbogears.redirect('/bugzilla/')
for config in cur_configs:
for new_config in new_configs.keys():
if config.attribute == new_config:
config.value = new_configs[new_config]
del(new_configs[new_config])
for config in new_configs:
c = Configs(application='bugzilla', attribute=config, value=new_configs[config])
target.configs.append(c)
turbogears.flash(_("Changes saved. Please allow up to 1 hour for changes to be realized."))
turbogears.redirect('/bugzilla/')
return dict()
def delete_access_policy_rules(pool_name):
"""
Deletes one or more matching rules from a system pool's access policy.
See :ref:`system-access-policies-api` for description of the expected query parameters
:param pool_name: System pool's name.
"""
pool = _get_pool_by_name(pool_name)
if not pool.can_edit_policy(identity.current.user):
raise Forbidden403('Cannot edit system policy')
policy = pool.access_policy
query = SystemAccessPolicyRule.query.filter(SystemAccessPolicyRule.policy == policy)
if 'permission' in request.args:
query = query.filter(SystemAccessPolicyRule.permission.in_(
request.args.getlist('permission', type=SystemPermission.from_string)))
else:
raise MethodNotAllowed405
if 'user' in request.args:
query = query.join(SystemAccessPolicyRule.user)\
.filter(User.user_name.in_(request.args.getlist('user')))
elif 'group' in request.args:
query = query.join(SystemAccessPolicyRule.group)\
.filter(Group.group_name.in_(request.args.getlist('group')))
elif 'everybody' in request.args:
query = query.filter(SystemAccessPolicyRule.everybody)
else:
raise MethodNotAllowed405
for rule in query:
rule.record_deletion(service=u'HTTP')
session.delete(rule)
return '', 204
def _remove(user, method, **kw):
if user == identity.current.user:
raise BX(_('You cannot remove yourself'))
# cancel all running and queued jobs
Job.cancel_jobs_by_user(user, 'User %s removed' % user.user_name)
# Return all systems in use by this user
for system in System.query.filter(System.user==user):
reservation = system.open_reservation
system.unreserve(reservation=reservation, service=method)
# Return all loaned systems in use by this user
for system in System.query.filter(System.loaned==user):
system.record_activity(user=identity.current.user, service=method,
action=u'Changed', field=u'Loaned To',
old=u'%s' % system.loaned, new=None)
system.loaned = None
# Remove the user from all system access policies
for rule in SystemAccessPolicyRule.query.filter_by(user=user):
rule.record_deletion(service=method)
session.delete(rule)
# Change the owner to the caller
newowner = kw.get('newowner', identity.current.user)
for system in System.query.filter(System.owner==user):
system.owner = newowner
system.record_activity(user=identity.current.user, service=method,
action=u'Changed', field=u'Owner',
old=u'%s' % user, new=u'%s' % newowner)
# Remove the user from all groups
for group in user.groups:
if not group.membership_type == GroupMembershipType.inverted:
group.remove_member(user=user,
agent=identity.current.user, service=method)
# Finally remove the user
user.removed=datetime.utcnow()
def remove(self, **kw):
u = identity.current.user
try:
group = Group.by_id(kw['group_id'])
except DatabaseLookupError:
flash(unicode('Invalid group or already removed'))
redirect('../groups/mine')
if not group.can_edit(u):
flash(_(u'You are not an owner of group %s' % group))
redirect('../groups/mine')
if group.is_protected_group():
flash(_(u'This group %s is predefined and cannot be deleted' % group))
redirect('../groups/mine')
if group.jobs:
flash(_(u'Cannot delete a group which has associated jobs'))
redirect('../groups/mine')
# Record the access policy rules that will be removed
# before deleting the group
for rule in group.system_access_policy_rules:
rule.record_deletion()
# For any system pool owned by this group, unset owning_group
# and set owning_user to the user deleting this group
pools = SystemPool.query.filter_by(owning_group_id=group.group_id)
for pool in pools:
pool.change_owner(user=u, service='WEBUI')
session.delete(group)
activity = Activity(u, u'WEBUI', u'Removed', u'Group', group.display_name, u"")
session.add(activity)
flash( _(u"%s deleted") % group.display_name )
raise redirect(".")
def delete_group(group_name):
"""
Deletes a group.
:status 204: Group was successfully deleted.
:status 400: Group cannot be deleted because it is a predefined group, or
because it has associated jobs.
"""
group = _get_group_by_name(group_name)
if not group.can_edit(identity.current.user):
raise Forbidden403('Cannot edit group')
if group.is_protected_group():
raise BadRequest400("Group '%s' is predefined and cannot be deleted"
% group.group_name)
if group.jobs:
raise BadRequest400('Cannot delete a group which has associated jobs')
# Record the access policy rules that will be removed
for rule in group.system_access_policy_rules:
rule.record_deletion()
# For any system pool owned by this group, unset owning_group
# and set owning_user to the user deleting this group
pools = SystemPool.query.filter_by(owning_group=group)
for pool in pools:
pool.change_owner(user=identity.current.user, service=u'HTTP')
session.delete(group)
activity = Activity(identity.current.user, u'HTTP', u'Removed', u'Group', group.display_name)
session.add(activity)
return '', 204
def _from_csv(cls,system,data,csv_type,log):
"""
Import data from CSV file into System Objects
"""
try:
arch = Arch.by_name(data['arch'])
except ValueError:
log.append("%s: Invalid Arch %s" % (system.fqdn, data['arch']))
return False
if data['update'] and data['family']:
try:
osversion = OSVersion.by_name(OSMajor.by_name(unicode(data['family'])),
unicode(data['update']))
except InvalidRequestError:
log.append("%s: Invalid Family %s Update %s" % (system.fqdn,
data['family'],
data['update']))
return False
if osversion not in [oldosversion.osversion for oldosversion in system.excluded_osversion_byarch(arch)]:
if data['excluded'] == 'True':
exclude_osversion = ExcludeOSVersion(osversion=osversion,
arch=arch)
system.excluded_osversion.append(exclude_osversion)
system.record_activity(user=identity.current.user, service=u'CSV',
action=u'Added', field=u'Excluded_families',
old=u'', new=u'%s/%s' % (osversion, arch))
else:
if data['excluded'] == 'False':
for old_osversion in system.excluded_osversion_byarch(arch):
if old_osversion.osversion == osversion:
system.record_activity(user=identity.current.user,
service=u'CSV', action=u'Removed',
field=u'Excluded_families',
old=u'%s/%s' % (old_osversion.osversion, arch),
new=u'')
session.delete(old_osversion)
if not data['update'] and data['family']:
try:
osmajor = OSMajor.by_name(data['family'])
except InvalidRequestError:
log.append("%s: Invalid family %s " % (system.fqdn,
data['family']))
return False
if osmajor not in [oldosmajor.osmajor for oldosmajor in system.excluded_osmajor_byarch(arch)]:
if data['excluded'].lower() == 'true':
exclude_osmajor = ExcludeOSMajor(osmajor=osmajor, arch=arch)
system.excluded_osmajor.append(exclude_osmajor)
system.record_activity(user=identity.current.user, service=u'CSV',
action=u'Added', field=u'Excluded_families',
old=u'', new=u'%s/%s' % (osmajor, arch))
else:
if data['excluded'].lower() == 'false':
for old_osmajor in system.excluded_osmajor_byarch(arch):
if old_osmajor.osmajor == osmajor:
system.record_activity(user=identity.current.user, service=u'CSV',
action=u'Removed', field=u'Excluded_families',
old=u'%s/%s' % (old_osmajor.osmajor, arch), new=u'')
session.delete(old_osmajor)
return True
def genkey(self):
username = turbogears.identity.current.user_name
person = People.by_username(username)
created = time.strftime("%Y-%m-%dT%H:%M:%S")
hexctr = "%012x" % person.id
publicname = hex2modhex(hexctr)
internalname = gethexrand(12)
aeskey = gethexrand(32)
lockcode = gethexrand(12)
try:
new_ykksm = Ykksm(serialnr=person.id, publicname=publicname, created=created, internalname=internalname, aeskey=aeskey, lockcode=lockcode, creator=username)
session.add(new_ykksm)
session.flush()
except IntegrityError:
session.rollback()
old_ykksm = session.query(Ykksm).filter_by(serialnr=person.id).all()[0]
session.delete(old_ykksm)
new_ykksm = Ykksm(serialnr=person.id, publicname=publicname, created=created, internalname=internalname, aeskey=aeskey, lockcode=lockcode, creator=username)
old_ykksm = new_ykksm
session.flush()
try:
old_ykval = session.query(Ykval).filter_by(yk_publicname=publicname).all()[0]
session.delete(old_ykval)
session.flush()
except IndexError:
# No old record? Maybe they never used their key
pass
string = "%s %s %s" % (publicname, internalname, aeskey)
return dict(key=string)
def genkey(self):
username = turbogears.identity.current.user_name
person = People.by_username(username)
created = time.strftime("%Y-%m-%dT%H:%M:%S")
hexctr = "%012x" % person.id
publicname = hex2modhex(hexctr)
internalname = gethexrand(12)
aeskey = gethexrand(32)
lockcode = gethexrand(12)
try:
new_ykksm = Ykksm(serialnr=person.id, publicname=publicname, created=created, internalname=internalname, aeskey=aeskey, lockcode=lockcode, creator=username)
session.add(new_ykksm)
session.flush()
except IntegrityError:
session.rollback()
old_ykksm = session.query(Ykksm).filter_by(serialnr=person.id).all()[0]
session.delete(old_ykksm)
new_ykksm = Ykksm(serialnr=person.id, publicname=publicname, created=created, internalname=internalname, aeskey=aeskey, lockcode=lockcode, creator=username)
old_ykksm = new_ykksm
session.flush()
try:
old_ykval = session.query(Ykval).filter_by(yk_publicname=publicname).all()[0]
session.delete(old_ykval)
session.flush()
except IndexError:
# No old record? Maybe they never used their key
pass
string = "%s %s %s" % (publicname, internalname, aeskey)
return dict(key=string)
def delete_group(group_name):
"""
Deletes a group.
:status 204: Group was successfully deleted.
:status 400: Group cannot be deleted because it is a predefined group, or
because it has associated jobs.
"""
group = _get_group_by_name(group_name)
if not group.can_edit(identity.current.user):
raise Forbidden403('Cannot edit group')
if group.is_protected_group():
raise BadRequest400("Group '%s' is predefined and cannot be deleted" %
group.group_name)
if group.jobs:
raise BadRequest400('Cannot delete a group which has associated jobs')
# Record the access policy rules that will be removed
for rule in group.system_access_policy_rules:
rule.record_deletion()
# For any system pool owned by this group, unset owning_group
# and set owning_user to the user deleting this group
pools = SystemPool.query.filter_by(owning_group=group)
for pool in pools:
pool.change_owner(user=identity.current.user, service=u'HTTP')
session.delete(group)
activity = Activity(identity.current.user, u'HTTP', u'Removed', u'Group',
group.display_name)
session.add(activity)
return '', 204
def deleteQuery(self, query_id, *args, **kwargs):
'''
Allows user to delete a query. Updates query logging.
@param query_id: identifies the query
@return: status of attempted delete operation of the query
'''
query = session.query(Query).get_by(query_id=int(query_id))
status = ""
if not query:
status = "Query not found"
elif session.query(ChatSession).get_by(query_id=int(query_id)):
status = "Chat already started"
elif query.user_id != identity.current.user.user_id:
status = "Permission denied"
else:
query.experts[:] = []
query_log=QueryLog(
query_id = int(query_id),
user_id = query.user_id,
user_name = session.query(User).get_by(user_id=query.user_id).user_name,
created = datetime.now(),
status = 'Deleted')
session.save(query_log)
session.flush()
session.delete(query);
session.flush();
return dict(status=status)
def setUpClass(cls):
# Clear out any LDAP groups left behind by previous tests,
# to avoid warning spew from beaker-refresh-ldap
# when it fails to look up the rubbish group names.
for group in Group.query.filter(
Group.membership_type == GroupMembershipType.ldap):
session.delete(group)
def remove(self, id, *args, **kw):
try:
labcontroller = LabController.by_id(id)
labcontroller.removed = datetime.utcnow()
systems = System.query.filter_by(lab_controller_id=id).values(System.id)
for system_id in systems:
sys_activity = SystemActivity(identity.current.user, 'WEBUI', \
'Changed', 'lab_controller', labcontroller.fqdn,
None, system_id=system_id[0])
system_table.update().where(system_table.c.lab_controller_id == id).\
values(lab_controller_id=None).execute()
watchdogs = Watchdog.by_status(labcontroller=labcontroller,
status='active')
for w in watchdogs:
w.recipe.recipeset.job.cancel(msg='LabController %s has been deleted' % labcontroller.fqdn)
for lca in labcontroller._distro_trees:
lca.distro_tree.activity.append(DistroTreeActivity(
user=identity.current.user, service=u'WEBUI',
action=u'Removed', field_name=u'lab_controller_assocs',
old_value=u'%s %s' % (lca.lab_controller, lca.url),
new_value=None))
session.delete(lca)
labcontroller.disabled = True
LabControllerActivity(identity.current.user, 'WEBUI',
'Changed', 'Disabled', unicode(False), unicode(True),
lab_controller_id=id)
LabControllerActivity(identity.current.user, 'WEBUI',
'Changed', 'Removed', unicode(False), unicode(True),
lab_controller_id=id)
session.commit()
finally:
session.close()
flash( _(u"%s removed") % labcontroller.fqdn )
raise redirect(".")
def delete_access_policy_rules(pool_name):
"""
Deletes one or more matching rules from a system pool's access policy.
See :ref:`system-access-policies-api` for description of the expected query parameters
:param pool_name: System pool's name.
"""
pool = _get_pool_by_name(pool_name)
if not pool.can_edit_policy(identity.current.user):
raise Forbidden403('Cannot edit system policy')
policy = pool.access_policy
query = SystemAccessPolicyRule.query.filter(SystemAccessPolicyRule.policy == policy)
if 'permission' in request.args:
query = query.filter(SystemAccessPolicyRule.permission.in_(
request.args.getlist('permission', type=SystemPermission.from_string)))
else:
raise MethodNotAllowed405
if 'user' in request.args:
query = query.join(SystemAccessPolicyRule.user)\
.filter(User.user_name.in_(request.args.getlist('user')))
elif 'group' in request.args:
query = query.join(SystemAccessPolicyRule.group)\
.filter(Group.group_name.in_(request.args.getlist('group')))
elif 'everybody' in request.args:
query = query.filter(SystemAccessPolicyRule.everybody)
else:
raise MethodNotAllowed405
for rule in query:
rule.record_deletion(service=u'HTTP')
session.delete(rule)
return '', 204
def delete_pool(pool_name):
"""
Deletes a system pool
:param pool_name: System pool's name
"""
pool = _get_pool_by_name(pool_name, lockmode='update')
u = identity.current.user
if not pool.can_edit(u):
raise Forbidden403('Cannot delete pool %s' % pool_name)
systems = System.query.filter(System.pools.contains(pool))
System.record_bulk_activity(systems, user=identity.current.user,
service=u'HTTP', action=u'Removed',
field=u'Pool',
old=unicode(pool),
new=None)
# Since we are deleting the pool, we will have to change the active
# access policy for all systems using the pool's policy to their
# custom policy
systems = System.query.filter(System.active_access_policy == pool.access_policy)
for system in systems:
system.active_access_policy = system.custom_access_policy
System.record_bulk_activity(systems, user=identity.current.user,
service=u'HTTP',
field=u'Active Access Policy', action=u'Changed',
old = 'Pool policy: %s' % pool_name,
new = 'Custom access policy')
session.delete(pool)
activity = Activity(u, u'HTTP', u'Deleted', u'Pool', pool_name)
session.add(activity)
return '', 204
def delete_system_access_policy_rules(fqdn):
system = _get_system_by_FQDN(fqdn)
if not system.can_edit_policy(identity.current.user):
raise Forbidden403('Cannot edit system policy')
if system.custom_access_policy:
policy = system.custom_access_policy
else:
policy = system.custom_access_policy = SystemAccessPolicy()
# We expect some query string args specifying which rules should be
# deleted. If those are not present, it's "Method Not Allowed".
query = SystemAccessPolicyRule.query.filter(SystemAccessPolicyRule.policy == policy)
if 'permission' in request.args:
query = query.filter(SystemAccessPolicyRule.permission.in_(
request.args.getlist('permission', type=SystemPermission.from_string)))
else:
raise MethodNotAllowed405
if 'user' in request.args:
query = query.join(SystemAccessPolicyRule.user)\
.filter(User.user_name.in_(request.args.getlist('user')))
elif 'group' in request.args:
query = query.join(SystemAccessPolicyRule.group)\
.filter(Group.group_name.in_(request.args.getlist('group')))
elif 'everybody' in request.args:
query = query.filter(SystemAccessPolicyRule.everybody)
else:
raise MethodNotAllowed405
for rule in query:
rule.record_deletion(service=u'HTTP')
session.delete(rule)
return '', 204
def delete_system_access_policy_rules(fqdn):
system = _get_system_by_FQDN(fqdn)
if not system.can_edit_policy(identity.current.user):
raise Forbidden403('Cannot edit system policy')
if system.custom_access_policy:
policy = system.custom_access_policy
else:
policy = system.custom_access_policy = SystemAccessPolicy()
# We expect some query string args specifying which rules should be
# deleted. If those are not present, it's "Method Not Allowed".
query = SystemAccessPolicyRule.query.filter(
SystemAccessPolicyRule.policy == policy)
if 'permission' in request.args:
query = query.filter(
SystemAccessPolicyRule.permission.in_(
request.args.getlist('permission',
type=SystemPermission.from_string)))
else:
raise MethodNotAllowed405
if 'user' in request.args:
query = query.join(SystemAccessPolicyRule.user)\
.filter(User.user_name.in_(request.args.getlist('user')))
elif 'group' in request.args:
query = query.join(SystemAccessPolicyRule.group)\
.filter(Group.group_name.in_(request.args.getlist('group')))
elif 'everybody' in request.args:
query = query.filter(SystemAccessPolicyRule.everybody)
else:
raise MethodNotAllowed405
for rule in query:
rule.record_deletion(service=u'HTTP')
session.delete(rule)
return '', 204
def delete_pool(pool_name):
"""
Deletes a system pool
:param pool_name: System pool's name
"""
pool = _get_pool_by_name(pool_name, lockmode='update')
u = identity.current.user
if not pool.can_edit(u):
raise Forbidden403('Cannot delete pool %s' % pool_name)
systems = System.query.filter(System.pools.contains(pool))
System.record_bulk_activity(systems, user=identity.current.user,
service=u'HTTP', action=u'Removed',
field=u'Pool',
old=unicode(pool),
new=None)
# Since we are deleting the pool, we will have to change the active
# access policy for all systems using the pool's policy to their
# custom policy
systems = System.query.filter(System.active_access_policy == pool.access_policy)
for system in systems:
system.active_access_policy = system.custom_access_policy
System.record_bulk_activity(systems, user=identity.current.user,
service=u'HTTP',
field=u'Active Access Policy', action=u'Changed',
old = 'Pool policy: %s' % pool_name,
new = 'Custom access policy')
session.delete(pool)
activity = Activity(u, u'HTTP', u'Deleted', u'Pool', pool_name)
session.add(activity)
return '', 204
def update_reservation_request(id):
"""
Updates the reservation request of a recipe. The request must be
:mimetype:`application/json`.
:param id: Recipe's id.
:jsonparam boolean reserve: Whether the system will be reserved at the end
of the recipe. If true, the system will be reserved. If false, the system
will not be reserved.
:jsonparam int duration: Number of seconds to reserve the system.
:jsonparam string when: Circumstances under which the system will be
reserved. Valid values are:
onabort
If the recipe status is Aborted.
onfail
If the recipe status is Aborted, or the result is Fail.
onwarn
If the recipe status is Aborted, or the result is Fail or Warn.
always
Unconditionally.
"""
recipe = _get_recipe_by_id(id)
if not recipe.can_update_reservation_request(identity.current.user):
raise Forbidden403(
'Cannot update the reservation request of recipe %s' % recipe.id)
data = read_json_request(request)
if 'reserve' not in data:
raise BadRequest400('No reserve specified')
with convert_internal_errors():
if data['reserve']:
if not recipe.reservation_request:
recipe.reservation_request = RecipeReservationRequest()
if 'duration' in data:
duration = int(data['duration'])
if duration > MAX_SECONDS_PROVISION:
raise BadRequest400(
'Reservation time exceeds maximum time of %s hours' %
MAX_HOURS_PROVISION)
old_duration = recipe.reservation_request.duration
recipe.reservation_request.duration = duration
_record_activity(recipe, u'Reservation Request', old_duration,
duration)
if 'when' in data:
old_condition = recipe.reservation_request.when
new_condition = RecipeReservationCondition.from_string(
data['when'])
recipe.reservation_request.when = new_condition
_record_activity(recipe, u'Reservation Condition',
old_condition, new_condition)
session.flush() # to ensure the id is populated
return jsonify(recipe.reservation_request.__json__())
else:
if recipe.reservation_request:
session.delete(recipe.reservation_request)
_record_activity(recipe, u'Reservation Request',
recipe.reservation_request.duration, None)
return jsonify(RecipeReservationRequest.empty_json())
def destroy_self(self):
'''
Destroys self
'''
session.delete(self)
session.flush()
del(self)
def delete(self, id):
tag = Tag.by_id(id)
if not tag.can_delete(): # Trying to be funny...
flash(u'%s is not applicable for deletion' % tag.tag)
redirect('/retentiontag/admin')
session.delete(tag)
flash(u'Successfully deleted %s' % tag.tag)
redirect('/retentiontag/admin')
def logout(self):
"""Remove the link between this identity and the visit."""
visit = self.visit_link
if visit:
session.delete(visit)
session.flush()
# Clear the current identity
identity.set_current_identity(SqlAlchemyIdentity())
def logout(self):
"""Remove the link between this identity and the visit."""
visit = self.visit_link
if visit:
session.delete(visit)
session.flush()
# Clear the current identity
identity.set_current_identity(SqlAlchemyIdentity())
def logout(self):
'''Remove the link between this identity and the visit.'''
visit = self.visit_link
if visit:
session.delete(visit)
session.flush()
# Clear the current identity
identity.set_current_identity(SaFasIdentity())
def logout(self):
'''Remove the link between this identity and the visit.'''
visit = self.visit_link
if visit:
session.delete(visit)
session.flush()
# Clear the current identity
identity.set_current_identity(SaFasIdentity())
def _handle_package_mask(session, data, machine_id):
# Find current entries
try:
package_mask = data['user_package_mask']
except KeyError:
package_mask = {}
current_package_mask_set = set()
for package, atoms in package_mask.items():
for i in atoms:
key = (package, i)
current_package_mask_set.add(key)
# Find old entries
old_package_mask_rel_objects = session.query(\
GentooPackageMaskRel).options(\
eagerload('package'), \
eagerload('atom')).\
filter_by(machine_id=machine_id).all()
old_package_mask_dict = {}
for e in old_package_mask_rel_objects:
key = (e.package.name, e.atom.name)
old_package_mask_dict[key] = e
old_package_mask_set = set(old_package_mask_dict.keys())
# Calculate diff
mask_entries_to_add = current_package_mask_set - old_package_mask_set
mask_entries_to_remove = old_package_mask_set - current_package_mask_set
# Resolve diff
for i in mask_entries_to_remove:
session.delete(old_package_mask_dict[i])
if mask_entries_to_remove:
session.flush()
for i in mask_entries_to_add:
package, atom = i
lookup_or_add_jobs = (
{'thing':'atom', },
{'thing':'package', },
)
for job in lookup_or_add_jobs:
thing = job['thing']
details = {
'class_name':pool_class_name(thing, vector_flag=False),
'source_var_name':thing,
'new_object_name':'%s_pool_object' % thing
}
program = _LOOKUP_OR_ADD_TEMPLATE % details
dump_gentoo_python_code(program)
exec(program)
session.flush()
package_id = package_pool_object.id
atom_id = atom_pool_object.id
mask_rel_object = GentooPackageMaskRel(machine_id, package_id, atom_id)
session.add(mask_rel_object)
def update_reservation_request(id):
"""
Updates the reservation request of a recipe. The request must be
:mimetype:`application/json`.
:param id: Recipe's id.
:jsonparam boolean reserve: Whether the system will be reserved at the end
of the recipe. If true, the system will be reserved. If false, the system
will not be reserved.
:jsonparam int duration: Number of seconds to reserve the system.
:jsonparam string when: Circumstances under which the system will be
reserved. Valid values are:
onabort
If the recipe status is Aborted.
onfail
If the recipe status is Aborted, or the result is Fail.
onwarn
If the recipe status is Aborted, or the result is Fail or Warn.
always
Unconditionally.
"""
recipe = _get_recipe_by_id(id)
if not recipe.can_update_reservation_request(identity.current.user):
raise Forbidden403('Cannot update the reservation request of recipe %s'
% recipe.id)
data = read_json_request(request)
if 'reserve' not in data:
raise BadRequest400('No reserve specified')
with convert_internal_errors():
if data['reserve']:
if not recipe.reservation_request:
recipe.reservation_request = RecipeReservationRequest()
if 'duration' in data:
duration = int(data['duration'])
if duration > MAX_SECONDS_PROVISION:
raise BadRequest400('Reservation time exceeds maximum time of %s hours'
% MAX_HOURS_PROVISION)
old_duration = recipe.reservation_request.duration
recipe.reservation_request.duration = duration
_record_activity(recipe, u'Reservation Request', old_duration,
duration)
if 'when' in data:
old_condition = recipe.reservation_request.when
new_condition = RecipeReservationCondition.from_string(data['when'])
recipe.reservation_request.when = new_condition
_record_activity(recipe, u'Reservation Condition',
old_condition, new_condition)
session.flush() # to ensure the id is populated
return jsonify(recipe.reservation_request.__json__())
else:
if recipe.reservation_request:
session.delete(recipe.reservation_request)
_record_activity(recipe, u'Reservation Request',
recipe.reservation_request.duration, None)
return jsonify(RecipeReservationRequest.empty_json())
def delete(self, **kw):
item = ConfigItem.by_id(kw['item'])
val = item.value_class.by_id(kw['id'])
if val.valid_from <= datetime.utcnow():
flash(_(u"Cannot remove past value of %s") % item.name)
raise redirect("/configuration/edit?id=%d" % item.id)
session.delete(val)
session.flush()
flash(_(u"Future value of %s cleared") % item.name)
raise redirect(".")
def delete(self, **kw):
item = ConfigItem.by_id(kw['item'])
val = item.value_class.by_id(kw['id'])
if val.valid_from <= datetime.utcnow():
flash(_(u"Cannot remove past value of %s") % item.name)
raise redirect("/configuration/edit?id=%d" % item.id)
session.delete(val)
session.flush()
flash(_(u"Future value of %s cleared") % item.name)
raise redirect(".")
def destroy(self):
for city in self.cities:
city.destroy()
groups = self.groups
for group in list(groups):
groups.remove(group)
session.delete(self)
def delete(self, uuid):
# TODO also search and clean batch queue?
try:
host = session.query(Host).filter_by(uuid=uuid).one()
except:
raise ValueError("Critical: UUID does not exist %s " % uuid)
try:
session.delete(host)
session.flush()
except:
raise ValueError("Critical: Could not delete UUID - Please contact the smolt development team")
raise ValueError('Success: UUID Removed')
def tearDown(self):
with session.begin():
for t in self.recipe_tasks:
session.delete(t)
session.delete(self.task_one)
session.delete(self.task_two)
session.delete(self.task_three)
def test_02_abort_dead_recipes(self):
beakerd.process_new_recipes()
beakerd.update_dirty_jobs()
beakerd.queue_processed_recipesets()
beakerd.update_dirty_jobs()
with session.begin():
self.assertEqual(Job.by_id(self.job2.id).status, TaskStatus.queued)
# Remove distro_tree2 from lab1, should cause remaining recipe to abort.
for lca in self.distro_tree2.lab_controller_assocs[:]:
session.delete(lca)
beakerd.abort_dead_recipes()
beakerd.update_dirty_jobs()
with session.begin():
self.assertEqual(Job.by_id(self.job2.id).status, TaskStatus.aborted)
def delete(self, uuid):
# TODO also search and clean batch queue?
try:
host = session.query(Host).filter_by(uuid=uuid).one()
except:
raise ValueError("Critical: UUID does not exist %s " % uuid)
try:
session.delete(host)
session.flush()
except:
raise ValueError(
"Critical: Could not delete UUID - Please contact the smolt development team"
)
raise ValueError('Success: UUID Removed')
def delete_ssh_public_key(username, id):
"""
Deletes a public SSH public key belonging to the given user account.
:param username: The user's username.
:param id: Database id of the SSH public key to be deleted.
"""
user = _get_user(username)
if not user.can_edit(identity.current.user):
raise Forbidden403('Cannot edit user %s' % user)
matching_keys = [k for k in user.sshpubkeys if k.id == id]
if not matching_keys:
raise NotFound404('SSH public key id %s does not belong to user %s' % (id, user))
key = matching_keys[0]
session.delete(key)
return '', 204
def delete_ssh_public_key(username, id):
"""
Deletes a public SSH public key belonging to the given user account.
:param username: The user's username.
:param id: Database id of the SSH public key to be deleted.
"""
user = _get_user(username)
if not user.can_edit(identity.current.user):
raise Forbidden403('Cannot edit user %s' % user)
matching_keys = [k for k in user.sshpubkeys if k.id == id]
if not matching_keys:
raise NotFound404('SSH public key id %s does not belong to user %s' % (id, user))
key = matching_keys[0]
session.delete(key)
return '', 204
def deleteBlogEntry(self, blogentry_id, **kwargs):
'''
Deletes note and it's count.
@param blogentry_id: needed to identify note
'''
entry = session.query(BlogEntry).get_by(blogentry_id=int(blogentry_id))
entry.relatedQueries = []
user=session.query(User).get_by(user_id = entry.user_id)
if user.user_stats.no_of_blogs>1:
user.user_stats.no_of_blogs-=1
session.delete(entry);
session.flush()
return dict()
def ssh_key_remove(self, *args, **kw):
user = identity.current.user
keyid = kw.get('id', None)
try:
key = SSHPubKey.by_id(keyid)
except InvalidRequestError:
flash(_(u"SSH key not found"))
redirect('.')
if user != key.user:
flash(_(u"May not remove another user's keys"))
redirect('.')
session.delete(key)
flash(_(u"SSH public key removed"))
redirect('.')
def ssh_key_remove(self, *args, **kw):
user = identity.current.user
keyid = kw.get('id', None)
try:
key = SSHPubKey.by_id(keyid)
except InvalidRequestError:
flash(_(u"SSH key not found"))
redirect('.')
if user != key.user:
flash(_(u"May not remove another user's keys"))
redirect('.')
session.delete(key)
flash(_(u"SSH public key removed"))
redirect('.')
def _handle_call_flags(session, data, machine_id):
for call_flag_class_upper in ('CFLAGS', 'CXXFLAGS', 'LDFLAGS', 'MAKEOPTS'):
try:
call_flag_class_object = session.query(GentooCallFlagClassString).filter_by(name=call_flag_class_upper).one()
except sqlalchemy.orm.exc.NoResultFound:
call_flag_class_object = GentooCallFlagClassString(call_flag_class_upper)
session.add(call_flag_class_object)
session.flush()
call_flag_class_id = call_flag_class_object.id
# Find current entries
try:
current_call_flag_list = data['call_flags'][call_flag_class_upper.lower()]
except KeyError:
current_call_flag_list = []
# Find old entries
old_call_flag_objects = session.query(GentooCallFlagRel).options(\
eagerload('call_flag')).\
filter_by(machine_id=machine_id, call_flag_class_id=call_flag_class_id).all()
# Re-construct call flag list
old_call_flag_list = [a.call_flag.name for a in sorted(\
[e for e in old_call_flag_objects], key=lambda x: x.position)]
# Consistent data?
if len(old_call_flag_list) != len(old_call_flag_objects):
old_call_flag_list = None
# Calculate diff
if cmp(current_call_flag_list, old_call_flag_list) != 0:
# Resolve diff
for e in old_call_flag_objects:
session.delete(e)
if old_call_flag_objects:
session.flush()
for position, call_flag in enumerate(current_call_flag_list):
try:
call_flag_object = session.query(GentooCallFlagString).filter_by(name=call_flag).one()
except sqlalchemy.orm.exc.NoResultFound:
call_flag_object = GentooCallFlagString(call_flag)
session.add(call_flag_object)
session.flush()
call_flag_id = call_flag_object.id
session.add(GentooCallFlagRel(machine_id, call_flag_class_id, call_flag_id, position))
session.flush()
def _handle_accept_keywords(session, data, machine_id):
# Find current entries
try:
accept_keywords = data['accept_keywords']
except KeyError:
accept_keywords = {}
current_accept_keywords_set = set()
for i in accept_keywords:
if i.startswith('~'):
key = (i.lstrip('~'), False)
else:
key = (i, True)
current_accept_keywords_set.add(key)
# Find old entries
old_accept_keywords_objects = session.query(\
GentooAcceptKeywordRel).options(\
eagerload('keyword')).\
filter_by(machine_id=machine_id).all()
old_accept_keywords_dict = {}
for i in old_accept_keywords_objects:
key = (i.keyword.name, bool(i.stable))
old_accept_keywords_dict[key] = i
old_accept_keywords_set = set(old_accept_keywords_dict.keys())
# Calculate diff
mappings_to_add = current_accept_keywords_set - old_accept_keywords_set
mappings_to_remove = old_accept_keywords_set - current_accept_keywords_set
# Resolve diff
for i in mappings_to_remove:
session.delete(old_accept_keywords_dict[i])
if mappings_to_remove:
session.flush()
for i in mappings_to_add:
keyword, stable = i
try:
pool_object = session.query(GentooKeywordString).filter_by(name=keyword).one()
except sqlalchemy.orm.exc.NoResultFound:
pool_object = GentooKeywordString(keyword)
session.add(pool_object)
session.flush()
keyword_id = pool_object.id
session.add(GentooAcceptKeywordRel(machine_id, keyword_id, stable))
session.flush()
def remove(self, **kw):
group = Group.by_id(kw['group_id'])
if not group.can_edit(identity.current.user):
flash(_(u'You are not an owner of group %s' % group))
redirect('../groups/mine')
if group.jobs:
flash(_(u'Cannot delete a group which has associated jobs'))
redirect('../groups/mine')
session.delete(group)
activity = Activity(identity.current.user, u'WEBUI', u'Removed', u'Group', group.display_name, u"")
session.add(activity)
for system in group.systems:
SystemActivity(identity.current.user, u'WEBUI', u'Removed', u'Group', group.display_name, u"", object=system)
flash( _(u"%s deleted") % group.display_name )
raise redirect(".")
def _remove(user, method, **kw):
if user == identity.current.user:
raise BX(_('You cannot remove yourself'))
# cancel all running and queued jobs
Job.cancel_jobs_by_user(user, 'User %s removed' % user.user_name)
# Return all systems in use by this user
for system in System.query.filter(System.user == user):
reservation = system.open_reservation
system.unreserve(reservation=reservation, service=method)
# Return all loaned systems in use by this user
for system in System.query.filter(System.loaned == user):
system.record_activity(user=identity.current.user,
service=method,
action=u'Changed',
field=u'Loaned To',
old=u'%s' % system.loaned,
new=None)
system.loaned = None
# Remove the user from all system access policies
for rule in SystemAccessPolicyRule.query.filter_by(user=user):
rule.record_deletion(service=method)
session.delete(rule)
# Change the owner to the caller
newowner = kw.get('newowner', identity.current.user)
for system in System.query.filter(System.owner == user):
system.owner = newowner
system.record_activity(user=identity.current.user,
service=method,
action=u'Changed',
field=u'Owner',
old=u'%s' % user,
new=u'%s' % newowner)
for pool in SystemPool.query.filter(SystemPool.owning_user == user):
pool.change_owner(user=newowner, service=method)
# Remove the user from all groups
for group in user.groups:
if not group.membership_type == GroupMembershipType.inverted:
group.remove_member(user=user,
agent=identity.current.user,
service=method)
# Finally remove the user
user.removed = datetime.utcnow()
def update_reservation_request(id):
"""
Updates the reservation request of a recipe. The request must be
:mimetype:`application/json`.
:param id: Recipe's id.
:jsonparam boolean reserve: Whether the system will be reserved at the end
of the recipe. If true, the system will be reserved. If false, the system
will not be reserved.
:jsonparam int duration: Number of seconds to rerserve the system.
"""
recipe = _get_recipe_by_id(id)
if not recipe.can_update_reservation_request(identity.current.user):
raise Forbidden403('Cannot update the reservation request of recipe %s'
% recipe.id)
data = read_json_request(request)
if 'reserve' not in data:
raise BadRequest400('No reserve specified')
with convert_internal_errors():
if data['reserve']:
if 'duration' not in data:
raise BadRequest400('No duration specified')
duration = data['duration']
if duration > MAX_SECONDS_PROVISION:
raise BadRequest400('Reservation time exceeds maximum time of %s hours' % MAX_HOURS_PROVISION)
if recipe.reservation_request:
old_duration = recipe.reservation_request.duration
recipe.reservation_request.duration = data['duration']
_record_activity(recipe, u'Reservation Request', old_duration,
data['duration'])
else:
reservation_request = RecipeReservationRequest(data['duration'])
recipe.reservation_request = reservation_request
_record_activity(recipe, u'Reservation Request', None,
reservation_request.duration, 'Changed')
return jsonify(recipe.reservation_request.__json__())
else:
if recipe.reservation_request:
session.delete(recipe.reservation_request)
_record_activity(recipe, u'Reservation Request',
recipe.reservation_request.duration, None)
return jsonify(RecipeReservationRequest.empty_json())
def delete(self, fqdn):
"""
Delete a system with the given fully-qualified domain name.
The caller must be the owner of the system or an admin.
:param fqdn: fully-qualified domain name of the system to be deleted
:type fqdn: string
.. versionadded:: 0.8.2
"""
system = System.by_fqdn(fqdn, identity.current.user)
if system.reservations:
raise ValueError("Can't delete system %s with reservations" % fqdn)
if system.owner != identity.current.user and \
not identity.current.user.is_admin():
raise ValueError("Can't delete system %s you don't own" % fqdn)
session.delete(system)
return 'Deleted %s' % fqdn
def update_reservation_request(id):
"""
Updates the reservation request of a recipe. The request must be
:mimetype:`application/json`.
:param id: Recipe's id.
:jsonparam boolean reserve: Whether the system will be reserved at the end
of the recipe. If true, the system will be reserved. If false, the system
will not be reserved.
:jsonparam int duration: Number of seconds to rerserve the system.
"""
recipe = _get_recipe_by_id(id)
if not recipe.can_update_reservation_request(identity.current.user):
raise Forbidden403('Cannot update the reservation request of recipe %s'
% recipe.id)
data = read_json_request(request)
if 'reserve' not in data:
raise BadRequest400('No reserve specified')
with convert_internal_errors():
if data['reserve']:
if 'duration' not in data:
raise BadRequest400('No duration specified')
duration = data['duration']
if duration > MAX_SECONDS_PROVISION:
raise BadRequest400('Reservation time exceeds maximum time of %s hours' % MAX_HOURS_PROVISION)
if recipe.reservation_request:
old_duration = recipe.reservation_request.duration
recipe.reservation_request.duration = data['duration']
_record_activity(recipe, u'Reservation Request', old_duration,
data['duration'])
else:
reservation_request = RecipeReservationRequest(data['duration'])
recipe.reservation_request = reservation_request
_record_activity(recipe, u'Reservation Request', None,
reservation_request.duration, 'Changed')
return jsonify(recipe.reservation_request.__json__())
else:
if recipe.reservation_request:
session.delete(recipe.reservation_request)
_record_activity(recipe, u'Reservation Request',
recipe.reservation_request.duration, None)
return jsonify(RecipeReservationRequest.empty_json())
def delete(self, fqdn):
"""
Delete a system with the given fully-qualified domain name.
The caller must be the owner of the system or an admin.
:param fqdn: fully-qualified domain name of the system to be deleted
:type fqdn: string
.. versionadded:: 0.8.2
"""
system = System.by_fqdn(fqdn, identity.current.user)
if system.reservations:
raise ValueError("Can't delete system %s with reservations" % fqdn)
if system.owner != identity.current.user and \
not identity.current.user.is_admin():
raise ValueError("Can't delete system %s you don't own" % fqdn)
session.delete(system)
return 'Deleted %s' % fqdn
def _handle_privacy_metrics(session, data, machine_id):
# Find current entries
try:
privacy_metrics = data['privacy_metrics']
except KeyError:
privacy_metrics = {}
current_privacy_metrics_set = set()
for k, v in privacy_metrics.items():
key = (k, ) + tuple(v)
current_privacy_metrics_set.add(key)
# Find old entries
old_privacy_metrics_objects = session.query(\
GentooPrivacyMetricRel).options(\
eagerload('data_class')).\
filter_by(machine_id=machine_id).all()
old_privacy_metrics_dict = {}
for i in old_privacy_metrics_objects:
key = (i.data_class.name, bool(i.revealed), i.count_private, i.count_non_private)
old_privacy_metrics_dict[key] = i
old_privacy_metrics_set = set(old_privacy_metrics_dict.keys())
# Calculate diff
mappings_to_add = current_privacy_metrics_set - old_privacy_metrics_set
mappings_to_remove = old_privacy_metrics_set - current_privacy_metrics_set
# Resolve diff
for i in mappings_to_remove:
session.delete(old_privacy_metrics_dict[i])
if mappings_to_remove:
session.flush()
for i in mappings_to_add:
data_class, revealed, count_private, count_non_private = i
try:
pool_object = session.query(GentooDataClassString).filter_by(name=data_class).one()
except sqlalchemy.orm.exc.NoResultFound:
pool_object = GentooDataClassString(data_class)
session.add(pool_object)
session.flush()
data_class_id = pool_object.id
session.add(GentooPrivacyMetricRel(machine_id, data_class_id, revealed, count_private, count_non_private))
session.flush()
def remove(self, **kw):
try:
group = Group.by_id(kw['group_id'])
except DatabaseLookupError:
flash(unicode('Invalid group or already removed'))
redirect('../groups/mine')
if not group.can_edit(identity.current.user):
flash(_(u'You are not an owner of group %s' % group))
redirect('../groups/mine')
if group.is_protected_group():
flash(
_(u'This group %s is predefined and cannot be deleted' %
group))
redirect('../groups/mine')
if group.jobs:
flash(_(u'Cannot delete a group which has associated jobs'))
redirect('../groups/mine')
# Record the access policy rules that will be removed
# before deleting the group
for rule in group.system_access_policy_rules:
rule.record_deletion()
session.delete(group)
activity = Activity(identity.current.user, u'WEBUI', u'Removed',
u'Group', group.display_name, u"")
session.add(activity)
for system in group.systems:
session.add(
SystemActivity(identity.current.user,
u'WEBUI',
u'Removed',
u'Group',
group.display_name,
u"",
object=system))
flash(_(u"%s deleted") % group.display_name)
raise redirect(".")
def test_02_abort_dead_recipes(self):
beakerd.process_new_recipes()
beakerd.update_dirty_jobs()
beakerd.queue_processed_recipesets()
beakerd.update_dirty_jobs()
with session.begin():
job = Job.by_id(self.job2.id)
self.assertEqual(job.status, TaskStatus.queued)
# check if rows in system_recipe_map
self.assertNotEqual(len(job.recipesets[0].recipes[0].systems), 0)
# Remove distro_tree2 from lab1, should cause remaining recipe to abort.
for lca in self.distro_tree2.lab_controller_assocs[:]:
session.delete(lca)
beakerd.abort_dead_recipes()
beakerd.update_dirty_jobs()
with session.begin():
job = Job.by_id(self.job2.id)
self.assertEqual(job.status, TaskStatus.aborted)
# https://bugzilla.redhat.com/show_bug.cgi?id=1173376
# check if no rows system_recipe_map
self.assertEqual(len(job.recipesets[0].recipes[0].systems), 0)
def test_02_abort_dead_recipes(self):
beakerd.process_new_recipes()
beakerd.update_dirty_jobs()
with session.begin():
job = Job.by_id(self.job2.id)
self.assertEqual(job.status, TaskStatus.processed)
# check if rows in system_recipe_map
self.assertNotEqual(len(job.recipesets[0].recipes[0].systems), 0)
# Remove distro_tree2 from lab1, should cause remaining recipe to abort.
for lca in self.distro_tree2.lab_controller_assocs[:]:
session.delete(lca)
beakerd.queue_processed_recipesets()
beakerd.update_dirty_jobs()
beakerd.abort_dead_recipes()
beakerd.update_dirty_jobs()
with session.begin():
job = Job.by_id(self.job2.id)
self.assertEqual(job.status, TaskStatus.aborted)
# https://bugzilla.redhat.com/show_bug.cgi?id=1173376
# check if no rows system_recipe_map
self.assertEqual(len(job.recipesets[0].recipes[0].systems), 0)
def remove(self, **kw):
u = identity.current.user
try:
group = Group.by_id(kw['group_id'])
except DatabaseLookupError:
flash(unicode('Invalid group or already removed'))
redirect('../groups/mine')
if not group.can_edit(u):
flash(_(u'You are not an owner of group %s' % group))
redirect('../groups/mine')
if group.is_protected_group():
flash(
_(u'This group %s is predefined and cannot be deleted' %
group))
redirect('../groups/mine')
if group.jobs:
flash(_(u'Cannot delete a group which has associated jobs'))
redirect('../groups/mine')
# Record the access policy rules that will be removed
# before deleting the group
for rule in group.system_access_policy_rules:
rule.record_deletion()
# For any system pool owned by this group, unset owning_group
# and set owning_user to the user deleting this group
pools = SystemPool.query.filter_by(owning_group_id=group.group_id)
for pool in pools:
pool.change_owner(user=u, service='WEBUI')
session.delete(group)
activity = Activity(u, u'WEBUI', u'Removed', u'Group',
group.display_name, u"")
session.add(activity)
flash(_(u"%s deleted") % group.display_name)
raise redirect(".")
def delete(cls):
for role in cls.roles:
session.delete(role)
session.delete(cls)
def remove(self, **kw):
remove = Key.by_id(kw['id'])
session.delete(remove)
flash( _(u"%s Deleted") % remove.key_name )
raise redirect(".")
if e.faultCode == 51:
# This user doesn't have a bugzilla account yet
# add them to a list and we'll let them know.
no_bz_account.append(entry)
continue
else:
print 'Error:', e, entry.email, entry.person.human_name
raise
server.updateperms(entry.email, 'add', bzGroup)
else:
print 'Unrecognized action code: %s %s %s %s %s' % (entry.action,
entry.email, entry.person.human_name, entry.person.username, entry.group.name)
continue
# Remove them from the queue
session.delete(entry)
session.flush()
# Mail the people without bugzilla accounts
if '$USER' in NOTIFYEMAIL:
for person in no_bz_account:
smtplib.SMTP(MAILSERVER)
msg = Message()
message = '''Hello %(name)s,
As a Fedora packager, we grant you permissions to make changes to bugs in
bugzilla to all Fedora bugs. This lets you work together with other Fedora
developers in an easier fashion. However, to enable this functionality, we
need to have your bugzilla email address stored in the Fedora Account System.
At the moment you have:
