def put_remoteci(user, r_id):
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
values = schemas.remoteci.put(flask.request.json)
remoteci = v1_utils.verify_existence_and_get(r_id, _TABLE)
if 'data' in values:
remoteci_data = get_remoteci_data_json(user, r_id)
remoteci_data.update(values['data'])
values['data'] = {k: v for k, v in remoteci_data.items() if v}
if not (auth.is_admin(user) or auth.is_in_team(user, remoteci['team_id'])):
raise auth.UNAUTHORIZED
values['etag'] = utils.gen_etag()
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.state != 'archived', _TABLE.c.id == r_id)
query = (_TABLE.update().where(where_clause).values(**values))
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('RemoteCI', r_id)
return flask.Response(None,
204,
headers={'ETag': values['etag']},
content_type='application/json')
def delete_remoteci_by_id(user, remoteci_id):
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
remoteci = v1_utils.verify_existence_and_get(remoteci_id, _TABLE)
if not (auth.is_admin(user) or auth.is_in_team(user, remoteci['team_id'])):
raise auth.UNAUTHORIZED
with flask.g.db_conn.begin():
values = {'state': 'archived'}
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.id == remoteci_id)
query = _TABLE.update().where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIDeleteConflict('RemoteCI', remoteci_id)
for model in [models.JOBS]:
query = model.update().where(model.c.remoteci_id == remoteci_id) \
.values(**values)
flask.g.db_conn.execute(query)
return flask.Response(None, 204, content_type='application/json')
def delete_team_by_id(user, t_id):
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
v1_utils.verify_existence_and_get(t_id, _TABLE)
if not user.is_in_team(t_id):
raise auth.UNAUTHORIZED
with flask.g.db_conn.begin():
values = {'state': 'archived'}
where_clause = sql.and_(
_TABLE.c.etag == if_match_etag,
_TABLE.c.id == t_id
)
query = _TABLE.update().where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIDeleteConflict('Team', t_id)
for model in [models.FILES, models.TESTS, models.REMOTECIS,
models.USERS, models.JOBS]:
query = model.update().where(model.c.team_id == t_id).values(
**values
)
flask.g.db_conn.execute(query)
return flask.Response(None, 204, content_type='application/json')
def put_team(user, t_id):
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
values = schemas.team.put(flask.request.json)
if not user.is_in_team(t_id):
raise auth.UNAUTHORIZED
v1_utils.verify_existence_and_get(t_id, _TABLE)
values['etag'] = utils.gen_etag()
where_clause = sql.and_(
_TABLE.c.etag == if_match_etag,
_TABLE.c.id == t_id
)
query = _TABLE.update().where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('Team', t_id)
return flask.Response(None, 204, headers={'ETag': values['etag']},
content_type='application/json')
def update_remoteci_keys(user, r_id):
_CAKEY = dci_config.generate_conf()['CA_KEY']
_CACERT = dci_config.generate_conf()['CA_CERT']
etag = utils.check_and_get_etag(flask.request.headers)
remoteci = v1_utils.verify_existence_and_get(r_id, _TABLE)
key, cert = v1_utils.get_key_and_cert_signed(_CAKEY, _CACERT)
values = {}
keys = {
'key': crypto.dump_privatekey(crypto.FILETYPE_PEM,
key).decode('utf-8'),
'cert': crypto.dump_certificate(crypto.FILETYPE_PEM,
cert).decode('utf-8')
}
where_clause = sql.and_(_TABLE.c.etag == etag,
_TABLE.c.state != 'archived',
_TABLE.c.id == remoteci['id'])
values['etag'] = utils.gen_etag()
values['cert_fp'] = re.sub(':', '',
cert.digest('sha1').decode('utf-8')).lower()
query = (_TABLE.update().where(where_clause).values(**values))
flask.g.db_conn.execute(query)
return flask.Response(json.dumps({'keys': keys}),
201,
content_type='application/json')
def put_remoteci(user, r_id):
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
values = flask.request.json
check_json_is_valid(update_remoteci_schema, values)
remoteci = v1_utils.verify_existence_and_get(r_id, _TABLE)
if user.is_not_in_team(remoteci['team_id']) and user.is_not_epm():
raise dci_exc.Unauthorized()
values['etag'] = utils.gen_etag()
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.state != 'archived', _TABLE.c.id == r_id)
query = (_TABLE.update().returning(
*_TABLE.columns).where(where_clause).values(**values))
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('RemoteCI', r_id)
_result = dict(result.fetchone())
del _result['api_secret']
return flask.Response(json.dumps({'remoteci': _result}),
200,
headers={'ETag': values['etag']},
content_type='application/json')
def delete_issue_by_id(user, issue_id):
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
v1_utils.verify_existence_and_get(issue_id, _TABLE)
with flask.g.db_conn.begin():
values = {'state': 'archived'}
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.id == issue_id)
query = _TABLE.update().where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIDeleteConflict('Issue', issue_id)
return flask.Response(None, 204, content_type='application/json')
def update_job_by_id(user, job_id):
"""Update a job
"""
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
# get the diverse parameters
values = schemas.job.put(flask.request.json)
job = v1_utils.verify_existence_and_get(job_id, _TABLE)
# If it's an admin or belongs to the same team
if not(auth.is_admin(user) or auth.is_in_team(user, job['team_id'])):
raise auth.UNAUTHORIZED
# Update jobstate if needed
status = values.get('status')
if status and job.status != status:
jobstates.insert_jobstate(user, {
'status': status,
'job_id': job_id
})
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.id == job_id)
values['etag'] = utils.gen_etag()
query = _TABLE.update().where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('Job', job_id)
if values.get('status') == "failure":
_TEAMS = models.TEAMS
where_clause = sql.expression.and_(
_TEAMS.c.id == job['team_id']
)
query = (sql.select([_TEAMS]).where(where_clause))
team_info = flask.g.db_conn.execute(query).fetchone()
if team_info['notification'] is True:
if team_info['email'] is not None:
msg = {'event': 'notification',
'email': team_info['email'],
'job_id': str(job['id'])}
flask.g.sender.send_json(msg)
return flask.Response(None, 204, headers={'ETag': values['etag']},
content_type='application/json')
def put_current_sequence(user):
if user.is_not_super_admin():
raise dci_exc.Unauthorized()
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
values = flask.request.json
check_json_is_valid(counter_schema, values)
etag = utils.gen_etag()
q_update = models.COUNTER.update().\
where(sql.and_(models.COUNTER.c.name == 'jobs_events',
models.COUNTER.c.etag == if_match_etag)).\
values(sequence=values['sequence'],
etag=etag)
result = flask.g.db_conn.execute(q_update)
if not result.rowcount:
raise dci_exc.DCIConflict('jobs_events', 'sequence')
return flask.Response(None, 204, content_type='application/json')
def delete_feeder_by_id(user, f_id):
if_match_etag = utils.check_and_get_etag(flask.request.headers)
feeder = v1_utils.verify_existence_and_get(f_id, _TABLE)
if not user.is_in_team(feeder['team_id']):
raise auth.UNAUTHORIZED
with flask.g.db_conn.begin():
values = {'state': 'archived'}
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.id == f_id)
query = _TABLE.update().where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIDeleteConflict('Feeder', f_id)
return flask.Response(None, 204, content_type='application/json')
def delete_user_by_id(user, user_id):
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
duser = _verify_existence_and_get_user(user_id)
if not (auth.is_admin(user) or auth.is_admin_user(user, duser['team_id'])):
raise auth.UNAUTHORIZED
values = {'state': 'archived'}
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.id == user_id)
query = _TABLE.update().where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIDeleteConflict('User', user_id)
return flask.Response(None, 204, content_type='application/json')
def update_permission(user, permission_id):
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
values = schemas.permission.put(flask.request.json)
v1_utils.verify_existence_and_get(permission_id, _TABLE)
values['etag'] = utils.gen_etag()
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.id == permission_id)
query = _TABLE.update().where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('Permission update error', permission_id)
return flask.Response(None,
204,
headers={'ETag': values['etag']},
content_type='application/json')
def delete_product_by_id(user, product_id):
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
if user.is_not_super_admin():
raise dci_exc.Unauthorized()
v1_utils.verify_existence_and_get(product_id, _TABLE)
values = {'state': 'archived'}
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.id == product_id)
query = _TABLE.update().where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('Product deletion error', product_id)
return flask.Response(None, 204, content_type='application/json')
def put_identity(user):
if_match_etag = utils.check_and_get_etag(flask.request.headers)
values = flask.request.json
check_json_is_valid(update_current_user_schema, values)
if user.is_not_read_only_user():
current_password = values['current_password']
encrypted_password = user.password
if not auth.check_passwords_equal(current_password,
encrypted_password):
raise dci_exc.DCIException('current_password invalid')
new_values = {}
new_password = values.get('new_password')
if new_password:
encrypted_password = auth.hash_password(new_password)
new_values['password'] = encrypted_password
etag = utils.gen_etag()
new_values.update({
'etag': etag,
'fullname': values.get('fullname') or user.fullname,
'email': values.get('email') or user.email,
'timezone': values.get('timezone') or user.timezone
})
query = _TABLE.update().returning(*_TABLE.columns).where(
sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.id == user.id)).values(new_values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('User', user.id)
_result = dict(result.fetchone())
del _result['password']
return flask.Response(json.dumps({'user': _result}),
200,
headers={'ETag': etag},
content_type='application/json')
def update_tests(user, t_id):
v1_utils.verify_existence_and_get(t_id, _TABLE)
if_match_etag = utils.check_and_get_etag(flask.request.headers)
values = flask.request.json
check_json_is_valid(update_test_schema, values)
values['etag'] = utils.gen_etag()
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.id == t_id)
query = _TABLE.update().returning(*_TABLE.columns).\
where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('Test', t_id)
return flask.Response(json.dumps({'test': result.fetchone()}),
200,
headers={'ETag': values['etag']},
content_type='application/json')
def delete_permission_by_id(user, permission_id):
if not auth.is_admin(user):
raise auth.UNAUTHORIZED
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
v1_utils.verify_existence_and_get(permission_id, _TABLE)
values = {'state': 'archived'}
where_clause = sql.and_(
_TABLE.c.etag == if_match_etag,
_TABLE.c.id == permission_id
)
query = _TABLE.update().where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('Permission deletion error',
permission_id)
return flask.Response(None, 204, content_type='application/json')
def put_feeder(user, f_id):
if_match_etag = utils.check_and_get_etag(flask.request.headers)
values = schemas.feeder.put(flask.request.json)
feeder = v1_utils.verify_existence_and_get(f_id, _TABLE)
if not user.is_in_team(feeder['team_id']):
raise auth.UNAUTHORIZED
values['etag'] = utils.gen_etag()
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.state != 'archived', _TABLE.c.id == f_id)
query = (_TABLE.update().where(where_clause).values(**values))
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('Feeder', f_id)
return flask.Response(None,
204,
headers={'ETag': values['etag']},
content_type='application/json')
def update_components(user, c_id):
if not auth.is_admin(user):
raise auth.UNAUTHORIZED
v1_utils.verify_existence_and_get(c_id, _TABLE)
if_match_etag = utils.check_and_get_etag(flask.request.headers)
values = schemas.component.put(flask.request.json)
values['etag'] = utils.gen_etag()
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.id == c_id)
query = _TABLE.update().where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('Component', c_id)
return flask.Response(None,
204,
headers={'ETag': values['etag']},
content_type='application/json')
def update_job_by_id(user, job_id):
"""Update a job
"""
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
values = flask.request.json
check_json_is_valid(update_job_schema, values)
job = v1_utils.verify_existence_and_get(job_id, _TABLE)
job = dict(job)
if user.is_not_in_team(job['team_id']) and user.is_not_epm():
raise dci_exc.Unauthorized()
# Update jobstate if needed
status = values.get('status')
if status and job.get('status') != status:
jobstates.insert_jobstate(user, {'status': status, 'job_id': job_id})
if status in models.FINAL_STATUSES:
jobs_events.create_event(job_id, status, job['topic_id'])
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.id == job_id)
values['etag'] = utils.gen_etag()
query = _TABLE.update().returning(*_TABLE.columns).\
where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('Job', job_id)
return flask.Response(json.dumps({'job': result.fetchone()}),
200,
headers={'ETag': values['etag']},
content_type='application/json')
def put_topic(user, topic_id):
# get If-Match header
if_match_etag = utils.check_and_get_etag(flask.request.headers)
values = flask.request.json
check_json_is_valid(update_topic_schema, values)
if user.is_not_super_admin() and user.is_not_epm() and user.is_not_feeder(
): # noqa
raise dci_exc.Unauthorized()
values['etag'] = utils.gen_etag()
where_clause = sql.and_(_TABLE.c.etag == if_match_etag,
_TABLE.c.id == topic_id)
query = _TABLE.update().returning(*_TABLE.columns).\
where(where_clause).values(**values)
result = flask.g.db_conn.execute(query)
if not result.rowcount:
raise dci_exc.DCIConflict('Topic', topic_id)
return flask.Response(json.dumps({'topic': result.fetchone()}),
200,
headers={'ETag': values['etag']},
content_type='application/json')
