def process_login(user): user_status = hg_helper.is_valid_user(user) if user_status == 2: sys.stderr.write(HG_ACCESS_DISABLED % (user, user)) sys.exit(0) elif user_status != 1: sys.stderr.write(NO_HG_ACCESS % user) sys.exit(0) with open('/etc/mercurial/pash.json', 'rb') as fh: pash_settings = json.load(fh) touch_hg_access_date(user) # Touch the initiator of the autoland request, if required. if user == pash_settings.get('autoland_user', AUTOLAND_USER): request_user = os.environ.get('AUTOLAND_REQUEST_USER') if request_user: touch_hg_access_date(request_user) hg_helper.serve( cname=pash_settings['hostname'], enable_repo_config=pash_settings.get('repo_config', False), enable_repo_group=pash_settings.get('repo_group', False), enable_user_repos=pash_settings.get('user_repos', False), enable_mozreview_ldap_associate=pash_settings.get('mr_ldap_associate', False)) sys.exit(0)
def process_non_root_login(user): # Delay import so these don't interfere with root login code path. from datetime import datetime import json import logging import sys import hg_helper import ldap_helper user_status = hg_helper.is_valid_user(user) if user_status == 2: sys.stderr.write('Your mercurial account has been disabled due \ to inactivity.\nPlease file a bug at \ https://bugzilla.mozilla.org (or \ http://tinyurl.com/njcfhma) to re-activate \ your account.\n') sys.exit(0) elif user_status != 1: sys.stderr.write(NO_HG_ACCESS % user) sys.exit(0) # Run ldap access date toucher, silently fail and log if we're unable to write try: settings = ldap_helper.get_ldap_settings() ldap_helper.update_access_date(user, 'hgAccessDate', datetime.utcnow().strftime("%Y%m%d%H%M%S.%fZ"), settings['url'], settings['write_url']) except Exception: logging.basicConfig(filename='/var/log/pash.log', level=logging.DEBUG) logging.exception('Failed to update LDAP attributes for %s' % user) with open('/etc/mercurial/pash.json', 'rb') as fh: pash_settings = json.load(fh) hg_helper.serve(cname=pash_settings['hostname'], enable_repo_config=pash_settings.get('repo_config', False), enable_repo_group=pash_settings.get('repo_group', False), enable_user_repos=pash_settings.get('user_repos', False), enable_mozreview_ldap_associate=pash_settings.get('mr_ldap_associate', False)) sys.exit(0)
def process_non_root_login(user): # Delay import so these don't interfere with root login code path. from datetime import datetime import json import logging import sys import hg_helper import ldap_helper user_status = hg_helper.is_valid_user(user) if user_status == 2: sys.stderr.write(HG_ACCESS_DISABLED % (user, user)) sys.exit(0) elif user_status != 1: sys.stderr.write(NO_HG_ACCESS % user) sys.exit(0) # Run ldap access date toucher, silently fail and log if we're unable to write try: settings = ldap_helper.get_ldap_settings() ldap_helper.update_access_date( user, 'hgAccessDate', datetime.utcnow().strftime("%Y%m%d%H%M%S.%fZ"), settings['url'], settings['write_url']) except Exception: logging.basicConfig(filename='/var/log/pash.log', level=logging.DEBUG) logging.exception('Failed to update LDAP attributes for %s' % user) with open('/etc/mercurial/pash.json', 'rb') as fh: pash_settings = json.load(fh) hg_helper.serve(cname=pash_settings['hostname'], enable_repo_config=pash_settings.get('repo_config', False), enable_repo_group=pash_settings.get('repo_group', False), enable_user_repos=pash_settings.get('user_repos', False), enable_mozreview_ldap_associate=pash_settings.get( 'mr_ldap_associate', False)) sys.exit(0)
def process_login(user): user_status = hg_helper.is_valid_user(user) if user_status == 2: sys.stderr.write(HG_ACCESS_DISABLED % (user, user)) sys.exit(0) elif user_status != 1: sys.stderr.write(NO_HG_ACCESS % user) sys.exit(0) with open('/etc/mercurial/pash.json', 'rb') as fh: pash_settings = json.load(fh) touch_hg_access_date(user) # landing_users are both autoland-transplant and Lando landing worker # users that push on behalf of other users. landing_users = ( pash_settings.get('autoland_user', AUTOLAND_USER), pash_settings.get('landing_worker_user', LANDING_WORKER_USER), pash_settings.get('landing_worker_user_dev', LANDING_WORKER_USER_DEV), ) # Touch the initiator of the autoland request, if required. if user in landing_users: request_user = os.environ.get('AUTOLAND_REQUEST_USER') if request_user: touch_hg_access_date(request_user) else: if 'AUTOLAND_REQUEST_USER' in os.environ: del os.environ['AUTOLAND_REQUEST_USER'] hg_helper.serve(cname=pash_settings['hostname'], enable_repo_config=pash_settings.get('repo_config', False), enable_repo_group=pash_settings.get('repo_group', False), enable_user_repos=pash_settings.get('user_repos', False), enable_mozreview_ldap_associate=pash_settings.get( 'mr_ldap_associate', False)) sys.exit(0)
import logging from sh_helper import QuoteForPOSIX if __name__ == '__main__': os.environ['PYTHONPATH'] = '/repo_local/mozilla/libraries/' if os.getenv ('USER') == 'root': root_shell = pwd.getpwuid (0)[6] ssh_command = os.getenv ('SSH_ORIGINAL_COMMAND') if ssh_command: os.system (root_shell + " -c " + QuoteForPOSIX (ssh_command)) else: os.execl (root_shell, root_shell) else: server_port = os.getenv('SSH_CONNECTION').split ()[-1] user_status = hg_helper.is_valid_user(os.getenv('USER')) if user_status == 2: sys.stderr.write('Your mercurial account has been disabled due \ to inactivity.\nPlease file a bug at \ https://bugzilla.mozilla.org (or \ http://tinyurl.com/2aveg9k) to re-activate \ your account.\n') sys.exit(0) elif user_status != 1: sys.stderr.write('You do not have a valid mercurial account!\n') sys.exit(0) # Run ldap access date toucher, silently fail and log if we're unable to write try: ldap_helper.update_ldap_attribute(os.getenv('USER'), 'hgAccessDate', datetime.datetime.utcnow().strftime("%Y%m%d%H%M%S.%fZ"), 'ldap://ldap.db.scl3.mozilla.com', 'ldap://ldapsync1.db.scl3.mozilla.com')