def process_login(user):
user_status = hg_helper.is_valid_user(user)
if user_status == 2:
sys.stderr.write(HG_ACCESS_DISABLED % (user, user))
sys.exit(0)
elif user_status != 1:
sys.stderr.write(NO_HG_ACCESS % user)
sys.exit(0)
with open('/etc/mercurial/pash.json', 'rb') as fh:
pash_settings = json.load(fh)
touch_hg_access_date(user)
# Touch the initiator of the autoland request, if required.
if user == pash_settings.get('autoland_user', AUTOLAND_USER):
request_user = os.environ.get('AUTOLAND_REQUEST_USER')
if request_user:
touch_hg_access_date(request_user)
hg_helper.serve(
cname=pash_settings['hostname'],
enable_repo_config=pash_settings.get('repo_config', False),
enable_repo_group=pash_settings.get('repo_group', False),
enable_user_repos=pash_settings.get('user_repos', False),
enable_mozreview_ldap_associate=pash_settings.get('mr_ldap_associate', False))
sys.exit(0)
def process_non_root_login(user):
# Delay import so these don't interfere with root login code path.
from datetime import datetime
import json
import logging
import sys
import hg_helper
import ldap_helper
user_status = hg_helper.is_valid_user(user)
if user_status == 2:
sys.stderr.write('Your mercurial account has been disabled due \
to inactivity.\nPlease file a bug at \
https://bugzilla.mozilla.org (or \
http://tinyurl.com/njcfhma) to re-activate \
your account.\n')
sys.exit(0)
elif user_status != 1:
sys.stderr.write(NO_HG_ACCESS % user)
sys.exit(0)
# Run ldap access date toucher, silently fail and log if we're unable to write
try:
settings = ldap_helper.get_ldap_settings()
ldap_helper.update_access_date(user, 'hgAccessDate',
datetime.utcnow().strftime("%Y%m%d%H%M%S.%fZ"),
settings['url'],
settings['write_url'])
except Exception:
logging.basicConfig(filename='/var/log/pash.log', level=logging.DEBUG)
logging.exception('Failed to update LDAP attributes for %s' % user)
with open('/etc/mercurial/pash.json', 'rb') as fh:
pash_settings = json.load(fh)
hg_helper.serve(cname=pash_settings['hostname'],
enable_repo_config=pash_settings.get('repo_config', False),
enable_repo_group=pash_settings.get('repo_group', False),
enable_user_repos=pash_settings.get('user_repos', False),
enable_mozreview_ldap_associate=pash_settings.get('mr_ldap_associate', False))
sys.exit(0)
def process_non_root_login(user):
# Delay import so these don't interfere with root login code path.
from datetime import datetime
import json
import logging
import sys
import hg_helper
import ldap_helper
user_status = hg_helper.is_valid_user(user)
if user_status == 2:
sys.stderr.write(HG_ACCESS_DISABLED % (user, user))
sys.exit(0)
elif user_status != 1:
sys.stderr.write(NO_HG_ACCESS % user)
sys.exit(0)
# Run ldap access date toucher, silently fail and log if we're unable to write
try:
settings = ldap_helper.get_ldap_settings()
ldap_helper.update_access_date(
user, 'hgAccessDate',
datetime.utcnow().strftime("%Y%m%d%H%M%S.%fZ"), settings['url'],
settings['write_url'])
except Exception:
logging.basicConfig(filename='/var/log/pash.log', level=logging.DEBUG)
logging.exception('Failed to update LDAP attributes for %s' % user)
with open('/etc/mercurial/pash.json', 'rb') as fh:
pash_settings = json.load(fh)
hg_helper.serve(cname=pash_settings['hostname'],
enable_repo_config=pash_settings.get('repo_config', False),
enable_repo_group=pash_settings.get('repo_group', False),
enable_user_repos=pash_settings.get('user_repos', False),
enable_mozreview_ldap_associate=pash_settings.get(
'mr_ldap_associate', False))
sys.exit(0)
def process_login(user):
user_status = hg_helper.is_valid_user(user)
if user_status == 2:
sys.stderr.write(HG_ACCESS_DISABLED % (user, user))
sys.exit(0)
elif user_status != 1:
sys.stderr.write(NO_HG_ACCESS % user)
sys.exit(0)
with open('/etc/mercurial/pash.json', 'rb') as fh:
pash_settings = json.load(fh)
touch_hg_access_date(user)
# landing_users are both autoland-transplant and Lando landing worker
# users that push on behalf of other users.
landing_users = (
pash_settings.get('autoland_user', AUTOLAND_USER),
pash_settings.get('landing_worker_user', LANDING_WORKER_USER),
pash_settings.get('landing_worker_user_dev', LANDING_WORKER_USER_DEV),
)
# Touch the initiator of the autoland request, if required.
if user in landing_users:
request_user = os.environ.get('AUTOLAND_REQUEST_USER')
if request_user:
touch_hg_access_date(request_user)
else:
if 'AUTOLAND_REQUEST_USER' in os.environ:
del os.environ['AUTOLAND_REQUEST_USER']
hg_helper.serve(cname=pash_settings['hostname'],
enable_repo_config=pash_settings.get('repo_config', False),
enable_repo_group=pash_settings.get('repo_group', False),
enable_user_repos=pash_settings.get('user_repos', False),
enable_mozreview_ldap_associate=pash_settings.get(
'mr_ldap_associate', False))
sys.exit(0)
import logging
from sh_helper import QuoteForPOSIX
if __name__ == '__main__':
os.environ['PYTHONPATH'] = '/repo_local/mozilla/libraries/'
if os.getenv ('USER') == 'root':
root_shell = pwd.getpwuid (0)[6]
ssh_command = os.getenv ('SSH_ORIGINAL_COMMAND')
if ssh_command:
os.system (root_shell + " -c " + QuoteForPOSIX (ssh_command))
else:
os.execl (root_shell, root_shell)
else:
server_port = os.getenv('SSH_CONNECTION').split ()[-1]
user_status = hg_helper.is_valid_user(os.getenv('USER'))
if user_status == 2:
sys.stderr.write('Your mercurial account has been disabled due \
to inactivity.\nPlease file a bug at \
https://bugzilla.mozilla.org (or \
http://tinyurl.com/2aveg9k) to re-activate \
your account.\n')
sys.exit(0)
elif user_status != 1:
sys.stderr.write('You do not have a valid mercurial account!\n')
sys.exit(0)
# Run ldap access date toucher, silently fail and log if we're unable to write
try:
ldap_helper.update_ldap_attribute(os.getenv('USER'), 'hgAccessDate', datetime.datetime.utcnow().strftime("%Y%m%d%H%M%S.%fZ"), 'ldap://ldap.db.scl3.mozilla.com', 'ldap://ldapsync1.db.scl3.mozilla.com')
