def _check_issue_comment_event( self, event: Union[IssueCommentEvent, IssueCommentGitlabEvent], project: GitProject, service_config: ServiceConfig, job_configs: Iterable[JobConfig], ) -> bool: actor_name = event.actor if not actor_name: raise KeyError( f"Failed to get login of the actor from {type(event)}") project_url = self._strip_protocol_and_add_git(event.project_url) namespace_approved = self.is_approved(project_url) user_approved = project.can_merge_pr(actor_name) if namespace_approved and user_approved: return True msg = (f"Project {project_url} is not on our allowlist!" if not namespace_approved else f"Account {actor_name} has no write access!") logger.debug(msg) project.get_issue(event.issue_id).comment(msg) return False
def _check_pr_event( self, event: Union[PullRequestGithubEvent, PullRequestCommentGithubEvent, MergeRequestGitlabEvent, MergeRequestCommentGitlabEvent, ], project: GitProject, service_config: ServiceConfig, job_configs: Iterable[JobConfig], ) -> bool: actor_name = event.actor if not actor_name: raise KeyError( f"Failed to get login of the actor from {type(event)}") project_url = self._strip_protocol_and_add_git(event.project_url) namespace_approved = self.is_approved(project_url) user_approved = (project.can_merge_pr(actor_name) or project.get_pr(event.pr_id).author == actor_name) if namespace_approved and user_approved: # TODO: clear failing check when present return True msg = ( f"Project {project_url} is not on our allowlist!" if not namespace_approved else f"Account {actor_name} has no write access nor is author of PR!") logger.debug(msg) if isinstance( event, (PullRequestCommentGithubEvent, MergeRequestCommentGitlabEvent)): project.get_pr(event.pr_id).comment(msg) else: for job_config in job_configs: job_helper = CoprBuildJobHelper( service_config=service_config, package_config=event.get_package_config(), project=project, metadata=EventData.from_event_dict(event.get_dict()), db_trigger=event.db_trigger, job_config=job_config, targets_override=event.targets_override, ) msg = ("Namespace is not allowed!" if not namespace_approved else "User cannot trigger!") job_helper.report_status_to_all(description=msg, state=BaseCommitStatus.neutral, url=FAQ_URL) return False
def _check_issue_comment_event( self, event: Union[IssueCommentEvent, IssueCommentGitlabEvent], project: GitProject, service_config: ServiceConfig, job_configs: Iterable[JobConfig], ) -> bool: account_name = event.user_login if not account_name: raise KeyError(f"Failed to get account_name from {type(event)}") namespace = event.repo_namespace namespace_approved = self.is_approved(namespace) user_approved = project.can_merge_pr(account_name) if namespace_approved and user_approved: return True msg = (f"Namespace {namespace} is not on our allowlist!" if not namespace_approved else f"Account {account_name} has no write access!") logger.error(msg) project.issue_comment(event.issue_id, msg) return False