def exception_view(exc, request):
"""
Return an error response upon generic errors (404s, 403s, 500s, etc..).
This is here to catch everything that isn't caught by our cornice error
handlers. When we do catch something, we transform it into a cornice
Errors object and pass it to our nice cornice error handler. That way, all
the exception presentation and rendering we can keep in one place.
Args:
exc (Exception): The unhandled exception.
request (pyramid.util.Request): The current request.
Returns:
bodhi.server.services.errors.html_handler: A pyramid.httpexceptions.HTTPError to be rendered
to the user for the given exception.
"""
errors = getattr(request, 'errors', [])
status = getattr(exc, 'status_code', 500)
if status not in (404, 403):
log.exception("Error caught. Handling HTML response.")
else:
log.warn(str(exc))
if not len(errors):
description = getattr(exc, 'explanation', None) or str(exc)
errors = cornice.errors.Errors(status=status)
errors.add('body', description=description)
return bodhi.server.services.errors.html_handler(errors, request)
def send_mail(from_addr, to_addr, subject, body_text, headers=None):
"""
Send an e-mail.
Args:
from_addr (basestring): The address to use in the From: header.
to_addr (basestring): The address to send the e-mail to.
subject (basestring): The subject of the e-mail.
body_text (basestring): The body of the e-mail to be sent.
headers (dict or None): A mapping of header fields to values to be included in the e-mail,
if not None.
"""
if not from_addr:
from_addr = config.get('bodhi_email')
if not from_addr:
log.warn('Unable to send mail: bodhi_email not defined in the config')
return
if to_addr in config.get('exclude_mail'):
return
from_addr = to_bytes(from_addr)
to_addr = to_bytes(to_addr)
subject = to_bytes(subject)
body_text = to_bytes(body_text)
msg = [b'From: %s' % from_addr, b'To: %s' % to_addr]
if headers:
for key, value in headers.items():
msg.append(b'%s: %s' % (to_bytes(key), to_bytes(value)))
msg.append(b'X-Bodhi: %s' % to_bytes(config.get('default_email_domain')))
msg += [b'Subject: %s' % subject, b'', body_text]
body = b'\r\n'.join(msg)
log.info('Sending mail to %s: %s', to_addr, subject)
_send_mail(from_addr, to_addr, body)
def _send_mail(from_addr, to_addr, body):
"""
Send emails with smtplib. This is a lower level function than send_e-mail().
Args:
from_addr (str): The e-mail address to use in the envelope from field.
to_addr (str): The e-mail address to use in the envelope to field.
body (str): The body of the e-mail.
"""
smtp_server = config.get('smtp_server')
if not smtp_server:
log.info('Not sending email: No smtp_server defined')
return
smtp = None
try:
log.debug('Connecting to %s', smtp_server)
smtp = smtplib.SMTP(smtp_server)
smtp.sendmail(from_addr, [to_addr], body)
except smtplib.SMTPRecipientsRefused as e:
log.warn('"recipient refused" for %r, %r' % (to_addr, e))
except Exception:
log.exception('Unable to send mail')
finally:
if smtp:
smtp.quit()
def eject_from_mash(self, update, reason):
update.locked = False
text = '%s ejected from the push because %r' % (update.title, reason)
log.warn(text)
update.comment(self.db, text, author=u'bodhi')
# Remove the pending tag as well
if update.request is UpdateRequest.stable:
update.remove_tag(update.release.pending_stable_tag,
koji=buildsys.get_session())
elif update.request is UpdateRequest.testing:
update.remove_tag(update.release.pending_testing_tag,
koji=buildsys.get_session())
update.request = None
if update.title in self.state['updates']:
self.state['updates'].remove(update.title)
if update in self.updates:
self.updates.remove(update)
notifications.publish(
topic="update.eject",
msg=dict(
repo=self.id,
update=update,
reason=reason,
request=self.request,
release=self.release,
agent=self.agent,
),
force=True,
)
def send_testing_digest(self):
"""Send digest mail to mailing lists"""
self.log.info('Sending updates-testing digest')
sechead = u'The following %s Security updates need testing:\n Age URL\n'
crithead = u'The following %s Critical Path updates have yet to be approved:\n Age URL\n'
testhead = u'The following builds have been pushed to %s updates-testing\n\n'
for prefix, content in self.testing_digest.iteritems():
release = self.db.query(Release).filter_by(long_name=prefix).one()
test_list_key = '%s_test_announce_list' % (
release.id_prefix.lower().replace('-', '_'))
test_list = config.get(test_list_key)
if not test_list:
log.warn('%r undefined. Not sending updates-testing digest',
test_list_key)
continue
log.debug("Sending digest for updates-testing %s" % prefix)
maildata = u''
security_updates = self.get_security_updates(prefix)
if security_updates:
maildata += sechead % prefix
for update in security_updates:
maildata += u' %3i %s %s\n' % (
update.days_in_testing,
update.abs_url(),
update.title)
maildata += '\n\n'
critpath_updates = self.get_unapproved_critpath_updates(prefix)
if critpath_updates:
maildata += crithead % prefix
for update in self.get_unapproved_critpath_updates(prefix):
maildata += u' %3i %s %s\n' % (
update.days_in_testing,
update.abs_url(),
update.title)
maildata += '\n\n'
maildata += testhead % prefix
updlist = content.keys()
updlist.sort()
for pkg in updlist:
maildata += u' %s\n' % pkg
maildata += u'\nDetails about builds:\n\n'
for nvr in updlist:
maildata += u"\n" + self.testing_digest[prefix][nvr]
mail.send_mail(config.get('bodhi_email'), test_list,
'%s updates-testing report' % prefix, maildata)
def __init__(self, hub, db_factory=None, mash_dir=config.get('mash_dir'),
*args, **kw):
if not db_factory:
config_uri = '/etc/bodhi/production.ini'
settings = get_appsettings(config_uri)
engine = engine_from_config(settings, 'sqlalchemy.')
Base.metadata.create_all(engine)
self.db_factory = transactional_session_maker()
else:
self.db_factory = db_factory
buildsys.setup_buildsystem(config)
bugs.set_bugtracker()
self.mash_dir = mash_dir
prefix = hub.config.get('topic_prefix')
env = hub.config.get('environment')
self.topic = prefix + '.' + env + '.' + hub.config.get('masher_topic')
self.valid_signer = hub.config.get('releng_fedmsg_certname')
if not self.valid_signer:
log.warn('No releng_fedmsg_certname defined'
'Cert validation disabled')
super(Masher, self).__init__(hub, *args, **kw)
log.info('Bodhi masher listening on topic: %s' % self.topic)
def save_stack(request):
"""
Save a stack.
Args:
request (pyramid.request): The current web request.
Returns:
dict: A dictionary with key "stack" that indexes the newly created Stack.
"""
data = request.validated
db = request.db
user = User.get(request.user.name, db)
# Fetch or create the stack
stack = Stack.get(data['name'], db)
if not stack:
stack = Stack(name=data['name'], users=[user])
db.add(stack)
db.flush()
if stack.users or stack.groups:
if user in stack.users:
log.info('%s is an owner of the %s', user.name, stack.name)
else:
for group in user.groups:
if group in stack.groups:
log.info('%s is a member of the %s group', user.name,
stack.name)
break
else:
log.warn('%s is not an owner of the %s stack', user.name,
stack.name)
log.debug('owners = %s; groups = %s', stack.users,
stack.groups)
request.errors.add(
'body', 'name', '%s does not have privileges'
' to modify the %s stack' % (user.name, stack.name))
request.errors.status = HTTPForbidden.code
return
# Update the stack description
desc = data['description']
if desc:
stack.description = desc
# Update the stack requirements
# If the user passed in no value at all for requirements, then use
# the site defaults. If, however, the user passed in the empty string, we
# assume they mean *really*, no requirements so we leave the value null.
reqs = data['requirements']
if reqs is None:
stack.requirements = config.get('site_requirements')
elif reqs:
stack.requirements = reqs
stack.update_relationship('users', User, data, db)
stack.update_relationship('groups', Group, data, db)
# We make a special case out of packages here, since when a package is
# added to a stack, we want to give it the same requirements as the stack
# has. See https://github.com/fedora-infra/bodhi/issues/101
new, same, rem = stack.update_relationship('packages', Package, data, db)
if stack.requirements:
additional = list(tokenize(stack.requirements))
for name in new:
package = Package.get(name, db)
original = package.requirements
original = [] if not original else list(tokenize(original))
package.requirements = " ".join(list(set(original + additional)))
log.info('Saved %s stack', data['name'])
notifications.publish(topic='stack.save',
msg=dict(stack=stack, agent=user.name))
return dict(stack=stack)
def new_update(request):
"""
Save an update.
This entails either creating a new update, or editing an existing one. To
edit an existing update, the update's original title must be specified in
the ``edited`` parameter.
Args:
request (pyramid.request): The current request.
"""
data = request.validated
log.debug('validated = %s' % data)
# This has already been validated at this point, but we need to ditch
# it since the models don't care about a csrf argument.
data.pop('csrf_token')
caveats = []
try:
releases = set()
builds = []
# Create the Package and Build entities
for nvr in data['builds']:
name, version, release = request.buildinfo[nvr]['nvr']
package = Package.get_or_create(request.buildinfo[nvr])
# Also figure out the build type and create the build if absent.
build_class = ContentType.infer_content_class(
base=Build, build=request.buildinfo[nvr]['info'])
build = build_class.get(nvr)
if build is None:
log.debug("Adding nvr %s, type %r", nvr, build_class)
build = build_class(nvr=nvr, package=package)
request.db.add(build)
request.db.flush()
build.package = package
build.release = request.buildinfo[build.nvr]['release']
builds.append(build)
releases.add(request.buildinfo[build.nvr]['release'])
# We want to go ahead and commit the transaction now so that the Builds are in the database.
# Otherwise, there will be a race condition between robosignatory signing the Builds and the
# signed handler attempting to mark the builds as signed. When we lose that race, the signed
# handler doesn't see the Builds in the database and gives up. After that, nothing will mark
# the builds as signed.
request.db.commit()
# After we commit the transaction, we need to get the builds and releases again, since they
# were tied to the previous session that has now been terminated.
builds = []
releases = set()
for nvr in data['builds']:
# At this moment, we are sure the builds are in the database (that is what the commit
# was for actually).
build = Build.get(nvr)
builds.append(build)
releases.add(build.release)
if data.get('edited'):
log.info('Editing update: %s' % data['edited'])
assert len(releases) == 1, "Updates may not span multiple releases"
data['release'] = list(releases)[0]
data['builds'] = [b.nvr for b in builds]
result, _caveats = Update.edit(request, data)
caveats.extend(_caveats)
else:
if len(releases) > 1:
caveats.append({
'name': 'releases',
'description': 'Your update is being split '
'into %i, one for each release.' % len(releases)
})
updates = []
for release in releases:
_data = copy.copy(data) # Copy it because .new(..) mutates it
_data['builds'] = [b for b in builds if b.release == release]
_data['release'] = release
log.info('Creating new update: %r' % _data['builds'])
result, _caveats = Update.new(request, _data)
log.debug('%s update created', result.title)
updates.append(result)
caveats.extend(_caveats)
if len(releases) > 1:
result = dict(updates=updates)
except LockedUpdateException as e:
log.warn(str(e))
request.errors.add('body', 'builds', "%s" % str(e))
return
except Exception as e:
log.exception('Failed to create update')
request.errors.add(
'body', 'builds', 'Unable to create update. %s' % str(e))
return
# Obsolete older updates for three different cases...
# editing an update, submitting a new single update, submitting multiple.
if isinstance(result, dict):
updates = result['updates']
else:
updates = [result]
for update in updates:
try:
caveats.extend(update.obsolete_older_updates(request.db))
except Exception as e:
caveats.append({
'name': 'update',
'description': 'Problem obsoleting older updates: %s' % str(e),
})
if not isinstance(result, dict):
result = result.__json__()
result['caveats'] = caveats
return result
