def _check_issue_comment_event(
self,
event: Union[IssueCommentEvent, IssueCommentGitlabEvent],
project: GitProject,
service_config: ServiceConfig,
job_configs: Iterable[JobConfig],
) -> bool:
actor_name = event.actor
if not actor_name:
raise KeyError(
f"Failed to get login of the actor from {type(event)}")
project_url = self._strip_protocol_and_add_git(event.project_url)
namespace_approved = self.is_approved(project_url)
user_approved = project.can_merge_pr(actor_name)
if namespace_approved and user_approved:
return True
msg = (f"Project {project_url} is not on our allowlist!"
if not namespace_approved else
f"Account {actor_name} has no write access!")
logger.debug(msg)
project.get_issue(event.issue_id).comment(msg)
return False
def _check_pr_event(
self,
event: Union[PullRequestGithubEvent, PullRequestCommentGithubEvent,
MergeRequestGitlabEvent,
MergeRequestCommentGitlabEvent, ],
project: GitProject,
service_config: ServiceConfig,
job_configs: Iterable[JobConfig],
) -> bool:
actor_name = event.actor
if not actor_name:
raise KeyError(
f"Failed to get login of the actor from {type(event)}")
project_url = self._strip_protocol_and_add_git(event.project_url)
namespace_approved = self.is_approved(project_url)
user_approved = (project.can_merge_pr(actor_name)
or project.get_pr(event.pr_id).author == actor_name)
if namespace_approved and user_approved:
# TODO: clear failing check when present
return True
msg = (
f"Project {project_url} is not on our allowlist!"
if not namespace_approved else
f"Account {actor_name} has no write access nor is author of PR!")
logger.debug(msg)
if isinstance(
event,
(PullRequestCommentGithubEvent, MergeRequestCommentGitlabEvent)):
project.get_pr(event.pr_id).comment(msg)
else:
for job_config in job_configs:
job_helper = CoprBuildJobHelper(
service_config=service_config,
package_config=event.get_package_config(),
project=project,
metadata=EventData.from_event_dict(event.get_dict()),
db_trigger=event.db_trigger,
job_config=job_config,
targets_override=event.targets_override,
)
msg = ("Namespace is not allowed!"
if not namespace_approved else "User cannot trigger!")
job_helper.report_status_to_all(description=msg,
state=BaseCommitStatus.neutral,
url=FAQ_URL)
return False
def _check_issue_comment_event(
self,
event: Union[IssueCommentEvent, IssueCommentGitlabEvent],
project: GitProject,
service_config: ServiceConfig,
job_configs: Iterable[JobConfig],
) -> bool:
account_name = event.user_login
if not account_name:
raise KeyError(f"Failed to get account_name from {type(event)}")
namespace = event.repo_namespace
namespace_approved = self.is_approved(namespace)
user_approved = project.can_merge_pr(account_name)
if namespace_approved and user_approved:
return True
msg = (f"Namespace {namespace} is not on our allowlist!"
if not namespace_approved else
f"Account {account_name} has no write access!")
logger.error(msg)
project.issue_comment(event.issue_id, msg)
return False
