def request_permissions(ownername, projectname):
copr = get_copr(ownername, projectname)
roles = flask.request.get_json()
if not isinstance(roles, dict):
raise BadRequest("invalid 'roles' dict format, expected: "
"{'admin': True, 'builder': False}")
if not roles:
raise BadRequest("no permission requested")
permission_dict = {}
with db_session_scope():
for permission, request_bool in roles.items():
change = CoprPermissionsLogic.request_permission(
copr, flask.g.user, permission, request_bool)
if change:
permission_dict['old_' + permission] = change[0]
permission_dict['new_' + permission] = change[1]
if permission_dict:
msg = PermissionRequestMessage(copr, flask.g.user, permission_dict)
for address in copr.admin_mails:
if flask.current_app.config.get("SEND_EMAILS", False):
send_mail([address], msg)
return flask.jsonify({'updated': bool(permission_dict)})
def notify(self, user, chroots):
msg = OutdatedChrootMessage(chroots)
send_mail([user.mail], msg)
# If `send_mail` didn't raise any exception,
# we consider the email to be sent correctly
for chroot in chroots:
chroot.delete_notify = datetime.datetime.now()
def process_legal_flag(copr):
form = forms.CoprLegalFlagForm()
legal_flag = models.LegalFlag(raise_message=form.comment.data,
raised_on=int(time.time()),
copr=copr,
reporter=flask.g.user)
db.session.add(legal_flag)
db.session.commit()
send_to = app.config["SEND_LEGAL_TO"] or ["root@localhost"]
msg = LegalFlagMessage(copr, flask.g.user, form.comment.data)
send_mail(send_to, msg)
flask.flash("Admin has been noticed about your report"
" and will investigate the project shortly.")
return flask.redirect(url_for_copr_details(copr))
def copr_permissions_applier_change(copr):
permission = coprs_logic.CoprPermissionsLogic.get(copr,
flask.g.user).first()
applier_permissions_form = \
forms.PermissionsApplierFormFactory.create_form_cls(permission)()
if copr.user == flask.g.user:
flask.flash("Owner cannot request permissions for his own project.",
"error")
elif applier_permissions_form.validate_on_submit():
# we rely on these to be 0 or 1 from form. TODO: abstract from that
if permission is not None:
old_builder = permission.copr_builder
old_admin = permission.copr_admin
else:
old_builder = 0
old_admin = 0
new_builder = applier_permissions_form.copr_builder.data
new_admin = applier_permissions_form.copr_admin.data
coprs_logic.CoprPermissionsLogic.update_permissions_by_applier(
flask.g.user, copr, permission, new_builder, new_admin)
db.session.commit()
flask.flash(
"Successfully updated permissions for project '{0}'.".format(
copr.name))
# sending emails
if flask.current_app.config.get("SEND_EMAILS", False):
for mail in copr.admin_mails:
permission_dict = {
"old_builder": old_builder,
"old_admin": old_admin,
"new_builder": new_builder,
"new_admin": new_admin
}
msg = PermissionRequestMessage(copr, flask.g.user,
permission_dict)
send_mail(
mail,
msg,
)
return flask.redirect(helpers.copr_url("coprs_ns.copr_detail", copr))
def copr_update_permissions(copr):
permissions = copr.copr_permissions
permissions_form = forms.PermissionsFormFactory.create_form_cls(
permissions)()
if permissions_form.validate_on_submit():
# we don't change owner (yet)
try:
# if admin is changing his permissions, his must be changed last
# so that we don't get InsufficientRightsException
permissions.sort(
key=lambda x: -1 if x.user_id == flask.g.user.id else 1)
for perm in permissions:
old_builder = perm.copr_builder
old_admin = perm.copr_admin
new_builder = permissions_form["copr_builder_{0}".format(
perm.user_id)].data
new_admin = permissions_form["copr_admin_{0}".format(
perm.user_id)].data
coprs_logic.CoprPermissionsLogic.update_permissions(
flask.g.user, copr, perm, new_builder, new_admin)
if flask.current_app.config.get("SEND_EMAILS", False) and \
(old_builder is not new_builder or old_admin is not new_admin):
permission_dict = {
"old_builder": old_builder,
"old_admin": old_admin,
"new_builder": new_builder,
"new_admin": new_admin
}
msg = PermissionChangeMessage(copr, permission_dict)
send_mail(perm.user.mail, msg)
# for now, we don't check for actions here, as permissions operation
# don't collide with any actions
except exceptions.InsufficientRightsException as e:
db.session.rollback()
flask.flash(str(e), "error")
else:
db.session.commit()
flask.flash("Project permissions were updated successfully.",
"success")
return flask.redirect(url_for_copr_details(copr))
def set_permissions(copr):
permissions = flask.request.get_json()
if not isinstance(permissions, dict):
raise BadRequest(
"request is not a dictionary, expected format: "
"{'username': {'admin': 'nothing', 'builder': 'request'} ...}")
if not permissions:
raise BadRequest("no permission change requested")
updated = {}
messages = []
with db_session_scope():
for username, perm_set in permissions.items():
user = models.User.query.filter_by(username=username).first()
if not user:
raise BadRequest(
"user '{0}' doesn't exist in database".format(username))
permission_dict = {}
for perm, state in perm_set.items():
change = CoprPermissionsLogic.set_permissions(
flask.g.user, copr, user, perm, state)
if change:
updated[username] = True
permission_dict['old_' + perm] = change[0]
permission_dict['new_' + perm] = change[1]
if permission_dict:
msg = PermissionChangeMessage(copr, permission_dict)
messages.append({'address': user.mail, 'message': msg})
# send emails only if transaction succeeded
for task in messages:
if flask.current_app.config.get("SEND_EMAILS", False):
send_mail([task['address']], task['message'])
return flask.jsonify({'updated': list(updated.keys())})
def notify(self, user, chroots):
msg = OutdatedChrootMessage(chroots)
send_mail(user.mail, msg)