def get_user(request): id = request.matchdict.get('name') user = User.get(id, request.db) if not user: request.errors.add('body', 'name', 'No such user') request.errors.status = HTTPNotFound.code return user = user.__json__(request) # Throw some extra information in there rurl = request.route_url # Just shorthand urls = { 'comments_by': rurl('comments') + '?user=%s' % id, 'comments_on': rurl('comments') + '?update_owner=%s' % id, 'recent_updates': rurl('updates') + '?user=%s' % id, 'recent_overrides': rurl('overrides') + '?user=%s' % id, 'comments_by_rss': rurl('comments_rss') + '?user=%s' % id, 'comments_on_rss': rurl('comments_rss') + '?update_owner=%s' % id, 'recent_updates_rss': rurl('updates_rss') + '?user=%s' % id, 'recent_overrides_rss': rurl('overrides_rss') + '?user=%s' % id, } return dict(user=user, urls=urls)
def test_remember_me_with_bad_endpoint(self): """Test the post-login hook with a bad openid endpoint""" req = DummyRequest(params={ 'openid.op_endpoint': 'bad_endpoint', }) req.db = self.db def flash(msg): pass req.session.flash = flash info = { 'identity_url': 'http://lmacken.id.fedoraproject.org', 'groups': [u'releng'], } req.registry.settings = self.app_settings try: resp = remember_me(None, req, info) assert False, 'remember_me should have thrown an exception' except Exception: # A ComponentLookupError is thrown because we're doing this outside # of the webapp pass # The user should not exist self.assertIsNone(User.get(u'lmacken', self.db))
def test_remember_me(self): """Test the post-login hook""" req = DummyRequest( params={ 'openid.op_endpoint': self.app_settings['openid.provider'], }) req.db = self.db req.session = {'came_from': '/'} info = { 'identity_url': 'http://lmacken.id.fedoraproject.org', 'groups': [u'releng'], 'sreg': { 'email': u'[email protected]' }, } req.registry.settings = self.app_settings # Ensure the user doesn't exist yet self.assertIsNone(User.get(u'lmacken', self.db)) self.assertIsNone(Group.get(u'releng', self.db)) resp = remember_me(None, req, info) # The user should now exist, and be a member of the releng group user = User.get(u'lmacken', self.db) self.assertEquals(user.name, u'lmacken') self.assertEquals(user.email, u'[email protected]') self.assertEquals(len(user.groups), 1) self.assertEquals(user.groups[0].name, u'releng') # Pretend the user has been removed from the releng group info['groups'] = [] req.session = {'came_from': '/'} resp = remember_me(None, req, info) user = User.get(u'lmacken', self.db) self.assertEquals(len(user.groups), 0) self.assertEquals(len(Group.get(u'releng', self.db).users), 0)
def test_remember_me(self): """Test the post-login hook""" db = DBSession() req = DummyRequest(params={ 'openid.op_endpoint': self.app_settings['openid.provider'], }) req.db = db req.session = {'came_from': '/'} info = { 'identity_url': 'http://lmacken.id.fedoraproject.org', 'groups': [u'releng'], 'sreg': {'email': u'[email protected]'}, } req.registry.settings = self.app_settings # Ensure the user doesn't exist yet self.assertIsNone(User.get(u'lmacken', db)) self.assertIsNone(Group.get(u'releng', db)) resp = remember_me(None, req, info) # The user should now exist, and be a member of the releng group user = User.get(u'lmacken', db) self.assertEquals(user.name, u'lmacken') self.assertEquals(user.email, u'[email protected]') self.assertEquals(len(user.groups), 1) self.assertEquals(user.groups[0].name, u'releng') # Pretend the user has been removed from the releng group info['groups'] = [] req.session = {'came_from': '/'} resp = remember_me(None, req, info) user = User.get(u'lmacken', db) self.assertEquals(len(user.groups), 0) self.assertEquals(len(Group.get(u'releng', db).users), 0)
def save_stack(request): """Save a stack""" data = request.validated db = request.db user = User.get(request.user.name, db) # Fetch or create the stack stack = Stack.get(data["name"], db) if not stack: stack = Stack(name=data["name"], users=[user]) db.add(stack) db.flush() if stack.users or stack.groups: if user in stack.users: log.info("%s is an owner of the %s", user.name, stack.name) else: for group in user.groups: if group in stack.groups: log.info("%s is a member of the %s group", user.name, stack.name) break else: log.warn("%s is not an owner of the %s stack", user.name, stack.name) log.debug("owners = %s; groups = %s", stack.users, stack.groups) request.errors.add( "body", "name", "%s does not have privileges" " to modify the %s stack" % (user.name, stack.name) ) request.errors.status = HTTPForbidden.code return # Update the stack description desc = data["description"] if desc: stack.description = desc # Update the stack requirements # If the user passed in no value at all for requirements, then use # the site defaults. If, however, the user passed in the empty string, we # assume they mean *really*, no requirements so we leave the value null. reqs = data["requirements"] if reqs is None: stack.requirements = request.registry.settings.get("site_requirements") elif reqs: stack.requirements = reqs stack.update_relationship("users", User, data, db) stack.update_relationship("groups", Group, data, db) # We make a special case out of packages here, since when a package is # added to a stack, we want to give it the same requirements as the stack # has. See https://github.com/fedora-infra/bodhi/issues/101 new, same, rem = stack.update_relationship("packages", Package, data, db) if stack.requirements: additional = list(tokenize(stack.requirements)) for name in new: package = Package.get(name, db) original = package.requirements original = [] if not original else list(tokenize(original)) package.requirements = " ".join(list(set(original + additional))) log.info("Saved %s stack", data["name"]) notifications.publish(topic="stack.save", msg=dict(stack=stack, agent=user.name)) return dict(stack=stack)
def save_override(request): """Save a buildroot override This entails either creating a new buildroot override, or editing an existing one. To edit an existing buildroot override, the buildroot override's original id needs to be specified in the ``edited`` parameter. """ data = request.validated edited = data.pop("edited") caveats = [] try: submitter = User.get(request.user.name, request.db) if edited is None: builds = data['builds'] overrides = [] if len(builds) > 1: caveats.append({ 'name': 'nvrs', 'description': 'Your override submission was ' 'split into %i.' % len(builds) }) for build in builds: log.info("Creating a new buildroot override: %s" % build.nvr) if BuildrootOverride.get(build.id, request.db): request.errors.add( 'body', 'builds', 'Buildroot override for %s already exists' % build.nvr) return else: overrides.append( BuildrootOverride.new( request, build=build, submitter=submitter, notes=data['notes'], expiration_date=data['expiration_date'], )) if len(builds) > 1: result = dict(overrides=overrides) else: result = overrides[0] else: log.info("Editing buildroot override: %s" % edited) edited = Build.get(edited, request.db) if edited is None: request.errors.add('body', 'edited', 'No such build') return result = BuildrootOverride.edit( request, edited=edited, submitter=submitter, notes=data["notes"], expired=data["expired"], expiration_date=data["expiration_date"]) if not result: # Some error inside .edit(...) return except Exception as e: log.exception(e) request.errors.add('body', 'override', 'Unable to save buildroot override: %s' % e) return if not isinstance(result, dict): result = result.__json__() result['caveats'] = caveats return result
def groupfinder(userid, request): from bodhi.models import User if request.user: user = User.get(request.user.name, request.db) return ['group:' + group.name for group in user.groups]
def save_stack(request): """Save a stack""" data = request.validated db = request.db user = User.get(request.user.name, db) # Fetch or create the stack stack = Stack.get(data['name'], db) if not stack: stack = Stack(name=data['name'], users=[user]) db.add(stack) db.flush() if stack.users or stack.groups: if user in stack.users: log.info('%s is an owner of the %s', user.name, stack.name) else: for group in user.groups: if group in stack.groups: log.info('%s is a member of the %s group', user.name, stack.name) break else: log.warn('%s is not an owner of the %s stack', user.name, stack.name) log.debug('owners = %s; groups = %s', stack.users, stack.groups) request.errors.add( 'body', 'name', '%s does not have privileges' ' to modify the %s stack' % (user.name, stack.name)) request.errors.status = HTTPForbidden.code return # Update the stack description desc = data['description'] if desc: stack.description = desc # Update the stack requirements # If the user passed in no value at all for requirements, then use # the site defaults. If, however, the user passed in the empty string, we # assume they mean *really*, no requirements so we leave the value null. reqs = data['requirements'] if reqs is None: stack.requirements = request.registry.settings.get('site_requirements') elif reqs: stack.requirements = reqs stack.update_relationship('users', User, data, db) stack.update_relationship('groups', Group, data, db) # We make a special case out of packages here, since when a package is # added to a stack, we want to give it the same requirements as the stack # has. See https://github.com/fedora-infra/bodhi/issues/101 new, same, rem = stack.update_relationship('packages', Package, data, db) if stack.requirements: additional = list(tokenize(stack.requirements)) for name in new: package = Package.get(name, db) original = package.requirements original = [] if not original else list(tokenize(original)) package.requirements = " ".join(list(set(original + additional))) log.info('Saved %s stack', data['name']) notifications.publish(topic='stack.save', msg=dict(stack=stack, agent=user.name)) return dict(stack=stack)
def save_override(request): """Save a buildroot override This entails either creating a new buildroot override, or editing an existing one. To edit an existing buildroot override, the buildroot override's original id needs to be specified in the ``edited`` parameter. """ data = request.validated edited = data.pop("edited") caveats = [] try: submitter = User.get(request.user.name, request.db) if edited is None: builds = data['builds'] overrides = [] if len(builds) > 1: caveats.append({ 'name': 'nvrs', 'description': 'Your override submission was ' 'split into %i.' % len(builds) }) for build in builds: log.info("Creating a new buildroot override: %s" % build.nvr) if BuildrootOverride.get(build.id, request.db): request.errors.add('body', 'builds', 'Buildroot override for %s already exists' % build.nvr) return else: overrides.append(BuildrootOverride.new( request, build=build, submitter=submitter, notes=data['notes'], expiration_date=data['expiration_date'], )) if len(builds) > 1: result = dict(overrides=overrides) else: result = overrides[0] else: log.info("Editing buildroot override: %s" % edited) edited = Build.get(edited, request.db) if edited is None: request.errors.add('body', 'edited', 'No such build') return result = BuildrootOverride.edit( request, edited=edited, submitter=submitter, notes=data["notes"], expired=data["expired"], expiration_date=data["expiration_date"] ) if not result: # Some error inside .edit(...) return except Exception as e: log.exception(e) request.errors.add('body', 'override', 'Unable to save buildroot override: %s' % e) return if not isinstance(result, dict): result = result.__json__() result['caveats'] = caveats return result