def assertPerm(self, name): if not self.hasPerm(name) and not self.hasPerm('admin'): msg = "%s permission required" % name if self.logged_in: msg += ' (logged in as %s)' % self.user_data['name'] else: msg += ' (user not logged in)' raise koji.ActionNotAllowed(msg)
def is_sidetag_owner(taginfo, user, raise_error=False): """Check, that given user is owner of the sidetag""" result = (taginfo['extra'].get('sidetag') and (taginfo['extra'].get('sidetag_user_id') == user['id'] or context.session.hasPerm('admin'))) if not result and raise_error: raise koji.ActionNotAllowed("This is not your sidetag") return result
def osbuildImage(name, version, distro, image_types, target, arches, opts=None, priority=None): """Create an image via osbuild""" context.session.assertPerm("image") args = [name, version, distro, image_types, target, arches, opts] task = {"channel": "image"} try: jsonschema.validate(args, OSBUILD_IMAGE_SCHMEA) except jsonschema.exceptions.ValidationError as err: raise koji.ParameterError(str(err)) from None if priority and priority < 0 and not context.session.hasPerm('admin'): raise koji.ActionNotAllowed('only admins may create high-priority tasks') return kojihub.make_task('osbuildImage', args, **task)
def _get_task_opts_and_opts(opts, priority, channel): if opts is None: opts = {} taskOpts = {} if priority: if priority < 0: if not context.session.hasPerm('admin'): raise koji.ActionNotAllowed('only admins may create' ' high-priority tasks') taskOpts['priority'] = koji.PRIO_DEFAULT + priority if channel: taskOpts['channel'] = channel return opts, taskOpts
def osbuildImage(name, version, distro, image_types, target, arches, opts=None, priority=None): """Create an image via osbuild""" context.session.assertPerm("image") args = [name, version, distro, image_types, target, arches, opts] task = {"channel": "image"} if priority and priority < 0 and not context.session.hasPerm('admin'): raise koji.ActionNotAllowed( 'only admins may create high-priority tasks') return kojihub.make_task('osbuildImage', args, **task)
def saveFailedTree(buildrootID, full=False, **opts): """Create saveFailedTree task If arguments are invalid, error message is returned. Otherwise task id of newly created task is returned.""" global config, allowed_methods # let it raise errors buildrootID = int(buildrootID) full = bool(full) # read configuration only once if config is None: config = six.moves.configparser.SafeConfigParser() config.read(CONFIG_FILE) allowed_methods = config.get('permissions', 'allowed_methods').split() if len(allowed_methods) == 1 and allowed_methods[0] == '*': allowed_methods = '*' brinfo = kojihub.get_buildroot(buildrootID, strict=True) taskID = brinfo['task_id'] task_info = kojihub.Task(taskID).getInfo() if task_info['state'] != koji.TASK_STATES['FAILED']: raise koji.PreBuildError( "Task %s has not failed. Only failed tasks can upload their buildroots." % taskID) elif allowed_methods != '*' and task_info['method'] not in allowed_methods: raise koji.PreBuildError("Only %s tasks can upload their buildroots (Task %s is %s)." % \ (', '.join(allowed_methods), task_info['id'], task_info['method'])) elif task_info[ "owner"] != context.session.user_id and not context.session.hasPerm( 'admin'): raise koji.ActionNotAllowed( "Only owner of failed task or 'admin' can run this task.") elif not kojihub.get_host(task_info['host_id'])['enabled']: raise koji.PreBuildError("Host is disabled.") args = koji.encode_args(buildrootID, full, **opts) taskopts = { 'assign': brinfo['host_id'], } return kojihub.make_task('saveFailedTree', args, **taskopts)
def kiwiBuild(target, arches, desc_url, desc_path, optional_arches=None, profile=None, scratch=False, priority=None): context.session.assertPerm('image') taskOpts = { 'channel': 'image', } if priority: if priority < 0: if not context.session.hasPerm('admin'): raise koji.ActionNotAllowed( 'only admins may create high-priority tasks') taskOpts['priority'] = koji.PRIO_DEFAULT + priority opts = { 'optional_arches': optional_arches, 'profile': profile, 'scratch': scratch, } return kojihub.make_task('kiwiBuild', [target, arches, desc_url, desc_path, opts], **taskOpts)
def buildContainer(src, target, opts=None, priority=None, channel='container'): """Create a container build task target: the build target priority: the amount to increase (or decrease) the task priority, relative to the default priority; higher values mean lower priority; only admins have the right to specify a negative priority here channel: the channel to allocate the task to (defaults to the "container" channel) Returns the task ID """ if not opts: opts = {} taskOpts = {} if priority: if priority < 0: if not context.session.hasPerm('admin'): raise koji.ActionNotAllowed('only admins may create' ' high-priority tasks') taskOpts['priority'] = koji.PRIO_DEFAULT + priority if channel: taskOpts['channel'] = channel return kojihub.make_task('buildContainer', [src, target, opts], **taskOpts)
def assertUser(self, user_id): if not self.isUser(user_id) and not self.hasPerm('admin'): raise koji.ActionNotAllowed("not owner")
def assertLogin(self): if not self.logged_in: raise koji.ActionNotAllowed("you must be logged in for this operation")
def assertPerm(self, name): if not self.hasPerm(name) and not self.hasPerm('admin'): raise koji.ActionNotAllowed("%s permission required" % name)