def delete_copr(cls, copr, admin_action=False): """ Delete copr and all its builds. :param copr: :param admin_action: set to True to bypass permission check :raises ActionInProgressException: :raises InsufficientRightsException: """ if admin_action: user = copr.user else: user = flask.g.user builds_query = BuildsLogic.get_multiple_by_copr(copr=copr) if copr.persistent: raise exceptions.InsufficientRightsException( "This project is protected against deletion.") for build in builds_query: BuildsLogic.delete_build(user, build, send_delete_action=False) CoprsLogic.delete_unsafe(user, copr)
def send_build_module(cls, user, copr, modulemd): """ :type copr: models.Copr :type modulemd: str content of module yaml file """ if not user.can_build_in(copr): raise exceptions.InsufficientRightsException( "You don't have permissions to build in this copr.") modulemd_b64 = base64.b64encode(modulemd) data = { "ownername": copr.owner_name, "projectname": copr.name, "chroots": [c.name for c in copr.active_chroots], "modulemd_b64": modulemd_b64, } action = models.Action( action_type=helpers.ActionTypeEnum("build_module"), object_type="copr", old_value="", new_value="", data=json.dumps(data), created_on=int(time.time()), ) db.session.add(action)
def cancel_build(cls, user, build): if not user.can_build_in(build.copr): raise exceptions.InsufficientRightsException( "You are not allowed to cancel this build.") build.canceled = True for chroot in build.build_chroots: chroot.status = 2 # canceled
def set_playground(cls, user, copr): if user.admin: db.session.add(copr) pass else: raise exceptions.InsufficientRightsException( "User is not a system admin")
def __init__(self, user, group=None): self.user = user self.group = group if group and not user.can_build_in_group(group): raise exceptions.InsufficientRightsException( "Only members may create projects in the particular groups.")
def raise_if_cant_build_in_copr(cls, user, copr, message): """ Raises InsufficientRightsException if given user cant build in given copr. Return None otherwise. """ if not user.can_build_in(copr): raise exceptions.InsufficientRightsException(message)
def raise_if_cant_delete(cls, user, copr): """ Raise InsufficientRightsException if given copr cant be deleted by given user. Return None otherwise. """ if not user.admin and user != copr.owner: raise exceptions.InsufficientRightsException( "Only owners may delete their projects.")
def raise_if_cant_update_copr(cls, user, copr, message): """ Raise InsufficientRightsException if given user cant update given copr. Return None otherwise. """ # TODO: this is a bit inconsistent - shouldn't the user method be # called can_update? if not user.can_edit(copr): raise exceptions.InsufficientRightsException(message)
def reset_package(cls, user, package): if not user.can_edit(package.copr): raise exceptions.InsufficientRightsException( "You are not allowed to reset package `{}`.".format( package.id)) package.source_json = json.dumps({}) package.source_type = helpers.BuildSourceEnum("unset") db.session.add(package)
def add(cls, user, copr, module): if not user.can_build_in(copr): raise exceptions.InsufficientRightsException("You don't have permissions to build in this copr.") module.copr_id = copr.id module.copr = copr module.created_on = time.time() db.session.add(module) return module
def delete_package(cls, user, package): if not user.can_edit(package.copr): raise exceptions.InsufficientRightsException( "You are not allowed to delete package `{}`.".format( package.id)) for build in package.builds: builds_logic.BuildsLogic.delete_build(user, build) db.session.delete(package)
def cancel_build(cls, user, build): if not user.can_build_in(build.copr): raise exceptions.InsufficientRightsException( "You are not allowed to cancel this build.") if not build.cancelable: raise exceptions.RequestCannotBeExecuted( "Cannot cancel build {}".format(build.id)) build.canceled = True for chroot in build.build_chroots: chroot.status = 2 # canceled if chroot.ended_on is not None: chroot.ended_on = time.time()
def delete_package(cls, user, package): if not user.can_edit(package.copr): raise exceptions.InsufficientRightsException( "You are not allowed to delete package `{}`.".format( package.id)) to_delete = [] for build in package.builds: to_delete.append(build) builds_logic.BuildsLogic.delete_multiple_builds(user, to_delete) db.session.delete(package)
def cancel_build(cls, user, build): if not user.can_build_in(build.copr): raise exceptions.InsufficientRightsException( "You are not allowed to cancel this build.") if not build.cancelable: if build.status == StatusEnum("starting") or build.status == StatusEnum("running"): err_msg = "Cannot cancel build {} which is still running".format(build.id) else: err_msg = "Cannot cancel build {}".format(build.id) raise exceptions.RequestCannotBeExecuted(err_msg) build.canceled = True for chroot in build.build_chroots: chroot.status = 2 # canceled if chroot.ended_on is not None: chroot.ended_on = time.time()
def raise_if_cant_delete(cls, user, copr): """ Raise InsufficientRightsException if given copr cant be deleted by given user. Return None otherwise. """ if user.admin: return if copr.group: return UsersLogic.raise_if_not_in_group(user, copr.group) if user == copr.user: return raise exceptions.InsufficientRightsException( "Only owners may delete their projects.")
def delete_copr(cls, copr): """ Delete copr and all its builds. :param copr: :raises ActionInProgressException: :raises InsufficientRightsException: """ builds_query = BuildsLogic.get_multiple_by_copr(copr=copr) if copr.persistent: raise exceptions.InsufficientRightsException("This project is protected against deletion.") for build in builds_query: BuildsLogic.delete_build(flask.g.user, build, send_delete_action=False) CoprsLogic.delete_unsafe(flask.g.user, copr)
def delete_build(cls, user, build, send_delete_action=True): """ :type user: models.User :type build: models.Build """ if not user.can_edit(build.copr) or build.persistent: raise exceptions.InsufficientRightsException( "You are not allowed to delete build `{}`.".format(build.id)) if not build.finished: # from celery.contrib import rdb; rdb.set_trace() raise exceptions.ActionInProgressException( "You can not delete build `{}` which is not finished.".format(build.id), "Unfinished build") if send_delete_action and build.state not in ["canceled"]: # cancelled builds should have nothing in backend to delete ActionsLogic.send_delete_build(build) for build_chroot in build.build_chroots: db.session.delete(build_chroot) db.session.delete(build)
def delete_build(cls, user, build): if not user.can_build_in(build.copr): raise exceptions.InsufficientRightsException( "You are not allowed to delete this build.") if not build.deletable: raise exceptions.ActionInProgressException( "You can not delete build which is not finished.", "Unfinished build") # Only failed, finished, succeeded get here. if build.state not in ["cancelled" ]: # has nothing in backend to delete # don't delete skipped chroots chroots_to_delete = [ chroot.name for chroot in build.build_chroots if chroot.state not in ["skipped"] ] if chroots_to_delete: data_dict = { "pkgs": build.pkgs, "username": build.copr.owner.name, "projectname": build.copr.name, "chroots": chroots_to_delete } action = models.Action( action_type=helpers.ActionTypeEnum("delete"), object_type="build", object_id=build.id, old_value="{0}/{1}".format(build.copr.owner.name, build.copr.name), data=json.dumps(data_dict), created_on=int(time.time())) db.session.add(action) for build_chroot in build.build_chroots: db.session.delete(build_chroot) db.session.delete(build)
def delete_build(cls, user, build): """ :type user: models.User :type build: models.Build """ if not user.can_edit(build.copr): raise exceptions.InsufficientRightsException( "You are not allowed to delete build `{}`.".format(build.id)) if not build.deletable: # from celery.contrib import rdb; rdb.set_trace() raise exceptions.ActionInProgressException( "You can not delete build `{}` which is not finished.".format( build.id), "Unfinished build") # Only failed, finished, succeeded get here. if build.state not in ["cancelled" ]: # has nothing in backend to delete ActionsLogic.send_delete_build(build) for build_chroot in build.build_chroots: db.session.delete(build_chroot) db.session.delete(build)
def raise_if_not_in_group(cls, user, group): if group.fas_name not in user.user_teams: raise exceptions.InsufficientRightsException( "User '{}' doesn't have access to group {}({})" .format(user.username, group.name, group.fas_name))