def test_is_pkgdb_admin(self):
""" Test the is_pkgdb_admin function of pkgdb2. """
user = FakeFasUser()
out = pkgdb2.is_pkgdb_admin(user)
self.assertEqual(out, False)
user.groups = []
out = pkgdb2.is_pkgdb_admin(user)
self.assertEqual(out, False)
user = FakeFasUser()
out = pkgdb2.is_pkgdb_admin(None)
self.assertEqual(out, False)
user = FakeFasUserAdmin()
out = pkgdb2.is_pkgdb_admin(user)
self.assertEqual(out, True)
pkgdb2.APP.config['ADMIN_GROUP'] = 'sysadmin-main'
out = pkgdb2.is_pkgdb_admin(user)
self.assertEqual(out, False)
# Reset the ADMIN_GROUP for the other tests
pkgdb2.APP.config['ADMIN_GROUP'] = ('sysadmin-main', 'sysadmin-cvs')
def test_is_pkgdb_admin(self):
""" Test the is_pkgdb_admin function of pkgdb2. """
user = FakeFasUser()
out = pkgdb2.is_pkgdb_admin(user)
self.assertEqual(out, False)
user.groups = []
out = pkgdb2.is_pkgdb_admin(user)
self.assertEqual(out, False)
user = FakeFasUser()
out = pkgdb2.is_pkgdb_admin(None)
self.assertEqual(out, False)
user = FakeFasUserAdmin()
out = pkgdb2.is_pkgdb_admin(user)
self.assertEqual(out, True)
pkgdb2.APP.config['ADMIN_GROUP'] = 'sysadmin-main'
out = pkgdb2.is_pkgdb_admin(user)
self.assertEqual(out, False)
# Reset the ADMIN_GROUP for the other tests
pkgdb2.APP.config['ADMIN_GROUP'] = ('sysadmin-main', 'sysadmin-cvs')
def package_retire(package, full=True):
''' Gives the possibility to orphan or take a package. '''
if not bool(full) or str(full) in ['0', 'False']:
full = False
try:
package_acl = pkgdblib.get_acl_package(SESSION, package)
package = pkgdblib.search_package(SESSION, package, limit=1)[0]
except (NoResultFound, IndexError):
SESSION.rollback()
flask.flash('No package of this name found.', 'errors')
return flask.render_template('msg.html')
if not is_pkgdb_admin(flask.g.fas_user):
flask.flash(
'Only Admins are allowed to retire package here, '
'you should use `fedpkg retire`.', 'errors')
return flask.redirect(
flask.url_for('.package_info', package=package.name))
collections = [
acl.collection.branchname for acl in package_acl
if acl.collection.status in ['Active', 'Under Development']
and acl.status == 'Orphaned'
]
form = pkgdb2.forms.BranchForm(collections=collections)
if form.validate_on_submit():
for acl in package_acl:
if acl.collection.branchname in form.branches.data:
if acl.point_of_contact == 'orphan':
try:
pkgdblib.update_pkg_status(
session=SESSION,
pkg_name=package.name,
pkg_branch=acl.collection.branchname,
status='Retired',
user=flask.g.fas_user)
flask.flash(
'This package has been retired on branch: %s' %
acl.collection.branchname)
except pkgdblib.PkgdbException, err: # pragma: no cover
# We should never hit this
flask.flash(str(err), 'error')
SESSION.rollback()
APP.logger.exception(err)
else: # pragma: no cover
flask.flash('This package has not been orphaned on '
'branch: %s' % acl.collection.branchname)
try:
SESSION.commit()
# Keep it in, but normally we shouldn't hit this
except pkgdblib.PkgdbException, err: # pragma: no cover
# We should never hit this
SESSION.rollback()
APP.logger.exception(err)
flask.flash(str(err), 'error')
def package_orphan(namespace, package, full=True):
''' Gives the possibility to orphan or take a package. '''
if not bool(full) or str(full) in ['0', 'False']:
full = False
try:
package_acl = pkgdblib.get_acl_package(
SESSION, namespace, package)
package = pkgdblib.search_package(
SESSION, namespace, package, limit=1)[0]
except (NoResultFound, IndexError):
SESSION.rollback()
flask.flash('No package of this name found.', 'errors')
return flask.render_template('msg.html')
collections = [
acl.collection.branchname
for acl in package_acl
if acl.collection.status in ['Active', 'Under Development']
and acl.status == 'Approved'
and (
is_pkgdb_admin(flask.g.fas_user)
or acl.point_of_contact == flask.g.fas_user.username
or (
acl.point_of_contact.startswith('group::') and
is_pkg_admin(
SESSION, flask.g.fas_user, namespace, package.name)
)
)
]
form = pkgdb2.forms.BranchForm(collections=collections)
if form.validate_on_submit():
for branch in form.branches.data:
try:
pkgdblib.update_pkg_poc(
session=SESSION,
namespace=namespace,
pkg_name=package.name,
pkg_branch=branch,
pkg_poc='orphan',
user=flask.g.fas_user
)
flask.flash(
'You are no longer point of contact on branch: %s'
% branch)
except pkgdblib.PkgdbBugzillaException, err: # pragma: no cover
APP.logger.exception(err)
flask.flash(str(err), 'error')
SESSION.rollback()
except pkgdblib.PkgdbException, err: # pragma: no cover
flask.flash(str(err), 'error')
SESSION.rollback()
def inject_is_admin():
""" Inject whether the user is a pkgdb2 admin or not in every page
(every template).
"""
justlogedin = flask.session.get('_justlogedin', False)
if justlogedin: # pragma: no cover
flask.g.pending_acls = pkgdblib.get_pending_acl_user(
SESSION, flask.g.fas_user.username)
flask.session['_justlogedin'] = None
return dict(is_admin=is_pkgdb_admin(flask.g.fas_user), version=__version__)
def inject_is_admin():
""" Inject whether the user is a pkgdb2 admin or not in every page
(every template).
"""
justlogedin = flask.session.get('_justlogedin', False)
if justlogedin:
flask.g.pending_acls = pkgdblib.get_pending_acl_user(
SESSION, flask.g.fas_user.username)
flask.session['_justlogedin'] = None
return dict(is_admin=is_pkgdb_admin(flask.g.fas_user),
version=__version__)
def package_orphan(namespace, package, full=True):
''' Gives the possibility to orphan or take a package. '''
if not bool(full) or str(full) in ['0', 'False']:
full = False
try:
package_acl = pkgdblib.get_acl_package(SESSION, namespace, package)
package = pkgdblib.search_package(SESSION, namespace, package,
limit=1)[0]
except (NoResultFound, IndexError):
SESSION.rollback()
flask.flash('No package of this name found.', 'errors')
return flask.render_template('msg.html')
collections = [
acl.collection.branchname for acl in package_acl
if acl.collection.status in ['Active', 'Under Development']
and acl.status == 'Approved' and (
is_pkgdb_admin(flask.g.fas_user)
or acl.point_of_contact == flask.g.fas_user.username or
(acl.point_of_contact.startswith('group::') and is_pkg_admin(
SESSION, flask.g.fas_user, namespace, package.name)))
]
form = pkgdb2.forms.BranchForm(collections=collections)
if form.validate_on_submit():
for branch in form.branches.data:
try:
pkgdblib.update_pkg_poc(session=SESSION,
namespace=namespace,
pkg_name=package.name,
pkg_branch=branch,
pkg_poc='orphan',
user=flask.g.fas_user)
flask.flash(
'You are no longer point of contact on branch: %s' %
branch)
except pkgdblib.PkgdbBugzillaException, err: # pragma: no cover
APP.logger.exception(err)
flask.flash(str(err), 'error')
SESSION.rollback()
except pkgdblib.PkgdbException, err: # pragma: no cover
flask.flash(str(err), 'error')
SESSION.rollback()
def inject_is_admin():
""" Inject whether the user is a pkgdb2 admin or not in every page
(every template).
"""
justlogedin = flask.session.get('_justloggedin', False)
if justlogedin: # pragma: no cover
flask.g.pending_acls = pkgdblib.get_pending_acl_user(
SESSION, flask.g.fas_user.username)
flask.session['_justloggedin'] = None
justlogedout = flask.session.get('_justloggedout', False)
if justlogedout:
flask.session['_justloggedout'] = None
namespaces = pkgdblib.get_status(SESSION, 'namespaces')['namespaces']
return dict(
is_admin=is_pkgdb_admin(flask.g.fas_user),
version=__version__,
namespaces=namespaces,
)
def package_give(package, full=True):
''' Gives the PoC of a package to someone else. '''
if not bool(full) or str(full) in ['0', 'False']:
full = False
packagename = package
package = None
try:
package_acl = pkgdblib.get_acl_package(SESSION, packagename)
package = pkgdblib.search_package(SESSION, packagename, limit=1)[0]
except (NoResultFound, IndexError):
SESSION.rollback()
flask.flash('No package of this name found.', 'errors')
return flask.render_template('msg.html')
# Restrict the branch to the one current user is PoC of (unless admin
# or group)
collect_name = []
for acl in package_acl:
if acl.point_of_contact != flask.g.fas_user.username and \
not is_pkgdb_admin(flask.g.fas_user) and \
not acl.point_of_contact.startswith('group::'):
pass
else:
if acl.point_of_contact.startswith('group::'):
group = acl.point_of_contact.split('group::')[0]
if group not in flask.g.fas_user.groups:
pass
elif acl.collection.status != 'EOL':
collect_name.append(acl.collection.branchname)
form = pkgdb2.forms.GivePoCForm(collections=collect_name)
acls = ['commit', 'watchbugzilla', 'watchcommits', 'approveacls']
if form.validate_on_submit():
collections = form.branches.data
pkg_poc = form.poc.data
if pkg_poc.startswith('group::'):
acls = ['commit', 'watchbugzilla', 'watchcommits']
try:
for pkg_collection in collections:
message = pkgdblib.update_pkg_poc(
SESSION,
pkg_name=packagename,
pkg_branch=pkg_collection,
pkg_poc=pkg_poc,
user=flask.g.fas_user,
)
flask.flash(message)
for acl in acls:
pkgdblib.set_acl_package(SESSION,
pkg_name=packagename,
pkg_branch=pkg_collection,
pkg_user=pkg_poc,
acl=acl,
status='Approved',
user=flask.g.fas_user)
SESSION.commit()
except pkgdblib.PkgdbBugzillaException, err: # pragma: no cover
APP.logger.exception(err)
flask.flash(str(err), 'error')
SESSION.rollback()
except pkgdblib.PkgdbException, err:
SESSION.rollback()
flask.flash(str(err), 'error')
def package_request_edit(action_id):
""" Edit an Admin Action status
"""
admin_action = pkgdblib.get_admin_action(SESSION, action_id)
if not admin_action:
flask.flash('No action found with this identifier.', 'errors')
return flask.render_template('msg.html')
package = None
if admin_action.package:
package = admin_action.package.name
if admin_action.status in ['Accepted', 'Blocked', 'Denied']:
return flask.render_template(
'actions_update_ro.html',
admin_action=admin_action,
action_id=action_id,
)
if not is_authenticated() or not 'packager' in flask.g.fas_user.groups:
return flask.render_template(
'actions_update_ro.html',
admin_action=admin_action,
action_id=action_id,
)
# Check user is the pkg/pkgdb admin
pkg_admin = pkgdblib.has_acls(SESSION, flask.g.fas_user.username, package,
'approveacls')
if not is_pkgdb_admin(flask.g.fas_user) \
and not pkg_admin \
and not admin_action.user == flask.g.fas_user.username:
flask.flash(
'Only package adminitrators (`approveacls`) and the requester '
'can review pending branch requests', 'errors')
if package:
return flask.redirect(
flask.url_for('.package_info', package=package))
else:
return flask.redirect(
flask.url_for('.packager_requests',
packager=flask.g.fas_user.username))
action_status = ['Pending', 'Awaiting Review', 'Blocked']
if admin_action.user == flask.g.fas_user.username:
action_status = ['Pending', 'Obsolete']
if pkg_admin or admin_action.action == 'request.package':
action_status.append('Awaiting Review')
form = pkgdb2.forms.EditActionStatusForm(status=action_status,
obj=admin_action)
form.id.data = action_id
if form.validate_on_submit():
try:
message = pkgdblib.edit_action_status(
SESSION,
admin_action,
action_status=form.status.data,
user=flask.g.fas_user,
message=form.message.data,
)
SESSION.commit()
flask.flash(message)
except pkgdblib.PkgdbException, err: # pragma: no cover
# We can only reach here in two cases:
# 1) the user is not an admin, but that's taken care of
# by the decorator
# 2) we have a SQLAlchemy problem when storing the info
# in the DB which we cannot test
SESSION.rollback()
flask.flash(err, 'errors')
return flask.render_template('msg.html')
if package:
return flask.redirect(
flask.url_for('.package_info', package=package))
else:
return flask.redirect(
flask.url_for('.packager_requests',
packager=flask.g.fas_user.username))
def inject_is_admin():
""" Inject whether the user is a nuancier admin or not in every page
(every template).
"""
return dict(is_admin=is_pkgdb_admin(flask.g.fas_user), version=__version__)
def package_retire(namespace, package, full=True):
''' Gives the possibility to orphan or take a package. '''
if not bool(full) or str(full) in ['0', 'False']:
full = False
try:
package_acl = pkgdblib.get_acl_package(
SESSION, namespace, package)
package = pkgdblib.search_package(
SESSION, namespace, package, limit=1)[0]
except (NoResultFound, IndexError):
SESSION.rollback()
flask.flash('No package of this name found.', 'errors')
return flask.render_template('msg.html')
if not is_pkgdb_admin(flask.g.fas_user):
flask.flash(
'Only Admins are allowed to retire package here, '
'you should use `fedpkg retire`.', 'errors')
return flask.redirect(flask.url_for(
'.package_info',
namespace=package.namespace,
package=package.name)
)
collections = [
acl.collection.branchname
for acl in package_acl
if acl.collection.status in ['Active', 'Under Development']
and acl.status == 'Orphaned'
]
form = pkgdb2.forms.BranchForm(collections=collections)
if form.validate_on_submit():
for acl in package_acl:
if acl.collection.branchname in form.branches.data:
if acl.point_of_contact == 'orphan':
try:
pkgdblib.update_pkg_status(
session=SESSION,
namespace=namespace,
pkg_name=package.name,
pkg_branch=acl.collection.branchname,
status='Retired',
user=flask.g.fas_user
)
flask.flash(
'This package has been retired on branch: %s'
% acl.collection.branchname)
except PkgdbException as err: # pragma: no cover
# We should never hit this
flask.flash(str(err), 'error')
SESSION.rollback()
APP.logger.exception(err)
else: # pragma: no cover
flask.flash(
'This package has not been orphaned on '
'branch: %s' % acl.collection.branchname)
try:
SESSION.commit()
# Keep it in, but normally we shouldn't hit this
except PkgdbException as err: # pragma: no cover
# We should never hit this
SESSION.rollback()
APP.logger.exception(err)
flask.flash(str(err), 'error')
return flask.redirect(flask.url_for(
'.package_info',
namespace=package.namespace,
package=package.name)
)
return flask.render_template(
'branch_selection.html',
full=full,
package=package,
form=form,
action='retire',
)
def package_give(namespace, package, full=True):
''' Gives the PoC of a package to someone else. '''
if not bool(full) or str(full) in ['0', 'False']:
full = False
packagename = package
package = None
try:
package_acl = pkgdblib.get_acl_package(
SESSION, namespace, packagename)
package = pkgdblib.search_package(
SESSION, namespace, packagename, limit=1)[0]
except (NoResultFound, IndexError):
SESSION.rollback()
flask.flash('No package of this name found.', 'errors')
return flask.render_template('msg.html')
# Restrict the branch to the one current user is PoC of (unless admin
# or group)
collect_name = []
for acl in package_acl:
if acl.point_of_contact != flask.g.fas_user.username and \
not is_pkgdb_admin(flask.g.fas_user) and \
not acl.point_of_contact.startswith('group::'):
pass
else:
if acl.point_of_contact.startswith('group::'):
group = acl.point_of_contact.split('group::')[0]
if group not in flask.g.fas_user.groups:
pass
elif acl.collection.status != 'EOL':
collect_name.append(acl.collection.branchname)
form = pkgdb2.forms.GivePoCForm(collections=collect_name)
acls = ['commit', 'watchbugzilla', 'watchcommits', 'approveacls']
if form.validate_on_submit():
collections = form.branches.data
pkg_poc = form.poc.data
if pkg_poc.startswith('group::'):
acls = ['commit', 'watchbugzilla', 'watchcommits']
try:
for pkg_collection in collections:
message = pkgdblib.update_pkg_poc(
SESSION,
namespace=namespace,
pkg_name=packagename,
pkg_branch=pkg_collection,
pkg_poc=pkg_poc,
user=flask.g.fas_user,
)
flask.flash(message)
for acl in acls:
pkgdblib.set_acl_package(
SESSION,
namespace=namespace,
pkg_name=packagename,
pkg_branch=pkg_collection,
pkg_user=pkg_poc,
acl=acl,
status='Approved',
user=flask.g.fas_user
)
SESSION.commit()
except pkgdblib.exceptions.PkgdbBugzillaException as err: # pragma: no cover
APP.logger.exception(err)
flask.flash(str(err), 'error')
SESSION.rollback()
except PkgdbException as err:
SESSION.rollback()
flask.flash(str(err), 'error')
return flask.redirect(flask.url_for(
'.package_info', namespace=namespace, package=packagename)
)
return flask.render_template(
'package_give.html',
full=full,
form=form,
packagename=packagename,
namespace=namespace,
)
def package_request_edit(action_id):
""" Edit an Admin Action status
"""
admin_action = pkgdblib.get_admin_action(SESSION, action_id)
if not admin_action:
flask.flash('No action found with this identifier.', 'errors')
return flask.render_template('msg.html')
package = None
namespace = None
if admin_action.package:
package = admin_action.package.name
namespace = admin_action.package.namespace
if admin_action.status in ['Accepted', 'Blocked', 'Denied']:
return flask.render_template(
'actions_update_ro.html',
admin_action=admin_action,
action_id=action_id,
)
pkger_grp = APP.config.get('PKGER_GROUP', 'packager')
if not is_authenticated() or not pkger_grp in flask.g.fas_user.groups:
return flask.render_template(
'actions_update_ro.html',
admin_action=admin_action,
action_id=action_id,
)
# Check user is the pkg/pkgdb admin
pkg_admin = pkgdblib.has_acls(
SESSION, flask.g.fas_user.username,
namespace, package, 'approveacls')
if not is_pkgdb_admin(flask.g.fas_user) \
and not pkg_admin \
and not admin_action.user == flask.g.fas_user.username:
flask.flash(
'Only package adminitrators (`approveacls`) and the requester '
'can review pending branch requests', 'errors')
if package:
return flask.redirect(flask.url_for(
'.package_info', namespace=namespace, package=package)
)
else:
return flask.redirect(
flask.url_for(
'.packager_requests',
packager=flask.g.fas_user.username)
)
action_status = ['Pending', 'Awaiting Review', 'Blocked']
if admin_action.user == flask.g.fas_user.username:
action_status = ['Pending', 'Obsolete']
if pkg_admin or admin_action.action in [
'request.package', 'request.unretire']:
action_status.append('Awaiting Review')
form = pkgdb2.forms.EditActionStatusForm(
status=action_status,
obj=admin_action
)
form.id.data = action_id
if form.validate_on_submit():
try:
message = pkgdblib.edit_action_status(
SESSION,
admin_action,
action_status=form.status.data,
user=flask.g.fas_user,
message=form.message.data,
)
SESSION.commit()
flask.flash(message)
except PkgdbException as err: # pragma: no cover
# We can only reach here in two cases:
# 1) the user is not an admin, but that's taken care of
# by the decorator
# 2) we have a SQLAlchemy problem when storing the info
# in the DB which we cannot test
SESSION.rollback()
flask.flash(err, 'errors')
return flask.render_template('msg.html')
if package:
return flask.redirect(flask.url_for(
'.package_info', namespace=namespace, package=package)
)
else:
return flask.redirect(
flask.url_for(
'.packager_requests',
packager=flask.g.fas_user.username)
)
return flask.render_template(
'actions_update.html',
admin_action=admin_action,
action_id=action_id,
form=form,
package=package,
tag='packages',
)
def update_acl(namespace, package, update_acl):
''' Update the acls of a package. '''
packagename = package
package = None
try:
package_acl = pkgdblib.get_acl_package(
SESSION, namespace, packagename)
package = pkgdblib.search_package(
SESSION, namespace, packagename, limit=1)[0]
except (NoResultFound, IndexError):
SESSION.rollback()
flask.flash('No package of this name found.', 'errors')
return flask.render_template('msg.html')
statues = pkgdblib.get_status(SESSION)
planned_acls = set(statues['pkg_acl'])
acl_status = list(set(statues['acl_status']))
acl_status.insert(0, '')
if update_acl not in planned_acls:
flask.flash('Invalid ACL to update.', 'errors')
return flask.redirect(flask.url_for(
'.package_info',
namespace=package.namespace,
package=package.name)
)
branches = {}
branches_inv = {}
commit_acls = {}
admins = {}
committers = []
for pkg in package_acl:
if pkg.collection.status == 'EOL': # pragma: no cover
continue
collection_name = '%s %s' % (
pkg.collection.name, pkg.collection.version)
if collection_name not in branches:
branches[collection_name] = pkg.collection.branchname
if pkg.collection.branchname not in branches_inv:
branches_inv[pkg.collection.branchname] = collection_name
for acl in pkg.acls:
if acl.acl == 'approveacls' and acl.status == 'Approved':
if acl.fas_name not in admins:
admins[acl.fas_name] = set()
admins[acl.fas_name].add(collection_name)
if acl.acl != update_acl:
continue
committers.append(acl.fas_name)
if acl.fas_name not in commit_acls:
commit_acls[acl.fas_name] = {}
if collection_name not in commit_acls[acl.fas_name]:
commit_acls[acl.fas_name][collection_name] = {}
commit_acls[acl.fas_name][collection_name][acl.acl] = \
acl.status
for aclname in planned_acls:
for user in commit_acls:
if collection_name in commit_acls[user] and \
aclname not in commit_acls[user][collection_name]:
commit_acls[user][collection_name][aclname] = None
# If the user is not an admin, he/she can only access his/her ACLs
username = flask.g.fas_user.username
if username not in admins and not is_pkgdb_admin(flask.g.fas_user):
tmp = {username: []}
if username in commit_acls:
tmp = {username: commit_acls[username]}
commit_acls = tmp
form = pkgdb2.forms.ConfirmationForm()
if form.validate_on_submit():
sub_acls = flask.request.values.getlist('acls')
sub_users = flask.request.values.getlist('user')
sub_branches = flask.request.values.getlist('branch')
changed = False
if sub_acls and len(sub_acls) == (len(sub_users) * len(sub_branches)):
cnt = 0
for cnt_u in range(len(sub_users)):
for cnt_b in range(len(sub_branches)):
lcl_acl = sub_acls[cnt]
lcl_user = sub_users[cnt_u]
lcl_branch = sub_branches[cnt_b]
if lcl_acl not in acl_status:
flask.flash('Invalid ACL: %s' % lcl_acl, 'error')
cnt += 1
continue
if lcl_user not in commit_acls:
flask.flash('Invalid user: %s' % lcl_user, 'error')
cnt += 1
continue
if lcl_branch not in branches_inv or (
branches_inv[lcl_branch] in commit_acls[lcl_user]
and commit_acls[lcl_user][
branches_inv[lcl_branch]][
update_acl] == lcl_acl):
cnt += 1
continue
if not lcl_acl:
if branches_inv[lcl_branch] \
not in commit_acls[lcl_user]:
cnt += 1
continue
elif branches_inv[lcl_branch] \
in commit_acls[lcl_user] \
and username != lcl_user:
flask.flash(
'Only the user can remove his/her ACL',
'error')
cnt += 1
continue
try:
pkgdblib.set_acl_package(
SESSION,
namespace=namespace,
pkg_name=package.name,
pkg_branch=lcl_branch,
pkg_user=lcl_user,
acl=update_acl,
status=lcl_acl,
user=flask.g.fas_user,
)
SESSION.commit()
flask.flash("%s's %s ACL updated on %s" % (
lcl_user, update_acl, lcl_branch))
changed = True
except PkgdbException as err:
SESSION.rollback()
flask.flash(str(err), 'error')
cnt += 1
SESSION.commit()
if not changed:
flask.flash('Nothing to update')
return flask.redirect(flask.url_for(
'.package_info',
namespace=package.namespace,
package=package.name)
)
else:
flask.flash('Invalid input submitted', 'error')
return flask.render_template(
'acl_update.html',
acl=update_acl,
acl_status=acl_status,
package=package,
form=form,
branches=branches,
commit_acls=commit_acls,
admins=admins,
committers=committers,
)
def update_acl(package, update_acl):
''' Update the acls of a package. '''
packagename = package
package = None
try:
package_acl = pkgdblib.get_acl_package(SESSION, packagename)
package = pkgdblib.search_package(SESSION, packagename, limit=1)[0]
except (NoResultFound, IndexError):
SESSION.rollback()
flask.flash('No package of this name found.', 'errors')
return flask.render_template('msg.html')
statues = pkgdblib.get_status(SESSION)
planned_acls = set(statues['pkg_acl'])
acl_status = list(set(statues['acl_status']))
acl_status.insert(0, '')
if update_acl not in planned_acls:
flask.flash('Invalid ACL to update.', 'errors')
return flask.redirect(
flask.url_for('.package_info', package=package.name))
branches = {}
branches_inv = {}
commit_acls = {}
admins = {}
committers = []
for pkg in package_acl:
if pkg.collection.status == 'EOL': # pragma: no cover
continue
collection_name = '%s %s' % (pkg.collection.name,
pkg.collection.version)
if collection_name not in branches:
branches[collection_name] = pkg.collection.branchname
if pkg.collection.branchname not in branches_inv:
branches_inv[pkg.collection.branchname] = collection_name
for acl in pkg.acls:
if acl.acl == 'approveacls' and acl.status == 'Approved':
if acl.fas_name not in admins:
admins[acl.fas_name] = set()
admins[acl.fas_name].add(collection_name)
if acl.acl != update_acl:
continue
committers.append(acl.fas_name)
if acl.fas_name not in commit_acls:
commit_acls[acl.fas_name] = {}
if collection_name not in commit_acls[acl.fas_name]:
commit_acls[acl.fas_name][collection_name] = {}
commit_acls[acl.fas_name][collection_name][acl.acl] = \
acl.status
for aclname in planned_acls:
for user in commit_acls:
if collection_name in commit_acls[user] and \
aclname not in commit_acls[user][collection_name]:
commit_acls[user][collection_name][aclname] = None
# If the user is not an admin, he/she can only access his/her ACLs
username = flask.g.fas_user.username
if username not in admins and not is_pkgdb_admin(flask.g.fas_user):
tmp = {username: []}
if username in commit_acls:
tmp = {username: commit_acls[username]}
commit_acls = tmp
form = pkgdb2.forms.ConfirmationForm()
if form.validate_on_submit():
sub_acls = flask.request.values.getlist('acls')
sub_users = flask.request.values.getlist('user')
sub_branches = flask.request.values.getlist('branch')
changed = False
if sub_acls and len(sub_acls) == (len(sub_users) * len(sub_branches)):
cnt = 0
for cnt_u in range(len(sub_users)):
for cnt_b in range(len(sub_branches)):
lcl_acl = sub_acls[cnt]
lcl_user = sub_users[cnt_u]
lcl_branch = sub_branches[cnt_b]
if lcl_acl not in acl_status:
flask.flash('Invalid ACL: %s' % lcl_acl, 'error')
cnt += 1
continue
if lcl_user not in commit_acls:
flask.flash('Invalid user: %s' % lcl_user, 'error')
cnt += 1
continue
if lcl_branch not in branches_inv or (
branches_inv[lcl_branch] in commit_acls[lcl_user]
and commit_acls[lcl_user][branches_inv[lcl_branch]]
[update_acl] == lcl_acl):
cnt += 1
continue
if not lcl_acl:
if branches_inv[lcl_branch] \
not in commit_acls[lcl_user]:
cnt += 1
continue
elif branches_inv[lcl_branch] \
in commit_acls[lcl_user] \
and username != lcl_user:
flask.flash('Only the user can remove his/her ACL',
'error')
cnt += 1
continue
try:
pkgdblib.set_acl_package(
SESSION,
pkg_name=package.name,
pkg_branch=lcl_branch,
pkg_user=lcl_user,
acl=update_acl,
status=lcl_acl,
user=flask.g.fas_user,
)
SESSION.commit()
flask.flash("%s's %s ACL updated on %s" %
(lcl_user, update_acl, lcl_branch))
changed = True
except pkgdblib.PkgdbException, err:
SESSION.rollback()
flask.flash(str(err), 'error')
cnt += 1
SESSION.commit()
if not changed:
flask.flash('Nothing to update')
return flask.redirect(
flask.url_for('.package_info', package=package.name))
else:
flask.flash('Invalid input submitted', 'error')
def inject_is_admin():
""" Inject whether the user is a pkgdb2 admin or not in every page
(every template).
"""
return dict(is_admin=is_pkgdb_admin(flask.g.fas_user),
version=__version__)
