From: Ansgar Burchardt Date: Mon, 24 Sep 2012 18:42:09 +0000 (+0200) Subject: Merge branch 'fix-acl' X-Git-Url: https://git.donarmstrong.com/?a=commitdiff_plain;h=6486b0e07f03a250a1ab87c7f6ace05a16388f38;hp=5de72deeb2e24489d3324a531e00a42d44327e12;p=dak.git Merge branch 'fix-acl' --- diff --git a/dak/dakdb/update92.py b/dak/dakdb/update92.py new file mode 100644 index 00000000..db882774 --- /dev/null +++ b/dak/dakdb/update92.py @@ -0,0 +1,58 @@ +#!/usr/bin/env python +# coding=utf8 + +""" +remove per-fingerprint ACLs that are identical to keyring ACL + +@contact: Debian FTP Master +@copyright: 2012 Ansgar Burchardt +@license: GNU General Public License version 2 or later +""" + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +################################################################################ + +import psycopg2 +from daklib.dak_exceptions import DBUpdateError +from daklib.config import Config + +statements = [ +""" +UPDATE fingerprint f + SET acl_id = NULL + FROM keyrings k + WHERE (f.keyring = k.id AND f.acl_id = k.acl_id) + OR f.keyring IS NULL +""", +] + +################################################################################ +def do_update(self): + print __doc__ + try: + cnf = Config() + + c = self.db.cursor() + + for stmt in statements: + c.execute(stmt) + + c.execute("UPDATE config SET value = '92' WHERE name = 'db_revision'") + self.db.commit() + + except psycopg2.ProgrammingError as msg: + self.db.rollback() + raise DBUpdateError('Unable to apply sick update 92, rollback issued. Error message: {0}'.format(msg)) diff --git a/dak/update_db.py b/dak/update_db.py index cddb4c2a..7d9cd077 100755 --- a/dak/update_db.py +++ b/dak/update_db.py @@ -46,7 +46,7 @@ from daklib.daklog import Logger ################################################################################ Cnf = None -required_database_schema = 91 +required_database_schema = 92 ################################################################################ diff --git a/daklib/checks.py b/daklib/checks.py index cae801e4..56468639 100644 --- a/daklib/checks.py +++ b/daklib/checks.py @@ -53,6 +53,15 @@ class RejectStupidMaintainerException(Exception): def __str__(self): return "'%s' has mismatching %s from the external files db ('%s' [current] vs '%s' [external])" % self.args[:4] +class RejectACL(Reject): + """exception raise by failing ACL checks""" + def __init__(self, acl, reason): + self.acl = acl + self.reason = reason + + def __str__(self): + return "ACL {0}: {1}".format(self.acl.name, self.reason) + class Check(object): """base class for checks @@ -528,12 +537,12 @@ class ACLCheck(Check): raise Reject('No ACL for fingerprint {0}'.format(fingerprint.fingerprint)) result, reason = self._check_acl(session, upload, acl) if not result: - raise Reject(reason) + raise RejectACL(acl, reason) for acl in session.query(ACL).filter_by(is_global=True): result, reason = self._check_acl(session, upload, acl) if result == False: - raise Reject(reason) + raise RejectACL(acl, reason) return True