Merge branch 'master' into content_generation

[dak.git] / dak / process_unchecked.py

diff --git a/dak/process_unchecked.py b/dak/process_unchecked.py
index 167fd63a8cb910cd39d1e3fac60754a50250b80e..9acdcdd90d5fc06679ea877c8a91865a3587a10a 100755 (executable)
--- a/dak/process_unchecked.py
+++ b/dak/process_unchecked.py
@@ -997,7 +997,7 @@ def check_timestamps():
 ################################################################################
 
 def lookup_uid_from_fingerprint(fpr):
-    q = Upload.projectB.query("SELECT u.uid, u.name FROM fingerprint f, uid u WHERE f.uid = u.id AND f.fingerprint = '%s'" % (fpr))
+    q = Upload.projectB.query("SELECT u.uid, u.name, k.debian_maintainer FROM fingerprint f JOIN keyrings k ON (f.keyring=k.id), uid u WHERE f.uid = u.id AND f.fingerprint = '%s'" % (fpr))
     qs = q.getresult()
     if len(qs) == 0:
         return (None, None)
@@ -1007,7 +1007,7 @@ def lookup_uid_from_fingerprint(fpr):
 def check_signed_by_key():
     """Ensure the .changes is signed by an authorized uploader."""
 
-    (uid, uid_name) = lookup_uid_from_fingerprint(changes["fingerprint"])
+    (uid, uid_name, is_dm) = lookup_uid_from_fingerprint(changes["fingerprint"])
     if uid_name == None:
         uid_name = ""
 
@@ -1017,8 +1017,8 @@ def check_signed_by_key():
         may_nmu, may_sponsor = 1, 1
         # XXX by default new dds don't have a fingerprint/uid in the db atm,
         #     and can't get one in there if we don't allow nmu/sponsorship
-    elif uid[:3] == "dm:":
-        uid_email = uid[3:]
+    elif is_dm is "t":
+        uid_email = uid
         may_nmu, may_sponsor = 0, 0
     else:
         uid_email = "%s@debian.org" % (uid)
@@ -1043,25 +1043,28 @@ def check_signed_by_key():
 
     if not sponsored and not may_nmu:
         source_ids = []
-        check_suites = changes["distribution"].keys()
-        if "unstable" not in check_suites: check_suites.append("unstable")
-        for suite in check_suites:
-            suite_id = database.get_suite_id(suite)
-            q = Upload.projectB.query("SELECT s.id FROM source s JOIN src_associations sa ON (s.id = sa.source) WHERE s.source = '%s' AND sa.suite = %d" % (changes["source"], suite_id))
-            for si in q.getresult():
-                if si[0] not in source_ids: source_ids.append(si[0])
-
-        is_nmu = 1
-        for si in source_ids:
-            is_nmu = 1
-            q = Upload.projectB.query("SELECT m.name FROM maintainer m WHERE m.id IN (SELECT maintainer FROM src_uploaders WHERE src_uploaders.source = %s)" % (si))
+        q = Upload.projectB.query("SELECT s.id, s.version FROM source s JOIN src_associations sa ON (s.id = sa.source) WHERE s.source = '%s' AND s.dm_upload_allowed = 'yes'" % (changes["source"]))
+
+        highest_sid, highest_version = None, None
+
+        should_reject = True
+        for si in q.getresult():
+            if highest_version == None or apt_pkg.VersionCompare(si[1], highest_version) == 1:
+                 highest_sid = si[0]
+                 highest_version = si[1]
+
+        if highest_sid == None:
+           reject("Source package %s does not have 'DM-Upload-Allowed: yes' in its most recent version" % changes["source"])
+        else:
+            q = Upload.projectB.query("SELECT m.name FROM maintainer m WHERE m.id IN (SELECT su.maintainer FROM src_uploaders su JOIN source s ON (s.id = su.source) WHERE su.source = %s)" % (highest_sid))
             for m in q.getresult():
                 (rfc822, rfc2047, name, email) = utils.fix_maintainer(m[0])
                 if email == uid_email or name == uid_name:
-                    is_nmu=0
+                    should_reject=False
                     break
-        if is_nmu:
-            reject("%s may not upload/NMU source package %s" % (uid, changes["source"]))
+
+        if should_reject == True:
+            reject("%s is not in Maintainer or Uploaders of source package %s" % (uid, changes["source"]))
 
         for b in changes["binary"].keys():
             for suite in changes["distribution"].keys():
@@ -1246,6 +1249,14 @@ def queue_unembargo (summary, short_summary):
     Upload.Subst["__SUMMARY__"] = summary
     Upload.check_override()
 
+    # Send accept mail, announce to lists, close bugs and check for
+    # override disparities
+    if not Cnf["Dinstall::Options::No-Mail"]:
+        Upload.Subst["__SUITE__"] = ""
+        mail_message = utils.TemplateSubst(Upload.Subst,Cnf["Dir::Templates"]+"/process-unchecked.accepted")
+        utils.send_mail(mail_message)
+        Upload.announce(short_summary, 1)
+
 ################################################################################
 
 def is_embargo ():
@@ -1264,6 +1275,14 @@ def queue_embargo (summary, short_summary):
     Upload.Subst["__SUMMARY__"] = summary
     Upload.check_override()
 
+    # Send accept mail, announce to lists, close bugs and check for
+    # override disparities
+    if not Cnf["Dinstall::Options::No-Mail"]:
+        Upload.Subst["__SUITE__"] = ""
+        mail_message = utils.TemplateSubst(Upload.Subst,Cnf["Dir::Templates"]+"/process-unchecked.accepted")
+        utils.send_mail(mail_message)
+        Upload.announce(short_summary, 1)
+
 ################################################################################
 
 def is_stableupdate ():
@@ -1287,7 +1306,7 @@ def do_stableupdate (summary, short_summary):
     Logger.log(["Moving to proposed-updates", pkg.changes_file]);
 
     Upload.dump_vars(Cnf["Dir::Queue::ProposedUpdates"]);
-    move_to_dir(Cnf["Dir::Queue::ProposedUpdates"])
+    move_to_dir(Cnf["Dir::Queue::ProposedUpdates"], perms=0664)
 
     # Check for override disparities
     Upload.Subst["__SUMMARY__"] = summary;
@@ -1316,7 +1335,7 @@ def do_oldstableupdate (summary, short_summary):
     Logger.log(["Moving to oldstable-proposed-updates", pkg.changes_file]);
 
     Upload.dump_vars(Cnf["Dir::Queue::OldProposedUpdates"]);
-    move_to_dir(Cnf["Dir::Queue::OldProposedUpdates"])
+    move_to_dir(Cnf["Dir::Queue::OldProposedUpdates"], perms=0664)
 
     # Check for override disparities
     Upload.Subst["__SUMMARY__"] = summary;