import commands
import signal
-from daklib.gpg import SignedFile
-
try:
# python >= 2.6
import json
return None
sa_major_version = sqlalchemy.__version__[0:3]
-if sa_major_version in ["0.5", "0.6", "0.7"]:
+if sa_major_version in ["0.5", "0.6", "0.7", "0.8"]:
from sqlalchemy.databases import postgres
postgres.ischema_names['debversion'] = DebVersion
else:
- raise Exception("dak only ported to SQLA versions 0.5 to 0.7. See daklib/dbconn.py")
+ raise Exception("dak only ported to SQLA versions 0.5 to 0.8. See daklib/dbconn.py")
################################################################################
return object_session(self)
def clone(self, session = None):
- '''
+ """
Clones the current object in a new session and returns the new clone. A
fresh session is created if the optional session parameter is not
provided. The function will fail if a session is provided and has
WARNING: Only persistent (committed) objects can be cloned. Changes
made to the original object that are not committed yet will get lost.
The session of the new object will always be rolled back to avoid
- ressource leaks.
- '''
+ resource leaks.
+ """
if self.session() is None:
raise RuntimeError( \
################################################################################
+class ACL(ORMObject):
+ def __repr__(self):
+ return "<ACL {0}>".format(self.name)
+
+__all__.append('ACL')
+
+class ACLPerSource(ORMObject):
+ def __repr__(self):
+ return "<ACLPerSource acl={0} fingerprint={1} source={2} reason={3}>".format(self.acl.name, self.fingerprint.fingerprint, self.source, self.reason)
+
+__all__.append('ACLPerSource')
+
+################################################################################
+
class Architecture(ORMObject):
def __init__(self, arch_string = None, description = None):
self.arch_string = arch_string
__all__.append('get_architecture')
-# TODO: should be removed because the implementation is too trivial
-@session_wrapper
-def get_architecture_suites(architecture, session=None):
- """
- Returns list of Suite objects for given C{architecture} name
-
- @type architecture: str
- @param architecture: Architecture name to search for
-
- @type session: Session
- @param session: Optional SQL session object (a temporary one will be
- generated if not supplied)
-
- @rtype: list
- @return: list of Suite objects for the given name (may be empty)
- """
-
- return get_architecture(architecture, session).suites
-
-__all__.append('get_architecture_suites')
-
################################################################################
class Archive(object):
if binary is None:
return None
else:
- return binary.get_component_name()
+ return binary.poolfile.component.component_name
__all__.append('get_component_by_package_suite')
################################################################################
-class BinaryACL(object):
- def __init__(self, *args, **kwargs):
- pass
-
- def __repr__(self):
- return '<BinaryACL %s>' % self.binary_acl_id
-
-__all__.append('BinaryACL')
-
-################################################################################
-
-class BinaryACLMap(object):
- def __init__(self, *args, **kwargs):
- pass
-
- def __repr__(self):
- return '<BinaryACLMap %s>' % self.binary_acl_map_id
-
-__all__.append('BinaryACLMap')
-
-################################################################################
-
class BuildQueue(object):
def __init__(self, *args, **kwargs):
pass
@property
def fullpath(self):
session = DBConn().session().object_session(self)
- af = session.query(ArchiveFile).join(Archive).filter(ArchiveFile.file == self).first()
+ af = session.query(ArchiveFile).join(Archive) \
+ .filter(ArchiveFile.file == self) \
+ .order_by(Archive.tainted.desc()).first()
return af.path
@property
k = os.popen(self.gpg_invocation % keyring, "r")
key = None
- signingkey = False
+ need_fingerprint = False
for line in k:
field = line.split(":")
if "@" in addr:
self.keys[key]["email"] = addr
self.keys[key]["name"] = name
- self.keys[key]["fingerprints"] = []
- signingkey = True
- elif key and field[0] == "sub" and len(field) >= 12:
- signingkey = ("s" in field[11])
+ need_fingerprint = True
elif key and field[0] == "uid":
(name, addr) = self.parse_address(field[9])
if "email" not in self.keys[key] and "@" in addr:
self.keys[key]["email"] = addr
self.keys[key]["name"] = name
- elif signingkey and field[0] == "fpr":
- self.keys[key]["fingerprints"].append(field[9])
+ elif need_fingerprint and field[0] == "fpr":
+ self.keys[key]["fingerprints"] = [field[9]]
self.fpr_lookup[field[9]] = key
+ need_fingerprint = False
def import_users_from_ldap(self, session):
import ldap
LDAPDn = cnf["Import-LDAP-Fingerprints::LDAPDn"]
LDAPServer = cnf["Import-LDAP-Fingerprints::LDAPServer"]
+ ca_cert_file = cnf.get('Import-LDAP-Fingerprints::CACertFile')
l = ldap.open(LDAPServer)
+
+ if ca_cert_file:
+ # TODO: This should request a new context and use
+ # connection-specific options (i.e. "l.set_option(...)")
+
+ # Request a new TLS context. If there was already one, libldap
+ # would not change the TLS options (like which CAs to trust).
+ #l.set_option(ldap.OPT_X_TLS_NEWCTX, True)
+ ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_HARD)
+ #ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, None)
+ ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, ca_cert_file)
+ l.start_tls_s()
+
l.simple_bind_s("","")
Attrs = l.search_s(LDAPDn, ldap.SCOPE_ONELEVEL,
"(&(keyfingerprint=*)(gidnumber=%s))" % (cnf["Import-Users-From-Passwd::ValidGID"]),
################################################################################
-class KeyringACLMap(object):
- def __init__(self, *args, **kwargs):
- pass
-
- def __repr__(self):
- return '<KeyringACLMap %s>' % self.keyring_acl_map_id
-
-__all__.append('KeyringACLMap')
-
-################################################################################
-
class DBChange(object):
def __init__(self, *args, **kwargs):
pass
__all__.append('NewComment')
@session_wrapper
-def has_new_comment(package, version, session=None):
+def has_new_comment(policy_queue, package, version, session=None):
"""
Returns true if the given combination of C{package}, C{version} has a comment.
@return: true/false
"""
- q = session.query(NewComment)
+ q = session.query(NewComment).filter_by(policy_queue=policy_queue)
q = q.filter_by(package=package)
q = q.filter_by(version=version)
__all__.append('has_new_comment')
@session_wrapper
-def get_new_comments(package=None, version=None, comment_id=None, session=None):
+def get_new_comments(policy_queue, package=None, version=None, comment_id=None, session=None):
"""
Returns (possibly empty) list of NewComment objects for the given
parameters
@return: A (possibly empty) list of NewComment objects will be returned
"""
- q = session.query(NewComment)
+ q = session.query(NewComment).filter_by(policy_queue=policy_queue)
if package is not None: q = q.filter_by(package=package)
if version is not None: q = q.filter_by(version=version)
if comment_id is not None: q = q.filter_by(comment_id=comment_id)
################################################################################
+class SignatureHistory(ORMObject):
+ @classmethod
+ def from_signed_file(cls, signed_file):
+ """signature history entry from signed file
+
+ @type signed_file: L{daklib.gpg.SignedFile}
+ @param signed_file: signed file
+
+ @rtype: L{SignatureHistory}
+ """
+ self = cls()
+ self.fingerprint = signed_file.primary_fingerprint
+ self.signature_timestamp = signed_file.signature_timestamp
+ self.contents_sha1 = signed_file.contents_sha1()
+ return self
+
+__all__.append('SignatureHistory')
+
+################################################################################
+
class SrcContents(ORMObject):
def __init__(self, file = None, source = None):
self.file = file
################################################################################
+from debian.debfile import Deb822
+
+# Temporary Deb822 subclass to fix bugs with : handling; see #597249
+class Dak822(Deb822):
+ def _internal_parser(self, sequence, fields=None):
+ # The key is non-whitespace, non-colon characters before any colon.
+ key_part = r"^(?P<key>[^: \t\n\r\f\v]+)\s*:\s*"
+ single = re.compile(key_part + r"(?P<data>\S.*?)\s*$")
+ multi = re.compile(key_part + r"$")
+ multidata = re.compile(r"^\s(?P<data>.+?)\s*$")
+
+ wanted_field = lambda f: fields is None or f in fields
+
+ if isinstance(sequence, basestring):
+ sequence = sequence.splitlines()
+
+ curkey = None
+ content = ""
+ for line in self.gpg_stripped_paragraph(sequence):
+ m = single.match(line)
+ if m:
+ if curkey:
+ self[curkey] = content
+
+ if not wanted_field(m.group('key')):
+ curkey = None
+ continue
+
+ curkey = m.group('key')
+ content = m.group('data')
+ continue
+
+ m = multi.match(line)
+ if m:
+ if curkey:
+ self[curkey] = content
+
+ if not wanted_field(m.group('key')):
+ curkey = None
+ continue
+
+ curkey = m.group('key')
+ content = ""
+ continue
+
+ m = multidata.match(line)
+ if m:
+ content += '\n' + line # XXX not m.group('data')?
+ continue
+
+ if curkey:
+ self[curkey] = content
+
+
class DBSource(ORMObject):
def __init__(self, source = None, version = None, maintainer = None, \
changedby = None, poolfile = None, install_date = None, fingerprint = None):
@return: fields is the dsc information in a dictionary form
'''
fullpath = self.poolfile.fullpath
- contents = open(fullpath, 'r').read()
- signed_file = SignedFile(contents, keyrings=[], require_signature=False)
- fields = apt_pkg.TagSection(signed_file.contents)
+ fields = Dak822(open(self.poolfile.fullpath, 'r'))
return fields
metadata = association_proxy('key', 'value')
################################################################################
-class SourceACL(object):
- def __init__(self, *args, **kwargs):
- pass
-
- def __repr__(self):
- return '<SourceACL %s>' % self.source_acl_id
-
-__all__.append('SourceACL')
-
-################################################################################
-
class SrcFormat(object):
def __init__(self, *args, **kwargs):
pass
################################################################################
-class UploadBlock(object):
- def __init__(self, *args, **kwargs):
- pass
-
- def __repr__(self):
- return '<UploadBlock %s (%s)>' % (self.source, self.upload_block_id)
-
-__all__.append('UploadBlock')
-
-################################################################################
-
class MetadataKey(ORMObject):
def __init__(self, key = None):
self.key = key
def __setuptables(self):
tables = (
+ 'acl',
+ 'acl_architecture_map',
+ 'acl_fingerprint_map',
+ 'acl_per_source',
'architecture',
'archive',
'bin_associations',
'bin_contents',
'binaries',
'binaries_metadata',
- 'binary_acl',
- 'binary_acl_map',
'build_queue',
'changelogs_text',
'changes',
'component',
+ 'component_suite',
'config',
'dsc_files',
'external_overrides',
'files_archive_map',
'fingerprint',
'keyrings',
- 'keyring_acl_map',
'maintainer',
'metadata_keys',
'new_comments',
'policy_queue_byhand_file',
'priority',
'section',
+ 'signature_history',
'source',
- 'source_acl',
'source_metadata',
'src_associations',
'src_contents',
'src_format',
'src_uploaders',
'suite',
+ 'suite_acl_map',
'suite_architectures',
'suite_build_queue_copy',
'suite_src_formats',
'uid',
- 'upload_blocks',
'version_check',
)
backref=backref('architectures', order_by=self.tbl_architecture.c.arch_string))),
extension = validator)
+ mapper(ACL, self.tbl_acl,
+ properties = dict(
+ architectures = relation(Architecture, secondary=self.tbl_acl_architecture_map, collection_class=set),
+ fingerprints = relation(Fingerprint, secondary=self.tbl_acl_fingerprint_map, collection_class=set),
+ match_keyring = relation(Keyring, primaryjoin=(self.tbl_acl.c.match_keyring_id == self.tbl_keyrings.c.id)),
+ per_source = relation(ACLPerSource, collection_class=set),
+ ))
+
+ mapper(ACLPerSource, self.tbl_acl_per_source,
+ properties = dict(
+ acl = relation(ACL),
+ fingerprint = relation(Fingerprint, primaryjoin=(self.tbl_acl_per_source.c.fingerprint_id == self.tbl_fingerprint.c.id)),
+ created_by = relation(Fingerprint, primaryjoin=(self.tbl_acl_per_source.c.created_by_id == self.tbl_fingerprint.c.id)),
+ ))
+
mapper(Archive, self.tbl_archive,
properties = dict(archive_id = self.tbl_archive.c.id,
archive_name = self.tbl_archive.c.name))
collection_class=attribute_mapped_collection('key'))),
extension = validator)
- mapper(BinaryACL, self.tbl_binary_acl,
- properties = dict(binary_acl_id = self.tbl_binary_acl.c.id))
-
- mapper(BinaryACLMap, self.tbl_binary_acl_map,
- properties = dict(binary_acl_map_id = self.tbl_binary_acl_map.c.id,
- fingerprint = relation(Fingerprint, backref="binary_acl_map"),
- architecture = relation(Architecture)))
-
mapper(Component, self.tbl_component,
properties = dict(component_id = self.tbl_component.c.id,
- component_name = self.tbl_component.c.name),
+ component_name = self.tbl_component.c.name,
+ suites = relation(Suite, secondary=self.tbl_component_suite)),
extension = validator)
mapper(DBConfig, self.tbl_config,
uid = relation(Uid),
keyring_id = self.tbl_fingerprint.c.keyring,
keyring = relation(Keyring),
- source_acl = relation(SourceACL),
- binary_acl = relation(BinaryACL)),
+ acl = relation(ACL)),
extension = validator)
mapper(Keyring, self.tbl_keyrings,
properties = dict(keyring_name = self.tbl_keyrings.c.name,
- keyring_id = self.tbl_keyrings.c.id))
+ keyring_id = self.tbl_keyrings.c.id,
+ acl = relation(ACL, primaryjoin=(self.tbl_keyrings.c.acl_id == self.tbl_acl.c.id)))),
mapper(DBChange, self.tbl_changes,
properties = dict(change_id = self.tbl_changes.c.id,
date = self.tbl_changes.c.date,
version = self.tbl_changes.c.version))
- mapper(KeyringACLMap, self.tbl_keyring_acl_map,
- properties = dict(keyring_acl_map_id = self.tbl_keyring_acl_map.c.id,
- keyring = relation(Keyring, backref="keyring_acl_map"),
- architecture = relation(Architecture)))
-
mapper(Maintainer, self.tbl_maintainer,
properties = dict(maintainer_id = self.tbl_maintainer.c.id,
maintains_sources = relation(DBSource, backref='maintainer',
extension = validator)
mapper(NewComment, self.tbl_new_comments,
- properties = dict(comment_id = self.tbl_new_comments.c.id))
+ properties = dict(comment_id = self.tbl_new_comments.c.id,
+ policy_queue = relation(PolicyQueue)))
mapper(Override, self.tbl_override,
properties = dict(suite_id = self.tbl_override.c.suite,
properties = dict(section_id = self.tbl_section.c.id,
section=self.tbl_section.c.section))
+ mapper(SignatureHistory, self.tbl_signature_history)
+
mapper(DBSource, self.tbl_source,
properties = dict(source_id = self.tbl_source.c.id,
version = self.tbl_source.c.version,
collection_class=attribute_mapped_collection('key'))),
extension = validator)
- mapper(SourceACL, self.tbl_source_acl,
- properties = dict(source_acl_id = self.tbl_source_acl.c.id))
-
mapper(SrcFormat, self.tbl_src_format,
properties = dict(src_format_id = self.tbl_src_format.c.id,
format_name = self.tbl_src_format.c.format_name))
mapper(Suite, self.tbl_suite,
properties = dict(suite_id = self.tbl_suite.c.id,
policy_queue = relation(PolicyQueue, primaryjoin=(self.tbl_suite.c.policy_queue_id == self.tbl_policy_queue.c.id)),
+ new_queue = relation(PolicyQueue, primaryjoin=(self.tbl_suite.c.new_queue_id == self.tbl_policy_queue.c.id)),
copy_queues = relation(BuildQueue,
secondary=self.tbl_suite_build_queue_copy),
srcformats = relation(SrcFormat, secondary=self.tbl_suite_src_formats,
backref=backref('suites', lazy='dynamic')),
- archive = relation(Archive, backref='suites')),
+ archive = relation(Archive, backref='suites'),
+ acls = relation(ACL, secondary=self.tbl_suite_acl_map, collection_class=set),
+ components = relation(Component, secondary=self.tbl_component_suite,
+ order_by=self.tbl_component.c.ordering,
+ backref=backref('suite'))),
extension = validator)
mapper(Uid, self.tbl_uid,
fingerprint = relation(Fingerprint)),
extension = validator)
- mapper(UploadBlock, self.tbl_upload_blocks,
- properties = dict(upload_block_id = self.tbl_upload_blocks.c.id,
- fingerprint = relation(Fingerprint, backref="uploadblocks"),
- uid = relation(Uid, backref="uploadblocks")))
-
mapper(BinContents, self.tbl_bin_contents,
properties = dict(
binary = relation(DBBinary,
engine_args['pool_size'] = int(cnf['DB::PoolSize'])
if cnf.has_key('DB::MaxOverflow'):
engine_args['max_overflow'] = int(cnf['DB::MaxOverflow'])
- if sa_major_version == '0.6' and cnf.has_key('DB::Unicode') and \
+ if sa_major_version != '0.5' and cnf.has_key('DB::Unicode') and \
cnf['DB::Unicode'] == 'false':
engine_args['use_native_unicode'] = False
projects / dak.git / blobdiff