X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=dak%2Fdakdb%2Fupdate16.py;h=6cd6dc4b1b7af19566cc26901e77588f6402a288;hb=a1605d90114be9fdf8b6942ae4e3a8c376e808fd;hp=d8186afc05a03456fb7c016338037d5296f39bcd;hpb=1a0ff4b129e605d1a896a07cfc59273b35689987;p=dak.git

diff --git a/dak/dakdb/update16.py b/dak/dakdb/update16.py
old mode 100755
new mode 100644
index d8186afc..6cd6dc4b
--- a/dak/dakdb/update16.py
+++ b/dak/dakdb/update16.py
@@ -58,9 +58,9 @@ def do_update(self):
         """)
 
         ## Can upload all packages
-        c.execute("INSERT INTO source_acl (id, access_level) VALUES (1, 'full')")
+        c.execute("INSERT INTO source_acl (access_level) VALUES ('full')")
         ## Can upload only packages marked as DM upload allowed
-        c.execute("INSERT INTO source_acl (id, access_level) VALUES (2, 'dm')")
+        c.execute("INSERT INTO source_acl (access_level) VALUES ('dm')")
 
         c.execute("GRANT SELECT ON source_acl TO public")
         c.execute("GRANT ALL ON source_acl TO ftpmaster")
@@ -76,9 +76,9 @@ def do_update(self):
         """)
 
         ## Can upload any architectures of binary packages
-        c.execute("INSERT INTO binary_acl (id, access_level) VALUES (1, 'full')")
+        c.execute("INSERT INTO binary_acl (access_level) VALUES ('full')")
         ## Can upload debs where architectures are based on the map table binary_acl_map
-        c.execute("INSERT INTO binary_acl (id, access_level) VALUES (2, 'map')")
+        c.execute("INSERT INTO binary_acl (access_level) VALUES ('map')")
 
         c.execute("GRANT SELECT ON binary_acl TO public")
         c.execute("GRANT ALL ON binary_acl TO ftpmaster")
@@ -105,6 +105,11 @@ def do_update(self):
         ## NULL means no binary upload access
         c.execute("ALTER TABLE fingerprint ADD COLUMN binary_acl_id INT4 REFERENCES binary_acl(id) DEFAULT NULL")
 
+        ## TRUE here means that if the person doesn't have binary upload permissions for
+        ## an architecture, we'll reject the .changes.  FALSE means that we'll simply
+        ## dispose of those particular binaries
+        c.execute("ALTER TABLE fingerprint ADD COLUMN binary_reject BOOLEAN NOT NULL DEFAULT TRUE")
+
         # Blockage table (replaces the hard coded stuff we used to have in extensions)
         print "Adding blockage table"
         c.execute("""
@@ -125,6 +130,11 @@ def do_update(self):
 
         c.execute("ALTER TABLE keyrings ADD COLUMN default_source_acl_id INT4 REFERENCES source_acl (id) DEFAULT NULL")
         c.execute("ALTER TABLE keyrings ADD COLUMN default_binary_acl_id INT4 REFERENCES binary_acl (id) DEFAULT NULL")
+        c.execute("ALTER TABLE keyrings ADD COLUMN default_binary_reject BOOLEAN NOT NULL DEFAULT TRUE")
+        # Set up keyring priorities
+        c.execute("ALTER TABLE keyrings ADD COLUMN priority INT4 NOT NULL DEFAULT 100")
+        # And then we don't need the DM stuff any more
+        c.execute("ALTER TABLE keyrings DROP COLUMN debian_maintainer")
 
         # Default ACLs for keyrings
         c.execute("""
@@ -140,10 +150,29 @@ def do_update(self):
         c.execute("GRANT ALL ON keyring_acl_map TO ftpmaster")
         c.execute("GRANT USAGE ON keyring_acl_map_id_seq TO ftpmaster")
 
+        # Set up some default stuff; default to old behaviour
+        print "Setting up some defaults"
+
+        c.execute("""UPDATE keyrings SET default_source_acl_id = (SELECT id FROM source_acl WHERE access_level = 'full'),
+                                         default_binary_acl_id = (SELECT id FROM binary_acl WHERE access_level = 'full')""")
+
+        c.execute("""UPDATE keyrings SET default_source_acl_id = (SELECT id FROM source_acl WHERE access_level = 'dm'),
+                                         default_binary_acl_id = (SELECT id FROM binary_acl WHERE access_level = 'full')
+                                     WHERE name = 'debian-maintainers.gpg'""")
+
+        c.execute("""UPDATE keyrings SET priority = 90 WHERE name = 'debian-maintainers.gpg'""")
+
+        # Initialize the existing keys
+        c.execute("""UPDATE fingerprint SET binary_acl_id = (SELECT default_binary_acl_id FROM keyrings
+                                                              WHERE keyrings.id = fingerprint.keyring)""")
+
+        c.execute("""UPDATE fingerprint SET source_acl_id = (SELECT default_source_acl_id FROM keyrings
+                                                              WHERE keyrings.id = fingerprint.keyring)""")
+
         print "Updating config version"
         c.execute("UPDATE config SET value = '16' WHERE name = 'db_revision'")
         self.db.commit()
 
-    except psycopg2.ProgrammingError, msg:
+    except psycopg2.ProgrammingError as msg:
         self.db.rollback()
-        raise DBUpdateError, "Unable to apply ACLs update (16), rollback issued. Error message : %s" % (str(msg))
+        raise DBUpdateError("Unable to apply ACLs update (16), rollback issued. Error message : %s" % (str(msg)))