X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=dak%2Fprocess_unchecked.py;h=b2097def91f3982734df160c78815f6956587829;hb=95bb898d833ecac46a51984d9eddcfda29bc5302;hp=593f9d0002a658b8eccfed77e465740d98b6f933;hpb=f48c54fa4a0717bf3f6563966a18e994df2a82c6;p=dak.git

diff --git a/dak/process_unchecked.py b/dak/process_unchecked.py
index 593f9d00..b2097def 100755
--- a/dak/process_unchecked.py
+++ b/dak/process_unchecked.py
@@ -1014,7 +1014,7 @@ def lookup_uid_from_fingerprint(fpr):
     if qs:
         return qs
     else:
-        return (None, None, None)
+        return (None, None, False)
 
 def check_signed_by_key():
     """Ensure the .changes is signed by an authorized uploader."""
@@ -1024,17 +1024,22 @@ def check_signed_by_key():
         uid_name = ""
 
     # match claimed name with actual name:
-    if uid == None:
+    if uid is None:
+        # This is fundamentally broken but need us to refactor how we get
+        # the UIDs/Fingerprints in order for us to fix it properly
         uid, uid_email = changes["fingerprint"], uid
         may_nmu, may_sponsor = 1, 1
         # XXX by default new dds don't have a fingerprint/uid in the db atm,
         #     and can't get one in there if we don't allow nmu/sponsorship
-    elif is_dm is "t":
-        uid_email = uid
-        may_nmu, may_sponsor = 0, 0
-    else:
+    elif is_dm is False:
+        # If is_dm is False, we allow full upload rights
         uid_email = "%s@debian.org" % (uid)
         may_nmu, may_sponsor = 1, 1
+    else:
+        # Assume limited upload rights unless we've discovered otherwise
+        uid_email = uid
+        may_nmu, may_sponsor = 0, 0
+
 
     if uid_email in [changes["maintaineremail"], changes["changedbyemail"]]:
         sponsored = 0
@@ -1053,6 +1058,7 @@ def check_signed_by_key():
     if sponsored and not may_sponsor:
         reject("%s is not authorised to sponsor uploads" % (uid))
 
+    cursor = DBConn().cursor()
     if not sponsored and not may_nmu:
         source_ids = []
         cursor.execute( "SELECT s.id, s.version FROM source s JOIN src_associations sa ON (s.id = sa.source) WHERE s.source = %(source)s AND s.dm_upload_allowed = 'yes'", changes )
@@ -1321,7 +1327,7 @@ def is_stableupdate ():
                            JOIN src_associations sa ON (s.id = sa.source)
                            WHERE s.source = %(source)s
                               AND s.version = %(version)s
-                              AND sa.suite = %(suite)d""",
+                              AND sa.suite = %(suite)s""",
                         {'source' : changes['source'],
                          'version' : changes['version'],
                          'suite' : pusuite})
@@ -1352,14 +1358,14 @@ def is_oldstableupdate ():
     if not changes["architecture"].has_key("source"):
         pusuite = DBConn().get_suite_id("oldstable-proposed-updates")
         cursor = DBConn().cursor()
-        cursor.execute( """"SELECT 1 FROM source s
-                            JOIN src_associations sa ON (s.id = sa.source)
-                            WHERE s.source = %(source)s
-                              AND s.version = %(version)s
-                               AND sa.suite = %(suite)s""",
-                        {'source' : changes['source'],
+        cursor.execute( """SELECT 1 FROM source s
+                           JOIN src_associations sa ON (s.id = sa.source)
+                           WHERE s.source = %(source)s
+                             AND s.version = %(version)s
+                             AND sa.suite = %(suite)s""",
+                        {'source' :  changes['source'],
                          'version' : changes['version'],
-                         'suite' : pusuite})
+                         'suite' :   pusuite})
         if cursor.fetchone():
             return 0