From ab3d8bb165737ea28494471c0204f709ce65a6d2 Mon Sep 17 00:00:00 2001 From: Michael Casadevall Date: Fri, 2 Jan 2009 16:56:59 -0500 Subject: [PATCH] Fixed to handle multiple DD/DM keyrings, and ldap to handle new DM status Signed-off-by: Michael Casadevall --- ChangeLog | 9 ++++++++- dak/import_keyring.py | 9 ++++++++- dak/import_ldap_fingerprints.py | 10 +++++----- 3 files changed, 21 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 617dcc00..da5ae79f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,13 @@ +2009-01-02 Michael Casadevall + + * dak/import_keyring.py - Modified to handle users in multiple keyrings + with differing DM/DD status + + * dak/import_ldap_fingerpints - Modified to handle DM changes + 2009-01-01 Michael Casadevall - * dak/process_unchecked.pu - Changed it to look up on the correct table + * dak/process_unchecked.py - Changed it to look up on the correct table * dak/dakdb/update1.py - Changed to add the right table diff --git a/dak/import_keyring.py b/dak/import_keyring.py index 8daf4e5c..602eb374 100755 --- a/dak/import_keyring.py +++ b/dak/import_keyring.py @@ -222,8 +222,10 @@ def main(): keyringname = keyring_names[0] keyring = Keyring(keyringname) + is_dm = "false" if Cnf.has_key("Import-Keyring::"+keyringname+"::Debian-Maintainer"): projectB.query("UPDATE keyrings SET debian_maintainer = '%s' WHERE name = '%s'" % (Cnf["Import-Keyring::"+keyringname+"::Debian-Maintainer"], keyringname.split("/")[-1])) + is_dm = Cnf["Import-Keyring::"+keyringname+"::Debian-Maintainer"] keyring_id = database.get_or_set_keyring_id( keyringname.split("/")[-1]) @@ -294,7 +296,12 @@ def main(): projectB.query("UPDATE fingerprint SET uid = %d WHERE id = %d" % (newuid, oldfid)) if oldkid != keyring_id: - projectB.query("UPDATE fingerprint SET keyring = %d WHERE id = %d" % (keyring_id, oldfid)) + # Only change the keyring if it won't result in a loss of permissions + q = projectB.query("SELECT debian_maintainer FROM keyrings WHERE id = '%d'" % (keyring_id)) + if is_dm == "false" and q.getresult()[0][0] == 'f': + projectB.query("UPDATE fingerprint SET keyring = %d WHERE id = %d" % (keyring_id, oldfid)) + else: + print "Key %s exists in both DM and DD keyrings. Not demoting." % (f) # All done! diff --git a/dak/import_ldap_fingerprints.py b/dak/import_ldap_fingerprints.py index 7e754d48..4cc8aa01 100755 --- a/dak/import_ldap_fingerprints.py +++ b/dak/import_ldap_fingerprints.py @@ -120,11 +120,11 @@ def main(): db_uid_name = {} ldap_fin_uid_id = {} q = projectB.query(""" -SELECT f.fingerprint, f.id, u.uid, u.debian_maintainer FROM fingerprint f, uid u WHERE f.uid = u.id +SELECT f.fingerprint, f.id, u.uid FROM fingerprint f, uid u WHERE f.uid = u.id UNION SELECT f.fingerprint, f.id, null FROM fingerprint f where f.uid is null""") for i in q.getresult(): (fingerprint, fingerprint_id, uid) = i - db_fin_uid[fingerprint] = (uid, fingerprint_id, debian_maintainer) + db_fin_uid[fingerprint] = (uid, fingerprint_id) q = projectB.query("SELECT id, name FROM uid") for i in q.getresult(): @@ -145,14 +145,14 @@ SELECT f.fingerprint, f.id, u.uid, u.debian_maintainer FROM fingerprint f, uid u for fingerprint in fingerprints: ldap_fin_uid_id[fingerprint] = (uid, uid_id) if db_fin_uid.has_key(fingerprint): - (existing_uid, fingerprint_id, is_dm) = db_fin_uid[fingerprint] + (existing_uid, fingerprint_id) = db_fin_uid[fingerprint] if not existing_uid: q = projectB.query("UPDATE fingerprint SET uid = %s WHERE id = %s" % (uid_id, fingerprint_id)) print "Assigning %s to 0x%s." % (uid, fingerprint) elif existing_uid == uid: pass - elif is_dm = "t": - q = projectB.query("UPDATE fingerprint SET uid = %s AND debian_maintainer = 'f' WHERE id = %s" % (uid_id, fingerprint_id)) + elif '@' not in existing_ui: + q = projectB.query("UPDATE fingerprint SET uid = %s WHERE id = %s" % (uid_id, fingerprint_id)) print "Promoting DM %s to DD %s with keyid 0x%s." % (existing_uid, uid, fingerprint) else: utils.warn("%s has %s in LDAP, but projectB says it should be %s." % (uid, fingerprint, existing_uid)) -- 2.39.5