Added dm-upload-allowed flag to exist, and added support for all

[dak.git] / dak / process_unchecked.py

diff --git a/dak/process_unchecked.py b/dak/process_unchecked.py
index 779f6765c0418e711502d2d8b1e76a9f3c689ba3..2a479ced62e457ff29a897b08901dcf0270cba32 100755 (executable)
--- a/dak/process_unchecked.py
+++ b/dak/process_unchecked.py
@@ -450,7 +450,8 @@ def check_files():
             # Ensure the architecture of the .deb is one we know about.
             default_suite = Cnf.get("Dinstall::DefaultSuite", "Unstable")
             architecture = control.Find("Architecture")
-            if architecture not in Cnf.ValueList("Suite::%s::Architectures" % (default_suite)):
+            upload_suite = changes["distribution"].keys()[0]
+            if architecture not in Cnf.ValueList("Suite::%s::Architectures" % (default_suite)) and architecture not in Cnf.ValueList("Suite::%s::Architectures" % (upload_suite)):
                 reject("Unknown architecture '%s'." % (architecture))
 
             # Ensure the architecture of the .deb is one of the ones
@@ -1050,12 +1051,10 @@ def check_signed_by_key():
             for si in q.getresult():
                 if si[0] not in source_ids: source_ids.append(si[0])
 
-        print "source_ids: %s" % (",".join([str(x) for x in source_ids]))
-
         is_nmu = 1
         for si in source_ids:
             is_nmu = 1
-            q = Upload.projectB.query("SELECT m.name FROM maintainer m WHERE m.id IN (SELECT maintainer FROM src_uploaders WHERE src_uploaders.source = %s)" % (si))
+            q = Upload.projectB.query("SELECT m.name FROM maintainer m WHERE m.id IN (SELECT su.maintainer FROM src_uploaders su JOIN source s ON (s.id = su.source) WHERE su.source = %s AND s.dm_upload_allowed = 'yes')" % (si))
             for m in q.getresult():
                 (rfc822, rfc2047, name, email) = utils.fix_maintainer(m[0])
                 if email == uid_email or name == uid_name:
@@ -1078,42 +1077,6 @@ def check_signed_by_key():
             if files[f].has_key("new"):
                 reject("%s may not upload NEW file %s" % (uid, f))
 
-    # The remaining checks only apply to binary-only uploads right now
-    if changes["architecture"].has_key("source"):
-        return
-
-    if not Cnf.Exists("Binary-Upload-Restrictions"):
-        return
-
-    restrictions = Cnf.SubTree("Binary-Upload-Restrictions")
-
-    # If the restrictions only apply to certain components make sure
-    # that the upload is actual targeted there.
-    if restrictions.Exists("Components"):
-        restricted_components = restrictions.SubTree("Components").ValueList()
-        is_restricted = False
-        for f in files:
-            if files[f]["component"] in restricted_components:
-                is_restricted = True
-                break
-        if not is_restricted:
-            return
-
-    # Assuming binary only upload restrictions are in place we then
-    # iterate over suite and architecture checking the key is in the
-    # allowed list.  If no allowed list exists for a given suite or
-    # architecture it's assumed to be open to anyone.
-    for suite in changes["distribution"].keys():
-        if not restrictions.Exists(suite):
-            continue
-        for arch in changes["architecture"].keys():
-            if not restrictions.SubTree(suite).Exists(arch):
-                continue
-            allowed_keys = restrictions.SubTree("%s::%s" % (suite, arch)).ValueList()
-            if changes["fingerprint"] not in allowed_keys:
-                base_filename = os.path.basename(pkg.changes_file)
-                reject("%s: not signed by authorised uploader for %s/%s"
-                       % (base_filename, suite, arch))
 
 ################################################################################
 ################################################################################
@@ -1283,6 +1246,14 @@ def queue_unembargo (summary, short_summary):
     Upload.Subst["__SUMMARY__"] = summary
     Upload.check_override()
 
+    # Send accept mail, announce to lists, close bugs and check for
+    # override disparities
+    if not Cnf["Dinstall::Options::No-Mail"]:
+        Upload.Subst["__SUITE__"] = ""
+        mail_message = utils.TemplateSubst(Upload.Subst,Cnf["Dir::Templates"]+"/process-unchecked.accepted")
+        utils.send_mail(mail_message)
+        Upload.announce(short_summary, 1)
+
 ################################################################################
 
 def is_embargo ():
@@ -1301,6 +1272,14 @@ def queue_embargo (summary, short_summary):
     Upload.Subst["__SUMMARY__"] = summary
     Upload.check_override()
 
+    # Send accept mail, announce to lists, close bugs and check for
+    # override disparities
+    if not Cnf["Dinstall::Options::No-Mail"]:
+        Upload.Subst["__SUITE__"] = ""
+        mail_message = utils.TemplateSubst(Upload.Subst,Cnf["Dir::Templates"]+"/process-unchecked.accepted")
+        utils.send_mail(mail_message)
+        Upload.announce(short_summary, 1)
+
 ################################################################################
 
 def is_stableupdate ():
@@ -1324,7 +1303,7 @@ def do_stableupdate (summary, short_summary):
     Logger.log(["Moving to proposed-updates", pkg.changes_file]);
 
     Upload.dump_vars(Cnf["Dir::Queue::ProposedUpdates"]);
-    move_to_dir(Cnf["Dir::Queue::ProposedUpdates"])
+    move_to_dir(Cnf["Dir::Queue::ProposedUpdates"], perms=0664)
 
     # Check for override disparities
     Upload.Subst["__SUMMARY__"] = summary;
@@ -1353,7 +1332,7 @@ def do_oldstableupdate (summary, short_summary):
     Logger.log(["Moving to oldstable-proposed-updates", pkg.changes_file]);
 
     Upload.dump_vars(Cnf["Dir::Queue::OldProposedUpdates"]);
-    move_to_dir(Cnf["Dir::Queue::OldProposedUpdates"])
+    move_to_dir(Cnf["Dir::Queue::OldProposedUpdates"], perms=0664)
 
     # Check for override disparities
     Upload.Subst["__SUMMARY__"] = summary;