+2009-01-02 Michael Casadevall <sonicmctails@gmail.com>
+
+ * dak/import_keyring.py - Modified to handle users in multiple keyrings
+ with differing DM/DD status
+
+ * dak/import_ldap_fingerpints - Modified to handle DM changes
+
2009-01-01 Michael Casadevall <sonicmctails@gmail.com>
- * dak/process_unchecked.pu - Changed it to look up on the correct table
+ * dak/process_unchecked.py - Changed it to look up on the correct table
* dak/dakdb/update1.py - Changed to add the right table
keyringname = keyring_names[0]
keyring = Keyring(keyringname)
+ is_dm = "false"
if Cnf.has_key("Import-Keyring::"+keyringname+"::Debian-Maintainer"):
projectB.query("UPDATE keyrings SET debian_maintainer = '%s' WHERE name = '%s'" % (Cnf["Import-Keyring::"+keyringname+"::Debian-Maintainer"], keyringname.split("/")[-1]))
+ is_dm = Cnf["Import-Keyring::"+keyringname+"::Debian-Maintainer"]
keyring_id = database.get_or_set_keyring_id(
keyringname.split("/")[-1])
projectB.query("UPDATE fingerprint SET uid = %d WHERE id = %d" % (newuid, oldfid))
if oldkid != keyring_id:
- projectB.query("UPDATE fingerprint SET keyring = %d WHERE id = %d" % (keyring_id, oldfid))
+ # Only change the keyring if it won't result in a loss of permissions
+ q = projectB.query("SELECT debian_maintainer FROM keyrings WHERE id = '%d'" % (keyring_id))
+ if is_dm == "false" and q.getresult()[0][0] == 'f':
+ projectB.query("UPDATE fingerprint SET keyring = %d WHERE id = %d" % (keyring_id, oldfid))
+ else:
+ print "Key %s exists in both DM and DD keyrings. Not demoting." % (f)
# All done!
db_uid_name = {}
ldap_fin_uid_id = {}
q = projectB.query("""
-SELECT f.fingerprint, f.id, u.uid, u.debian_maintainer FROM fingerprint f, uid u WHERE f.uid = u.id
+SELECT f.fingerprint, f.id, u.uid FROM fingerprint f, uid u WHERE f.uid = u.id
UNION SELECT f.fingerprint, f.id, null FROM fingerprint f where f.uid is null""")
for i in q.getresult():
(fingerprint, fingerprint_id, uid) = i
- db_fin_uid[fingerprint] = (uid, fingerprint_id, debian_maintainer)
+ db_fin_uid[fingerprint] = (uid, fingerprint_id)
q = projectB.query("SELECT id, name FROM uid")
for i in q.getresult():
for fingerprint in fingerprints:
ldap_fin_uid_id[fingerprint] = (uid, uid_id)
if db_fin_uid.has_key(fingerprint):
- (existing_uid, fingerprint_id, is_dm) = db_fin_uid[fingerprint]
+ (existing_uid, fingerprint_id) = db_fin_uid[fingerprint]
if not existing_uid:
q = projectB.query("UPDATE fingerprint SET uid = %s WHERE id = %s" % (uid_id, fingerprint_id))
print "Assigning %s to 0x%s." % (uid, fingerprint)
elif existing_uid == uid:
pass
- elif is_dm = "t":
- q = projectB.query("UPDATE fingerprint SET uid = %s AND debian_maintainer = 'f' WHERE id = %s" % (uid_id, fingerprint_id))
+ elif '@' not in existing_ui:
+ q = projectB.query("UPDATE fingerprint SET uid = %s WHERE id = %s" % (uid_id, fingerprint_id))
print "Promoting DM %s to DD %s with keyid 0x%s." % (existing_uid, uid, fingerprint)
else:
utils.warn("%s has %s in LDAP, but projectB says it should be %s." % (uid, fingerprint, existing_uid))
projects / dak.git / commitdiff