Infrastructure/fedora-infrastructure
1
0
Fork 0
Code Issues 70 Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of ssh://git.fedorahosted.org/git/fedora-infrastructure

Browse source
This commit is contained in:
Michael McGrath 2008-03-10 15:47:18 -05:00
commit df3a9387ed
7 changed files with 119 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

6
fas/TODO
View file

@ -6,3 +6,9 @@ Nice-to-have things:
* fas/group.py: Easy searching within groups (and sponsor/admin interface)
* fas/aliases.py: An easy interface to manage mail aliases
* setup.py:
- Fix installing in all scenarios: bdist_egg, install, and
install --install-data='/usr/share/fas'
- Install fas.cfg
- Install start-fas to the correct directory

4
fas/fas.cfg
View file

@ -52,7 +52,7 @@ mail.encoding = 'utf-8'
# If you have sqlite, here's a simple default to get you started
# in development
sqlalchemy.dburi="postgres://fedora:bunbunbun@localhost/fas2"
sqlalchemy.dburi="postgres://fedora:test@localhost/fas2"
sqlalchemy.echo=True
# if you are using a database or table type without transactions
@ -83,7 +83,7 @@ tg.strict_parameters = True
server.webpath='/accounts'
base_url_filter.on = True
base_url_filter.use_x_forwarded_host = True
base_url_filter.base_url = "http://localhost:8088/accounts"
base_url_filter.base_url = "https://publictest3.fedoraproject.org/accounts"
# Make the session cookie only return to the host over an SSL link
# Disabled for testing.

71
fas/fas.spec Normal file
View file

@ -0,0 +1,71 @@
%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
Name: fas
Version: 0.1
Release: 1%{?dist}
Summary: Fedora Account System
Group: Development/Languages
License: GPLv2
URL: https://fedorahosted.org/fas2/
Source0: https://fedorahosted.org/releases/f/e/fedora-infrastructure/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
BuildRequires: python-devel
BuildRequires: setuptools-devel
Requires: TurboGears >= 1.0.4
Requires: python-sqlalchemy >= 0.4
Requires: python-turbomail
Requires: python-fedora-infrastructure >= 0.2.99.2
%description
The Fedora Account System is a web application that manages the accounts of
Fedora Project Contributors. It's built in TurboGears and comes with a json
API for querying against remotely.
The python-fedora-infrastructure package has a TurboGears identity provider
that works with the Account System.
%package clients
Summary: Clients for the Fedora Account System
Group: Applications/System
Requires: python-fedora
Requires: rhpl
%description -n clients
Additional scripts that work as clients to the accounts system.
%prep
%setup -q
%build
%{__python} setup.py build --install-data='%{_datadir}/fas'
%install
rm -rf $RPM_BUILD_ROOT
%{__python} setup.py install -O1 --skip-build --install-data='%{_datadir}/fas' --root $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{_sbindir}
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}
mv $RPM_BUILD_ROOT%{_bindir}/start-fas $RPM_BUILD_ROOT%{_sbindir}
# Unreadable by others because it's going to contain a database password.
install -m 0600 fas.cfg $RPM_BUILD_ROOT%{_sysconfdir}
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root,-)
%doc README TODO COPYING fas2.sql
%{python_sitelib}/*
%{_sbindir}/start-fas
%config(noreplace) %{_sysconfdir}/*
%files -n clients
%{_bindir}/*
%changelog
* Mon Mar 10 2008 Toshio Kuratomi <tkuratom@redhat.com> - 0.1-1
- Initial Build.

4
fas/fas/auth.py
View file

@ -20,8 +20,8 @@ def isAdmin(person):
else:
return False
except KeyError:
print '%s - Your admin group could not be found!' % admingroup
return False
return False
def canAdminGroup(person, group):
'''
@ -81,6 +81,7 @@ def signedCLAPrivs(person):
return False
except KeyError:
return False
return False
def clickedCLAPrivs(person):
'''
@ -94,6 +95,7 @@ def clickedCLAPrivs(person):
return False
except KeyError:
return False
return False
def canEditUser(person, target):
'''

1
fas/fas/model.py
View file

@ -487,6 +487,7 @@ mapper(BugzillaQueue, BugzillaQueueTable, properties = {
mapper(Requests, RequestsTable, properties = {
'person': relation(People, backref='requests')
})
mapper(Log, LogTable)
# TurboGears Identity
mapper(Visit, visits_table)

13
fas/fas/user.py
View file

@ -12,12 +12,14 @@ import StringIO
import crypt
import random
import subprocess
from OpenSSL import crypto
from fas.model import People
from fas.model import PersonEmails
from fas.model import EmailPurposes
from fas.model import Log
from fas import openssl_fas
from fas.auth import *
#from fas.user_email import Email, NonFedoraEmail
@ -491,22 +493,21 @@ Please go to https://admin.fedoraproject.org/fas/ to change it.
@identity.require(turbogears.identity.not_anonymous())
@expose(template="genshi-text:fas.templates.user.cert", format="text", content_type='text/plain; charset=utf-8')
def gencert(self):
from fas.openssl_fas import *
username = turbogears.identity.current.user_name
person = People.by_username(username)
person.certificate_serial = person.certificate_serial + 1
pkey = createKeyPair(TYPE_RSA, 1024);
pkey = openssl_fas.createKeyPair(openssl_fas.TYPE_RSA, 1024);
digest = config.get('openssl_digest')
expire = config.get('openssl_expire')
cafile = config.get('openssl_ca_file')
cakey = retrieve_key_from_file(cafile)
cacert = retrieve_cert_from_file(cafile)
cakey = openssl_fas.retrieve_key_from_file(cafile)
cacert = openssl_fas.retrieve_cert_from_file(cafile)
req = createCertRequest(pkey, digest=digest,
req = openssl_fas.createCertRequest(pkey, digest=digest,
C=config.get('openssl_c'),
ST=config.get('openssl_st'),
L=config.get('openssl_l'),
@ -516,7 +517,7 @@ Please go to https://admin.fedoraproject.org/fas/ to change it.
emailAddress=person.emails['primary'],
)
cert = createCertificate(req, (cacert, cakey), person.certificate_serial, (0, expire), digest='md5')
cert = openssl_fas.createCertificate(req, (cacert, cakey), person.certificate_serial, (0, expire), digest='md5')
certdump = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
keydump = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
return dict(cert=certdump, key=keydump)

35
fas/setup.py
View file

@ -66,22 +66,45 @@ class Build(_build, object):
f.close()
super(Build, self).run()
### FIXME: This method breaks eggs.
# Unfortunately, instead of eggs being built by putting together package *.py
# files and data sanely at the last minute, they are built by putting them
# together in the build step. This makes it extremely hard to put the
# separate pieces together in different places depending on what type of
# install we're doing.
#
# We can work around this by using package_data for static as eggs expect and
# then overriding install to install static in the correct place.
#
# Eventually someone needs to rewrite egg generation to tag files into
# separate groups (module, script, data, documentation, test) and put them
# into the final package format in the correct place.
#
# For some reason, the install-data switch also doesn't propogate to the build
# script. So if we invoke install without --skip-build the app.cfg that is
# installed is also broken. Grr....
class InstallData(_install_data, object):
def finalize_options(self):
'''Override to emulate setuptools in the default case.
install_data => install_dir
'''
print 'DEBUG:', self.install_dir, '#'
self.temp_lib = None
self.temp_data = None
self.temp_prefix = None
haveInstallDir = self.install_dir
self.set_undefined_options('install',
('install_lib', 'install_dir'),
('install_data', 'temp_data'),
('install_lib', 'temp_lib'),
('prefix', 'temp_prefix'),
('root', 'root'),
('force', 'force'),
)
if not haveInstallDir:
# We set this above, now we need to add the module subdirectory to
# make it truly correct.
self.install_dir = os.path.join(self.install_dir, 'fas')
if not self.install_dir:
if self.temp_data == self.root + self.temp_prefix:
self.install_dir = os.path.join(self.temp_lib, 'fas')
else:
self.install_dir = self.temp_data
setup(
name=NAME,