Merge branch 'master' of ssh://git.fedorahosted.org/git/fedora-infrastructure

fas/TODO

@@ -6,3 +6,9 @@ Nice-to-have things:
  * fas/group.py: Easy searching within groups (and sponsor/admin interface)
 
  * fas/aliases.py: An easy interface to manage mail aliases
+
+ * setup.py:
+   - Fix installing in all scenarios: bdist_egg, install, and
+     install --install-data='/usr/share/fas'
+   - Install fas.cfg
+   - Install start-fas to the correct directory

fas/fas.cfg

@@ -52,7 +52,7 @@ mail.encoding = 'utf-8'
 
 # If you have sqlite, here's a simple default to get you started
 # in development
-sqlalchemy.dburi="postgres://fedora:bunbunbun@localhost/fas2"
+sqlalchemy.dburi="postgres://fedora:test@localhost/fas2"
 sqlalchemy.echo=True
 
 # if you are using a database or table type without transactions
@@ -83,7 +83,7 @@ tg.strict_parameters = True
 server.webpath='/accounts'
 base_url_filter.on = True
 base_url_filter.use_x_forwarded_host = True
-base_url_filter.base_url = "http://localhost:8088/accounts"
+base_url_filter.base_url = "https://publictest3.fedoraproject.org/accounts"
 
 # Make the session cookie only return to the host over an SSL link
 # Disabled for testing.

fas/fas.spec

@@ -0,0 +1,71 @@
+%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
+
+Name:           fas
+Version:        0.1
+Release:        1%{?dist}
+Summary:        Fedora Account System
+
+Group:          Development/Languages
+License:        GPLv2
+URL:            https://fedorahosted.org/fas2/
+Source0:        https://fedorahosted.org/releases/f/e/fedora-infrastructure/
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+BuildArch:      noarch
+BuildRequires:  python-devel
+BuildRequires:  setuptools-devel
+Requires: TurboGears >= 1.0.4
+Requires: python-sqlalchemy >= 0.4
+Requires: python-turbomail
+Requires: python-fedora-infrastructure >= 0.2.99.2
+
+%description
+The Fedora Account System is a web application that manages the accounts of
+Fedora Project Contributors.  It's built in TurboGears and comes with a json
+API for querying against remotely.
+
+The python-fedora-infrastructure package has a TurboGears identity provider
+that works with the Account System.
+
+%package clients
+Summary: Clients for the Fedora Account System
+Group: Applications/System
+Requires: python-fedora
+Requires: rhpl
+
+%description -n clients
+Additional scripts that work as clients to the accounts system.
+
+%prep
+%setup -q
+
+
+%build
+%{__python} setup.py build --install-data='%{_datadir}/fas'
+
+%install
+rm -rf $RPM_BUILD_ROOT
+%{__python} setup.py install -O1 --skip-build --install-data='%{_datadir}/fas' --root $RPM_BUILD_ROOT
+mkdir -p $RPM_BUILD_ROOT%{_sbindir}
+mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}
+mv $RPM_BUILD_ROOT%{_bindir}/start-fas $RPM_BUILD_ROOT%{_sbindir}
+# Unreadable by others because it's going to contain a database password.
+install -m 0600 fas.cfg $RPM_BUILD_ROOT%{_sysconfdir}
+ 
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+
+%files
+%defattr(-,root,root,-)
+%doc README TODO COPYING fas2.sql
+%{python_sitelib}/*
+%{_sbindir}/start-fas
+%config(noreplace) %{_sysconfdir}/*
+
+%files -n clients
+%{_bindir}/*
+
+%changelog
+* Mon Mar 10 2008 Toshio Kuratomi <tkuratom@redhat.com> - 0.1-1
+- Initial Build.

fas/fas/auth.py

@@ -20,8 +20,8 @@ def isAdmin(person):
         else:
             return False
     except KeyError:
-        print '%s - Your admin group could not be found!' % admingroup
         return False
+    return False
     
 def canAdminGroup(person, group):
     '''
@@ -81,6 +81,7 @@ def signedCLAPrivs(person):
             return False
     except KeyError:
         return False
+    return False
 
 def clickedCLAPrivs(person):
     '''
@@ -94,6 +95,7 @@ def clickedCLAPrivs(person):
             return False
     except KeyError:
         return False
+    return False
 
 def canEditUser(person, target):
     '''

fas/fas/model.py

@@ -487,6 +487,7 @@ mapper(BugzillaQueue, BugzillaQueueTable, properties = {
 mapper(Requests, RequestsTable, properties = {
     'person': relation(People, backref='requests')
     })
+mapper(Log, LogTable)
 
 # TurboGears Identity
 mapper(Visit, visits_table)

fas/fas/user.py

@@ -12,12 +12,14 @@ import StringIO
 import crypt
 import random
 import subprocess
+from OpenSSL import crypto
 
 from fas.model import People
 from fas.model import PersonEmails
 from fas.model import EmailPurposes
 from fas.model import Log
 
+from fas import openssl_fas
 from fas.auth import *
 #from fas.user_email import Email, NonFedoraEmail
 
@@ -491,22 +493,21 @@ Please go to https://admin.fedoraproject.org/fas/ to change it.
     @identity.require(turbogears.identity.not_anonymous())
     @expose(template="genshi-text:fas.templates.user.cert", format="text", content_type='text/plain; charset=utf-8')
     def gencert(self):
-      from fas.openssl_fas import *
       username = turbogears.identity.current.user_name
       person = People.by_username(username)
 
       person.certificate_serial = person.certificate_serial + 1
 
-      pkey = createKeyPair(TYPE_RSA, 1024);
+      pkey = openssl_fas.createKeyPair(openssl_fas.TYPE_RSA, 1024);
 
       digest = config.get('openssl_digest')
       expire = config.get('openssl_expire')
       cafile = config.get('openssl_ca_file')
 
-      cakey = retrieve_key_from_file(cafile)
+      cakey = openssl_fas.retrieve_key_from_file(cafile)
-      cacert = retrieve_cert_from_file(cafile)
+      cacert = openssl_fas.retrieve_cert_from_file(cafile)
 
-      req = createCertRequest(pkey, digest=digest,
+      req = openssl_fas.createCertRequest(pkey, digest=digest,
           C=config.get('openssl_c'),
           ST=config.get('openssl_st'),
           L=config.get('openssl_l'),
@@ -516,7 +517,7 @@ Please go to https://admin.fedoraproject.org/fas/ to change it.
           emailAddress=person.emails['primary'],
           )
 
-      cert = createCertificate(req, (cacert, cakey), person.certificate_serial, (0, expire), digest='md5')
+      cert = openssl_fas.createCertificate(req, (cacert, cakey), person.certificate_serial, (0, expire), digest='md5')
       certdump = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
       keydump = crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
       return dict(cert=certdump, key=keydump)

fas/setup.py

@@ -66,22 +66,45 @@ class Build(_build, object):
             f.close()
         super(Build, self).run()
 
+### FIXME: This method breaks eggs.
+# Unfortunately, instead of eggs being built by putting together package *.py
+# files and data sanely at the last minute, they are built by putting them
+# together in the build step.  This makes it extremely hard to put the
+# separate pieces together in different places depending on what type of
+# install we're doing.
+#
+# We can work around this by using package_data for static as eggs expect and
+# then overriding install to install static in the correct place.
+#
+# Eventually someone needs to rewrite egg generation to tag files into
+# separate groups (module, script, data, documentation, test) and put them
+# into the final package format in the correct place.
+#
+# For some reason, the install-data switch also doesn't propogate to the build
+# script.  So if we invoke install without --skip-build the app.cfg that is
+# installed is also broken.  Grr....
+
 class InstallData(_install_data, object):
     def finalize_options(self):
         '''Override to emulate setuptools in the default case.
         install_data => install_dir
         '''
-        print 'DEBUG:', self.install_dir, '#'
+        self.temp_lib = None
+        self.temp_data = None
+        self.temp_prefix = None
         haveInstallDir = self.install_dir
         self.set_undefined_options('install',
-                ('install_lib', 'install_dir'),
+                ('install_data', 'temp_data'),
+                ('install_lib', 'temp_lib'),
+                ('prefix', 'temp_prefix'),
                 ('root', 'root'),
                 ('force', 'force'),
                 )
-        if not haveInstallDir:
+        if not self.install_dir:
-            # We set this above, now we need to add the module subdirectory to
+            if self.temp_data == self.root + self.temp_prefix:
-            # make it truly correct.
+                self.install_dir = os.path.join(self.temp_lib, 'fas')
-            self.install_dir = os.path.join(self.install_dir, 'fas')
+            else:
+                self.install_dir = self.temp_data
 
 setup(
     name=NAME,