rpms
/
koji
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add patch to fix issue with admins not being able to force tagging.

Browse Source 
Fixes https://pagure.io/koji/issue/2202 upstream.
epel9
Kevin Fenzi 5 years ago
parent c6daa97c0f
commit c611e19cd5
2 changed files with 75 additions and 1 deletions
Show Stats Download Patch File Download Diff File

67
2203.patch
Unescape View File

@ -0,0 +1,67 @@
From ce86d84c87709ea6efa4bbc16fabe593de5b4a66 Mon Sep 17 00:00:00 2001
From: Tomas Kopecek <tkopecek@redhat.com>
Date: Apr 28 2020 08:10:24 +0000
Subject: [PATCH 1/2] hub: admin can't force tag now
Fixes: https://pagure.io/koji/issue/2202
---
diff --git a/hub/kojihub.py b/hub/kojihub.py
index 960c0c6..9ec9bb8 100644
--- a/hub/kojihub.py
+++ b/hub/kojihub.py
@@ -9760,7 +9760,7 @@ def check_policy(name, data, default='deny', strict=False, force=False):
access: True if the policy result is allow, false otherwise
reason: reason for the access
If strict is True, will raise ActionNotAllowed if the action is not 'allow'
- If force is True, policy will pass, but action will be logged
+ If force is True, policy will pass (under admin), but action will be logged
"""
ruleset = context.policy.get(name)
if not ruleset:
@@ -9791,12 +9791,14 @@ def check_policy(name, data, default='deny', strict=False, force=False):
if result != 'deny':
reason = 'error in policy'
logger.error("Invalid action in policy %s, rule: %s", name, lastrule)
- if force and context.session.hasPerm('admin'):
- msg = "Policy %s overriden by force: %s" % (name, context.session.user_data["name"])
- if reason:
- msg += ": %s" % reason
- logger.info(msg)
- return True, "overriden by force"
+ if force:
+ user = policy_get_user(data)
+ if 'admin' in koji.auth.get_user_perms(user['id']):
+ msg = "Policy %s overriden by force: %s" % (name, user["name"])
+ if reason:
+ msg += ": %s" % reason
+ logger.info(msg)
+ return True, "overriden by force"
if not strict:
return False, reason
err_str = "policy violation (%s)" % name
From 8da87dfd42d63d9252117b331223b4a70f517ac6 Mon Sep 17 00:00:00 2001
From: Tomas Kopecek <tkopecek@redhat.com>
Date: Apr 28 2020 14:08:21 +0000
Subject: [PATCH 2/2] don't traceback on missing user
---
diff --git a/hub/kojihub.py b/hub/kojihub.py
index 9ec9bb8..92fb389 100644
--- a/hub/kojihub.py
+++ b/hub/kojihub.py
@@ -9793,7 +9793,7 @@ def check_policy(name, data, default='deny', strict=False, force=False):
logger.error("Invalid action in policy %s, rule: %s", name, lastrule)
if force:
user = policy_get_user(data)
- if 'admin' in koji.auth.get_user_perms(user['id']):
+ if user and 'admin' in koji.auth.get_user_perms(user['id']):
msg = "Policy %s overriden by force: %s" % (name, user["name"])
if reason:
msg += ": %s" % reason

9
koji.spec
Unescape View File

@ -79,7 +79,7 @@
Name: koji
Version: 1.21.0
Release: 1%{?dist}
Release: 2%{?dist}
# the included arch lib from yum's rpmUtils is GPLv2+
License: LGPLv2 and GPLv2+
Summary: Build system tools
@ -87,6 +87,9 @@ URL: https://pagure.io/koji/
Source0: https://releases.pagure.org/koji/koji-%{version}.tar.bz2
# Patches already upstream
# Patch to allow admin to force tag packages again
# https://pagure.io/koji/issue/2202
Patch1: https://pagure.io/koji/pull-request/2203.patch
# Not upstreamable
Patch100: fedora-config.patch
@ -704,6 +707,10 @@ fi
%endif
%changelog
* Thu Apr 30 2020 Kevin Fenzi <kevin@scrye.com> - 1.21.0-2
- Add patch to fix issue with admins not being able to force tagging.
- Fixes https://pagure.io/koji/issue/2202 upstream.
* Tue Apr 21 2020 Kevin Fenzi <kevin@scrye.com> - 1.21.0-1
- Update to 1.21.1. Fixes bug #1826406

Write Preview
Loading…
Cancel
Save