##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
hooks: use safer way to validate kwargs. If rcextensions are disable we shouldn't...
marcink -
r3200:1ac5d1f8 stable
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,493 +1,493 b''
1 1 # -*- coding: utf-8 -*-
2 2
3 3 # Copyright (C) 2013-2018 RhodeCode GmbH
4 4 #
5 5 # This program is free software: you can redistribute it and/or modify
6 6 # it under the terms of the GNU Affero General Public License, version 3
7 7 # (only), as published by the Free Software Foundation.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU Affero General Public License
15 15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
16 16 #
17 17 # This program is dual-licensed. If you wish to learn more about the
18 18 # RhodeCode Enterprise Edition, including its added features, Support services,
19 19 # and proprietary license terms, please see https://rhodecode.com/licenses/
20 20
21 21
22 22 """
23 23 Set of hooks run by RhodeCode Enterprise
24 24 """
25 25
26 26 import os
27 27 import collections
28 28 import logging
29 29
30 30 import rhodecode
31 31 from rhodecode import events
32 32 from rhodecode.lib import helpers as h
33 33 from rhodecode.lib import audit_logger
34 34 from rhodecode.lib.utils2 import safe_str
35 35 from rhodecode.lib.exceptions import (
36 36 HTTPLockedRC, HTTPBranchProtected, UserCreationError)
37 37 from rhodecode.model.db import Repository, User
38 38
39 39 log = logging.getLogger(__name__)
40 40
41 41
42 42 class HookResponse(object):
43 43 def __init__(self, status, output):
44 44 self.status = status
45 45 self.output = output
46 46
47 47 def __add__(self, other):
48 48 other_status = getattr(other, 'status', 0)
49 49 new_status = max(self.status, other_status)
50 50 other_output = getattr(other, 'output', '')
51 51 new_output = self.output + other_output
52 52
53 53 return HookResponse(new_status, new_output)
54 54
55 55 def __bool__(self):
56 56 return self.status == 0
57 57
58 58
59 59 def is_shadow_repo(extras):
60 60 """
61 61 Returns ``True`` if this is an action executed against a shadow repository.
62 62 """
63 63 return extras['is_shadow_repo']
64 64
65 65
66 66 def _get_scm_size(alias, root_path):
67 67
68 68 if not alias.startswith('.'):
69 69 alias += '.'
70 70
71 71 size_scm, size_root = 0, 0
72 72 for path, unused_dirs, files in os.walk(safe_str(root_path)):
73 73 if path.find(alias) != -1:
74 74 for f in files:
75 75 try:
76 76 size_scm += os.path.getsize(os.path.join(path, f))
77 77 except OSError:
78 78 pass
79 79 else:
80 80 for f in files:
81 81 try:
82 82 size_root += os.path.getsize(os.path.join(path, f))
83 83 except OSError:
84 84 pass
85 85
86 86 size_scm_f = h.format_byte_size_binary(size_scm)
87 87 size_root_f = h.format_byte_size_binary(size_root)
88 88 size_total_f = h.format_byte_size_binary(size_root + size_scm)
89 89
90 90 return size_scm_f, size_root_f, size_total_f
91 91
92 92
93 93 # actual hooks called by Mercurial internally, and GIT by our Python Hooks
94 94 def repo_size(extras):
95 95 """Present size of repository after push."""
96 96 repo = Repository.get_by_repo_name(extras.repository)
97 97 vcs_part = safe_str(u'.%s' % repo.repo_type)
98 98 size_vcs, size_root, size_total = _get_scm_size(vcs_part,
99 99 repo.repo_full_path)
100 100 msg = ('Repository `%s` size summary %s:%s repo:%s total:%s\n'
101 101 % (repo.repo_name, vcs_part, size_vcs, size_root, size_total))
102 102 return HookResponse(0, msg)
103 103
104 104
105 105 def pre_push(extras):
106 106 """
107 107 Hook executed before pushing code.
108 108
109 109 It bans pushing when the repository is locked.
110 110 """
111 111
112 112 user = User.get_by_username(extras.username)
113 113 output = ''
114 114 if extras.locked_by[0] and user.user_id != int(extras.locked_by[0]):
115 115 locked_by = User.get(extras.locked_by[0]).username
116 116 reason = extras.locked_by[2]
117 117 # this exception is interpreted in git/hg middlewares and based
118 118 # on that proper return code is server to client
119 119 _http_ret = HTTPLockedRC(
120 120 _locked_by_explanation(extras.repository, locked_by, reason))
121 121 if str(_http_ret.code).startswith('2'):
122 122 # 2xx Codes don't raise exceptions
123 123 output = _http_ret.title
124 124 else:
125 125 raise _http_ret
126 126
127 127 hook_response = ''
128 128 if not is_shadow_repo(extras):
129 129 if extras.commit_ids and extras.check_branch_perms:
130 130
131 131 auth_user = user.AuthUser()
132 132 repo = Repository.get_by_repo_name(extras.repository)
133 133 affected_branches = []
134 134 if repo.repo_type == 'hg':
135 135 for entry in extras.commit_ids:
136 136 if entry['type'] == 'branch':
137 137 is_forced = bool(entry['multiple_heads'])
138 138 affected_branches.append([entry['name'], is_forced])
139 139 elif repo.repo_type == 'git':
140 140 for entry in extras.commit_ids:
141 141 if entry['type'] == 'heads':
142 142 is_forced = bool(entry['pruned_sha'])
143 143 affected_branches.append([entry['name'], is_forced])
144 144
145 145 for branch_name, is_forced in affected_branches:
146 146
147 147 rule, branch_perm = auth_user.get_rule_and_branch_permission(
148 148 extras.repository, branch_name)
149 149 if not branch_perm:
150 150 # no branch permission found for this branch, just keep checking
151 151 continue
152 152
153 153 if branch_perm == 'branch.push_force':
154 154 continue
155 155 elif branch_perm == 'branch.push' and is_forced is False:
156 156 continue
157 157 elif branch_perm == 'branch.push' and is_forced is True:
158 158 halt_message = 'Branch `{}` changes rejected by rule {}. ' \
159 159 'FORCE PUSH FORBIDDEN.'.format(branch_name, rule)
160 160 else:
161 161 halt_message = 'Branch `{}` changes rejected by rule {}.'.format(
162 162 branch_name, rule)
163 163
164 164 if halt_message:
165 165 _http_ret = HTTPBranchProtected(halt_message)
166 166 raise _http_ret
167 167
168 168 # Propagate to external components. This is done after checking the
169 169 # lock, for consistent behavior.
170 170 hook_response = pre_push_extension(
171 171 repo_store_path=Repository.base_path(), **extras)
172 172 events.trigger(events.RepoPrePushEvent(
173 173 repo_name=extras.repository, extras=extras))
174 174
175 175 return HookResponse(0, output) + hook_response
176 176
177 177
178 178 def pre_pull(extras):
179 179 """
180 180 Hook executed before pulling the code.
181 181
182 182 It bans pulling when the repository is locked.
183 183 """
184 184
185 185 output = ''
186 186 if extras.locked_by[0]:
187 187 locked_by = User.get(extras.locked_by[0]).username
188 188 reason = extras.locked_by[2]
189 189 # this exception is interpreted in git/hg middlewares and based
190 190 # on that proper return code is server to client
191 191 _http_ret = HTTPLockedRC(
192 192 _locked_by_explanation(extras.repository, locked_by, reason))
193 193 if str(_http_ret.code).startswith('2'):
194 194 # 2xx Codes don't raise exceptions
195 195 output = _http_ret.title
196 196 else:
197 197 raise _http_ret
198 198
199 199 # Propagate to external components. This is done after checking the
200 200 # lock, for consistent behavior.
201 201 hook_response = ''
202 202 if not is_shadow_repo(extras):
203 203 extras.hook_type = extras.hook_type or 'pre_pull'
204 204 hook_response = pre_pull_extension(
205 205 repo_store_path=Repository.base_path(), **extras)
206 206 events.trigger(events.RepoPrePullEvent(
207 207 repo_name=extras.repository, extras=extras))
208 208
209 209 return HookResponse(0, output) + hook_response
210 210
211 211
212 212 def post_pull(extras):
213 213 """Hook executed after client pulls the code."""
214 214
215 215 audit_user = audit_logger.UserWrap(
216 216 username=extras.username,
217 217 ip_addr=extras.ip)
218 218 repo = audit_logger.RepoWrap(repo_name=extras.repository)
219 219 audit_logger.store(
220 220 'user.pull', action_data={'user_agent': extras.user_agent},
221 221 user=audit_user, repo=repo, commit=True)
222 222
223 223 output = ''
224 224 # make lock is a tri state False, True, None. We only make lock on True
225 225 if extras.make_lock is True and not is_shadow_repo(extras):
226 226 user = User.get_by_username(extras.username)
227 227 Repository.lock(Repository.get_by_repo_name(extras.repository),
228 228 user.user_id,
229 229 lock_reason=Repository.LOCK_PULL)
230 230 msg = 'Made lock on repo `%s`' % (extras.repository,)
231 231 output += msg
232 232
233 233 if extras.locked_by[0]:
234 234 locked_by = User.get(extras.locked_by[0]).username
235 235 reason = extras.locked_by[2]
236 236 _http_ret = HTTPLockedRC(
237 237 _locked_by_explanation(extras.repository, locked_by, reason))
238 238 if str(_http_ret.code).startswith('2'):
239 239 # 2xx Codes don't raise exceptions
240 240 output += _http_ret.title
241 241
242 242 # Propagate to external components.
243 243 hook_response = ''
244 244 if not is_shadow_repo(extras):
245 245 extras.hook_type = extras.hook_type or 'post_pull'
246 246 hook_response = post_pull_extension(
247 247 repo_store_path=Repository.base_path(), **extras)
248 248 events.trigger(events.RepoPullEvent(
249 249 repo_name=extras.repository, extras=extras))
250 250
251 251 return HookResponse(0, output) + hook_response
252 252
253 253
254 254 def post_push(extras):
255 255 """Hook executed after user pushes to the repository."""
256 256 commit_ids = extras.commit_ids
257 257
258 258 # log the push call
259 259 audit_user = audit_logger.UserWrap(
260 260 username=extras.username, ip_addr=extras.ip)
261 261 repo = audit_logger.RepoWrap(repo_name=extras.repository)
262 262 audit_logger.store(
263 263 'user.push', action_data={
264 264 'user_agent': extras.user_agent,
265 265 'commit_ids': commit_ids[:400]},
266 266 user=audit_user, repo=repo, commit=True)
267 267
268 268 # Propagate to external components.
269 269 output = ''
270 270 # make lock is a tri state False, True, None. We only release lock on False
271 271 if extras.make_lock is False and not is_shadow_repo(extras):
272 272 Repository.unlock(Repository.get_by_repo_name(extras.repository))
273 273 msg = 'Released lock on repo `%s`\n' % extras.repository
274 274 output += msg
275 275
276 276 if extras.locked_by[0]:
277 277 locked_by = User.get(extras.locked_by[0]).username
278 278 reason = extras.locked_by[2]
279 279 _http_ret = HTTPLockedRC(
280 280 _locked_by_explanation(extras.repository, locked_by, reason))
281 281 # TODO: johbo: if not?
282 282 if str(_http_ret.code).startswith('2'):
283 283 # 2xx Codes don't raise exceptions
284 284 output += _http_ret.title
285 285
286 286 if extras.new_refs:
287 287 tmpl = \
288 288 extras.server_url + '/' + \
289 289 extras.repository + \
290 290 "/pull-request/new?{ref_type}={ref_name}"
291 291 for branch_name in extras.new_refs['branches']:
292 292 output += 'RhodeCode: open pull request link: {}\n'.format(
293 293 tmpl.format(ref_type='branch', ref_name=branch_name))
294 294
295 295 for book_name in extras.new_refs['bookmarks']:
296 296 output += 'RhodeCode: open pull request link: {}\n'.format(
297 297 tmpl.format(ref_type='bookmark', ref_name=book_name))
298 298
299 299 hook_response = ''
300 300 if not is_shadow_repo(extras):
301 301 hook_response = post_push_extension(
302 302 repo_store_path=Repository.base_path(),
303 303 **extras)
304 304 events.trigger(events.RepoPushEvent(
305 305 repo_name=extras.repository, pushed_commit_ids=commit_ids, extras=extras))
306 306
307 307 output += 'RhodeCode: push completed\n'
308 308 return HookResponse(0, output) + hook_response
309 309
310 310
311 311 def _locked_by_explanation(repo_name, user_name, reason):
312 312 message = (
313 313 'Repository `%s` locked by user `%s`. Reason:`%s`'
314 314 % (repo_name, user_name, reason))
315 315 return message
316 316
317 317
318 318 def check_allowed_create_user(user_dict, created_by, **kwargs):
319 319 # pre create hooks
320 320 if pre_create_user.is_active():
321 321 hook_result = pre_create_user(created_by=created_by, **user_dict)
322 322 allowed = hook_result.status == 0
323 323 if not allowed:
324 324 reason = hook_result.output
325 325 raise UserCreationError(reason)
326 326
327 327
328 328 class ExtensionCallback(object):
329 329 """
330 330 Forwards a given call to rcextensions, sanitizes keyword arguments.
331 331
332 332 Does check if there is an extension active for that hook. If it is
333 333 there, it will forward all `kwargs_keys` keyword arguments to the
334 334 extension callback.
335 335 """
336 336
337 337 def __init__(self, hook_name, kwargs_keys):
338 338 self._hook_name = hook_name
339 339 self._kwargs_keys = set(kwargs_keys)
340 340
341 341 def __call__(self, *args, **kwargs):
342 log.debug('Calling extension callback for %s', self._hook_name)
342 log.debug('Calling extension callback for `%s`', self._hook_name)
343 callback = self._get_callback()
344 if not callback:
345 log.debug('extension callback `%s` not found, skipping...', self._hook_name)
346 return
347
343 348 kwargs_to_pass = {}
344 349 for key in self._kwargs_keys:
345 350 try:
346 351 kwargs_to_pass[key] = kwargs[key]
347 352 except KeyError:
348 353 log.error('Failed to fetch %s key. Expected keys: %s',
349 354 key, self._kwargs_keys)
350 355 raise
351 356
352 # backward compat for removed api_key for old hooks. THis was it works
357 # backward compat for removed api_key for old hooks. This was it works
353 358 # with older rcextensions that require api_key present
354 359 if self._hook_name in ['CREATE_USER_HOOK', 'DELETE_USER_HOOK']:
355 360 kwargs_to_pass['api_key'] = '_DEPRECATED_'
356
357 callback = self._get_callback()
358 if callback:
359 return callback(**kwargs_to_pass)
360 else:
361 log.debug('extensions callback not found skipping...')
361 return callback(**kwargs_to_pass)
362 362
363 363 def is_active(self):
364 364 return hasattr(rhodecode.EXTENSIONS, self._hook_name)
365 365
366 366 def _get_callback(self):
367 367 return getattr(rhodecode.EXTENSIONS, self._hook_name, None)
368 368
369 369
370 370 pre_pull_extension = ExtensionCallback(
371 371 hook_name='PRE_PULL_HOOK',
372 372 kwargs_keys=(
373 373 'server_url', 'config', 'scm', 'username', 'ip', 'action',
374 374 'repository', 'hook_type', 'user_agent', 'repo_store_path',))
375 375
376 376
377 377 post_pull_extension = ExtensionCallback(
378 378 hook_name='PULL_HOOK',
379 379 kwargs_keys=(
380 380 'server_url', 'config', 'scm', 'username', 'ip', 'action',
381 381 'repository', 'hook_type', 'user_agent', 'repo_store_path',))
382 382
383 383
384 384 pre_push_extension = ExtensionCallback(
385 385 hook_name='PRE_PUSH_HOOK',
386 386 kwargs_keys=(
387 387 'server_url', 'config', 'scm', 'username', 'ip', 'action',
388 388 'repository', 'repo_store_path', 'commit_ids', 'hook_type', 'user_agent',))
389 389
390 390
391 391 post_push_extension = ExtensionCallback(
392 392 hook_name='PUSH_HOOK',
393 393 kwargs_keys=(
394 394 'server_url', 'config', 'scm', 'username', 'ip', 'action',
395 395 'repository', 'repo_store_path', 'commit_ids', 'hook_type', 'user_agent',))
396 396
397 397
398 398 pre_create_user = ExtensionCallback(
399 399 hook_name='PRE_CREATE_USER_HOOK',
400 400 kwargs_keys=(
401 401 'username', 'password', 'email', 'firstname', 'lastname', 'active',
402 402 'admin', 'created_by'))
403 403
404 404
405 405 log_create_pull_request = ExtensionCallback(
406 406 hook_name='CREATE_PULL_REQUEST',
407 407 kwargs_keys=(
408 408 'server_url', 'config', 'scm', 'username', 'ip', 'action',
409 409 'repository', 'pull_request_id', 'url', 'title', 'description',
410 410 'status', 'created_on', 'updated_on', 'commit_ids', 'review_status',
411 411 'mergeable', 'source', 'target', 'author', 'reviewers'))
412 412
413 413
414 414 log_merge_pull_request = ExtensionCallback(
415 415 hook_name='MERGE_PULL_REQUEST',
416 416 kwargs_keys=(
417 417 'server_url', 'config', 'scm', 'username', 'ip', 'action',
418 418 'repository', 'pull_request_id', 'url', 'title', 'description',
419 419 'status', 'created_on', 'updated_on', 'commit_ids', 'review_status',
420 420 'mergeable', 'source', 'target', 'author', 'reviewers'))
421 421
422 422
423 423 log_close_pull_request = ExtensionCallback(
424 424 hook_name='CLOSE_PULL_REQUEST',
425 425 kwargs_keys=(
426 426 'server_url', 'config', 'scm', 'username', 'ip', 'action',
427 427 'repository', 'pull_request_id', 'url', 'title', 'description',
428 428 'status', 'created_on', 'updated_on', 'commit_ids', 'review_status',
429 429 'mergeable', 'source', 'target', 'author', 'reviewers'))
430 430
431 431
432 432 log_review_pull_request = ExtensionCallback(
433 433 hook_name='REVIEW_PULL_REQUEST',
434 434 kwargs_keys=(
435 435 'server_url', 'config', 'scm', 'username', 'ip', 'action',
436 436 'repository', 'pull_request_id', 'url', 'title', 'description',
437 437 'status', 'created_on', 'updated_on', 'commit_ids', 'review_status',
438 438 'mergeable', 'source', 'target', 'author', 'reviewers'))
439 439
440 440
441 441 log_update_pull_request = ExtensionCallback(
442 442 hook_name='UPDATE_PULL_REQUEST',
443 443 kwargs_keys=(
444 444 'server_url', 'config', 'scm', 'username', 'ip', 'action',
445 445 'repository', 'pull_request_id', 'url', 'title', 'description',
446 446 'status', 'created_on', 'updated_on', 'commit_ids', 'review_status',
447 447 'mergeable', 'source', 'target', 'author', 'reviewers'))
448 448
449 449
450 450 log_create_user = ExtensionCallback(
451 451 hook_name='CREATE_USER_HOOK',
452 452 kwargs_keys=(
453 453 'username', 'full_name_or_username', 'full_contact', 'user_id',
454 454 'name', 'firstname', 'short_contact', 'admin', 'lastname',
455 455 'ip_addresses', 'extern_type', 'extern_name',
456 456 'email', 'api_keys', 'last_login',
457 457 'full_name', 'active', 'password', 'emails',
458 458 'inherit_default_permissions', 'created_by', 'created_on'))
459 459
460 460
461 461 log_delete_user = ExtensionCallback(
462 462 hook_name='DELETE_USER_HOOK',
463 463 kwargs_keys=(
464 464 'username', 'full_name_or_username', 'full_contact', 'user_id',
465 465 'name', 'firstname', 'short_contact', 'admin', 'lastname',
466 466 'ip_addresses',
467 467 'email', 'last_login',
468 468 'full_name', 'active', 'password', 'emails',
469 469 'inherit_default_permissions', 'deleted_by'))
470 470
471 471
472 472 log_create_repository = ExtensionCallback(
473 473 hook_name='CREATE_REPO_HOOK',
474 474 kwargs_keys=(
475 475 'repo_name', 'repo_type', 'description', 'private', 'created_on',
476 476 'enable_downloads', 'repo_id', 'user_id', 'enable_statistics',
477 477 'clone_uri', 'fork_id', 'group_id', 'created_by'))
478 478
479 479
480 480 log_delete_repository = ExtensionCallback(
481 481 hook_name='DELETE_REPO_HOOK',
482 482 kwargs_keys=(
483 483 'repo_name', 'repo_type', 'description', 'private', 'created_on',
484 484 'enable_downloads', 'repo_id', 'user_id', 'enable_statistics',
485 485 'clone_uri', 'fork_id', 'group_id', 'deleted_by', 'deleted_on'))
486 486
487 487
488 488 log_create_repository_group = ExtensionCallback(
489 489 hook_name='CREATE_REPO_GROUP_HOOK',
490 490 kwargs_keys=(
491 491 'group_name', 'group_parent_id', 'group_description',
492 492 'group_id', 'user_id', 'created_by', 'created_on',
493 493 'enable_locking'))
General Comments 0
You need to be logged in to leave comments. Login now