aboutsummaryrefslogtreecommitdiffstats
path: root/libbe/cmdutil.py
diff options
context:
space:
mode:
authorW. Trevor King <wking@drexel.edu>2009-11-21 15:06:10 -0500
committerW. Trevor King <wking@drexel.edu>2009-11-21 15:06:10 -0500
commitf3de7e1a6d07b5488fd3c9e01caba53216e612d2 (patch)
tree9ad63d3c5e960271eac24b13e94df741dca74f43 /libbe/cmdutil.py
parent64cb5e5ec672cd357bc66a8480465e531db25f52 (diff)
parent614d4e40e148520ac511cbe0606bcbdcf24c8a08 (diff)
downloadbugseverywhere-f3de7e1a6d07b5488fd3c9e01caba53216e612d2.tar.gz
Merged mostly completed `be email-bugs'.
Highlights: * new be commands 'email-bugs' and 'import-xml' * standardized <be-xml> format for XML files. * new be-handle-mail interface '[be-bug:xml]' * restrict_file_access security patch * new subprocess handling submodule libbe.subproc * test.py adjusted to use an installed VCS for most tests. * assorted bugfixes Altered interfaces to the following be commands: * comment --xml tag gone, use import-xml. * show --xml xml format updated to <be-xml> format. Also adjusted be-mbox-to-xml and be-xml-to-mbox to handle new <be-xml> format and provide better handling of *.extra_strings.
Diffstat (limited to 'libbe/cmdutil.py')
-rw-r--r--libbe/cmdutil.py80
1 files changed, 75 insertions, 5 deletions
diff --git a/libbe/cmdutil.py b/libbe/cmdutil.py
index f1c8acd..e37750d 100644
--- a/libbe/cmdutil.py
+++ b/libbe/cmdutil.py
@@ -30,10 +30,10 @@ import sys
import doctest
import bugdir
+import comment
import plugin
import encoding
-
class UserError(Exception):
def __init__(self, msg):
Exception.__init__(self, msg)
@@ -76,11 +76,12 @@ def get_command(command_name):
return cmd
-def execute(cmd, args, manipulate_encodings=True):
+def execute(cmd, args, manipulate_encodings=True, restrict_file_access=False):
enc = encoding.get_encoding()
cmd = get_command(cmd)
ret = cmd.execute([a.decode(enc) for a in args],
- manipulate_encodings=manipulate_encodings)
+ manipulate_encodings=manipulate_encodings,
+ restrict_file_access=restrict_file_access)
if ret == None:
ret = 0
return ret
@@ -213,16 +214,85 @@ def underlined(instring):
return "%s\n%s" % (instring, "="*len(instring))
-def bug_from_shortname(bdir, shortname):
+def restrict_file_access(bugdir, path):
+ """
+ Check that the file at path is inside bugdir.root. This is
+ important if you allow other users to execute becommands with your
+ username (e.g. if you're running be-handle-mail through your
+ ~/.procmailrc). If this check wasn't made, a user could e.g.
+ run
+ be commit -b ~/.ssh/id_rsa "Hack to expose ssh key"
+ which would expose your ssh key to anyone who could read the VCS
+ log.
+ """
+ in_root = bugdir.vcs.path_in_root(path, bugdir.root)
+ if in_root == False:
+ raise UserError('file access restricted!\n %s not in %s'
+ % (path, bugdir.root))
+
+def parse_id(id):
+ """
+ Return (bug_id, comment_id) tuple.
+ Basically inverts Comment.comment_shortnames()
+ >>> parse_id('XYZ')
+ ('XYZ', None)
+ >>> parse_id('XYZ:123')
+ ('XYZ', ':123')
+ >>> parse_id('')
+ Traceback (most recent call last):
+ ...
+ UserError: invalid id ''.
+ >>> parse_id('::')
+ Traceback (most recent call last):
+ ...
+ UserError: invalid id '::'.
+ """
+ if len(id) == 0:
+ raise UserError("invalid id '%s'." % id)
+ if id.count(':') > 1:
+ raise UserError("invalid id '%s'." % id)
+ elif id.count(':') == 1:
+ # Split shortname generated by Comment.comment_shortnames()
+ bug_id,comment_id = id.split(':')
+ comment_id = ':'+comment_id
+ else:
+ bug_id = id
+ comment_id = None
+ return (bug_id, comment_id)
+
+def bug_from_id(bdir, id):
"""
Exception translation for the command-line interface.
+ id can be either the bug shortname or the full uuid.
"""
try:
- bug = bdir.bug_from_shortname(shortname)
+ bug = bdir.bug_from_shortname(id)
except (bugdir.MultipleBugMatches, bugdir.NoBugMatches), e:
raise UserError(e.message)
return bug
+def bug_comment_from_id(bdir, id):
+ """
+ Return (bug,comment) tuple matching shortname. id can be either
+ the bug/comment shortname or the full uuid. If there is no
+ comment part to the id, the returned comment is the bug's
+ .comment_root.
+ """
+ bug_id,comment_id = parse_id(id)
+ try:
+ bug = bdir.bug_from_shortname(bug_id)
+ except (bugdir.MultipleBugMatches, bugdir.NoBugMatches), e:
+ raise UserError(e.message)
+ if comment_id == None:
+ comm = bug.comment_root
+ else:
+ #bug.load_comments(load_full=False)
+ try:
+ comm = bug.comment_root.comment_from_shortname(comment_id)
+ except comment.InvalidShortname, e:
+ raise UserError(e.message)
+ return (bug, comm)
+
def _test():
import doctest
import sys