commit 853db909039a1c4851ebdaf78f89bf3e4ce2efa2 Author: hiromipaw hiro@torproject.org Date: Tue Dec 13 18:22:48 2016 +0100
Cleaning up script and improving gnupg management --- notify.py | 79 +++++++++++++++++++++++++++++++++++++++------------------------ 1 file changed, 49 insertions(+), 30 deletions(-)
diff --git a/notify.py b/notify.py index 189ca12..5d8f886 100755 --- a/notify.py +++ b/notify.py @@ -2,6 +2,7 @@ import sys import email import re import gnupg +import csv from trac.env import Environment from trac.ticket.model import Ticket from trac.perm import IPermissionRequestor, PermissionCache, PermissionSystem @@ -10,37 +11,50 @@ def read_message(): full_msg = sys.stdin.read() return email.message_from_string("".join(full_msg))
-def verify_email_signature(message): +def verify_email_signature(message, user): gpg = gnupg.GPG(gnupghome='/home/tracadm/.gnupg') - return gpg.verify(message) + verified = gpg.verify(message) + if verified.trust_level is not None and verified.trust_level >= verified.TRUST_UNDEFINED: + with open('/home/tracadm/bin/map', 'rb') as csvfile: + keysreader = csv.reader(csvfile, delimiter=' ') + for row in keysreader: + k = row[0] + u = row[1].strip() + if k == verified.fingerprint and u == user: + return True
def get_message_body(message): - body = "" if message.is_multipart(): + body = '' for payload in message.get_payload(): - body.join(payload.get_payload()) - else: - body.join(message.get_payload()) + body = body.join(payload.get_payload()) + return body.split('-----BEGIN PGP SIGNATURE-----')[0]
- return body + else: + return message.get_payload().split('-----BEGIN PGP SIGNATURE-----')[0]
def verify_user_permissions(env, user, permission): ps = PermissionSystem(env) permissions_list = ps.get_user_permissions(user) return permissions_list[permission]
-def find_or_create_ticket(message, body, env): +def find_or_create_ticket(message, env): # Find the ticket ID if exists summary = message['Subject'] ticket_id = re.search('#(.+?) ', summary)
+ # Get the message body + body = ''.join(get_message_body(message)) reporter = message['From']
if ticket_id: t_id = ticket_id.group(1) tkt = Ticket(env, int(t_id)) if verify_user_permissions(env, reporter, 'TICKET_MODIFY'): - tkt.save_changes(comment=body) + if tkt.save_changes(comment=body): + return tkt + else: + return False else: if verify_user_permissions(env, reporter, 'TICKET_CREATE'): summary = message['Subject'] @@ -54,26 +68,31 @@ def find_or_create_ticket(message, body, env): tkt['description'] = body tkt['status'] = 'new' tkt['priority'] = 'medium' - tkt.insert() + if tkt.insert(): + return tkt + else: + return False
# Open logs file -f = open('/home/tracadm/log/test.log', 'w') - -# Define the current trac environment -env = Environment('/current') - -# Build email message -msg = read_message() - -# Get the message body -body = msg.get_payload() - -verified = verify_email_signature(body) - -if verified.trust_level is not None and verified.trust_level >= verified.TRUST_FULLY: - - # Find or create ticket - find_or_create_ticket(msg, body, env) - -# Close log file -f.close +with open('/home/tracadm/log/test.log', 'w') as f: + + # Define the current trac environment + env = Environment('/current') + + # Build email message + msg = read_message() + + # Read user from email + user = msg['From'].split('@')[0] + + verified = verify_email_signature(msg.as_string(), user) + if verified: + # Find or create ticket + f.write('GPG verified') + tkt = find_or_create_ticket(msg, env) + if tkt: + f.write(str(tkt)) + else: + f.write('Could not create Ticket. I should send an email back I suppose') + else: + f.write('Could not verify GPG. I should send an email back I suppose')