[tor-commits] [trac-email/master] Cleaning up script and improving gnupg management
hiro at torproject.org
hiro at torproject.org
Wed Dec 14 14:31:44 UTC 2016
commit 853db909039a1c4851ebdaf78f89bf3e4ce2efa2
Author: hiromipaw <hiro at torproject.org>
Date: Tue Dec 13 18:22:48 2016 +0100
Cleaning up script and improving gnupg management
---
notify.py | 79 +++++++++++++++++++++++++++++++++++++++------------------------
1 file changed, 49 insertions(+), 30 deletions(-)
diff --git a/notify.py b/notify.py
index 189ca12..5d8f886 100755
--- a/notify.py
+++ b/notify.py
@@ -2,6 +2,7 @@ import sys
import email
import re
import gnupg
+import csv
from trac.env import Environment
from trac.ticket.model import Ticket
from trac.perm import IPermissionRequestor, PermissionCache, PermissionSystem
@@ -10,37 +11,50 @@ def read_message():
full_msg = sys.stdin.read()
return email.message_from_string("".join(full_msg))
-def verify_email_signature(message):
+def verify_email_signature(message, user):
gpg = gnupg.GPG(gnupghome='/home/tracadm/.gnupg')
- return gpg.verify(message)
+ verified = gpg.verify(message)
+ if verified.trust_level is not None and verified.trust_level >= verified.TRUST_UNDEFINED:
+ with open('/home/tracadm/bin/map', 'rb') as csvfile:
+ keysreader = csv.reader(csvfile, delimiter=' ')
+ for row in keysreader:
+ k = row[0]
+ u = row[1].strip()
+ if k == verified.fingerprint and u == user:
+ return True
def get_message_body(message):
- body = ""
if message.is_multipart():
+ body = ''
for payload in message.get_payload():
- body.join(payload.get_payload())
- else:
- body.join(message.get_payload())
+ body = body.join(payload.get_payload())
+ return body.split('-----BEGIN PGP SIGNATURE-----')[0]
- return body
+ else:
+ return message.get_payload().split('-----BEGIN PGP SIGNATURE-----')[0]
def verify_user_permissions(env, user, permission):
ps = PermissionSystem(env)
permissions_list = ps.get_user_permissions(user)
return permissions_list[permission]
-def find_or_create_ticket(message, body, env):
+def find_or_create_ticket(message, env):
# Find the ticket ID if exists
summary = message['Subject']
ticket_id = re.search('#(.+?) ', summary)
+ # Get the message body
+ body = ''.join(get_message_body(message))
reporter = message['From']
if ticket_id:
t_id = ticket_id.group(1)
tkt = Ticket(env, int(t_id))
if verify_user_permissions(env, reporter, 'TICKET_MODIFY'):
- tkt.save_changes(comment=body)
+ if tkt.save_changes(comment=body):
+ return tkt
+ else:
+ return False
else:
if verify_user_permissions(env, reporter, 'TICKET_CREATE'):
summary = message['Subject']
@@ -54,26 +68,31 @@ def find_or_create_ticket(message, body, env):
tkt['description'] = body
tkt['status'] = 'new'
tkt['priority'] = 'medium'
- tkt.insert()
+ if tkt.insert():
+ return tkt
+ else:
+ return False
# Open logs file
-f = open('/home/tracadm/log/test.log', 'w')
-
-# Define the current trac environment
-env = Environment('/current')
-
-# Build email message
-msg = read_message()
-
-# Get the message body
-body = msg.get_payload()
-
-verified = verify_email_signature(body)
-
-if verified.trust_level is not None and verified.trust_level >= verified.TRUST_FULLY:
-
- # Find or create ticket
- find_or_create_ticket(msg, body, env)
-
-# Close log file
-f.close
+with open('/home/tracadm/log/test.log', 'w') as f:
+
+ # Define the current trac environment
+ env = Environment('/current')
+
+ # Build email message
+ msg = read_message()
+
+ # Read user from email
+ user = msg['From'].split('@')[0]
+
+ verified = verify_email_signature(msg.as_string(), user)
+ if verified:
+ # Find or create ticket
+ f.write('GPG verified')
+ tkt = find_or_create_ticket(msg, env)
+ if tkt:
+ f.write(str(tkt))
+ else:
+ f.write('Could not create Ticket. I should send an email back I suppose')
+ else:
+ f.write('Could not verify GPG. I should send an email back I suppose')
More information about the tor-commits
mailing list