~bzr-pqm/bzr/bzr.dev

« back to all changes in this revision

Viewing changes to bzrlib/commit_signature_commands.py

  • Committer: Martin Pool
  • Date: 2005-03-14 07:07:24 UTC
  • Revision ID: mbp@sourcefrog.net-20050314070724-ba6c85db7d96c508
- add setup.py and install instructions
- rename main script to just bzr

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
# Copyright (C) 2006, 2007, 2009, 2010, 2011 Canonical Ltd
2
 
#
3
 
# This program is free software; you can redistribute it and/or modify
4
 
# it under the terms of the GNU General Public License as published by
5
 
# the Free Software Foundation; either version 2 of the License, or
6
 
# (at your option) any later version.
7
 
#
8
 
# This program is distributed in the hope that it will be useful,
9
 
# but WITHOUT ANY WARRANTY; without even the implied warranty of
10
 
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
11
 
# GNU General Public License for more details.
12
 
#
13
 
# You should have received a copy of the GNU General Public License
14
 
# along with this program; if not, write to the Free Software
15
 
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
16
 
 
17
 
"""Command which looks for unsigned commits by the current user, and signs them.
18
 
"""
19
 
 
20
 
from __future__ import absolute_import
21
 
 
22
 
from bzrlib import (
23
 
    controldir,
24
 
    errors,
25
 
    gpg,
26
 
    revision as _mod_revision,
27
 
    )
28
 
from bzrlib.commands import Command
29
 
from bzrlib.option import Option
30
 
from bzrlib.i18n import gettext, ngettext
31
 
 
32
 
 
33
 
class cmd_sign_my_commits(Command):
34
 
    __doc__ = """Sign all commits by a given committer.
35
 
 
36
 
    If location is not specified the local tree is used.
37
 
    If committer is not specified the default committer is used.
38
 
 
39
 
    This does not sign commits that already have signatures.
40
 
    """
41
 
    # Note that this signs everything on the branch's ancestry
42
 
    # (both mainline and merged), but not other revisions that may be in the
43
 
    # repository
44
 
 
45
 
    takes_options = [
46
 
            Option('dry-run',
47
 
                   help='Don\'t actually sign anything, just print'
48
 
                        ' the revisions that would be signed.'),
49
 
            ]
50
 
    takes_args = ['location?', 'committer?']
51
 
 
52
 
    def run(self, location=None, committer=None, dry_run=False):
53
 
        if location is None:
54
 
            bzrdir = controldir.ControlDir.open_containing('.')[0]
55
 
        else:
56
 
            # Passed in locations should be exact
57
 
            bzrdir = controldir.ControlDir.open(location)
58
 
        branch = bzrdir.open_branch()
59
 
        repo = branch.repository
60
 
        branch_config = branch.get_config_stack()
61
 
 
62
 
        if committer is None:
63
 
            committer = branch_config.get('email')
64
 
        gpg_strategy = gpg.GPGStrategy(branch_config)
65
 
 
66
 
        count = 0
67
 
        repo.lock_write()
68
 
        try:
69
 
            graph = repo.get_graph()
70
 
            repo.start_write_group()
71
 
            try:
72
 
                for rev_id, parents in graph.iter_ancestry(
73
 
                        [branch.last_revision()]):
74
 
                    if _mod_revision.is_null(rev_id):
75
 
                        continue
76
 
                    if parents is None:
77
 
                        # Ignore ghosts
78
 
                        continue
79
 
                    if repo.has_signature_for_revision_id(rev_id):
80
 
                        continue
81
 
                    rev = repo.get_revision(rev_id)
82
 
                    if rev.committer != committer:
83
 
                        continue
84
 
                    # We have a revision without a signature who has a
85
 
                    # matching committer, start signing
86
 
                    self.outf.write("%s\n" % rev_id)
87
 
                    count += 1
88
 
                    if not dry_run:
89
 
                        repo.sign_revision(rev_id, gpg_strategy)
90
 
            except:
91
 
                repo.abort_write_group()
92
 
                raise
93
 
            else:
94
 
                repo.commit_write_group()
95
 
        finally:
96
 
            repo.unlock()
97
 
        self.outf.write(
98
 
            ngettext('Signed %d revision.\n', 'Signed %d revisions.\n', count) %
99
 
            count)
100
 
 
101
 
 
102
 
class cmd_verify_signatures(Command):
103
 
    __doc__ = """Verify all commit signatures.
104
 
 
105
 
    Verifies that all commits in the branch are signed by known GnuPG keys.
106
 
    """
107
 
 
108
 
    takes_options = [
109
 
            Option('acceptable-keys',
110
 
                   help='Comma separated list of GPG key patterns which are'
111
 
                        ' acceptable for verification.',
112
 
                   short_name='k',
113
 
                   type=str,),
114
 
            'revision',
115
 
            'verbose',
116
 
          ]
117
 
    takes_args = ['location?']
118
 
 
119
 
    def run(self, acceptable_keys=None, revision=None, verbose=None,
120
 
                                                            location=u'.'):
121
 
        bzrdir = controldir.ControlDir.open_containing(location)[0]
122
 
        branch = bzrdir.open_branch()
123
 
        repo = branch.repository
124
 
        branch_config = branch.get_config_stack()
125
 
        gpg_strategy = gpg.GPGStrategy(branch_config)
126
 
 
127
 
        gpg_strategy.set_acceptable_keys(acceptable_keys)
128
 
 
129
 
        def write(string):
130
 
            self.outf.write(string + "\n")
131
 
        def write_verbose(string):
132
 
            self.outf.write("  " + string + "\n")
133
 
 
134
 
        self.add_cleanup(repo.lock_read().unlock)
135
 
        #get our list of revisions
136
 
        revisions = []
137
 
        if revision is not None:
138
 
            if len(revision) == 1:
139
 
                revno, rev_id = revision[0].in_history(branch)
140
 
                revisions.append(rev_id)
141
 
            elif len(revision) == 2:
142
 
                from_revno, from_revid = revision[0].in_history(branch)
143
 
                to_revno, to_revid = revision[1].in_history(branch)
144
 
                if to_revid is None:
145
 
                    to_revno = branch.revno()
146
 
                if from_revno is None or to_revno is None:
147
 
                    raise errors.BzrCommandError(gettext(
148
 
                    'Cannot verify a range of non-revision-history revisions'))
149
 
                for revno in range(from_revno, to_revno + 1):
150
 
                    revisions.append(branch.get_rev_id(revno))
151
 
        else:
152
 
            #all revisions by default including merges
153
 
            graph = repo.get_graph()
154
 
            revisions = []
155
 
            for rev_id, parents in graph.iter_ancestry(
156
 
                    [branch.last_revision()]):
157
 
                if _mod_revision.is_null(rev_id):
158
 
                    continue
159
 
                if parents is None:
160
 
                    # Ignore ghosts
161
 
                    continue
162
 
                revisions.append(rev_id)
163
 
        count, result, all_verifiable = gpg.bulk_verify_signatures(
164
 
            repo, revisions, gpg_strategy)
165
 
        if all_verifiable:
166
 
               write(gettext("All commits signed with verifiable keys"))
167
 
               if verbose:
168
 
                   for message in gpg.verbose_valid_message(result):
169
 
                       write_verbose(message)
170
 
               return 0
171
 
        else:
172
 
            write(gpg.valid_commits_message(count))
173
 
            if verbose:
174
 
               for message in gpg.verbose_valid_message(result):
175
 
                   write_verbose(message)
176
 
            write(gpg.expired_commit_message(count))
177
 
            if verbose:
178
 
               for message in gpg.verbose_expired_key_message(result, repo):
179
 
                   write_verbose(message)
180
 
            write(gpg.unknown_key_message(count))
181
 
            if verbose:
182
 
                for message in gpg.verbose_missing_key_message(result):
183
 
                    write_verbose(message)
184
 
            write(gpg.commit_not_valid_message(count))
185
 
            if verbose:
186
 
                for message in gpg.verbose_not_valid_message(result, repo):
187
 
                   write_verbose(message)
188
 
            write(gpg.commit_not_signed_message(count))
189
 
            if verbose:
190
 
                for message in gpg.verbose_not_signed_message(result, repo):
191
 
                    write_verbose(message)
192
 
            return 1