← Back to branch summary

~bzr-pqm/bzr/bzr.dev

« back to all changes in this revision

Viewing changes to bzrlib/commit_signature_commands.py

  • Committer: Martin Packman
  • Date: 2012-02-27 12:16:28 UTC
  • mto: (6437.23.25 2.5)
  • mto: This revision was merged to the branch mainline in revision 6499.
  • Revision ID: martin.packman@canonical.com-20120227121628-9q8krey0u73v56k3
https://launchpad.net/bugs/930919
Get default stream for help output via ui_factory instead of using stdout directly

Show diffs side-by-side

added added

removed removed

Lines of Context:
bzrlib/commit_signature_commands.py
1
 
# Copyright (C) 2005, 2006 Canonical Ltd
 
1
# Copyright (C) 2006, 2007, 2009, 2010, 2011 Canonical Ltd
2
2
#
3
3
# This program is free software; you can redistribute it and/or modify
4
4
# it under the terms of the GNU General Public License as published by
12
12
#
13
13
# You should have received a copy of the GNU General Public License
14
14
# along with this program; if not, write to the Free Software
15
 
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 
15
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
16
16
 
17
17
"""Command which looks for unsigned commits by the current user, and signs them.
18
18
"""
19
19
 
 
20
from __future__ import absolute_import
 
21
 
20
22
from bzrlib.lazy_import import lazy_import
21
23
lazy_import(globals(), """
22
24
from bzrlib import (
23
 
    config,
 
25
    controldir,
 
26
    errors,
24
27
    gpg,
 
28
    revision as _mod_revision,
25
29
    )
26
 
from bzrlib.bzrdir import BzrDir
27
30
""")
28
31
from bzrlib.commands import Command
29
32
from bzrlib.option import Option
30
 
 
 
33
from bzrlib.i18n import gettext, ngettext
31
34
 
32
35
class cmd_sign_my_commits(Command):
33
 
    """Sign all commits by a given committer.
 
36
    __doc__ = """Sign all commits by a given committer.
34
37
 
35
38
    If location is not specified the local tree is used.
36
39
    If committer is not specified the default committer is used.
41
44
    # (both mainline and merged), but not other revisions that may be in the
42
45
    # repository
43
46
 
44
 
    takes_options = [Option('dry-run'
45
 
                            , help='Don\'t actually sign anything, just print'
46
 
                                   ' the revisions that would be signed')
47
 
                    ]
 
47
    takes_options = [
 
48
            Option('dry-run',
 
49
                   help='Don\'t actually sign anything, just print'
 
50
                        ' the revisions that would be signed.'),
 
51
            ]
48
52
    takes_args = ['location?', 'committer?']
49
53
 
50
54
    def run(self, location=None, committer=None, dry_run=False):
51
55
        if location is None:
52
 
            bzrdir = BzrDir.open_containing('.')[0]
 
56
            bzrdir = controldir.ControlDir.open_containing('.')[0]
53
57
        else:
54
58
            # Passed in locations should be exact
55
 
            bzrdir = BzrDir.open(location)
 
59
            bzrdir = controldir.ControlDir.open(location)
56
60
        branch = bzrdir.open_branch()
57
61
        repo = branch.repository
58
62
        branch_config = branch.get_config()
59
63
 
60
64
        if committer is None:
61
65
            committer = branch_config.username()
62
 
        gpg_strategy = gpg.GPGStrategy(branch_config)
 
66
        gpg_strategy = gpg.GPGStrategy(branch.get_config_stack())
63
67
 
64
68
        count = 0
65
69
        repo.lock_write()
66
70
        try:
67
 
            for rev_id in repo.get_ancestry(branch.last_revision())[1:]:
68
 
                if repo.has_signature_for_revision_id(rev_id):
69
 
                    continue
70
 
                rev = repo.get_revision(rev_id)
71
 
                if rev.committer != committer:
72
 
                    continue
73
 
                # We have a revision without a signature who has a 
74
 
                # matching committer, start signing
75
 
                print rev_id
76
 
                count += 1
77
 
                if not dry_run:
78
 
                    repo.sign_revision(rev_id, gpg_strategy)
 
71
            graph = repo.get_graph()
 
72
            repo.start_write_group()
 
73
            try:
 
74
                for rev_id, parents in graph.iter_ancestry(
 
75
                        [branch.last_revision()]):
 
76
                    if _mod_revision.is_null(rev_id):
 
77
                        continue
 
78
                    if parents is None:
 
79
                        # Ignore ghosts
 
80
                        continue
 
81
                    if repo.has_signature_for_revision_id(rev_id):
 
82
                        continue
 
83
                    rev = repo.get_revision(rev_id)
 
84
                    if rev.committer != committer:
 
85
                        continue
 
86
                    # We have a revision without a signature who has a
 
87
                    # matching committer, start signing
 
88
                    print rev_id
 
89
                    count += 1
 
90
                    if not dry_run:
 
91
                        repo.sign_revision(rev_id, gpg_strategy)
 
92
            except:
 
93
                repo.abort_write_group()
 
94
                raise
 
95
            else:
 
96
                repo.commit_write_group()
79
97
        finally:
80
98
            repo.unlock()
81
99
        print 'Signed %d revisions' % (count,)
82
100
 
83
101
 
 
102
class cmd_verify_signatures(Command):
 
103
    __doc__ = """Verify all commit signatures.
 
104
 
 
105
    Verifies that all commits in the branch are signed by known GnuPG keys.
 
106
    """
 
107
 
 
108
    takes_options = [
 
109
            Option('acceptable-keys',
 
110
                   help='Comma separated list of GPG key patterns which are'
 
111
                        ' acceptable for verification.',
 
112
                   short_name='k',
 
113
                   type=str,),
 
114
            'revision', 
 
115
            'verbose',
 
116
          ]
 
117
    takes_args = ['location?']
 
118
 
 
119
    def run(self, acceptable_keys=None, revision=None, verbose=None,
 
120
                                                            location=u'.'):
 
121
        bzrdir = controldir.ControlDir.open_containing(location)[0]
 
122
        branch = bzrdir.open_branch()
 
123
        repo = branch.repository
 
124
        branch_config = branch.get_config_stack()
 
125
        gpg_strategy = gpg.GPGStrategy(branch_config)
 
126
 
 
127
        gpg_strategy.set_acceptable_keys(acceptable_keys)
 
128
 
 
129
        def write(string):
 
130
            self.outf.write(string + "\n")
 
131
        def write_verbose(string):
 
132
            self.outf.write("  " + string + "\n")
 
133
 
 
134
        #get our list of revisions
 
135
        revisions = []
 
136
        if revision is not None:
 
137
            if len(revision) == 1:
 
138
                revno, rev_id = revision[0].in_history(branch)
 
139
                revisions.append(rev_id)
 
140
            elif len(revision) == 2:
 
141
                from_revno, from_revid = revision[0].in_history(branch)
 
142
                to_revno, to_revid = revision[1].in_history(branch)
 
143
                if to_revid is None:
 
144
                    to_revno = branch.revno()
 
145
                if from_revno is None or to_revno is None:
 
146
                    raise errors.BzrCommandError(gettext(
 
147
                    'Cannot verify a range of non-revision-history revisions'))
 
148
                for revno in range(from_revno, to_revno + 1):
 
149
                    revisions.append(branch.get_rev_id(revno))
 
150
        else:
 
151
            #all revisions by default including merges
 
152
            graph = repo.get_graph()
 
153
            revisions = []
 
154
            repo.lock_read()
 
155
            for rev_id, parents in graph.iter_ancestry(
 
156
                    [branch.last_revision()]):
 
157
                if _mod_revision.is_null(rev_id):
 
158
                    continue
 
159
                if parents is None:
 
160
                    # Ignore ghosts
 
161
                    continue
 
162
                revisions.append(rev_id)
 
163
            repo.unlock()
 
164
        count, result, all_verifiable =\
 
165
                                gpg_strategy.do_verifications(revisions, repo)
 
166
        if all_verifiable:
 
167
               write(gettext(
 
168
                            "All commits signed with verifiable keys"))
 
169
               if verbose:
 
170
                   write(gpg_strategy.verbose_valid_message(result))
 
171
               return 0
 
172
        else:
 
173
            write(gpg_strategy.valid_commits_message(count))
 
174
            if verbose:
 
175
               for message in gpg_strategy.verbose_valid_message(result):
 
176
                   write_verbose(message)
 
177
            write(gpg_strategy.expired_commit_message(count))
 
178
            if verbose:
 
179
               for message in gpg_strategy.verbose_expired_key_message(result,
 
180
                                                                          repo):
 
181
                   write_verbose(message)
 
182
            write(gpg_strategy.unknown_key_message(count))
 
183
            if verbose:
 
184
                for message in gpg_strategy.verbose_missing_key_message(result):
 
185
                    write_verbose(message)
 
186
            write(gpg_strategy.commit_not_valid_message(count))
 
187
            if verbose:
 
188
                for message in gpg_strategy.verbose_not_valid_message(result,
 
189
                                                                        repo):
 
190
                   write_verbose(message)
 
191
            write(gpg_strategy.commit_not_signed_message(count))
 
192
            if verbose:
 
193
                for message in gpg_strategy.verbose_not_signed_message(result,
 
194
                                                                          repo):
 
195
                    write_verbose(message)
 
196
            return 1