Skip to content

Commit 9637bd4

Browse files
ysangkokysangkok
authored
Admins can view /maintain page (#1045)
* Remove guardAuthorisedAsMaintainer from UploadFeature * Remove guardAuthorisedAsMaintainerOrTrustee from UploadFeature * Admins can view /maintain page
1 parent bb69286 commit 9637bd4

File tree

7 files changed

+40
-24
lines changed

7 files changed

+40
-24
lines changed

src/Distribution/Server/Features.hs

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -232,13 +232,15 @@ initHackageFeatures env@ServerEnv{serverVerbosity = verbosity} = do
232232
uploadFeature
233233
tarIndexCacheFeature
234234
reportsCoreFeature
235+
usersFeature
235236

236237
documentationCandidatesFeature <- mkDocumentationCandidatesFeature
237238
(candidatesCoreResource candidatesFeature)
238239
(map packageId . allPackages <$> queryGetCandidateIndex candidatesFeature)
239240
uploadFeature
240241
tarIndexCacheFeature
241242
reportsCandidatesFeature
243+
usersFeature
242244

243245
downloadFeature <- mkDownloadFeature
244246
coreFeature
@@ -257,6 +259,7 @@ initHackageFeatures env@ServerEnv{serverVerbosity = verbosity} = do
257259
coreFeature
258260
uploadFeature
259261
tagsFeature
262+
usersFeature
260263

261264
{- [reverse index disabled]
262265
reverseFeature <- mkReverseFeature

src/Distribution/Server/Features/BuildReports.hs

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -305,6 +305,9 @@ buildReportsFeature name
305305
void $ updateState reportsState $ SetBuildLog pkgid reportId Nothing
306306
noContent (toResponse ())
307307

308+
guardAuthorisedAsMaintainerOrTrustee pkgname =
309+
guardAuthorised_ [InGroup (maintainersGroup pkgname), InGroup trusteesGroup]
310+
308311
resetBuildFails :: DynamicPath -> ServerPartE Response
309312
resetBuildFails dpath = do
310313
pkgid <- packageInPath dpath

src/Distribution/Server/Features/Documentation.hs

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ import Distribution.Server.Framework
1010

1111
import Distribution.Server.Features.Documentation.State
1212
import Distribution.Server.Features.Upload
13+
import Distribution.Server.Features.Users
1314
import Distribution.Server.Features.Core
1415
import Distribution.Server.Features.TarIndexCache
1516
import Distribution.Server.Features.BuildReports
@@ -81,6 +82,7 @@ initDocumentationFeature :: String
8182
-> UploadFeature
8283
-> TarIndexCacheFeature
8384
-> ReportsFeature
85+
-> UserFeature
8486
-> IO DocumentationFeature)
8587
initDocumentationFeature name
8688
env@ServerEnv{serverStateDir} = do
@@ -90,9 +92,9 @@ initDocumentationFeature name
9092
-- Hooks
9193
documentationChangeHook <- newHook
9294

93-
return $ \core getPackages upload tarIndexCache reportsCore -> do
95+
return $ \core getPackages upload tarIndexCache reportsCore user -> do
9496
let feature = documentationFeature name env
95-
core getPackages upload tarIndexCache reportsCore
97+
core getPackages upload tarIndexCache reportsCore user
9698
documentationState
9799
documentationChangeHook
98100
return feature
@@ -137,6 +139,7 @@ documentationFeature :: String
137139
-> UploadFeature
138140
-> TarIndexCacheFeature
139141
-> ReportsFeature
142+
-> UserFeature
140143
-> StateComponent AcidState Documentation
141144
-> Hook PackageId ()
142145
-> DocumentationFeature
@@ -153,6 +156,7 @@ documentationFeature name
153156
UploadFeature{..}
154157
TarIndexCacheFeature{cachedTarIndex}
155158
ReportsFeature{..}
159+
UserFeature{ guardAuthorised_ }
156160
documentationState
157161
documentationChangeHook
158162
= DocumentationFeature{..}
@@ -293,6 +297,9 @@ documentationFeature name
293297
| t > 3600*24*4 = maxAgeDays 1
294298
| otherwise = maxAgeSeconds $ 60*10 + ceiling (exp (3.28697e-5 * fromInteger (ceiling t) :: Double))
295299

300+
guardAuthorisedAsMaintainerOrTrustee pkgname =
301+
guardAuthorised_ [InGroup (maintainersGroup pkgname), InGroup trusteesGroup]
302+
296303
uploadDocumentation :: DynamicPath -> ServerPartE Response
297304
uploadDocumentation dpath = do
298305
pkgid <- packageInPath dpath

src/Distribution/Server/Features/Html.hs

Lines changed: 12 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -278,7 +278,7 @@ htmlFeature env@ServerEnv{..}
278278
htmlReports = mkHtmlReports utilities core reportsCore templates
279279
htmlCandidates = mkHtmlCandidates utilities core versions upload
280280
docsCandidates tarIndexCache
281-
candidates templates
281+
candidates user templates
282282
htmlPreferred = mkHtmlPreferred utilities core versions
283283
htmlTags = mkHtmlTags utilities core upload user list tags templates
284284

@@ -465,14 +465,14 @@ mkHtmlCore :: ServerEnv
465465
-> HtmlCore
466466
mkHtmlCore ServerEnv{serverBaseURI, serverBlobStore}
467467
utilities@HtmlUtilities{..}
468-
UserFeature{queryGetUserDb, checkAuthenticated}
468+
UserFeature{queryGetUserDb, checkAuthenticated, guardAuthorised_, adminGroup}
469469
CoreFeature{coreResource}
470470
VersionsFeature{ versionsResource
471471
, queryGetDeprecatedFor
472472
, queryGetPreferredInfo
473473
, withPackagePreferred
474474
}
475-
UploadFeature{guardAuthorisedAsMaintainerOrTrustee}
475+
UploadFeature{..}
476476
TagsFeature{queryTagsForPackage}
477477
documentationFeature@DocumentationFeature{documentationResource, queryDocumentation}
478478
TarIndexCacheFeature{cachedTarIndex}
@@ -684,7 +684,7 @@ mkHtmlCore ServerEnv{serverBaseURI, serverBlobStore}
684684
serveMaintainPage dpath = do
685685
pkgname <- packageInPath dpath
686686
pkgs <- lookupPackageName pkgname
687-
guardAuthorisedAsMaintainerOrTrustee (pkgname :: PackageName)
687+
guardAuthorised_ [InGroup (maintainersGroup pkgname), InGroup trusteesGroup, InGroup adminGroup]
688688
cacheControl [Public, NoCache] (etagFromHash (length pkgs))
689689
template <- getTemplate templates "maintain.html"
690690
return $ toResponse $ template
@@ -1057,17 +1057,19 @@ mkHtmlCandidates :: HtmlUtilities
10571057
-> DocumentationFeature
10581058
-> TarIndexCacheFeature
10591059
-> PackageCandidatesFeature
1060+
-> UserFeature
10601061
-> Templates
10611062
-> HtmlCandidates
10621063
mkHtmlCandidates utilities@HtmlUtilities{..}
10631064
CoreFeature{ coreResource = CoreResource{packageInPath}
10641065
, queryGetPackageIndex
10651066
}
10661067
VersionsFeature{ queryGetPreferredInfo }
1067-
UploadFeature{ guardAuthorisedAsMaintainer, guardAuthorisedAsMaintainerOrTrustee }
1068+
UploadFeature{..}
10681069
DocumentationFeature{documentationResource, queryDocumentation,..}
10691070
TarIndexCacheFeature{cachedTarIndex}
10701071
PackageCandidatesFeature{..}
1072+
UserFeature{ guardAuthorised, guardAuthorised_ }
10711073
templates = HtmlCandidates{..}
10721074
where
10731075
candidates = candidatesResource
@@ -1175,6 +1177,9 @@ mkHtmlCandidates utilities@HtmlUtilities{..}
11751177
]
11761178
]
11771179

1180+
guardAuthorisedAsMaintainerOrTrustee pkgname =
1181+
guardAuthorised_ [InGroup (maintainersGroup pkgname), InGroup trusteesGroup]
1182+
11781183
serveCandidateMaintain :: DynamicPath -> ServerPartE Response
11791184
serveCandidateMaintain dpath = do
11801185
pkgid <- packageInPath dpath
@@ -1241,6 +1246,8 @@ mkHtmlCandidates utilities@HtmlUtilities{..}
12411246
let render = candPackageRender candRender
12421247
return $ toResponse $ dependenciesPage True render "docs"
12431248

1249+
guardAuthorisedAsMaintainer pkgName = guardAuthorised [InGroup . maintainersGroup $ pkgName]
1250+
12441251
servePublishForm :: DynamicPath -> ServerPartE Response
12451252
servePublishForm dpath = do
12461253
candidate <- packageInPath dpath >>= lookupCandidateId

src/Distribution/Server/Features/PackageCandidates.hs

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -343,6 +343,9 @@ candidatesFeature ServerEnv{serverBlobStore = store}
343343
pkgInfo <- uploadCandidate (==pkgid)
344344
seeOther (corePackageIdUri candidatesCoreResource "" $ packageId pkgInfo) (toResponse ())
345345

346+
guardAuthorisedAsMaintainerOrTrustee pkgname =
347+
guardAuthorised_ [InGroup (maintainersGroup pkgname), InGroup trusteesGroup]
348+
346349
-- FIXME: DELETE should not redirect, but rather return ServerPartE ()
347350
doDeleteCandidate :: DynamicPath -> ServerPartE Response
348351
doDeleteCandidate dpath = do
@@ -442,7 +445,7 @@ candidatesFeature ServerEnv{serverBlobStore = store}
442445
packages <- queryGetPackageIndex
443446
candidate <- packageInPath dpath >>= lookupCandidateId
444447
-- check authorization to upload - must already be a maintainer
445-
uid <- guardAuthorisedAsMaintainer (packageName candidate)
448+
uid <- guardAuthorised [InGroup . maintainersGroup $ packageName candidate]
446449
-- check if package or later already exists
447450
checkPublish uid packages candidate >>= \case
448451
Just failed -> throwError failed

src/Distribution/Server/Features/PreferredVersions.hs

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ import Distribution.Server.Features.PreferredVersions.Backup
1919

2020
import Distribution.Server.Features.Core
2121
import Distribution.Server.Features.Upload
22+
import Distribution.Server.Features.Users
2223
import Distribution.Server.Features.Tags
2324

2425
import qualified Distribution.Server.Packages.PackageIndex as PackageIndex
@@ -91,15 +92,16 @@ initVersionsFeature :: ServerEnv
9192
-> IO (CoreFeature
9293
-> UploadFeature
9394
-> TagsFeature
95+
-> UserFeature
9496
-> IO VersionsFeature)
9597
initVersionsFeature env@ServerEnv{serverStateDir} = do
9698
preferredState <- preferredStateComponent False serverStateDir
9799
deprecatedHook <- newHook
98100

99-
return $ \core upload tags -> do
101+
return $ \core upload tags user -> do
100102

101103
let feature = versionsFeature env
102-
core upload tags
104+
core upload tags user
103105
preferredState deprecatedHook
104106
return feature
105107

@@ -121,13 +123,15 @@ versionsFeature :: ServerEnv
121123
-> CoreFeature
122124
-> UploadFeature
123125
-> TagsFeature
126+
-> UserFeature
124127
-> StateComponent AcidState PreferredVersions
125128
-> Hook (PackageName, Maybe [PackageName]) ()
126129
-> VersionsFeature
127130
versionsFeature ServerEnv{ serverVerbosity = verbosity }
128131
CoreFeature{..}
129132
UploadFeature{..}
130133
TagsFeature{..}
134+
UserFeature{ guardAuthorised_ }
131135
preferredState
132136
deprecatedHook
133137
= VersionsFeature{..}
@@ -225,6 +229,9 @@ versionsFeature ServerEnv{ serverVerbosity = verbosity }
225229
| pkg <- fromMaybe [] mdep ])
226230
]
227231

232+
guardAuthorisedAsMaintainerOrTrustee pkgname =
233+
guardAuthorised_ [InGroup (maintainersGroup pkgname), InGroup trusteesGroup]
234+
228235
handlePackageDeprecatedPut :: DynamicPath -> ServerPartE Response
229236
handlePackageDeprecatedPut dpath = do
230237
pkgname <- packageInPath dpath

src/Distribution/Server/Features/Upload.hs

Lines changed: 0 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -59,11 +59,6 @@ data UploadFeature = UploadFeature {
5959
-- | The group of maintainers for a given package.
6060
maintainersGroup :: PackageName -> UserGroup,
6161

62-
-- | Requiring being logged in as the maintainer of a package.
63-
guardAuthorisedAsMaintainer :: PackageName -> ServerPartE Users.UserId,
64-
-- | Requiring being logged in as the maintainer of a package or a trustee.
65-
guardAuthorisedAsMaintainerOrTrustee :: PackageName -> ServerPartE (),
66-
6762
-- | Takes an upload request and, depending on the result of the
6863
-- passed-in function, either commits the uploaded tarball to the blob
6964
-- storage or throws it away and yields an error.
@@ -295,15 +290,6 @@ uploadFeature ServerEnv{serverBlobStore = store}
295290
uploaderDescription :: GroupDescription
296291
uploaderDescription = nullDescription { groupTitle = "Package uploaders", groupPrologue = "Package uploaders are allowed to upload packages. Note that if a package already exists then you also need to be in the maintainer group for that package." }
297292

298-
guardAuthorisedAsMaintainer :: PackageName -> ServerPartE Users.UserId
299-
guardAuthorisedAsMaintainer pkgname =
300-
guardAuthorised [InGroup (maintainersGroup pkgname)]
301-
302-
guardAuthorisedAsMaintainerOrTrustee :: PackageName -> ServerPartE ()
303-
guardAuthorisedAsMaintainerOrTrustee pkgname =
304-
guardAuthorised_ [InGroup (maintainersGroup pkgname), InGroup trusteesGroup]
305-
306-
307293
----------------------------------------------------
308294

309295
-- This is the upload function. It returns a generic result for multiple formats.

0 commit comments

Comments
 (0)