external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

git-interface: Add database abstraction layer

Browse source 
Add a new class that connects to the database specified in the
configuration file and provides an interface to execute SQL queries.
Prepared statements with qmark ("?") placeholders are supported.

Replace all direct database accesses with calls to the new abstraction
layer.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This commit is contained in:
Lukas Fleischer 2016-08-03 02:20:40 +02:00
parent 2cd69bf66d
commit 2915abb9d3
4 changed files with 149 additions and 145 deletions
Download patch file Download diff file Expand all files Collapse all files

22
git-interface/git-auth.py
View file

@ -1,12 +1,13 @@
#!/usr/bin/python3
import configparser
import mysql.connector
import shlex
import os
import re
import sys
import db
def format_command(env_vars, command, ssh_opts, ssh_key):
environment = ''
@ -26,12 +27,6 @@ def format_command(env_vars, command, ssh_opts, ssh_key):
config = configparser.RawConfigParser()
config.read(os.path.dirname(os.path.realpath(__file__)) + "/../conf/config")
aur_db_host = config.get('database', 'host')
aur_db_name = config.get('database', 'name')
aur_db_user = config.get('database', 'user')
aur_db_pass = config.get('database', 'password')
aur_db_socket = config.get('database', 'socket')
valid_keytypes = config.get('auth', 'valid-keytypes').split()
username_regex = config.get('auth', 'username-regex')
git_serve_cmd = config.get('auth', 'git-serve-cmd')
@ -42,15 +37,12 @@ keytext = sys.argv[2]
if keytype not in valid_keytypes:
exit(1)
db = mysql.connector.connect(host=aur_db_host, user=aur_db_user,
passwd=aur_db_pass, db=aur_db_name,
unix_socket=aur_db_socket, buffered=True)
conn = db.Connection()
cur = db.cursor()
cur.execute("SELECT Users.Username, Users.AccountTypeID FROM Users " +
"INNER JOIN SSHPubKeys ON SSHPubKeys.UserID = Users.ID "
"WHERE SSHPubKeys.PubKey = %s AND Users.Suspended = 0",
(keytype + " " + keytext,))
cur = conn.execute("SELECT Users.Username, Users.AccountTypeID FROM Users " +
"INNER JOIN SSHPubKeys ON SSHPubKeys.UserID = Users.ID "
"WHERE SSHPubKeys.PubKey = ? AND Users.Suspended = 0",
(keytype + " " + keytext,))
if cur.rowcount != 1:
exit(1)