Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve permission errors for the update and compose subcommands #8

Merged
merged 7 commits into from
Oct 24, 2020
Merged

Improve permission errors for the update and compose subcommands #8

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
dcf8166
Improve permission checks for Compose commands
velovix Sep 30, 2020
112e010
Fix write permission check in download
velovix Oct 23, 2020
47213dc
Fix more minor issues
velovix Oct 23, 2020
643525e
Clear up some boolean logic
velovix Oct 23, 2020
c50a454
Do code review fixes
velovix Oct 24, 2020
9e3f67e
Run black
velovix Oct 24, 2020
a105147
Convince MyPy
velovix Oct 24, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 12 additions & 12 deletions brainframe/cli/docker_compose.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import subprocess
from pathlib import Path
from typing import List
from typing import List, Tuple
import yaml
import i18n
import os
Expand All @@ -16,7 +16,7 @@
)


def assert_installed(install_path: Path):
def assert_installed(install_path: Path) -> None:
compose_path = install_path / "docker-compose.yml"

if not compose_path.is_file():
Expand All @@ -26,7 +26,7 @@ def assert_installed(install_path: Path):
)


def run(install_path: Path, commands: List[str]):
def run(install_path: Path, commands: List[str]) -> None:
_assert_has_docker_permissions()

compose_path = install_path / "docker-compose.yml"
Expand All @@ -46,7 +46,7 @@ def run(install_path: Path, commands: List[str]):
os_utils.run(full_command + commands)


def download(target: Path, version="latest"):
def download(target: Path, version: str = "latest") -> None:
_assert_has_write_permissions(target.parent)

subdomain, auth_flags, version = check_download_version(version=version)
Expand All @@ -64,7 +64,8 @@ def download(target: Path, version="latest"):
os_utils.give_brainframe_group_rw_access([target])


def check_download_version(version="latest"):
def check_download_version(version: str = "latest") -> \
Tuple[str, List[str], str]:
subdomain = ""
auth_flags = []

Expand Down Expand Up @@ -98,15 +99,15 @@ def check_download_version(version="latest"):
return subdomain, auth_flags, version


def check_existing_version(install_path: Path):
def check_existing_version(install_path: Path) -> str:
compose_path = install_path / "docker-compose.yml"
compose = yaml.load(compose_path.read_text(), Loader=yaml.SafeLoader)
version = compose["services"]["core"]["image"].split(":")[-1]
version = "v" + version
return version


def _assert_has_docker_permissions():
def _assert_has_docker_permissions() -> None:
"""Fails if the user does not have permissions to interact with Docker"""
if not (os_utils.is_root() or os_utils.currently_in_group("docker")):
error_message = (
Expand All @@ -118,14 +119,13 @@ def _assert_has_docker_permissions():
print_utils.fail(error_message)


def _assert_has_write_permissions(path: Path):
def _assert_has_write_permissions(path: Path) -> None:
"""Fails if the user does not have write access to the given path."""
if os.access(path, os.W_OK):
return

error_message = i18n.t("general.file-bad-write-permissions", path=path)

print()
error_message += "\n"

if path.stat().st_gid == os_utils.BRAINFRAME_GROUP_ID:
error_message += " " + _group_recommendation_message("brainframe")
Expand All @@ -137,11 +137,11 @@ def _assert_has_write_permissions(path: Path):
print_utils.fail(error_message)


def _group_recommendation_message(group: str):
def _group_recommendation_message(group: str) -> str:
if os_utils.added_to_group("brainframe"):
# The user is in the group, they just need to restart
return i18n.t("general.restart-for-group-access", group=group)
else:
# The user is not in the group, so they need to either add
# themselves or use sudo
return i18n.t("general.retry-with-sudo-or-group", group=group)
return i18n.t("general.retry-as-root-or-group", group=group)
10 changes: 5 additions & 5 deletions brainframe/cli/translations/general.en.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,19 +12,19 @@ en:
to a custom location, ensure that the %{install_env_var} environment variable
has been set."
mkdir-permission-denied: "Permission denied while making directory
%{directory}, trying with sudo."
%{directory}, trying as root."
staging-missing-credentials: "The %{username_env_var} and %{password_env_var}
variables must be set to access staging."
user-not-root: "This command must be run as root!"
docker-bad-permissions: "Your user does not have sufficient privileges to
use Docker."
restart-for-group-access: "Your user has been added to the \"%{group}\"
group but you must restart to apply this change. Alternatively, you can try
again with sudo."
retry-with-sudo-or-group: "Please try again with sudo or consider adding your
again as root."
retry-as-root-or-group: "Please try again as root or consider adding your
user to the \"%{group}\" group."
file-bad-write-permissions: "Your user does not have write access to
\"%{path}\"."
unexpected-group-for-file: "File \"%{path}\" is not part of the
unexpected-group-for-file: "File \"%{path}\" is not owned by the
\"%{group}\" group, but probably should be. Please add this file to the group
or try again with sudo."
or try again as root."