From 5d98c5cab7edcd14f4c92dcf2caf19b3a06eecbc Mon Sep 17 00:00:00 2001
From: Mitchell Hashimoto <mitchell.hashimoto@gmail.com>
Date: Sat, 12 Nov 2011 16:09:30 -0800
Subject: [PATCH] Buildbot: Require user auth for forcing builds

---
 .../buildbot/buildbot_config/config/master.py |  1 +
 .../buildbot/buildbot_config/master/status.py | 29 +++++++++++++------
 2 files changed, 21 insertions(+), 9 deletions(-)

diff --git a/test/buildbot/buildbot_config/config/master.py b/test/buildbot/buildbot_config/config/master.py
index 89d1852e8..f230f1372 100644
--- a/test/buildbot/buildbot_config/config/master.py
+++ b/test/buildbot/buildbot_config/config/master.py
@@ -16,6 +16,7 @@ c.define('title_url', type=str, help="URL for title page")
 c.define('buildbot_url', type=str, help="URL to the buildbot master.")
 c.define('slaves', type=str, help="A list of the slave machines. The format should be name:password,name:password,...")
 c.define('web_port', type=int, help="Port to listen on for web service.")
+c.define('http_users', type=str, help="username:password list of users.")
 
 #----------------------------------------------------------------------
 # Load the Settings
diff --git a/test/buildbot/buildbot_config/master/status.py b/test/buildbot/buildbot_config/master/status.py
index fc9255d3c..b6c9ce8d0 100644
--- a/test/buildbot/buildbot_config/master/status.py
+++ b/test/buildbot/buildbot_config/master/status.py
@@ -5,26 +5,37 @@ buildbot master.
 
 from buildbot.status import html
 from buildbot.status.web.authz import Authz
+from buildbot.status.web.auth import BasicAuth
 
 def get_status(options):
     """
     Returns a list of status targets for the build master.
     """
+    # Load the users that are allowed to perform authenticated
+    # actions from the configuration
+    auth_users = []
+    if options.http_users is not None:
+        for pair in options.http_users.split(","):
+            user, password = pair.split(":")
+            auth_users.append((user, password))
+
+    # Setup the rules for who can do what to the WebStatus
     authz = Authz(
-        gracefulShutdown = True,
-        forceBuild = True,
-        forceAllBuilds = True,
+        auth = BasicAuth(auth_users),
+        gracefulShutdown = False,
+        forceBuild = 'auth',
+        forceAllBuilds = 'auth',
         pingBuilder = True,
-        stopBuild = True,
-        stopAllBuilds = True,
-        cancelPendingBuild = True,
-        stopChange = True,
-        cleanShutdown= True
+        stopBuild = 'auth',
+        stopAllBuilds = 'auth',
+        cancelPendingBuild = 'auth',
+        stopChange = 'auth',
+        cleanShutdown= False
         )
 
     web_status = html.WebStatus(
         http_port = options.web_port,
-        authz = Authz(),
+        authz = authz,
         order_console_by_time = True,
         change_hook_dialects=dict(github=True)
         )