This is an automated email from the ASF dual-hosted git repository. arm pushed a commit to branch arm in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
commit 557147112d9732a81a074294232d24b555bbc52d Author: Alastair McFarlane <[email protected]> AuthorDate: Fri Apr 3 16:38:42 2026 +0100 Inline comment to address worker auth --- atr/worker.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/atr/worker.py b/atr/worker.py index 9a8ec813..0c7f59a9 100644 --- a/atr/worker.py +++ b/atr/worker.py @@ -245,6 +245,9 @@ async def _task_process(task_id: int, task_type: str, task_args: list[str] | dic and (config.is_production_mode() or config.is_ldap_configured()) ): user_account = await ldap.account_lookup(asf_uid) + # We check here to see if the account is banned - in the case of running tasks, + # we don't really need to worry about admin/membership status as that wouldn't + # materially affect outstanding worker tasks and is rare anyway. if (user_account is None) or ldap.is_banned(user_account): raise RuntimeError(f"Account '{asf_uid}' is banned or does not exist") --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
