47c4b5d kojid: extend SCM.assert_allowed with hub policy

Authored and Committed by julian8628 2 years ago
    kojid: extend SCM.assert_allowed with hub policy
    
    This is a simple extention of `SCM.assert_allowed`
    
    - `assert_allowed_by_policy` will set the default "use_common" to False which is different to the old behavior
    - `channel`, `user_id`, `scratch` are passed in the `policy_data` with scminfo right now.
    
    This is a prototype for this change, and there are some other solutions could be implemented too
    
    - Use a scmpolicy plugin as `postSCMCheckout` callback, the pro is that we can do more checks after the source is initialized on builder, meanwhile, the con is that the source will be downloaded even it is denied by policy. It might be a potential risk?
    - Do the scm check in hub's `make_task`, this looks straightforward, but may lack some builder's information
    
    fixes: #2757
    
        
file modified
+81 -12
file modified
+8 -0
file modified
+7 -0
file modified
+78 -1
file modified
+12 -6
file modified
+223 -3
file modified
+14 -3
file modified
+8 -0