summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorByron Jones <glob@mozilla.com>2015-03-05 05:57:51 +0100
committerByron Jones <glob@mozilla.com>2015-03-05 05:57:51 +0100
commitb7147b778824e13a15f912fdf458bf3959d439e5 (patch)
tree1deddd019fb15747dacc3067d0c2606f864fc41c
parentf6686ca1edfe4a233c7f39836e265d466bda37b7 (diff)
downloadbugzilla-b7147b778824e13a15f912fdf458bf3959d439e5.tar.gz
bugzilla-b7147b778824e13a15f912fdf458bf3959d439e5.tar.xz
Bug 1128853: Bugzilla shouldn't try to write API tokens into the shadow DB
r=dkl,a=glob
-rw-r--r--Bugzilla.pm11
-rw-r--r--Bugzilla/Token.pm5
-rw-r--r--template/en/default/account/prefs/prefs.html.tmpl1
-rw-r--r--template/en/default/admin/components/create.html.tmpl1
-rw-r--r--template/en/default/admin/components/edit.html.tmpl1
-rw-r--r--template/en/default/admin/products/create.html.tmpl1
-rw-r--r--template/en/default/admin/sudo.html.tmpl1
-rw-r--r--template/en/default/attachment/create.html.tmpl1
-rw-r--r--template/en/default/attachment/edit.html.tmpl1
-rw-r--r--template/en/default/bug/create/create.html.tmpl1
-rw-r--r--template/en/default/bug/show-header.html.tmpl1
-rw-r--r--template/en/default/global/header.html.tmpl4
-rw-r--r--template/en/default/list/list.html.tmpl1
-rw-r--r--template/en/default/request/queue.html.tmpl1
14 files changed, 30 insertions, 1 deletions
diff --git a/Bugzilla.pm b/Bugzilla.pm
index 46d6182cd..6ca46f430 100644
--- a/Bugzilla.pm
+++ b/Bugzilla.pm
@@ -537,6 +537,11 @@ sub switch_to_main_db {
return $class->dbh_main;
}
+sub is_shadow_db {
+ my $class = shift;
+ return $class->request_cache->{dbh} != $class->dbh_main;
+}
+
sub fields {
my ($class, $criteria) = @_;
$criteria ||= {};
@@ -942,6 +947,12 @@ Switch from using the main database to using the shadow database.
Change the database object to refer to the main database.
+=item C<is_shadow_db>
+
+Returns true if the currently active database is the shadow database.
+Returns false if a the currently active database is the man database, or if a
+shadow database is not configured or enabled.
+
=item C<params>
The current Parameters of Bugzilla, as a hashref. If C<data/params.json>
diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm
index 24ffad3c3..84d86b8c6 100644
--- a/Bugzilla/Token.pm
+++ b/Bugzilla/Token.pm
@@ -432,6 +432,9 @@ sub _create_token {
trick_taint($tokentype);
trick_taint($eventdata);
+ my $is_shadow = Bugzilla->is_shadow_db;
+ $dbh = Bugzilla->switch_to_main_db() if $is_shadow;
+
$dbh->bz_start_transaction();
my $token = GenerateUniqueToken();
@@ -444,8 +447,10 @@ sub _create_token {
if (wantarray) {
my (undef, $token_ts, undef) = GetTokenData($token);
$token_ts = str2time($token_ts);
+ Bugzilla->switch_to_shadow_db() if $is_shadow;
return ($token, $token_ts);
} else {
+ Bugzilla->switch_to_shadow_db() if $is_shadow;
return $token;
}
}
diff --git a/template/en/default/account/prefs/prefs.html.tmpl b/template/en/default/account/prefs/prefs.html.tmpl
index 96e02812f..21a823fb6 100644
--- a/template/en/default/account/prefs/prefs.html.tmpl
+++ b/template/en/default/account/prefs/prefs.html.tmpl
@@ -55,6 +55,7 @@
[% PROCESS global/header.html.tmpl
title = current_tab.label
subheader = filtered_login
+ generate_api_token = 1
style_urls = ['skins/standard/admin.css']
javascript_urls = ['js/util.js', 'js/field.js', 'js/TUI.js']
doc_section = current_tab.doc_section
diff --git a/template/en/default/admin/components/create.html.tmpl b/template/en/default/admin/components/create.html.tmpl
index 4db4a489c..96c9ce384 100644
--- a/template/en/default/admin/components/create.html.tmpl
+++ b/template/en/default/admin/components/create.html.tmpl
@@ -14,6 +14,7 @@
[% title = BLOCK %]Add component to the [% product.name FILTER html %] product[% END %]
[% PROCESS global/header.html.tmpl
title = title
+ generate_api_token = 1
style_urls = ['skins/standard/admin.css']
yui = [ 'autocomplete' ]
javascript_urls = [ "js/field.js" ]
diff --git a/template/en/default/admin/components/edit.html.tmpl b/template/en/default/admin/components/edit.html.tmpl
index 9998845e2..c4da1181b 100644
--- a/template/en/default/admin/components/edit.html.tmpl
+++ b/template/en/default/admin/components/edit.html.tmpl
@@ -18,6 +18,7 @@
[% END %]
[% PROCESS global/header.html.tmpl
title = title
+ generate_api_token = 1
style_urls = ['skins/standard/admin.css']
yui = [ 'autocomplete' ]
javascript_urls = [ "js/field.js" ]
diff --git a/template/en/default/admin/products/create.html.tmpl b/template/en/default/admin/products/create.html.tmpl
index b34f67b62..0dcfd7283 100644
--- a/template/en/default/admin/products/create.html.tmpl
+++ b/template/en/default/admin/products/create.html.tmpl
@@ -17,6 +17,7 @@
[% PROCESS global/header.html.tmpl
title = title
+ generate_api_token = 1
style_urls = ['skins/standard/admin.css']
javascript_urls = ['js/util.js', 'js/field.js']
yui = [ 'autocomplete' ]
diff --git a/template/en/default/admin/sudo.html.tmpl b/template/en/default/admin/sudo.html.tmpl
index b3f748697..8cdfb5204 100644
--- a/template/en/default/admin/sudo.html.tmpl
+++ b/template/en/default/admin/sudo.html.tmpl
@@ -8,6 +8,7 @@
[% PROCESS global/header.html.tmpl
title = "Begin sudo session"
+ generate_api_token = 1
style_urls = ['skins/standard/admin.css']
doc_section = "administering/users.html#impersonating-users"
%]
diff --git a/template/en/default/attachment/create.html.tmpl b/template/en/default/attachment/create.html.tmpl
index 13c13cdb9..e566b428e 100644
--- a/template/en/default/attachment/create.html.tmpl
+++ b/template/en/default/attachment/create.html.tmpl
@@ -16,6 +16,7 @@
title = title
header = header
subheader = subheader
+ generate_api_token = 1
style_urls = ['skins/standard/bug.css']
yui = [ 'autocomplete' ]
javascript_urls = [ "js/attachment.js", 'js/field.js', "js/util.js", "js/TUI.js" ]
diff --git a/template/en/default/attachment/edit.html.tmpl b/template/en/default/attachment/edit.html.tmpl
index 497f89a8d..184cdde05 100644
--- a/template/en/default/attachment/edit.html.tmpl
+++ b/template/en/default/attachment/edit.html.tmpl
@@ -21,6 +21,7 @@
title = title
header = header
subheader = subheader
+ generate_api_token = 1
doc_section = "using/editing.html#attachments"
javascript_urls = ['js/attachment.js', 'js/field.js']
style_urls = ['skins/standard/bug.css']
diff --git a/template/en/default/bug/create/create.html.tmpl b/template/en/default/bug/create/create.html.tmpl
index 5547ddb55..29b17d410 100644
--- a/template/en/default/bug/create/create.html.tmpl
+++ b/template/en/default/bug/create/create.html.tmpl
@@ -11,6 +11,7 @@
[% PROCESS global/header.html.tmpl
title = title
+ generate_api_token = 1
yui = [ 'autocomplete', 'calendar', 'datatable', 'button' ]
style_urls = ['skins/standard/bug.css']
javascript_urls = [ "js/attachment.js", "js/util.js",
diff --git a/template/en/default/bug/show-header.html.tmpl b/template/en/default/bug/show-header.html.tmpl
index 4cd7aaa38..f18afed96 100644
--- a/template/en/default/bug/show-header.html.tmpl
+++ b/template/en/default/bug/show-header.html.tmpl
@@ -23,6 +23,7 @@
[% title = title _ "($filtered_alias) " %]
[% END %]
[% title = title _ filtered_desc %]
+[% generate_api_token = 1 %]
[% yui = ['autocomplete', 'calendar'] %]
[% yui.push('container') IF user.can_tag_comments %]
[% javascript_urls = [ "js/util.js", "js/field.js", "js/comments.js" ] %]
diff --git a/template/en/default/global/header.html.tmpl b/template/en/default/global/header.html.tmpl
index 5c731c008..5b3cd03f3 100644
--- a/template/en/default/global/header.html.tmpl
+++ b/template/en/default/global/header.html.tmpl
@@ -20,6 +20,7 @@
# style_urls: list. List of URLs to CSS style sheets.
# message: string. A message to display to the user. May contain HTML.
# atomlink: Atom link URL, May contain HTML
+ # generate_api_token: generate a token which can be used to make authenticated webservice calls
#%]
[% IF message %]
@@ -37,6 +38,7 @@
no_yui = 0
jquery = []
jquery_css = []
+ generate_api_token = 0
%]
[% IF NOT no_yui %]
@@ -206,7 +208,7 @@
version_required:
"You must select a Version for this [% terms.bug %]."
}
- [% IF javascript_urls.containsany(['js/bug.js', 'js/field.js', 'js/comment-tagging.js']) %]
+ [% IF generate_api_token %]
, api_token: '[% get_api_token FILTER js FILTER html %]'
[% END %]
};
diff --git a/template/en/default/list/list.html.tmpl b/template/en/default/list/list.html.tmpl
index 259b26cf9..d5022778e 100644
--- a/template/en/default/list/list.html.tmpl
+++ b/template/en/default/list/list.html.tmpl
@@ -59,6 +59,7 @@
[% PROCESS global/header.html.tmpl
title = title
+ generate_api_token = dotweak
atomlink = "buglist.cgi?$urlquerypart&title=$title&ctype=atom"
yui = [ 'autocomplete', 'calendar' ]
javascript_urls = [ "js/util.js", "js/field.js", "js/TUI.js" ]
diff --git a/template/en/default/request/queue.html.tmpl b/template/en/default/request/queue.html.tmpl
index f64583acd..828bdba9f 100644
--- a/template/en/default/request/queue.html.tmpl
+++ b/template/en/default/request/queue.html.tmpl
@@ -11,6 +11,7 @@
[% PROCESS global/header.html.tmpl
title="Request Queue"
+ generate_api_token = 1
onload="var f = document.request_form; selectProduct(f.product, f.component, null, null, 'Any');"
javascript_urls=["js/productform.js", "js/field.js"]
style_urls = ['skins/standard/buglist.css']