diff options
author | Byron Jones <glob@mozilla.com> | 2015-03-05 05:57:51 +0100 |
---|---|---|
committer | Byron Jones <glob@mozilla.com> | 2015-03-05 05:57:51 +0100 |
commit | b7147b778824e13a15f912fdf458bf3959d439e5 (patch) | |
tree | 1deddd019fb15747dacc3067d0c2606f864fc41c | |
parent | f6686ca1edfe4a233c7f39836e265d466bda37b7 (diff) | |
download | bugzilla-b7147b778824e13a15f912fdf458bf3959d439e5.tar.gz bugzilla-b7147b778824e13a15f912fdf458bf3959d439e5.tar.xz |
Bug 1128853: Bugzilla shouldn't try to write API tokens into the shadow DB
r=dkl,a=glob
-rw-r--r-- | Bugzilla.pm | 11 | ||||
-rw-r--r-- | Bugzilla/Token.pm | 5 | ||||
-rw-r--r-- | template/en/default/account/prefs/prefs.html.tmpl | 1 | ||||
-rw-r--r-- | template/en/default/admin/components/create.html.tmpl | 1 | ||||
-rw-r--r-- | template/en/default/admin/components/edit.html.tmpl | 1 | ||||
-rw-r--r-- | template/en/default/admin/products/create.html.tmpl | 1 | ||||
-rw-r--r-- | template/en/default/admin/sudo.html.tmpl | 1 | ||||
-rw-r--r-- | template/en/default/attachment/create.html.tmpl | 1 | ||||
-rw-r--r-- | template/en/default/attachment/edit.html.tmpl | 1 | ||||
-rw-r--r-- | template/en/default/bug/create/create.html.tmpl | 1 | ||||
-rw-r--r-- | template/en/default/bug/show-header.html.tmpl | 1 | ||||
-rw-r--r-- | template/en/default/global/header.html.tmpl | 4 | ||||
-rw-r--r-- | template/en/default/list/list.html.tmpl | 1 | ||||
-rw-r--r-- | template/en/default/request/queue.html.tmpl | 1 |
14 files changed, 30 insertions, 1 deletions
diff --git a/Bugzilla.pm b/Bugzilla.pm index 46d6182cd..6ca46f430 100644 --- a/Bugzilla.pm +++ b/Bugzilla.pm @@ -537,6 +537,11 @@ sub switch_to_main_db { return $class->dbh_main; } +sub is_shadow_db { + my $class = shift; + return $class->request_cache->{dbh} != $class->dbh_main; +} + sub fields { my ($class, $criteria) = @_; $criteria ||= {}; @@ -942,6 +947,12 @@ Switch from using the main database to using the shadow database. Change the database object to refer to the main database. +=item C<is_shadow_db> + +Returns true if the currently active database is the shadow database. +Returns false if a the currently active database is the man database, or if a +shadow database is not configured or enabled. + =item C<params> The current Parameters of Bugzilla, as a hashref. If C<data/params.json> diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm index 24ffad3c3..84d86b8c6 100644 --- a/Bugzilla/Token.pm +++ b/Bugzilla/Token.pm @@ -432,6 +432,9 @@ sub _create_token { trick_taint($tokentype); trick_taint($eventdata); + my $is_shadow = Bugzilla->is_shadow_db; + $dbh = Bugzilla->switch_to_main_db() if $is_shadow; + $dbh->bz_start_transaction(); my $token = GenerateUniqueToken(); @@ -444,8 +447,10 @@ sub _create_token { if (wantarray) { my (undef, $token_ts, undef) = GetTokenData($token); $token_ts = str2time($token_ts); + Bugzilla->switch_to_shadow_db() if $is_shadow; return ($token, $token_ts); } else { + Bugzilla->switch_to_shadow_db() if $is_shadow; return $token; } } diff --git a/template/en/default/account/prefs/prefs.html.tmpl b/template/en/default/account/prefs/prefs.html.tmpl index 96e02812f..21a823fb6 100644 --- a/template/en/default/account/prefs/prefs.html.tmpl +++ b/template/en/default/account/prefs/prefs.html.tmpl @@ -55,6 +55,7 @@ [% PROCESS global/header.html.tmpl title = current_tab.label subheader = filtered_login + generate_api_token = 1 style_urls = ['skins/standard/admin.css'] javascript_urls = ['js/util.js', 'js/field.js', 'js/TUI.js'] doc_section = current_tab.doc_section diff --git a/template/en/default/admin/components/create.html.tmpl b/template/en/default/admin/components/create.html.tmpl index 4db4a489c..96c9ce384 100644 --- a/template/en/default/admin/components/create.html.tmpl +++ b/template/en/default/admin/components/create.html.tmpl @@ -14,6 +14,7 @@ [% title = BLOCK %]Add component to the [% product.name FILTER html %] product[% END %] [% PROCESS global/header.html.tmpl title = title + generate_api_token = 1 style_urls = ['skins/standard/admin.css'] yui = [ 'autocomplete' ] javascript_urls = [ "js/field.js" ] diff --git a/template/en/default/admin/components/edit.html.tmpl b/template/en/default/admin/components/edit.html.tmpl index 9998845e2..c4da1181b 100644 --- a/template/en/default/admin/components/edit.html.tmpl +++ b/template/en/default/admin/components/edit.html.tmpl @@ -18,6 +18,7 @@ [% END %] [% PROCESS global/header.html.tmpl title = title + generate_api_token = 1 style_urls = ['skins/standard/admin.css'] yui = [ 'autocomplete' ] javascript_urls = [ "js/field.js" ] diff --git a/template/en/default/admin/products/create.html.tmpl b/template/en/default/admin/products/create.html.tmpl index b34f67b62..0dcfd7283 100644 --- a/template/en/default/admin/products/create.html.tmpl +++ b/template/en/default/admin/products/create.html.tmpl @@ -17,6 +17,7 @@ [% PROCESS global/header.html.tmpl title = title + generate_api_token = 1 style_urls = ['skins/standard/admin.css'] javascript_urls = ['js/util.js', 'js/field.js'] yui = [ 'autocomplete' ] diff --git a/template/en/default/admin/sudo.html.tmpl b/template/en/default/admin/sudo.html.tmpl index b3f748697..8cdfb5204 100644 --- a/template/en/default/admin/sudo.html.tmpl +++ b/template/en/default/admin/sudo.html.tmpl @@ -8,6 +8,7 @@ [% PROCESS global/header.html.tmpl title = "Begin sudo session" + generate_api_token = 1 style_urls = ['skins/standard/admin.css'] doc_section = "administering/users.html#impersonating-users" %] diff --git a/template/en/default/attachment/create.html.tmpl b/template/en/default/attachment/create.html.tmpl index 13c13cdb9..e566b428e 100644 --- a/template/en/default/attachment/create.html.tmpl +++ b/template/en/default/attachment/create.html.tmpl @@ -16,6 +16,7 @@ title = title header = header subheader = subheader + generate_api_token = 1 style_urls = ['skins/standard/bug.css'] yui = [ 'autocomplete' ] javascript_urls = [ "js/attachment.js", 'js/field.js', "js/util.js", "js/TUI.js" ] diff --git a/template/en/default/attachment/edit.html.tmpl b/template/en/default/attachment/edit.html.tmpl index 497f89a8d..184cdde05 100644 --- a/template/en/default/attachment/edit.html.tmpl +++ b/template/en/default/attachment/edit.html.tmpl @@ -21,6 +21,7 @@ title = title header = header subheader = subheader + generate_api_token = 1 doc_section = "using/editing.html#attachments" javascript_urls = ['js/attachment.js', 'js/field.js'] style_urls = ['skins/standard/bug.css'] diff --git a/template/en/default/bug/create/create.html.tmpl b/template/en/default/bug/create/create.html.tmpl index 5547ddb55..29b17d410 100644 --- a/template/en/default/bug/create/create.html.tmpl +++ b/template/en/default/bug/create/create.html.tmpl @@ -11,6 +11,7 @@ [% PROCESS global/header.html.tmpl title = title + generate_api_token = 1 yui = [ 'autocomplete', 'calendar', 'datatable', 'button' ] style_urls = ['skins/standard/bug.css'] javascript_urls = [ "js/attachment.js", "js/util.js", diff --git a/template/en/default/bug/show-header.html.tmpl b/template/en/default/bug/show-header.html.tmpl index 4cd7aaa38..f18afed96 100644 --- a/template/en/default/bug/show-header.html.tmpl +++ b/template/en/default/bug/show-header.html.tmpl @@ -23,6 +23,7 @@ [% title = title _ "($filtered_alias) " %] [% END %] [% title = title _ filtered_desc %] +[% generate_api_token = 1 %] [% yui = ['autocomplete', 'calendar'] %] [% yui.push('container') IF user.can_tag_comments %] [% javascript_urls = [ "js/util.js", "js/field.js", "js/comments.js" ] %] diff --git a/template/en/default/global/header.html.tmpl b/template/en/default/global/header.html.tmpl index 5c731c008..5b3cd03f3 100644 --- a/template/en/default/global/header.html.tmpl +++ b/template/en/default/global/header.html.tmpl @@ -20,6 +20,7 @@ # style_urls: list. List of URLs to CSS style sheets. # message: string. A message to display to the user. May contain HTML. # atomlink: Atom link URL, May contain HTML + # generate_api_token: generate a token which can be used to make authenticated webservice calls #%] [% IF message %] @@ -37,6 +38,7 @@ no_yui = 0 jquery = [] jquery_css = [] + generate_api_token = 0 %] [% IF NOT no_yui %] @@ -206,7 +208,7 @@ version_required: "You must select a Version for this [% terms.bug %]." } - [% IF javascript_urls.containsany(['js/bug.js', 'js/field.js', 'js/comment-tagging.js']) %] + [% IF generate_api_token %] , api_token: '[% get_api_token FILTER js FILTER html %]' [% END %] }; diff --git a/template/en/default/list/list.html.tmpl b/template/en/default/list/list.html.tmpl index 259b26cf9..d5022778e 100644 --- a/template/en/default/list/list.html.tmpl +++ b/template/en/default/list/list.html.tmpl @@ -59,6 +59,7 @@ [% PROCESS global/header.html.tmpl title = title + generate_api_token = dotweak atomlink = "buglist.cgi?$urlquerypart&title=$title&ctype=atom" yui = [ 'autocomplete', 'calendar' ] javascript_urls = [ "js/util.js", "js/field.js", "js/TUI.js" ] diff --git a/template/en/default/request/queue.html.tmpl b/template/en/default/request/queue.html.tmpl index f64583acd..828bdba9f 100644 --- a/template/en/default/request/queue.html.tmpl +++ b/template/en/default/request/queue.html.tmpl @@ -11,6 +11,7 @@ [% PROCESS global/header.html.tmpl title="Request Queue" + generate_api_token = 1 onload="var f = document.request_form; selectProduct(f.product, f.component, null, null, 'Any');" javascript_urls=["js/productform.js", "js/field.js"] style_urls = ['skins/standard/buglist.css'] |