Bug 1478983 - WebService endpoint to check if a user can enter a bug into a given product

There is some common code, which we will need again for another WebService call, that can be refactored into their own functions. This WebService endpoint takes a product name and user ID in the form `check_enter_bug/<product>/<user id>`. It returns an object with one attribute, `result`, that is set to 1 if the product exists and the user is allowed to enter bugs in it, or 0 otherwise.
author: Mark Côté <mcote@alumni.uwaterloo.ca> 2018-07-27 23:19:57 +0200
committer: Dylan William Hardison <dylan@hardison.net> 2018-07-27 23:19:57 +0200
commit: 8b75f8e691309ec68e5de1cbdf77f6e8b2b305f8 (patch)
tree: 84619a00ad220fd6f1e729738258cce2cfbc9a1b
parent: f3f85f5bb8328a7264534a121c412938febda824 (diff)
download: bugzilla-8b75f8e691309ec68e5de1cbdf77f6e8b2b305f8.tar.gz
bugzilla-8b75f8e691309ec68e5de1cbdf77f6e8b2b305f8.tar.xz
1 files changed, 53 insertions, 17 deletions
diff --git a/extensions/PhabBugz/lib/WebService.pm b/extensions/PhabBugz/lib/WebService.pm
index 142211c6d..fa9306667 100644
--- a/extensions/PhabBugz/lib/WebService.pm
+++ b/extensions/PhabBugz/lib/WebService.pm
@@ -30,34 +30,46 @@ use List::MoreUtils qw(any);
 use MIME::Base64 qw(decode_base64);
 
 use constant READ_ONLY => qw(
+    check_user_enter_bug_permission
     check_user_permission_for_bug
     needs_review
 );
 
 use constant PUBLIC_METHODS => qw(
+    check_user_enter_bug_permission
     check_user_permission_for_bug
     needs_review
     set_build_target
 );
 
-sub check_user_permission_for_bug {
-    my ($self, $params) = @_;
-
-    my $user = Bugzilla->login(LOGIN_REQUIRED);
-
+sub _check_phabricator {
     # Ensure PhabBugz is on
     ThrowUserError('phabricator_not_enabled')
         unless Bugzilla->params->{phabricator_enabled};
+}
+
+sub _validate_phab_user {
+    my ($self, $user) = @_;
+
+    $self->_check_phabricator();
 
     # Validate that the requesting user's email matches phab-bot
     ThrowUserError('phabricator_unauthorized_user')
         unless $user->login eq PHAB_AUTOMATION_USER;
+}
+
+sub check_user_permission_for_bug {
+    my ($self, $params) = @_;
+
+    my $user = Bugzilla->login(LOGIN_REQUIRED);
+
+    $self->_validate_phab_user($user);
 
     # Validate that a bug id and user id are provided
     ThrowUserError('phabricator_invalid_request_params')
         unless ($params->{bug_id} && $params->{user_id});
 
-    # Validate that the user and bug exist
+    # Validate that the user exists
     my $target_user = Bugzilla::User->check({ id => $params->{user_id}, cache => 1 });
 
     # Send back an object which says { "result": 1|0 }
@@ -66,10 +78,32 @@ sub check_user_permission_for_bug {
     };
 }
 
+sub check_user_enter_bug_permission {
+    my ($self, $params) = @_;
+
+    my $user = Bugzilla->login(LOGIN_REQUIRED);
+
+    $self->_validate_phab_user($user);
+
+    # Validate that a product name and user id are provided
+    ThrowUserError('phabricator_invalid_request_params')
+        unless ($params->{product} && $params->{user_id});
+
+    # Validate that the user exists
+    my $target_user = Bugzilla::User->check({ id => $params->{user_id}, cache => 1 });
+
+    # Send back an object with the attribute "result" set to 1 if the user
+    # can enter bugs into the given product, or 0 if not.
+    return {
+        result => $target_user->can_enter_product($params->{product}) ? 1 : 0
+    };
+}
+
 sub needs_review {
     my ($self, $params) = @_;
-    ThrowUserError('phabricator_not_enabled')
-        unless Bugzilla->params->{phabricator_enabled};
+
+    $self->_check_phabricator();
+
     my $user = Bugzilla->login(LOGIN_REQUIRED);
     my $dbh  = Bugzilla->dbh;
 
@@ -170,13 +204,7 @@ sub set_build_target {
 
     my $user = Bugzilla->login(LOGIN_REQUIRED);
 
-    # Ensure PhabBugz is on
-    ThrowUserError('phabricator_not_enabled')
-      unless Bugzilla->params->{phabricator_enabled};
-    
-    # Validate that the requesting user's email matches phab-bot
-    ThrowUserError('phabricator_unauthorized_user')
-      unless $user->login eq PHAB_AUTOMATION_USER;
+    $self->_validate_phab_user($user);
 
     my $revision_id  = $params->{revision_id};
     my $build_target = $params->{build_target};
@@ -205,13 +233,13 @@ sub rest_resources {
             POST => {
                 method => 'set_build_target',
                 params => sub {
-                    return { 
+                    return {
                         revision_id  => $_[0],
                         build_target => $_[1]
                     };
                 }
             }
-        },        
+        },
         # Bug permission checks
         qr{^/phabbugz/check_bug/(\d+)/(\d+)$}, {
             GET => {
@@ -221,6 +249,14 @@ sub rest_resources {
                 }
             }
         },
+        qr{^/phabbugz/check_enter_bug/([^/]+)/(\d+)$}, {
+            GET => {
+                method => 'check_user_enter_bug_permission',
+                params => sub {
+                    return { product => $_[0], user_id => $_[1] };
+                },
+            },
+        },
         # Review requests
         qw{^/phabbugz/needs_review$}, {
             GET => {
author	Mark Côté <mcote@alumni.uwaterloo.ca>	2018-07-27 23:19:57 +0200
committer	Dylan William Hardison <dylan@hardison.net>	2018-07-27 23:19:57 +0200
commit	8b75f8e691309ec68e5de1cbdf77f6e8b2b305f8 (patch)
tree	84619a00ad220fd6f1e729738258cce2cfbc9a1b
parent	f3f85f5bb8328a7264534a121c412938febda824 (diff)
download	bugzilla-8b75f8e691309ec68e5de1cbdf77f6e8b2b305f8.tar.gz bugzilla-8b75f8e691309ec68e5de1cbdf77f6e8b2b305f8.tar.xz