summaryrefslogtreecommitdiffstats
path: root/extensions/PhabBugz/lib
diff options
context:
space:
mode:
authorMark Côté <mcote@alumni.uwaterloo.ca>2018-07-27 23:19:57 +0200
committerDylan William Hardison <dylan@hardison.net>2018-07-27 23:19:57 +0200
commit8b75f8e691309ec68e5de1cbdf77f6e8b2b305f8 (patch)
tree84619a00ad220fd6f1e729738258cce2cfbc9a1b /extensions/PhabBugz/lib
parentf3f85f5bb8328a7264534a121c412938febda824 (diff)
downloadbugzilla-8b75f8e691309ec68e5de1cbdf77f6e8b2b305f8.tar.gz
bugzilla-8b75f8e691309ec68e5de1cbdf77f6e8b2b305f8.tar.xz
Bug 1478983 - WebService endpoint to check if a user can enter a bug into a given product
There is some common code, which we will need again for another WebService call, that can be refactored into their own functions. This WebService endpoint takes a product name and user ID in the form `check_enter_bug/<product>/<user id>`. It returns an object with one attribute, `result`, that is set to 1 if the product exists and the user is allowed to enter bugs in it, or 0 otherwise.
Diffstat (limited to 'extensions/PhabBugz/lib')
-rw-r--r--extensions/PhabBugz/lib/WebService.pm70
1 files changed, 53 insertions, 17 deletions
diff --git a/extensions/PhabBugz/lib/WebService.pm b/extensions/PhabBugz/lib/WebService.pm
index 142211c6d..fa9306667 100644
--- a/extensions/PhabBugz/lib/WebService.pm
+++ b/extensions/PhabBugz/lib/WebService.pm
@@ -30,34 +30,46 @@ use List::MoreUtils qw(any);
use MIME::Base64 qw(decode_base64);
use constant READ_ONLY => qw(
+ check_user_enter_bug_permission
check_user_permission_for_bug
needs_review
);
use constant PUBLIC_METHODS => qw(
+ check_user_enter_bug_permission
check_user_permission_for_bug
needs_review
set_build_target
);
-sub check_user_permission_for_bug {
- my ($self, $params) = @_;
-
- my $user = Bugzilla->login(LOGIN_REQUIRED);
-
+sub _check_phabricator {
# Ensure PhabBugz is on
ThrowUserError('phabricator_not_enabled')
unless Bugzilla->params->{phabricator_enabled};
+}
+
+sub _validate_phab_user {
+ my ($self, $user) = @_;
+
+ $self->_check_phabricator();
# Validate that the requesting user's email matches phab-bot
ThrowUserError('phabricator_unauthorized_user')
unless $user->login eq PHAB_AUTOMATION_USER;
+}
+
+sub check_user_permission_for_bug {
+ my ($self, $params) = @_;
+
+ my $user = Bugzilla->login(LOGIN_REQUIRED);
+
+ $self->_validate_phab_user($user);
# Validate that a bug id and user id are provided
ThrowUserError('phabricator_invalid_request_params')
unless ($params->{bug_id} && $params->{user_id});
- # Validate that the user and bug exist
+ # Validate that the user exists
my $target_user = Bugzilla::User->check({ id => $params->{user_id}, cache => 1 });
# Send back an object which says { "result": 1|0 }
@@ -66,10 +78,32 @@ sub check_user_permission_for_bug {
};
}
+sub check_user_enter_bug_permission {
+ my ($self, $params) = @_;
+
+ my $user = Bugzilla->login(LOGIN_REQUIRED);
+
+ $self->_validate_phab_user($user);
+
+ # Validate that a product name and user id are provided
+ ThrowUserError('phabricator_invalid_request_params')
+ unless ($params->{product} && $params->{user_id});
+
+ # Validate that the user exists
+ my $target_user = Bugzilla::User->check({ id => $params->{user_id}, cache => 1 });
+
+ # Send back an object with the attribute "result" set to 1 if the user
+ # can enter bugs into the given product, or 0 if not.
+ return {
+ result => $target_user->can_enter_product($params->{product}) ? 1 : 0
+ };
+}
+
sub needs_review {
my ($self, $params) = @_;
- ThrowUserError('phabricator_not_enabled')
- unless Bugzilla->params->{phabricator_enabled};
+
+ $self->_check_phabricator();
+
my $user = Bugzilla->login(LOGIN_REQUIRED);
my $dbh = Bugzilla->dbh;
@@ -170,13 +204,7 @@ sub set_build_target {
my $user = Bugzilla->login(LOGIN_REQUIRED);
- # Ensure PhabBugz is on
- ThrowUserError('phabricator_not_enabled')
- unless Bugzilla->params->{phabricator_enabled};
-
- # Validate that the requesting user's email matches phab-bot
- ThrowUserError('phabricator_unauthorized_user')
- unless $user->login eq PHAB_AUTOMATION_USER;
+ $self->_validate_phab_user($user);
my $revision_id = $params->{revision_id};
my $build_target = $params->{build_target};
@@ -205,13 +233,13 @@ sub rest_resources {
POST => {
method => 'set_build_target',
params => sub {
- return {
+ return {
revision_id => $_[0],
build_target => $_[1]
};
}
}
- },
+ },
# Bug permission checks
qr{^/phabbugz/check_bug/(\d+)/(\d+)$}, {
GET => {
@@ -221,6 +249,14 @@ sub rest_resources {
}
}
},
+ qr{^/phabbugz/check_enter_bug/([^/]+)/(\d+)$}, {
+ GET => {
+ method => 'check_user_enter_bug_permission',
+ params => sub {
+ return { product => $_[0], user_id => $_[1] };
+ },
+ },
+ },
# Review requests
qw{^/phabbugz/needs_review$}, {
GET => {