Bug 1399593 - Add sync group comments during new revision creation as well as push connector

author: David Walsh <davidwalsh83@gmail.com> 2017-10-10 16:43:45 +0200
committer: dklawren <dklawren@users.noreply.github.com> 2017-10-10 16:43:45 +0200
commit: 191a5fc2fbdba570d4d3b69a944dcec3366973b5 (patch)
tree: 9dc40955f59994faadfbf51ec3acc5d29f940299 /extensions/PhabBugz
parent: 3e1b339cebc0f5259027e266f98f9b06f83f53a3 (diff)
download: bugzilla-191a5fc2fbdba570d4d3b69a944dcec3366973b5.tar.gz
bugzilla-191a5fc2fbdba570d4d3b69a944dcec3366973b5.tar.xz
2 files changed, 88 insertions, 22 deletions
diff --git a/extensions/PhabBugz/lib/Util.pm b/extensions/PhabBugz/lib/Util.pm
index 9e2cac149..8fa3b620b 100644
--- a/extensions/PhabBugz/lib/Util.pm
+++ b/extensions/PhabBugz/lib/Util.pm
@@ -11,7 +11,10 @@ use 5.10.1;
 use strict;
 use warnings;
 
+use Bugzilla::Bug;
+use Bugzilla::Constants;
 use Bugzilla::Error;
+use Bugzilla::User;
 use Bugzilla::Util qw(trim);
 use Bugzilla::Extension::PhabBugz::Constants;
 
@@ -23,6 +26,7 @@ use base qw(Exporter);
 
 our @EXPORT = qw(
     add_comment_to_revision
+    add_security_sync_comments
     create_revision_attachment
     create_private_revision_policy
     create_project
@@ -32,6 +36,7 @@ our @EXPORT = qw(
     get_members_by_bmo_id
     get_project_phid
     get_revisions_by_ids
+    get_security_sync_groups
     intersect
     is_attachment_phab_revision
     make_revision_private
@@ -78,6 +83,9 @@ sub create_revision_attachment {
     my $is_shadow_db = Bugzilla->is_shadow_db;
     Bugzilla->switch_to_main_db if $is_shadow_db;
 
+    my $old_user = Bugzilla->user;
+    _set_phab_user();
+
     my $dbh = Bugzilla->dbh;
     $dbh->bz_start_transaction;
 
@@ -102,6 +110,8 @@ sub create_revision_attachment {
     $dbh->bz_commit_transaction;
     Bugzilla->switch_to_shadow_db if $is_shadow_db;
 
+    Bugzilla->set_user($old_user);
+
     return $attachment;
 }
 
@@ -126,29 +136,42 @@ sub get_bug_role_phids {
 sub create_private_revision_policy {
     my ($bug, $groups) = @_;
 
-    my $project_phids = [];
-    foreach my $group (@$groups) {
-        my $phid = get_project_phid('bmo-' . $group);
-        push(@$project_phids, $phid) if $phid;
-    }
-
-    ThrowUserError('invalid_phabricator_sync_groups') unless @$project_phids;
-
     my $data = {
         objectType => 'DREV',
         default    => 'deny',
         policy     => [
             {
                 action => 'allow',
+                rule   => 'PhabricatorSubscriptionsSubscribersPolicyRule',
+            }
+        ]
+    };
+
+    if(scalar @$groups gt 0) {
+        my $project_phids = [];
+        foreach my $group (@$groups) {
+            my $phid = get_project_phid('bmo-' . $group);
+            push(@$project_phids, $phid) if $phid;
+        }
+
+        ThrowUserError('invalid_phabricator_sync_groups') unless @$project_phids;
+
+        push(@{ $data->{policy} },
+            {
+                action => 'allow',
                 rule   => 'PhabricatorProjectsPolicyRule',
                 value  => $project_phids,
-            },
+            }
+        );
+    }
+    else {
+        push(@{ $data->{policy} },
             {
                 action => 'allow',
-                rule   => 'PhabricatorSubscriptionsSubscribersPolicyRule',
+                value  => 'admin',
             }
-        ]
-    };
+        );
+    }
 
     my $result = request('policy.create', $data);
     return $result->{result}{phid};
@@ -382,4 +405,52 @@ sub request {
     return $result;
 }
 
+sub get_security_sync_groups {
+    my $bug = shift;
+
+    my $phab_sync_groups = Bugzilla->params->{phabricator_sync_groups}
+        || ThrowUserError('invalid_phabricator_sync_groups');
+    my $sync_group_names = [ split('[,\s]+', $phab_sync_groups) ];
+
+    my $bug_groups = $bug->groups_in;
+    my $bug_group_names = [ map { $_->name } @$bug_groups ];
+
+    my @set_groups = intersect($bug_group_names, $sync_group_names);
+
+    return @set_groups;
+}
+
+sub _set_phab_user {
+    my $user = Bugzilla::User->new( { name => PHAB_AUTOMATION_USER } );
+    $user->{groups} = [ Bugzilla::Group->get_all ];
+    Bugzilla->set_user($user);
+}
+
+sub add_security_sync_comments {
+    my ($revisions, $bug) = @_;
+
+    my $phab_error_message = 'Revision is being made private due to unknown Bugzilla groups.';
+
+    foreach my $revision (@$revisions) {
+        add_comment_to_revision( $revision->{phid}, $phab_error_message );
+    }
+
+    my $num_revisions = scalar @$revisions;
+    my $bmo_error_message =
+    ( $num_revisions > 1
+    ? $num_revisions.' revisions were'
+    : 'One revision was' )
+    . ' made private due to unknown Bugzilla groups.';
+
+    my $old_user = Bugzilla->user;
+    _set_phab_user();
+
+    $bug->add_comment( $bmo_error_message, { isprivate => 0 } );
+
+    my $bug_changes = $bug->update();
+    $bug->send_changes($bug_changes);
+
+    Bugzilla->set_user($old_user);
+}
+
 1;
diff --git a/extensions/PhabBugz/lib/WebService.pm b/extensions/PhabBugz/lib/WebService.pm
index 4b14f1495..738077880 100644
--- a/extensions/PhabBugz/lib/WebService.pm
+++ b/extensions/PhabBugz/lib/WebService.pm
@@ -25,6 +25,7 @@ use Bugzilla::WebService::Constants;
 
 use Bugzilla::Extension::PhabBugz::Constants;
 use Bugzilla::Extension::PhabBugz::Util qw(
+    add_security_sync_comments
     create_revision_attachment
     create_private_revision_policy
     edit_revision_policy
@@ -35,6 +36,7 @@ use Bugzilla::Extension::PhabBugz::Util qw(
     is_attachment_phab_revision
     make_revision_public
     request
+    get_security_sync_groups
 );
 
 use List::Util qw(first);
@@ -80,7 +82,7 @@ sub revision {
     my $revision_title = $revision->{fields}{title} || 'Unknown Description';
     my $bug_id         = $revision->{fields}{'bugzilla.bug-id'};
 
-    my $bug = Bugzilla::Bug->check($bug_id);
+    my $bug = Bugzilla::Bug->new($bug_id);
 
     # If bug is public then remove privacy policy
     my $result;
@@ -89,19 +91,12 @@ sub revision {
     }
     # else bug is private
     else {
-        my $phab_sync_groups = Bugzilla->params->{phabricator_sync_groups}
-            || ThrowUserError('invalid_phabricator_sync_groups');
-        my $sync_group_names = [ split('[,\s]+', $phab_sync_groups) ];
-
-        my $bug_groups = $bug->groups_in;
-        my $bug_group_names = [ map { $_->name } @$bug_groups ];
-
-        my @set_groups = intersect($bug_group_names, $sync_group_names);
+        my @set_groups = get_security_sync_groups($bug);
 
         # If bug privacy groups do not have any matching synchronized groups,
         # then leave revision private and it will have be dealt with manually.
         if (!@set_groups) {
-            ThrowUserError('invalid_phabricator_sync_groups');
+            add_security_sync_comments(\@revisions, $bug);
         }
 
         my $policy_phid = create_private_revision_policy($bug, \@set_groups);
author	David Walsh <davidwalsh83@gmail.com>	2017-10-10 16:43:45 +0200
committer	dklawren <dklawren@users.noreply.github.com>	2017-10-10 16:43:45 +0200
commit	191a5fc2fbdba570d4d3b69a944dcec3366973b5 (patch)
tree	9dc40955f59994faadfbf51ec3acc5d29f940299 /extensions/PhabBugz
parent	3e1b339cebc0f5259027e266f98f9b06f83f53a3 (diff)
download	bugzilla-191a5fc2fbdba570d4d3b69a944dcec3366973b5.tar.gz bugzilla-191a5fc2fbdba570d4d3b69a944dcec3366973b5.tar.xz