diff options
author | Byron Jones <bjones@mozilla.com> | 2013-05-07 07:58:00 +0200 |
---|---|---|
committer | Byron Jones <bjones@mozilla.com> | 2013-05-07 07:58:00 +0200 |
commit | 2202b4da89a7426ecf208a877ac9032bc44cd7ec (patch) | |
tree | 472906394052fb9d86d56933076c0275041a461b /extensions | |
parent | cf7d6aea1af628711f2c870cdc8607390c18089a (diff) | |
download | bugzilla-2202b4da89a7426ecf208a877ac9032bc44cd7ec.tar.gz bugzilla-2202b4da89a7426ecf208a877ac9032bc44cd7ec.tar.xz |
Bug 869025: create a report to sanity check product's default security group
Diffstat (limited to 'extensions')
5 files changed, 144 insertions, 1 deletions
diff --git a/extensions/BMO/Extension.pm b/extensions/BMO/Extension.pm index 07f8357f1..030dcbeab 100644 --- a/extensions/BMO/Extension.pm +++ b/extensions/BMO/Extension.pm @@ -174,8 +174,12 @@ sub page_before_template { require Bugzilla::Extension::BMO::Reports::ReleaseTracking; Bugzilla::Extension::BMO::Reports::ReleaseTracking::report($vars); } + elsif ($page eq 'product_security_report.html') { + require Bugzilla::Extension::BMO::Reports::ProductSecurity; + Bugzilla::Extension::BMO::Reports::ProductSecurity::report($vars); + } elsif ($page eq 'fields.html') { - # Recently global/field-descs.none.tmpl and bug/field-help.none.tmpl + # Recently global/field-descs.none.tmpl and bug/field-help.none.tmpl # were changed for better performance and are now only loaded once. # I have not found an easy way to allow our hook template to check if # it is called from pages/fields.html.tmpl. So we set a value in request_cache diff --git a/extensions/BMO/lib/Reports/ProductSecurity.pm b/extensions/BMO/lib/Reports/ProductSecurity.pm new file mode 100644 index 000000000..946ad10f0 --- /dev/null +++ b/extensions/BMO/lib/Reports/ProductSecurity.pm @@ -0,0 +1,67 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# This Source Code Form is "Incompatible With Secondary Licenses", as +# defined by the Mozilla Public License, v. 2.0. + +package Bugzilla::Extension::BMO::Reports::ProductSecurity; +use strict; +use warnings; + +use Bugzilla::Constants; +use Bugzilla::Error; +use Bugzilla::Product; + +sub report { + my ($vars) = @_; + my $user = Bugzilla->user; + + ($user->in_group('admin') || $user->in_group('infrasec')) + || ThrowUserError('auth_failure', { group => 'admin', + action => 'run', + object => 'product_security' }); + + my $moco = Bugzilla::Group->new({ name => 'mozilla-corporation-confidential' }) + or return; + + my $products = []; + foreach my $product (@{ Bugzilla::Product->match({}) }) { + my $default_group = $product->default_security_group_obj; + my $group_controls = $product->group_controls(); + + my $item = { + name => $product->name, + default_security_group => $product->default_security_group, + group_visibility => 'None/None', + moco => exists $group_controls->{$moco->id}, + }; + + if ($default_group) { + if (my $control = $group_controls->{$default_group->id}) { + $item->{group_visibility} = control_to_string($control->{membercontrol}) . + '/' . control_to_string($control->{othercontrol}); + } + } + + $item->{group_problem} = $default_group ? '' : "Invalid group " . $product->default_security_group; + $item->{visibility_problem} = 'Default security group should be Shown/Shown' + if ($item->{group_visibility} ne 'Shown/Shown') + && ($item->{group_visibility} ne 'Mandatory/Mandatory') + && ($item->{group_visibility} ne 'Default/Default'); + + push @$products, $item; + } + $vars->{products} = $products; +} + +sub control_to_string { + my ($control) = @_; + return 'NA' if $control == CONTROLMAPNA; + return 'Shown' if $control == CONTROLMAPSHOWN; + return 'Default' if $control == CONTROLMAPDEFAULT; + return 'Mandatory' if $control == CONTROLMAPMANDATORY; + return ''; +} + +1; diff --git a/extensions/BMO/template/en/default/hook/reports/menu-end.html.tmpl b/extensions/BMO/template/en/default/hook/reports/menu-end.html.tmpl index 35644c1e4..93f04c4fa 100644 --- a/extensions/BMO/template/en/default/hook/reports/menu-end.html.tmpl +++ b/extensions/BMO/template/en/default/hook/reports/menu-end.html.tmpl @@ -41,6 +41,13 @@ </strong> - Lists the users of groups. </li> [% END %] + [% IF user.in_group('admin') || user.in_group('infrasec') %] + <li> + <strong> + <a href="[% urlbase FILTER none %]page.cgi?id=product_security_report.html">Product Security Report</a> + </strong> - Show each product's default security group and visibility. + </li> + [% END %] [% IF user.in_group('admin') || user.in_group('infra') %] <li> <strong> diff --git a/extensions/BMO/template/en/default/pages/product_security_report.html.tmpl b/extensions/BMO/template/en/default/pages/product_security_report.html.tmpl new file mode 100644 index 000000000..c87f6a418 --- /dev/null +++ b/extensions/BMO/template/en/default/pages/product_security_report.html.tmpl @@ -0,0 +1,60 @@ +[%# This Source Code Form is subject to the terms of the Mozilla Public + # License, v. 2.0. If a copy of the MPL was not distributed with this + # file, You can obtain one at http://mozilla.org/MPL/2.0/. + # + # This Source Code Form is "Incompatible With Secondary Licenses", as + # defined by the Mozilla Public License, v. 2.0. + #%] + +[% INCLUDE global/header.html.tmpl + title = "Product Security Report" + style_urls = [ "extensions/BMO/web/styles/reports.css" ] +%] + +<table border="0" cellspacing="0" id="report" class="nohover" width="100%"> + <tr id="report-header"> + <th>Product</th> + <th>Default Security Group</th> + <th>Default Group Visibility</th> + <th>Mozilla-Confidential</th> + </tr> + + [% count = 0 %] + [% FOREACH product = products %] + [% count = count + 1 %] + <tr class="report_item [% count % 2 == 1 ? "report_row_odd" : "report_row_even" %]"> + <td> + <a href="editproducts.cgi?action=editgroupcontrols&product=[% product.name FILTER uri %]" target="_blank"> + [% product.name FILTER html %] + </a> + </td> + [% IF product.group_problem %] + <td class="problem"> + <span title="[% product.group_problem FILTER html %]"> + [% product.default_security_group FILTER html %] + </span> + </td> + [% ELSE %] + <td> + [% product.default_security_group FILTER html %] + </td> + [% END %] + [% IF product.visibility_problem %] + <td class="problem"> + <span title="[% product.visibility_problem FILTER html %]"> + [% product.group_visibility FILTER html %] + </span> + </td> + [% ELSE %] + <td> + [% product.group_visibility FILTER html %] + </td> + [% END %] + <td> + [% product.moco ? 'Yes' : 'No' FILTER none %] + </td> + </tr> + [% END %] +</table> + +[% INCLUDE global/footer.html.tmpl %] diff --git a/extensions/BMO/web/styles/reports.css b/extensions/BMO/web/styles/reports.css index 7ad0df241..ccc931eec 100644 --- a/extensions/BMO/web/styles/reports.css +++ b/extensions/BMO/web/styles/reports.css @@ -64,3 +64,8 @@ .hoverrow tr:hover { background-color: #ccccff; } + +.problem { + color: #aa2222; +} + |