diff options
| -rw-r--r-- | extensions/PhabBugz/lib/WebService.pm | 38 | ||||
| -rw-r--r-- | extensions/PhabBugz/template/en/default/hook/global/user-error-errors.html.tmpl | 14 |
2 files changed, 52 insertions, 0 deletions
diff --git a/extensions/PhabBugz/lib/WebService.pm b/extensions/PhabBugz/lib/WebService.pm index 0d88114f6..84561c3db 100644 --- a/extensions/PhabBugz/lib/WebService.pm +++ b/extensions/PhabBugz/lib/WebService.pm @@ -23,6 +23,7 @@ use Bugzilla::User; use Bugzilla::Util qw(correct_urlbase detaint_natural); use Bugzilla::WebService::Constants; +use Bugzilla::Extension::PhabBugz::Constants; use Bugzilla::Extension::PhabBugz::Util qw( create_revision_attachment create_private_revision_policy @@ -41,6 +42,7 @@ use constant PUBLIC_METHODS => qw( revision ); + sub revision { my ($self, $params) = @_; @@ -110,8 +112,35 @@ sub revision { }; } +sub check_user_permission_for_bug { + my ($self, $params) = @_; + + my $user = Bugzilla->login(LOGIN_REQUIRED); + + # Ensure PhabBugz is on + ThrowUserError('phabricator_not_enabled') + unless Bugzilla->params->{phabricator_enabled}; + + # Validate that the requesting user's email matches phab-bot + ThrowUserError('phabricator_unauthorized_user') + unless $user->login eq PHAB_AUTOMATION_USER; + + # Validate that a bug id and user id are provided + ThrowUserError('phabricator_invalid_request_params') + unless ($params->{bug_id} && $params->{user_id}); + + # Validate that the user and bug exist + my $target_user = Bugzilla::User->check({ id => $params->{user_id}, cache => 1 }); + + # Send back an object which says { "result": 1|0 } + return { + result => $target_user->can_see_bug($params->{bug_id}) + }; +} + sub rest_resources { return [ + # Revision creation qr{^/phabbugz/revision/([^/]+)$}, { POST => { method => 'revision', @@ -119,6 +148,15 @@ sub rest_resources { return { revision => $_[0] }; } } + }, + # Bug permission checks + qr{^/phabbugz/check_bug/(\d+)/(\d+)$}, { + GET => { + method => 'check_user_permission_for_bug', + params => sub { + return { bug_id => $_[0], user_id => $_[1] }; + } + } } ]; } diff --git a/extensions/PhabBugz/template/en/default/hook/global/user-error-errors.html.tmpl b/extensions/PhabBugz/template/en/default/hook/global/user-error-errors.html.tmpl index 60cd08923..1457e3525 100644 --- a/extensions/PhabBugz/template/en/default/hook/global/user-error-errors.html.tmpl +++ b/extensions/PhabBugz/template/en/default/hook/global/user-error-errors.html.tmpl @@ -18,8 +18,22 @@ [% title = "Invalid Phabricator Sync Groups" %] You must provide a comma delimited list of security groups to sync with Phabricator. + [% ELSIF error == "invalid_phabricator_revision_id" %] [% title = "Invalid Phabricator Revision ID" %] You must provide a valid Phabricator revision ID. +[% ELSIF error == "phabricator_not_enabled" %] + [% title = "Phabricator Support Not Enabled" %] + The Phabricator to Bugzilla library, PhabBugz, + is not enabled in Bugzilla. + +[% ELSIF error == "phabricator_invalid_request_params" %] + [% title = "Incomplete Information Provided by Phabricator" %] + The parameters 'user_id' and '[% terms.bug %]_id' must be provided. + +[% ELSIF error == "phabricator_unauthorized_user" %] + [% title = "Unauthorized User" %] + You do not have permission to use this endpoint. + [% END %] |