summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--extensions/PhabBugz/lib/WebService.pm38
-rw-r--r--extensions/PhabBugz/template/en/default/hook/global/user-error-errors.html.tmpl14
2 files changed, 52 insertions, 0 deletions
diff --git a/extensions/PhabBugz/lib/WebService.pm b/extensions/PhabBugz/lib/WebService.pm
index 0d88114f6..84561c3db 100644
--- a/extensions/PhabBugz/lib/WebService.pm
+++ b/extensions/PhabBugz/lib/WebService.pm
@@ -23,6 +23,7 @@ use Bugzilla::User;
use Bugzilla::Util qw(correct_urlbase detaint_natural);
use Bugzilla::WebService::Constants;
+use Bugzilla::Extension::PhabBugz::Constants;
use Bugzilla::Extension::PhabBugz::Util qw(
create_revision_attachment
create_private_revision_policy
@@ -41,6 +42,7 @@ use constant PUBLIC_METHODS => qw(
revision
);
+
sub revision {
my ($self, $params) = @_;
@@ -110,8 +112,35 @@ sub revision {
};
}
+sub check_user_permission_for_bug {
+ my ($self, $params) = @_;
+
+ my $user = Bugzilla->login(LOGIN_REQUIRED);
+
+ # Ensure PhabBugz is on
+ ThrowUserError('phabricator_not_enabled')
+ unless Bugzilla->params->{phabricator_enabled};
+
+ # Validate that the requesting user's email matches phab-bot
+ ThrowUserError('phabricator_unauthorized_user')
+ unless $user->login eq PHAB_AUTOMATION_USER;
+
+ # Validate that a bug id and user id are provided
+ ThrowUserError('phabricator_invalid_request_params')
+ unless ($params->{bug_id} && $params->{user_id});
+
+ # Validate that the user and bug exist
+ my $target_user = Bugzilla::User->check({ id => $params->{user_id}, cache => 1 });
+
+ # Send back an object which says { "result": 1|0 }
+ return {
+ result => $target_user->can_see_bug($params->{bug_id})
+ };
+}
+
sub rest_resources {
return [
+ # Revision creation
qr{^/phabbugz/revision/([^/]+)$}, {
POST => {
method => 'revision',
@@ -119,6 +148,15 @@ sub rest_resources {
return { revision => $_[0] };
}
}
+ },
+ # Bug permission checks
+ qr{^/phabbugz/check_bug/(\d+)/(\d+)$}, {
+ GET => {
+ method => 'check_user_permission_for_bug',
+ params => sub {
+ return { bug_id => $_[0], user_id => $_[1] };
+ }
+ }
}
];
}
diff --git a/extensions/PhabBugz/template/en/default/hook/global/user-error-errors.html.tmpl b/extensions/PhabBugz/template/en/default/hook/global/user-error-errors.html.tmpl
index 60cd08923..1457e3525 100644
--- a/extensions/PhabBugz/template/en/default/hook/global/user-error-errors.html.tmpl
+++ b/extensions/PhabBugz/template/en/default/hook/global/user-error-errors.html.tmpl
@@ -18,8 +18,22 @@
[% title = "Invalid Phabricator Sync Groups" %]
You must provide a comma delimited list of security groups
to sync with Phabricator.
+
[% ELSIF error == "invalid_phabricator_revision_id" %]
[% title = "Invalid Phabricator Revision ID" %]
You must provide a valid Phabricator revision ID.
+[% ELSIF error == "phabricator_not_enabled" %]
+ [% title = "Phabricator Support Not Enabled" %]
+ The Phabricator to Bugzilla library, PhabBugz,
+ is not enabled in Bugzilla.
+
+[% ELSIF error == "phabricator_invalid_request_params" %]
+ [% title = "Incomplete Information Provided by Phabricator" %]
+ The parameters 'user_id' and '[% terms.bug %]_id' must be provided.
+
+[% ELSIF error == "phabricator_unauthorized_user" %]
+ [% title = "Unauthorized User" %]
+ You do not have permission to use this endpoint.
+
[% END %]