diff options
Diffstat (limited to 'extensions/PhabBugz/lib/Feed.pm')
-rw-r--r-- | extensions/PhabBugz/lib/Feed.pm | 114 |
1 files changed, 110 insertions, 4 deletions
diff --git a/extensions/PhabBugz/lib/Feed.pm b/extensions/PhabBugz/lib/Feed.pm index 1907b86d7..275d71976 100644 --- a/extensions/PhabBugz/lib/Feed.pm +++ b/extensions/PhabBugz/lib/Feed.pm @@ -48,7 +48,7 @@ sub start { first_interval => 0, interval => PHAB_FEED_POLL_SECONDS, reschedule => 'drift', - on_tick => sub { + on_tick => sub { try{ $self->feed_query(); } @@ -64,7 +64,7 @@ sub start { first_interval => 0, interval => PHAB_USER_POLL_SECONDS, reschedule => 'drift', - on_tick => sub { + on_tick => sub { try{ $self->user_query(); } @@ -75,11 +75,29 @@ sub start { }, ); + # Update project membership in Phabricator based on Bugzilla groups + my $group_timer = IO::Async::Timer::Periodic->new( + first_interval => 0, + interval => PHAB_GROUP_POLL_SECONDS, + reschedule => 'drift', + on_tick => sub { + try{ + $self->group_query(); + } + catch { + FATAL($_); + }; + Bugzilla->_cleanup(); + }, + ); + my $loop = IO::Async::Loop->new; $loop->add($feed_timer); $loop->add($user_timer); + $loop->add($group_timer); $feed_timer->start; $user_timer->start; + $group_timer->start; $loop->run; } @@ -90,7 +108,7 @@ sub feed_query { # Ensure Phabricator syncing is enabled if (!Bugzilla->params->{phabricator_enabled}) { - INFO("PHABRICATOR SYNC DISABLED"); + WARN("PHABRICATOR SYNC DISABLED"); return; } @@ -150,7 +168,7 @@ sub user_query { # Ensure Phabricator syncing is enabled if (!Bugzilla->params->{phabricator_enabled}) { - INFO("PHABRICATOR SYNC DISABLED"); + WARN("PHABRICATOR SYNC DISABLED"); return; } @@ -183,6 +201,72 @@ sub user_query { } } +sub group_query { + my ($self) = @_; + + # Ensure Phabricator syncing is enabled + if ( !Bugzilla->params->{phabricator_enabled} ) { + WARN("PHABRICATOR SYNC DISABLED"); + return; + } + + my $phab_sync_groups = Bugzilla->params->{phabricator_sync_groups}; + if ( !$phab_sync_groups ) { + WARN('A comma delimited list of security groups was not provided.'); + return; + } + + # PROCESS SECURITY GROUPS + + INFO("GROUPS: Updating group memberships"); + + # Loop through each group and perform the following: + # + # 1. Load flattened list of group members + # 2. Check to see if Phab project exists for 'bmo-<group_name>' + # 3. Create if does not exist with locked down policy. + # 4. Set project members to exact list + # 5. Profit + + my $sync_groups = Bugzilla::Group->match( + { name => [ split( '[,\s]+', $phab_sync_groups ) ] } ); + + foreach my $group (@$sync_groups) { + + # Create group project if one does not yet exist + my $phab_project_name = 'bmo-' . $group->name; + my $project = Bugzilla::Extension::PhabBugz::Project->new_from_query( + { + name => $phab_project_name + } + ); + if ( !$project ) { + INFO("Project $project not found. Creating."); + my $secure_revision = + Bugzilla::Extension::PhabBugz::Project->new_from_query( + { + name => 'secure-revision' + } + ); + $project = Bugzilla::Extension::PhabBugz::Project->create( + { + name => $phab_project_name, + description => 'BMO Security Group for ' . $group->name, + view_policy => $secure_revision->phid, + edit_policy => $secure_revision->phid, + join_policy => $secure_revision->phid + } + ); + } + + if ( my @group_members = get_group_members($group) ) { + INFO("Setting group members for " . $project->name); + $project->set_members( \@group_members ); + $project->update(); + } + } +} + sub process_revision_change { my ($self, $revision_phid, $story_text) = @_; @@ -567,4 +651,26 @@ sub save_last_id { undef, $type_full, $last_id ); } +sub get_group_members { + my ($group) = @_; + my $group_obj = + ref $group ? $group : Bugzilla::Group->check( { name => $group, cache => 1 } ); + my $members_all = $group_obj->members_complete(); + my %users; + foreach my $name ( keys %$members_all ) { + foreach my $user ( @{ $members_all->{$name} } ) { + $users{ $user->id } = $user; + } + } + + # Look up the phab ids for these users + my $phab_users = get_phab_bmo_ids( { ids => [ keys %users ] } ); + foreach my $phab_user ( @{$phab_users} ) { + $users{ $phab_user->{id} }->{phab_phid} = $phab_user->{phid}; + } + + # We only need users who have accounts in phabricator + return grep { $_->phab_phid } values %users; +} + 1; |