diff options
Diffstat (limited to 'extensions/TellUsMore/lib/WebService.pm')
| -rw-r--r-- | extensions/TellUsMore/lib/WebService.pm | 259 |
1 files changed, 0 insertions, 259 deletions
diff --git a/extensions/TellUsMore/lib/WebService.pm b/extensions/TellUsMore/lib/WebService.pm deleted file mode 100644 index 3ace06ef3..000000000 --- a/extensions/TellUsMore/lib/WebService.pm +++ /dev/null @@ -1,259 +0,0 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. -# -# This Source Code Form is "Incompatible With Secondary Licenses", as -# defined by the Mozilla Public License, v. 2.0. - -package Bugzilla::Extension::TellUsMore::WebService; - -use strict; -use warnings; - -use base qw(Bugzilla::WebService Bugzilla::Extension); - -use Bugzilla::Component; -use Bugzilla::Constants; -use Bugzilla::Error; -use Bugzilla::Mailer; -use Bugzilla::Product; -use Bugzilla::User; -use Bugzilla::UserAgent; -use Bugzilla::Util; -use Bugzilla::Version; - -use Bugzilla::Extension::TellUsMore::Constants; - -use Data::Dumper; -use Email::MIME; -use MIME::Base64; - -sub submit { - my ($self, $params) = @_; - my $dbh = Bugzilla->dbh; - - # validation - - my $user = Bugzilla->login(LOGIN_REQUIRED); - if ($user->email ne TELL_US_MORE_LOGIN) { - ThrowUserError('tum_auth_failure'); - } - - if (Bugzilla->params->{disable_bug_updates}) { - ThrowUserError('tum_updates_disabled'); - } - - $self->_validate_params($params); - $self->_set_missing_params($params); - - my $creator = $self->_get_user($params->{creator}); - if ($creator && $creator->disabledtext ne '') { - ThrowUserError('tum_account_disabled', { user => $creator }); - } - - $self->_validate_rate($params); - - # create transient entry and email - - $dbh->bz_start_transaction(); - my $token = Bugzilla::Token::GenerateUniqueToken('tell_us_more', 'token'); - my $id = $self->_insert($params, $token); - my $email = $self->_generate_email($params, $token, $creator); - $dbh->bz_commit_transaction(); - - # send email - - MessageToMTA($email); - - # done, return the id from the tell_us_more table - - return $id; -} - -sub _validate_params { - my ($self, $params) = @_; - - $self->_validate_mandatory($params, 'Submission', MANDATORY_BUG_FIELDS); - $self->_remove_invalid_fields($params, MANDATORY_BUG_FIELDS, OPTIONAL_BUG_FIELDS); - - if (!validate_email_syntax($params->{creator})) { - ThrowUserError('illegal_email_address', { addr => $params->{creator} }); - } - - if ($params->{attachments}) { - if (scalar @{$params->{attachments}} > MAX_ATTACHMENT_COUNT) { - ThrowUserError('tum_too_many_attachments', { max => MAX_ATTACHMENT_COUNT }); - } - my $i = 0; - foreach my $attachment (@{$params->{attachments}}) { - $i++; - $self->_validate_mandatory($attachment, "Attachment $i", MANDATORY_ATTACH_FIELDS); - $self->_remove_invalid_fields($attachment, MANDATORY_ATTACH_FIELDS, OPTIONAL_ATTACH_FIELDS); - if (length(decode_base64($attachment->{content})) > MAX_ATTACHMENT_SIZE * 1024) { - ThrowUserError('tum_attachment_too_large', { filename => $attachment->{filename}, max => MAX_ATTACHMENT_SIZE }); - } - } - } - - # products are mapped to components of the target-product - - Bugzilla::Component->new({ name => $params->{product}, product => $self->_target_product }) - || ThrowUserError('invalid_product_name', { product => $params->{product} }); -} - -sub _set_missing_params { - my ($self, $params) = @_; - - # set the product and component correctly - - $params->{component} = $params->{product}; - $params->{product} = TARGET_PRODUCT; - - # priority, bug_severity - - $params->{priority} = Bugzilla->params->{defaultpriority}; - $params->{bug_severity} = Bugzilla->params->{defaultseverity}; - - # map invalid versions to 'unspecified' - - if (!$params->{version}) { - $params->{version} = DEFAULT_VERSION; - } else { - Bugzilla::Version->new({ product => $self->_target_product, name => $params->{version} }) - || ($params->{version} = DEFAULT_VERSION); - } - - # set url - - $params->{bug_file_loc} = $params->{url}; - - # detect the opsys and platform from user_agent - - $ENV{HTTP_USER_AGENT} = $params->{user_agent}; - $params->{rep_platform} = detect_platform(); - $params->{op_sys} = detect_op_sys(); - - # set group based on restricted - - $params->{group} = $params->{restricted} ? SECURITY_GROUP : ''; - delete $params->{restricted}; -} - -sub _get_user { - my ($self, $email) = @_; - - return Bugzilla::User->new({ name => $email }); -} - -sub _insert { - my ($self, $params, $token) = @_; - my $dbh = Bugzilla->dbh; - - local $Data::Dumper::Purity = 1; - local $Data::Dumper::Sortkeys = 1; - my $content = Dumper($params); - trick_taint($content); - - my $sth = $dbh->prepare(' - INSERT INTO tell_us_more(token, mail, creation_ts, content) - VALUES(?, ?, ?, ?) - '); - $sth->bind_param(1, $token); - $sth->bind_param(2, $params->{creator}); - $sth->bind_param(3, $dbh->selectrow_array('SELECT LOCALTIMESTAMP(0)')); - $sth->bind_param(4, $content, $dbh->BLOB_TYPE); - $sth->execute(); - - return $dbh->bz_last_key('tell_us_more', 'id'); -} - -sub _generate_email { - my ($self, $params, $token, $user) = @_; - - # create email parts - - my $template = Bugzilla->template_inner; - my ($message_header, $message_text, $message_html); - my $vars = { - token_url => correct_urlbase() . 'page.cgi?id=tellusmore.html&token=' . url_quote($token), - recipient_email => $params->{creator}, - recipient_name => ($user ? $user->name : $params->{creator_name}), - }; - - my $prefix = $user ? 'existing' : 'new'; - $template->process("email/$prefix-account.header.tmpl", $vars, \$message_header) - || ThrowCodeError('template_error', { template_error_msg => $template->error() }); - $template->process("email/$prefix-account.txt.tmpl", $vars, \$message_text) - || ThrowCodeError('template_error', { template_error_msg => $template->error() }); - $template->process("email/$prefix-account.html.tmpl", $vars, \$message_html) - || ThrowCodeError('template_error', { template_error_msg => $template->error() }); - - # create email object - - my @parts = ( - Email::MIME->create( - attributes => { content_type => "text/plain" }, - body => $message_text, - ), - Email::MIME->create( - attributes => { content_type => "text/html" }, - body => $message_html, - ), - ); - my $email = new Email::MIME("$message_header\n"); - $email->content_type_set('multipart/alternative'); - $email->parts_set(\@parts); - - return $email; -} - -sub _validate_mandatory { - my ($self, $params, $name, @fields) = @_; - - my @missing_fields; - foreach my $field (@fields) { - if (!exists $params->{$field} || $params->{$field} eq '') { - push @missing_fields, $field; - } - } - - if (scalar @missing_fields) { - ThrowUserError('tum_missing_fields', { name => $name, missing => \@missing_fields }); - } -} - -sub _remove_invalid_fields { - my ($self, $params, @valid_fields) = @_; - - foreach my $field (keys %$params) { - if (!grep { $_ eq $field } @valid_fields) { - delete $params->{$field}; - } - } -} - -sub _validate_rate { - my ($self, $params) = @_; - my $dbh = Bugzilla->dbh; - - my ($report_count) = $dbh->selectrow_array(' - SELECT COUNT(*) - FROM tell_us_more - WHERE mail = ? - AND creation_ts >= NOW() - ' . $dbh->sql_interval(1, 'MINUTE') - , undef, $params->{creator} - ); - if ($report_count + 1 > MAX_REPORTS_PER_MINUTE) { - ThrowUserError('tum_rate_exceeded', { max => MAX_REPORTS_PER_MINUTE }); - } -} - -sub _target_product { - my ($self) = @_; - - my $product = Bugzilla::Product->new({ name => TARGET_PRODUCT }) - || ThrowUserError('invalid_product_name', { product => TARGET_PRODUCT }); - return $product; -} - -1; |