From 7dadc66b5c3895ff5d9a83de1dcde49f8f523554 Mon Sep 17 00:00:00 2001 From: Mark Côté Date: Wed, 25 Jul 2018 14:00:06 -0400 Subject: no bug - Include Bugzilla::Error in PhabBugz's WebService.pm. The ThrowUserError() calls in PhabBugz's WebService.pm were causing errors as Bugzilla::Error wasn't being imported. --- extensions/PhabBugz/lib/WebService.pm | 1 + 1 file changed, 1 insertion(+) (limited to 'extensions/PhabBugz/lib/WebService.pm') diff --git a/extensions/PhabBugz/lib/WebService.pm b/extensions/PhabBugz/lib/WebService.pm index 0239ccf74..142211c6d 100644 --- a/extensions/PhabBugz/lib/WebService.pm +++ b/extensions/PhabBugz/lib/WebService.pm @@ -14,6 +14,7 @@ use warnings; use base qw(Bugzilla::WebService); use Bugzilla::Constants; +use Bugzilla::Error; use Bugzilla::User; use Bugzilla::Util qw(detaint_natural datetime_from time_ago trick_taint); use Bugzilla::WebService::Constants; -- cgit v1.2.3-24-g4f1b From 8b75f8e691309ec68e5de1cbdf77f6e8b2b305f8 Mon Sep 17 00:00:00 2001 From: Mark Côté Date: Fri, 27 Jul 2018 17:19:57 -0400 Subject: Bug 1478983 - WebService endpoint to check if a user can enter a bug into a given product There is some common code, which we will need again for another WebService call, that can be refactored into their own functions. This WebService endpoint takes a product name and user ID in the form `check_enter_bug//`. It returns an object with one attribute, `result`, that is set to 1 if the product exists and the user is allowed to enter bugs in it, or 0 otherwise. --- extensions/PhabBugz/lib/WebService.pm | 70 ++++++++++++++++++++++++++--------- 1 file changed, 53 insertions(+), 17 deletions(-) (limited to 'extensions/PhabBugz/lib/WebService.pm') diff --git a/extensions/PhabBugz/lib/WebService.pm b/extensions/PhabBugz/lib/WebService.pm index 142211c6d..fa9306667 100644 --- a/extensions/PhabBugz/lib/WebService.pm +++ b/extensions/PhabBugz/lib/WebService.pm @@ -30,34 +30,46 @@ use List::MoreUtils qw(any); use MIME::Base64 qw(decode_base64); use constant READ_ONLY => qw( + check_user_enter_bug_permission check_user_permission_for_bug needs_review ); use constant PUBLIC_METHODS => qw( + check_user_enter_bug_permission check_user_permission_for_bug needs_review set_build_target ); -sub check_user_permission_for_bug { - my ($self, $params) = @_; - - my $user = Bugzilla->login(LOGIN_REQUIRED); - +sub _check_phabricator { # Ensure PhabBugz is on ThrowUserError('phabricator_not_enabled') unless Bugzilla->params->{phabricator_enabled}; +} + +sub _validate_phab_user { + my ($self, $user) = @_; + + $self->_check_phabricator(); # Validate that the requesting user's email matches phab-bot ThrowUserError('phabricator_unauthorized_user') unless $user->login eq PHAB_AUTOMATION_USER; +} + +sub check_user_permission_for_bug { + my ($self, $params) = @_; + + my $user = Bugzilla->login(LOGIN_REQUIRED); + + $self->_validate_phab_user($user); # Validate that a bug id and user id are provided ThrowUserError('phabricator_invalid_request_params') unless ($params->{bug_id} && $params->{user_id}); - # Validate that the user and bug exist + # Validate that the user exists my $target_user = Bugzilla::User->check({ id => $params->{user_id}, cache => 1 }); # Send back an object which says { "result": 1|0 } @@ -66,10 +78,32 @@ sub check_user_permission_for_bug { }; } +sub check_user_enter_bug_permission { + my ($self, $params) = @_; + + my $user = Bugzilla->login(LOGIN_REQUIRED); + + $self->_validate_phab_user($user); + + # Validate that a product name and user id are provided + ThrowUserError('phabricator_invalid_request_params') + unless ($params->{product} && $params->{user_id}); + + # Validate that the user exists + my $target_user = Bugzilla::User->check({ id => $params->{user_id}, cache => 1 }); + + # Send back an object with the attribute "result" set to 1 if the user + # can enter bugs into the given product, or 0 if not. + return { + result => $target_user->can_enter_product($params->{product}) ? 1 : 0 + }; +} + sub needs_review { my ($self, $params) = @_; - ThrowUserError('phabricator_not_enabled') - unless Bugzilla->params->{phabricator_enabled}; + + $self->_check_phabricator(); + my $user = Bugzilla->login(LOGIN_REQUIRED); my $dbh = Bugzilla->dbh; @@ -170,13 +204,7 @@ sub set_build_target { my $user = Bugzilla->login(LOGIN_REQUIRED); - # Ensure PhabBugz is on - ThrowUserError('phabricator_not_enabled') - unless Bugzilla->params->{phabricator_enabled}; - - # Validate that the requesting user's email matches phab-bot - ThrowUserError('phabricator_unauthorized_user') - unless $user->login eq PHAB_AUTOMATION_USER; + $self->_validate_phab_user($user); my $revision_id = $params->{revision_id}; my $build_target = $params->{build_target}; @@ -205,13 +233,13 @@ sub rest_resources { POST => { method => 'set_build_target', params => sub { - return { + return { revision_id => $_[0], build_target => $_[1] }; } } - }, + }, # Bug permission checks qr{^/phabbugz/check_bug/(\d+)/(\d+)$}, { GET => { @@ -221,6 +249,14 @@ sub rest_resources { } } }, + qr{^/phabbugz/check_enter_bug/([^/]+)/(\d+)$}, { + GET => { + method => 'check_user_enter_bug_permission', + params => sub { + return { product => $_[0], user_id => $_[1] }; + }, + }, + }, # Review requests qw{^/phabbugz/needs_review$}, { GET => { -- cgit v1.2.3-24-g4f1b