summaryrefslogtreecommitdiffstats
path: root/extensions/PhabBugz/lib/WebService.pm
blob: 5ca811d58f7410c7ea4de69132ab579508467c9d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# This Source Code Form is "Incompatible With Secondary Licenses", as
# defined by the Mozilla Public License, v. 2.0.

package Bugzilla::Extension::PhabBugz::WebService;

use 5.10.1;
use strict;
use warnings;

use base qw(Bugzilla::WebService);

use Bugzilla::Constants;
use Bugzilla::User;
use Bugzilla::Util qw(detaint_natural datetime_from time_ago trick_taint);
use Bugzilla::WebService::Constants;

use Bugzilla::Extension::PhabBugz::Constants;
use Bugzilla::Extension::PhabBugz::Util qw(
    get_needs_review
);

use DateTime ();
use List::Util qw(first uniq);
use List::MoreUtils qw(any);
use MIME::Base64 qw(decode_base64);

use constant READ_ONLY => qw(
    check_user_permission_for_bug
    needs_review
);

use constant PUBLIC_METHODS => qw(
    check_user_permission_for_bug
    needs_review
    set_build_target
);

sub check_user_permission_for_bug {
    my ($self, $params) = @_;

    my $user = Bugzilla->login(LOGIN_REQUIRED);

    # Ensure PhabBugz is on
    ThrowUserError('phabricator_not_enabled')
        unless Bugzilla->params->{phabricator_enabled};

    # Validate that the requesting user's email matches phab-bot
    ThrowUserError('phabricator_unauthorized_user')
        unless $user->login eq PHAB_AUTOMATION_USER;

    # Validate that a bug id and user id are provided
    ThrowUserError('phabricator_invalid_request_params')
        unless ($params->{bug_id} && $params->{user_id});

    # Validate that the user and bug exist
    my $target_user = Bugzilla::User->check({ id => $params->{user_id}, cache => 1 });

    # Send back an object which says { "result": 1|0 }
    return {
        result => $target_user->can_see_bug($params->{bug_id})
    };
}

sub needs_review {
    my ($self, $params) = @_;
    ThrowUserError('phabricator_not_enabled')
        unless Bugzilla->params->{phabricator_enabled};
    my $user = Bugzilla->login(LOGIN_REQUIRED);
    my $dbh  = Bugzilla->dbh;

    my $reviews = get_needs_review();

    my $authors = Bugzilla::Extension::PhabBugz::User->match({
        phids => [
            uniq
            grep { defined }
            map { $_->{fields}{authorPHID} }
            @$reviews
        ]
    });

    my %author_phab_to_id = map { $_->phid => $_->bugzilla_user->id } @$authors;
    my %author_id_to_user = map { $_->bugzilla_user->id => $_->bugzilla_user } @$authors;

    # bug data
    my $visible_bugs = $user->visible_bugs([
        uniq
        grep { $_ }
        map { $_->{fields}{'bugzilla.bug-id'} }
        @$reviews
    ]);

    # get all bug statuses and summaries in a single query to avoid creation of
    # many bug objects
    my %bugs;
    if (@$visible_bugs) {
        #<<<
        my $bug_rows =$dbh->selectall_arrayref(
            'SELECT bug_id, bug_status, short_desc ' .
            '  FROM bugs ' .
            ' WHERE bug_id IN (' . join(',', ('?') x @$visible_bugs) . ')',
            { Slice => {} },
            @$visible_bugs
        );
        #>>>
        %bugs = map { $_->{bug_id} => $_ } @$bug_rows;
    }

    # build result
    my $datetime_now = DateTime->now(time_zone => $user->timezone);
    my @result;
    foreach my $review (@$reviews) {
        my $review_flat = {
            id     => $review->{id},
            status => $review->{fields}{review_status},
            title  => $review->{fields}{title},
            url    => Bugzilla->params->{phabricator_base_uri} . 'D' . $review->{id},
        };

        # show date in user's timezone
        my $datetime = DateTime->from_epoch(
            epoch     => $review->{fields}{dateModified},
            time_zone => 'UTC'
        );
        $datetime->set_time_zone($user->timezone);
        $review_flat->{updated}       = $datetime->strftime('%Y-%m-%d %T %Z');
        $review_flat->{updated_fancy} = time_ago($datetime, $datetime_now);

        # review requester
        if (my $author = $author_id_to_user{$author_phab_to_id{ $review->{fields}{authorPHID} }}) {
            $review_flat->{author_name}  = $author->name;
            $review_flat->{author_email} = $author->email;
        }
        else {
            $review_flat->{author_name}  = 'anonymous';
            $review_flat->{author_email} = 'anonymous';
        }

        # referenced bug
        if (my $bug_id = $review->{fields}{'bugzilla.bug-id'}) {
            my $bug = $bugs{$bug_id};
            $review_flat->{bug_id}      = $bug_id;
            $review_flat->{bug_status}  = $bug->{bug_status};
            $review_flat->{bug_summary} = $bug->{short_desc};
        }

        push @result, $review_flat;
    }

    return { result => \@result };
}

sub set_build_target {
    my ( $self, $params ) = @_;

    # Phabricator only supports sending credentials via HTTP Basic Auth
    # so we exploit that function to pass in an API key as the password
    # of basic auth. BMO does not support basic auth but does support
    # use of API keys.
    my $http_auth = Bugzilla->cgi->http('Authorization');
    $http_auth =~ s/^Basic\s+//;
    $http_auth = decode_base64($http_auth);
    my ($login, $api_key) = split(':', $http_auth);
    $params->{'Bugzilla_login'}   = $login;
    $params->{'Bugzilla_api_key'} = $api_key;

    my $user = Bugzilla->login(LOGIN_REQUIRED);

    # Ensure PhabBugz is on
    ThrowUserError('phabricator_not_enabled')
      unless Bugzilla->params->{phabricator_enabled};
    
    # Validate that the requesting user's email matches phab-bot
    ThrowUserError('phabricator_unauthorized_user')
      unless $user->login eq PHAB_AUTOMATION_USER;

    my $revision_id  = $params->{revision_id};
    my $build_target = $params->{build_target};

    ThrowUserError('invalid_phabricator_revision_id')
      unless detaint_natural($revision_id);

    ThrowUserError('invalid_phabricator_build_target')
      unless $build_target =~ /^PHID-HMBT-[a-zA-Z0-9]+$/;
    trick_taint($build_target);

    Bugzilla->dbh->do(
        "INSERT INTO phabbugz (name, value) VALUES (?, ?)",
        undef,
        'build_target_' . $revision_id,
        $build_target
    );

    return { result => 1 };
}

sub rest_resources {
    return [
        # Set build target in Phabricator
        qr{^/phabbugz/build_target/(\d+)/(PHID-HMBT-.*)$}, {
            POST => {
                method => 'set_build_target',
                params => sub {
                    return { 
                        revision_id  => $_[0],
                        build_target => $_[1]
                    };
                }
            }
        },        
        # Bug permission checks
        qr{^/phabbugz/check_bug/(\d+)/(\d+)$}, {
            GET => {
                method => 'check_user_permission_for_bug',
                params => sub {
                    return { bug_id => $_[0], user_id => $_[1] };
                }
            }
        },
        # Review requests
        qw{^/phabbugz/needs_review$}, {
            GET => {
                method => 'needs_review',
            },
        }
    ];
}

1;