class Activity(Model):
__core__ = False
SET_RESOLVED = 1
SET_UNRESOLVED = 2
SET_MUTED = 3
SET_PUBLIC = 4
SET_PRIVATE = 5
SET_REGRESSION = 6
CREATE_ISSUE = 7
NOTE = 8
FIRST_SEEN = 9
RELEASE = 10
ASSIGNED = 11
UNASSIGNED = 12
TYPE = (
# (TYPE, verb-slug)
(SET_RESOLVED, 'set_resolved'),
(SET_UNRESOLVED, 'set_unresolved'),
(SET_MUTED, 'set_muted'),
(SET_PUBLIC, 'set_public'),
(SET_PRIVATE, 'set_private'),
(SET_REGRESSION, 'set_regression'),
(CREATE_ISSUE, 'create_issue'),
(NOTE, 'note'),
(FIRST_SEEN, 'first_seen'),
(RELEASE, 'release'),
(ASSIGNED, 'assigned'),
(UNASSIGNED, 'unassigned'),
)
project = FlexibleForeignKey('sentry.Project')
group = FlexibleForeignKey('sentry.Group', null=True)
event = FlexibleForeignKey('sentry.Event', null=True)
# index on (type, ident)
type = BoundedPositiveIntegerField(choices=TYPE)
ident = models.CharField(max_length=64, null=True)
# if the user is not set, it's assumed to be the system
user = FlexibleForeignKey(settings.AUTH_USER_MODEL, null=True)
datetime = models.DateTimeField(default=timezone.now)
data = GzippedDictField(null=True)
class Meta:
app_label = 'sentry'
db_table = 'sentry_activity'
__repr__ = sane_repr('project_id', 'group_id', 'event_id', 'user_id',
'type', 'ident')
def save(self, *args, **kwargs):
created = bool(not self.id)
super(Activity, self).save(*args, **kwargs)
if not created:
return
# HACK: support Group.num_comments
if self.type == Activity.NOTE:
self.group.update(num_comments=F('num_comments') + 1)
if self.event:
self.event.update(num_comments=F('num_comments') + 1)
def delete(self, *args, **kwargs):
super(Activity, self).delete(*args, **kwargs)
# HACK: support Group.num_comments
if self.type == Activity.NOTE:
self.group.update(num_comments=F('num_comments') - 1)
if self.event:
self.event.update(num_comments=F('num_comments') - 1)
def get_recipients(self):
from sentry.models import UserOption
if self.type == Activity.ASSIGNED:
# dont email the user if they took the action
send_to = [self.data['assignee']]
else:
member_set = self.project.member_set.values_list('user', flat=True)
if not member_set:
return []
disabled = set(
UserOption.objects.filter(
user__in=member_set,
key='subscribe_notes',
value=u'0',
).values_list('user', flat=True))
send_to = [u for u in member_set if u not in disabled]
# never include the actor
send_to = [u for u in send_to if u != self.user_id]
return send_to
def send_notification(self):
from sentry.models import Release
from sentry.utils.email import MessageBuilder, group_id_to_email
if self.type not in (Activity.NOTE, Activity.ASSIGNED,
Activity.RELEASE):
return
send_to = self.get_recipients()
if not send_to:
return
project = self.project
org = self.project.organization
if self.user:
author = self.user.first_name or self.user.username
else:
author = None
subject_prefix = self.project.get_option('subject_prefix',
settings.EMAIL_SUBJECT_PREFIX)
if subject_prefix:
subject_prefix = subject_prefix.rstrip() + ' '
if self.group:
subject = '%s%s' % (subject_prefix, self.group.get_email_subject())
elif self.type == Activity.RELEASE:
subject = '%sRelease %s' % (subject_prefix, self.data['version'])
else:
raise NotImplementedError
headers = {}
context = {
'data':
self.data,
'author':
author,
'project':
self.project,
'project_link':
absolute_uri(
reverse('sentry-stream',
kwargs={
'organization_slug': org.slug,
'project_id': project.slug,
})),
}
if self.group:
headers.update({
'X-Sentry-Reply-To':
group_id_to_email(self.group.id),
})
context.update({
'group': self.group,
'link': self.group.get_absolute_url(),
})
# TODO(dcramer): abstract each activity email into its own helper class
if self.type == Activity.RELEASE:
context.update({
'release':
Release.objects.get(
version=self.data['version'],
project=project,
),
'release_link':
absolute_uri(
reverse('sentry-release-details',
kwargs={
'organization_slug': org.slug,
'project_id': project.slug,
'version': self.data['version'],
})),
})
template_name = self.get_type_display()
msg = MessageBuilder(
subject=subject,
context=context,
template='sentry/emails/activity/{}.txt'.format(template_name),
html_template='sentry/emails/activity/{}.html'.format(
template_name),
headers=headers,
reference=self,
reply_reference=self.group,
)
msg.add_users(send_to, project=self.project)
msg.send_async()
class AlertRuleTriggerAction(Model):
"""
This model represents an action that occurs when a trigger is fired. This is
typically some sort of notification.
"""
__core__ = True
_type_registrations = {}
# Which sort of action to take
class Type(Enum):
EMAIL = 0
PAGERDUTY = 1
SLACK = 2
class TargetType(Enum):
# A direct reference, like an email address, Slack channel or PagerDuty service
SPECIFIC = 0
# A specific user. This could be used to grab the user's email address.
USER = 1
# A specific team. This could be used to send an email to everyone associated
# with a team.
TEAM = 2
TypeRegistration = namedtuple(
"TypeRegistration",
[
"handler", "slug", "type", "supported_target_types",
"integration_provider"
],
)
alert_rule_trigger = FlexibleForeignKey("sentry.AlertRuleTrigger")
integration = FlexibleForeignKey("sentry.Integration", null=True)
type = models.SmallIntegerField()
target_type = models.SmallIntegerField()
# Identifier used to perform the action on a given target
target_identifier = models.TextField(null=True)
# Human readable name to display in the UI
target_display = models.TextField(null=True)
date_added = models.DateTimeField(default=timezone.now)
class Meta:
app_label = "sentry"
db_table = "sentry_alertruletriggeraction"
@property
def target(self):
if self.target_type == self.TargetType.USER.value:
try:
return User.objects.get(id=int(self.target_identifier))
except User.DoesNotExist:
pass
elif self.target_type == self.TargetType.TEAM.value:
try:
return Team.objects.get(id=int(self.target_identifier))
except Team.DoesNotExist:
pass
elif self.target_type == self.TargetType.SPECIFIC.value:
# TODO: This is only for email. We should have a way of validating that it's
# ok to contact this email.
return self.target_identifier
def build_handler(self, incident, project):
type = AlertRuleTriggerAction.Type(self.type)
if type in self._type_registrations:
return self._type_registrations[type].handler(
self, incident, project)
else:
metrics.incr("alert_rule_trigger.unhandled_type.{}".format(
self.type))
def fire(self, incident, project, metric_value):
handler = self.build_handler(incident, project)
if handler:
return handler.fire(metric_value)
def resolve(self, incident, project, metric_value):
handler = self.build_handler(incident, project)
if handler:
return handler.resolve(metric_value)
@classmethod
def register_type(cls,
slug,
type,
supported_target_types,
integration_provider=None):
"""
Registers a handler for a given type.
:param slug: A string representing the name of this type registration
:param type: The `Type` to handle.
:param handler: A subclass of `ActionHandler` that accepts the
`AlertRuleTriggerAction` and `Incident`.
:param integration_provider: String representing the integration provider
related to this type.
"""
def inner(handler):
if type not in cls._type_registrations:
cls._type_registrations[type] = cls.TypeRegistration(
handler, slug, type, frozenset(supported_target_types),
integration_provider)
else:
raise Exception(u"Handler already registered for type %s" %
type)
return handler
return inner
@classmethod
def get_registered_type(cls, type):
return cls._type_registrations[type]
@classmethod
def get_registered_types(cls):
return cls._type_registrations.values()
class Event(Model):
"""
An individual event.
"""
__core__ = False
group = FlexibleForeignKey('sentry.Group',
blank=True,
null=True,
related_name="event_set")
event_id = models.CharField(max_length=32,
null=True,
db_column="message_id")
project = FlexibleForeignKey('sentry.Project', null=True)
message = models.TextField()
num_comments = BoundedPositiveIntegerField(default=0, null=True)
platform = models.CharField(max_length=64, null=True)
datetime = models.DateTimeField(default=timezone.now, db_index=True)
time_spent = BoundedIntegerField(null=True)
data = NodeField(blank=True,
null=True,
ref_func=lambda x: x.group_id or x.group.id)
objects = BaseManager()
class Meta:
app_label = 'sentry'
db_table = 'sentry_message'
verbose_name = _('message')
verbose_name_plural = _('messages')
unique_together = (('project', 'event_id'), )
index_together = (('group', 'datetime'), )
__repr__ = sane_repr('project_id', 'group_id')
def error(self):
message = strip(self.message)
if not message:
message = '<unlabeled message>'
else:
message = truncatechars(message.splitlines()[0], 100)
return message
error.short_description = _('error')
def has_two_part_message(self):
message = strip(self.message)
return '\n' in message or len(message) > 100
@property
def message_short(self):
message = strip(self.message)
if not message:
message = '<unlabeled message>'
else:
message = truncatechars(message.splitlines()[0], 100)
return message
@property
def team(self):
return self.project.team
@property
def organization(self):
return self.project.organization
@property
def version(self):
return self.data.get('version', '5')
@memoize
def ip_address(self):
user_data = self.data.get('sentry.interfaces.User',
self.data.get('user'))
if user_data:
value = user_data.get('ip_address')
if value:
return value
http_data = self.data.get('sentry.interfaces.Http',
self.data.get('http'))
if http_data and 'env' in http_data:
value = http_data['env'].get('REMOTE_ADDR')
if value:
return value
return None
def get_interfaces(self):
result = []
for key, data in self.data.iteritems():
try:
cls = get_interface(key)
except ValueError:
continue
value = safe_execute(cls.to_python, data)
if not value:
continue
result.append((key, value))
return OrderedDict((k, v) for k, v in sorted(
result, key=lambda x: x[1].get_score(), reverse=True))
@memoize
def interfaces(self):
return self.get_interfaces()
def get_tags(self, with_internal=True):
try:
return sorted((t, v) for t, v in self.data.get('tags') or ()
if with_internal or not t.startswith('sentry:'))
except ValueError:
# at one point Sentry allowed invalid tag sets such as (foo, bar)
# vs ((tag, foo), (tag, bar))
return []
tags = property(get_tags)
def get_tag(self, key):
for t, v in (self.data.get('tags') or ()):
if t == key:
return v
return None
def as_dict(self):
# We use a OrderedDict to keep elements ordered for a potential JSON serializer
data = OrderedDict()
data['id'] = self.event_id
data['project'] = self.project_id
data['release'] = self.get_tag('sentry:release')
data['platform'] = self.platform
data['culprit'] = self.group.culprit
data['message'] = self.message
data['datetime'] = self.datetime
data['time_spent'] = self.time_spent
data['tags'] = self.get_tags()
for k, v in sorted(self.data.iteritems()):
data[k] = v
return data
@property
def size(self):
data_len = len(self.message)
for value in self.data.itervalues():
data_len += len(repr(value))
return data_len
# XXX(dcramer): compatibility with plugins
def get_level_display(self):
warnings.warn(
'Event.get_level_display is deprecated. Use Event.tags instead.',
DeprecationWarning)
return self.group.get_level_display()
@property
def level(self):
warnings.warn('Event.level is deprecated. Use Event.tags instead.',
DeprecationWarning)
return self.group.level
@property
def logger(self):
warnings.warn('Event.logger is deprecated. Use Event.tags instead.',
DeprecationWarning)
return self.get_tag('logger')
@property
def site(self):
warnings.warn('Event.site is deprecated. Use Event.tags instead.',
DeprecationWarning)
return self.get_tag('site')
@property
def server_name(self):
warnings.warn(
'Event.server_name is deprecated. Use Event.tags instead.')
return self.get_tag('server_name')
@property
def culprit(self):
warnings.warn(
'Event.culprit is deprecated. Use Group.culprit instead.')
return self.group.culprit
@property
def checksum(self):
warnings.warn('Event.checksum is no longer used', DeprecationWarning)
return ''
class Identity(Model):
"""
A verified link between a user and a third party identity.
"""
__core__ = False
idp = FlexibleForeignKey("sentry.IdentityProvider")
user = FlexibleForeignKey(settings.AUTH_USER_MODEL)
external_id = models.TextField()
data = EncryptedJsonField()
status = BoundedPositiveIntegerField(default=IdentityStatus.UNKNOWN)
scopes = ArrayField()
date_verified = models.DateTimeField(default=timezone.now)
date_added = models.DateTimeField(default=timezone.now)
class Meta:
app_label = "sentry"
db_table = "sentry_identity"
unique_together = (("idp", "external_id"), ("idp", "user"))
def get_provider(self):
from sentry.identity import get
return get(self.idp.type)
@classmethod
def reattach(cls, idp, external_id, user, defaults):
"""
Removes identities under `idp` associated with either `external_id` or `user`
and creates a new identity linking them.
"""
lookup = Q(external_id=external_id) | Q(user=user)
Identity.objects.filter(lookup, idp=idp).delete()
logger.info(
"deleted-identity",
extra={
"external_id": external_id,
"idp_id": idp.id,
"user_id": user.id
},
)
identity_model = Identity.objects.create(idp=idp,
user=user,
external_id=external_id,
**defaults)
logger.info(
"created-identity",
extra={
"idp_id": idp.id,
"external_id": external_id,
"object_id": identity_model.id,
"user_id": user.id,
},
)
return identity_model
@classmethod
def update_external_id_and_defaults(cls, idp, external_id, user, defaults):
"""
Updates the identity object for a given user and identity provider
with the new external id and other fields related to the identity status
"""
query = Identity.objects.filter(user=user, idp=idp)
query.update(external_id=external_id, **defaults)
identity_model = query.first()
logger.info(
"updated-identity",
extra={
"external_id": external_id,
"idp_id": idp.id,
"user_id": user.id,
"identity_id": identity_model.id,
},
)
return identity_model
class NotificationSetting(Model):
"""
A setting of when to notify a user or team about activity within the app.
Each row is a notification setting where a key is:
("scope_type", "scope_identifier", "target", "provider", "type"),
and the value is ("value").
"""
__include_in_export__ = False
@property
def scope_str(self) -> str:
return get_notification_scope_name(self.scope_type)
@property
def type_str(self) -> str:
return get_notification_setting_type_name(self.type)
@property
def value_str(self) -> str:
return get_notification_setting_value_name(self.value)
@property
def provider_str(self) -> str:
return get_provider_name(self.provider)
scope_type = BoundedPositiveIntegerField(
choices=(
(NotificationScopeType.USER, "user"),
(NotificationScopeType.ORGANIZATION, "organization"),
(NotificationScopeType.PROJECT, "project"),
(NotificationScopeType.TEAM, "team"),
),
null=False,
)
# user_id, organization_id, project_id
scope_identifier = BoundedBigIntegerField(null=False)
target = FlexibleForeignKey(
"sentry.Actor", db_index=True, unique=False, null=False, on_delete=models.CASCADE
)
provider = BoundedPositiveIntegerField(
choices=(
(ExternalProviders.EMAIL, "email"),
(ExternalProviders.SLACK, "slack"),
),
null=False,
)
type = BoundedPositiveIntegerField(
choices=(
(NotificationSettingTypes.DEFAULT, "default"),
(NotificationSettingTypes.DEPLOY, "deploy"),
(NotificationSettingTypes.ISSUE_ALERTS, "issue"),
(NotificationSettingTypes.WORKFLOW, "workflow"),
(NotificationSettingTypes.APPROVAL, "approval"),
(NotificationSettingTypes.QUOTA, "quota"),
(NotificationSettingTypes.QUOTA_ERRORS, "quotaErrors"),
(NotificationSettingTypes.QUOTA_TRANSACTIONS, "quotaTransactions"),
(NotificationSettingTypes.QUOTA_ATTACHMENTS, "quotaAttacments"),
(NotificationSettingTypes.QUOTA_WARNINGS, "quotaWarnings"),
),
null=False,
)
value = BoundedPositiveIntegerField(
choices=(
(NotificationSettingOptionValues.DEFAULT, "default"),
(NotificationSettingOptionValues.NEVER, "off"),
(NotificationSettingOptionValues.ALWAYS, "on"),
(NotificationSettingOptionValues.SUBSCRIBE_ONLY, "subscribe_only"),
(NotificationSettingOptionValues.COMMITTED_ONLY, "committed_only"),
),
null=False,
)
objects = NotificationsManager()
class Meta:
app_label = "sentry"
db_table = "sentry_notificationsetting"
unique_together = (
(
"scope_type",
"scope_identifier",
"target",
"provider",
"type",
),
)
__repr__ = sane_repr(
"scope_str",
"scope_identifier",
"target",
"provider_str",
"type_str",
"value_str",
)
class ProjectKey(Model):
project = FlexibleForeignKey('sentry.Project', related_name='key_set')
label = models.CharField(max_length=64, blank=True, null=True)
public_key = models.CharField(max_length=32, unique=True, null=True)
secret_key = models.CharField(max_length=32, unique=True, null=True)
user = FlexibleForeignKey(settings.AUTH_USER_MODEL, null=True)
roles = BitField(
flags=(
# access to post events to the store endpoint
('store', 'Event API access'),
# read/write access to rest API
('api', 'Web API access'),
),
default=['store'])
status = BoundedPositiveIntegerField(default=0,
choices=(
(ProjectKeyStatus.ACTIVE,
_('Active')),
(ProjectKeyStatus.INACTIVE,
_('Inactive')),
),
db_index=True)
# For audits
user_added = FlexibleForeignKey(settings.AUTH_USER_MODEL,
null=True,
related_name='keys_added_set')
date_added = models.DateTimeField(default=timezone.now, null=True)
objects = BaseManager(cache_fields=(
'public_key',
'secret_key',
))
# support legacy project keys in API
scopes = (
'project:read',
'project:write',
'project:delete',
'event:read',
'event:write',
'event:delete',
)
class Meta:
app_label = 'sentry'
db_table = 'sentry_projectkey'
__repr__ = sane_repr('project_id', 'user_id', 'public_key')
def __unicode__(self):
return six.text_type(self.public_key)
@classmethod
def generate_api_key(cls):
return uuid4().hex
@property
def is_active(self):
return self.status == ProjectKeyStatus.ACTIVE
def save(self, *args, **kwargs):
if not self.public_key:
self.public_key = ProjectKey.generate_api_key()
if not self.secret_key:
self.secret_key = ProjectKey.generate_api_key()
super(ProjectKey, self).save(*args, **kwargs)
def get_dsn(self, domain=None, secure=True, public=False):
if not public:
key = '%s:%s' % (self.public_key, self.secret_key)
url = settings.SENTRY_ENDPOINT
else:
key = self.public_key
url = settings.SENTRY_PUBLIC_ENDPOINT
urlparts = urlparse(url or settings.SENTRY_URL_PREFIX)
return '%s://%s@%s/%s' % (
urlparts.scheme,
key,
urlparts.netloc + urlparts.path,
self.project_id,
)
@property
def dsn_private(self):
return self.get_dsn(public=False)
@property
def dsn_public(self):
return self.get_dsn(public=True)
def get_audit_log_data(self):
return {
'label': self.label,
'user_id': self.user_id,
'public_key': self.public_key,
'secret_key': self.secret_key,
'roles': int(self.roles),
'status': self.status,
}
class AuditLogEntry(Model):
__core__ = False
organization = FlexibleForeignKey('sentry.Organization')
actor_label = models.CharField(max_length=64, null=True, blank=True)
# if the entry was created via a user
actor = FlexibleForeignKey('sentry.User',
related_name='audit_actors',
null=True,
blank=True)
# if the entry was created via an api key
actor_key = FlexibleForeignKey('sentry.ApiKey', null=True, blank=True)
target_object = BoundedPositiveIntegerField(null=True)
target_user = FlexibleForeignKey('sentry.User',
null=True,
blank=True,
related_name='audit_targets')
# TODO(dcramer): we want to compile this mapping into JSX for the UI
event = BoundedPositiveIntegerField(choices=(
# We emulate github a bit with event naming
(AuditLogEntryEvent.MEMBER_INVITE, 'member.invite'),
(AuditLogEntryEvent.MEMBER_ADD, 'member.add'),
(AuditLogEntryEvent.MEMBER_ACCEPT, 'member.accept-invite'),
(AuditLogEntryEvent.MEMBER_REMOVE, 'member.remove'),
(AuditLogEntryEvent.MEMBER_EDIT, 'member.edit'),
(AuditLogEntryEvent.MEMBER_JOIN_TEAM, 'member.join-team'),
(AuditLogEntryEvent.MEMBER_LEAVE_TEAM, 'member.leave-team'),
(AuditLogEntryEvent.MEMBER_PENDING, 'member.pending'),
(AuditLogEntryEvent.TEAM_ADD, 'team.create'),
(AuditLogEntryEvent.TEAM_EDIT, 'team.edit'),
(AuditLogEntryEvent.TEAM_REMOVE, 'team.remove'),
(AuditLogEntryEvent.PROJECT_ADD, 'project.create'),
(AuditLogEntryEvent.PROJECT_EDIT, 'project.edit'),
(AuditLogEntryEvent.PROJECT_REMOVE, 'project.remove'),
(AuditLogEntryEvent.PROJECT_SET_PUBLIC, 'project.set-public'),
(AuditLogEntryEvent.PROJECT_SET_PRIVATE, 'project.set-private'),
(AuditLogEntryEvent.PROJECT_REQUEST_TRANSFER,
'project.request-transfer'),
(AuditLogEntryEvent.PROJECT_ACCEPT_TRANSFER,
'project.accept-transfer'),
(AuditLogEntryEvent.ORG_ADD, 'org.create'),
(AuditLogEntryEvent.ORG_EDIT, 'org.edit'),
(AuditLogEntryEvent.ORG_REMOVE, 'org.remove'),
(AuditLogEntryEvent.ORG_RESTORE, 'org.restore'),
(AuditLogEntryEvent.TAGKEY_REMOVE, 'tagkey.remove'),
(AuditLogEntryEvent.PROJECTKEY_ADD, 'projectkey.create'),
(AuditLogEntryEvent.PROJECTKEY_EDIT, 'projectkey.edit'),
(AuditLogEntryEvent.PROJECTKEY_REMOVE, 'projectkey.remove'),
(AuditLogEntryEvent.PROJECTKEY_ENABLE, 'projectkey.enable'),
(AuditLogEntryEvent.PROJECTKEY_DISABLE, 'projectkey.disable'),
(AuditLogEntryEvent.SSO_ENABLE, 'sso.enable'),
(AuditLogEntryEvent.SSO_DISABLE, 'sso.disable'),
(AuditLogEntryEvent.SSO_EDIT, 'sso.edit'),
(AuditLogEntryEvent.SSO_IDENTITY_LINK, 'sso-identity.link'),
(AuditLogEntryEvent.APIKEY_ADD, 'api-key.create'),
(AuditLogEntryEvent.APIKEY_EDIT, 'api-key.edit'),
(AuditLogEntryEvent.APIKEY_REMOVE, 'api-key.remove'),
(AuditLogEntryEvent.RULE_ADD, 'rule.create'),
(AuditLogEntryEvent.RULE_EDIT, 'rule.edit'),
(AuditLogEntryEvent.RULE_REMOVE, 'rule.remove'),
(AuditLogEntryEvent.SERVICEHOOK_ADD, 'serivcehook.create'),
(AuditLogEntryEvent.SERVICEHOOK_EDIT, 'serivcehook.edit'),
(AuditLogEntryEvent.SERVICEHOOK_REMOVE, 'serivcehook.remove'),
(AuditLogEntryEvent.SERVICEHOOK_ENABLE, 'serivcehook.enable'),
(AuditLogEntryEvent.SERVICEHOOK_DISABLE, 'serivcehook.disable'),
(AuditLogEntryEvent.INTEGRATION_ADD, 'integration.add'),
(AuditLogEntryEvent.INTEGRATION_EDIT, 'integration.edit'),
(AuditLogEntryEvent.INTEGRATION_REMOVE, 'integration.remove'),
(AuditLogEntryEvent.SET_ONDEMAND, 'ondemand.edit'),
(AuditLogEntryEvent.TRIAL_STARTED, 'trial.started'),
(AuditLogEntryEvent.PLAN_CHANGED, 'plan.changed'),
))
ip_address = models.GenericIPAddressField(null=True, unpack_ipv4=True)
data = GzippedDictField()
datetime = models.DateTimeField(default=timezone.now)
class Meta:
app_label = 'sentry'
db_table = 'sentry_auditlogentry'
__repr__ = sane_repr('organization_id', 'type')
def save(self, *args, **kwargs):
if not self.actor_label:
assert self.actor or self.actor_key
if self.actor:
self.actor_label = self.actor.username
else:
self.actor_label = self.actor_key.key
super(AuditLogEntry, self).save(*args, **kwargs)
def get_actor_name(self):
if self.actor:
return self.actor.get_display_name()
elif self.actor_key:
return self.actor_key.key + ' (api key)'
return self.actor_label
def get_note(self):
if self.event == AuditLogEntryEvent.MEMBER_INVITE:
return 'invited member %s' % (self.data['email'], )
elif self.event == AuditLogEntryEvent.MEMBER_ADD:
if self.target_user == self.actor:
return 'joined the organization'
return 'added member %s' % (self.target_user.get_display_name(), )
elif self.event == AuditLogEntryEvent.MEMBER_ACCEPT:
return 'accepted the membership invite'
elif self.event == AuditLogEntryEvent.MEMBER_REMOVE:
if self.target_user == self.actor:
return 'left the organization'
return 'removed member %s' % (
self.data.get('email')
or self.target_user.get_display_name(), )
elif self.event == AuditLogEntryEvent.MEMBER_EDIT:
return 'edited member %s (role: %s, teams: %s)' % (
self.data.get('email') or self.target_user.get_display_name(),
self.data.get('role') or 'N/A',
', '.join(
six.text_type(x)
for x in self.data.get('team_slugs', [])) or 'N/A',
)
elif self.event == AuditLogEntryEvent.MEMBER_JOIN_TEAM:
if self.target_user == self.actor:
return 'joined team %s' % (self.data['team_slug'], )
return 'added %s to team %s' % (
self.data.get('email') or self.target_user.get_display_name(),
self.data['team_slug'],
)
elif self.event == AuditLogEntryEvent.MEMBER_LEAVE_TEAM:
if self.target_user == self.actor:
return 'left team %s' % (self.data['team_slug'], )
return 'removed %s from team %s' % (
self.data.get('email') or self.target_user.get_display_name(),
self.data['team_slug'],
)
elif self.event == AuditLogEntryEvent.MEMBER_PENDING:
return 'required member %s to setup 2FA' % (
self.data.get('email')
or self.target_user.get_display_name(), )
elif self.event == AuditLogEntryEvent.ORG_ADD:
return 'created the organization'
elif self.event == AuditLogEntryEvent.ORG_EDIT:
return 'edited the organization setting: ' + (', '.join(
u'{} {}'.format(k, v) for k, v in self.data.items()))
elif self.event == AuditLogEntryEvent.ORG_REMOVE:
return 'removed the organization'
elif self.event == AuditLogEntryEvent.ORG_RESTORE:
return 'restored the organization'
elif self.event == AuditLogEntryEvent.TEAM_ADD:
return 'created team %s' % (self.data['slug'], )
elif self.event == AuditLogEntryEvent.TEAM_EDIT:
return 'edited team %s' % (self.data['slug'], )
elif self.event == AuditLogEntryEvent.TEAM_REMOVE:
return 'removed team %s' % (self.data['slug'], )
elif self.event == AuditLogEntryEvent.PROJECT_ADD:
return 'created project %s' % (self.data['slug'], )
elif self.event == AuditLogEntryEvent.PROJECT_EDIT:
return 'edited project settings ' + (' '.join([
' in %s to %s' % (key, value)
for (key, value) in six.iteritems(self.data)
]))
elif self.event == AuditLogEntryEvent.PROJECT_REMOVE:
return 'removed project %s' % (self.data['slug'], )
elif self.event == AuditLogEntryEvent.PROJECT_REQUEST_TRANSFER:
return 'requested to transfer project %s' % (self.data['slug'], )
elif self.event == AuditLogEntryEvent.PROJECT_ACCEPT_TRANSFER:
return 'accepted transfer of project %s' % (self.data['slug'], )
elif self.event == AuditLogEntryEvent.TAGKEY_REMOVE:
return 'removed tags matching %s = *' % (self.data['key'], )
elif self.event == AuditLogEntryEvent.PROJECTKEY_ADD:
return 'added project key %s' % (self.data['public_key'], )
elif self.event == AuditLogEntryEvent.PROJECTKEY_EDIT:
return 'edited project key %s' % (self.data['public_key'], )
elif self.event == AuditLogEntryEvent.PROJECTKEY_REMOVE:
return 'removed project key %s' % (self.data['public_key'], )
elif self.event == AuditLogEntryEvent.PROJECTKEY_ENABLE:
return 'enabled project key %s' % (self.data['public_key'], )
elif self.event == AuditLogEntryEvent.PROJECTKEY_DISABLE:
return 'disabled project key %s' % (self.data['public_key'], )
elif self.event == AuditLogEntryEvent.SSO_ENABLE:
return 'enabled sso (%s)' % (self.data['provider'], )
elif self.event == AuditLogEntryEvent.SSO_DISABLE:
return 'disabled sso (%s)' % (self.data['provider'], )
elif self.event == AuditLogEntryEvent.SSO_EDIT:
return 'edited sso settings'
elif self.event == AuditLogEntryEvent.SSO_IDENTITY_LINK:
return 'linked their account to a new identity'
elif self.event == AuditLogEntryEvent.APIKEY_ADD:
return 'added api key %s' % (self.data['label'], )
elif self.event == AuditLogEntryEvent.APIKEY_EDIT:
return 'edited api key %s' % (self.data['label'], )
elif self.event == AuditLogEntryEvent.APIKEY_REMOVE:
return 'removed api key %s' % (self.data['label'], )
elif self.event == AuditLogEntryEvent.RULE_ADD:
return 'added rule "%s"' % (self.data['label'], )
elif self.event == AuditLogEntryEvent.RULE_EDIT:
return 'edited rule "%s"' % (self.data['label'], )
elif self.event == AuditLogEntryEvent.RULE_REMOVE:
return 'removed rule "%s"' % (self.data['label'], )
elif self.event == AuditLogEntryEvent.SET_ONDEMAND:
if self.data['ondemand'] == -1:
return 'changed on-demand spend to unlimited'
return 'changed on-demand max spend to $%d' % (
self.data['ondemand'] / 100, )
elif self.event == AuditLogEntryEvent.TRIAL_STARTED:
return 'started trial'
elif self.event == AuditLogEntryEvent.PLAN_CHANGED:
return 'changed plan to %s' % (self.data['plan_name'], )
elif self.event == AuditLogEntryEvent.SERVICEHOOK_ADD:
return 'added a service hook for "%s"' % (truncatechars(
self.data['url'], 64), )
elif self.event == AuditLogEntryEvent.SERVICEHOOK_EDIT:
return 'edited the service hook for "%s"' % (truncatechars(
self.data['url'], 64), )
elif self.event == AuditLogEntryEvent.SERVICEHOOK_REMOVE:
return 'removed the service hook for "%s"' % (truncatechars(
self.data['url'], 64), )
elif self.event == AuditLogEntryEvent.SERVICEHOOK_ENABLE:
return 'enabled theservice hook for "%s"' % (truncatechars(
self.data['url'], 64), )
elif self.event == AuditLogEntryEvent.SERVICEHOOK_DISABLE:
return 'disabled the service hook for "%s"' % (truncatechars(
self.data['url'], 64), )
elif self.event == AuditLogEntryEvent.INTEGRATION_ADD:
return 'enabled integration %s for project %s' % (
self.data['integration'], self.data['project'])
elif self.event == AuditLogEntryEvent.INTEGRATION_EDIT:
return 'edited integration %s for project %s' % (
self.data['integration'], self.data['project'])
elif self.event == AuditLogEntryEvent.INTEGRATION_REMOVE:
return 'disabled integration %s from project %s' % (
self.data['integration'], self.data['project'])
return ''
class Release(Model):
"""
A release is generally created when a new version is pushed into a
production state.
"""
__core__ = False
project = FlexibleForeignKey('sentry.Project')
version = models.CharField(max_length=64)
# ref might be the branch name being released
ref = models.CharField(max_length=64, null=True, blank=True)
url = models.URLField(null=True, blank=True)
date_added = models.DateTimeField(default=timezone.now)
date_started = models.DateTimeField(null=True, blank=True)
date_released = models.DateTimeField(null=True, blank=True)
# arbitrary data recorded with the release
data = JSONField(default={})
new_groups = BoundedPositiveIntegerField(default=0)
class Meta:
app_label = 'sentry'
db_table = 'sentry_release'
unique_together = (('project', 'version'), )
__repr__ = sane_repr('project_id', 'version')
@classmethod
def get_cache_key(cls, project_id, version):
return 'release:2:%s:%s' % (project_id, md5(version).hexdigest())
@classmethod
def get(cls, project, version):
cache_key = cls.get_cache_key(project.id, version)
release = cache.get(cache_key)
if release is None:
try:
release = cls.objects.get(
project=project,
version=version,
)
except cls.DoesNotExist:
release = -1
cache.set(cache_key, release, 300)
if release == -1:
return
return release
@classmethod
def get_or_create(cls, project, version, date_added):
cache_key = cls.get_cache_key(project.id, version)
release = cache.get(cache_key)
if release in (None, -1):
# TODO(dcramer): if the cache result is -1 we could attempt a
# default create here instead of default get
release = cls.objects.get_or_create(
project=project,
version=version,
defaults={
'date_added': date_added,
},
)[0]
cache.set(cache_key, release, 3600)
return release
class ProjectKey(Model):
__core__ = True
project = FlexibleForeignKey('sentry.Project', related_name='key_set')
label = models.CharField(max_length=64, blank=True, null=True)
public_key = models.CharField(max_length=32, unique=True, null=True)
secret_key = models.CharField(max_length=32, unique=True, null=True)
roles = BitField(
flags=(
# access to post events to the store endpoint
('store', 'Event API access'),
# read/write access to rest API
('api', 'Web API access'),
),
default=['store']
)
status = BoundedPositiveIntegerField(
default=0,
choices=(
(ProjectKeyStatus.ACTIVE, _('Active')),
(ProjectKeyStatus.INACTIVE, _('Inactive')),
),
db_index=True
)
date_added = models.DateTimeField(default=timezone.now, null=True)
rate_limit_count = BoundedPositiveIntegerField(null=True)
rate_limit_window = BoundedPositiveIntegerField(null=True)
objects = BaseManager(cache_fields=('public_key', 'secret_key', ))
data = JSONField()
# support legacy project keys in API
scopes = (
'project:read', 'project:write', 'project:admin', 'project:releases', 'event:read',
'event:write', 'event:admin',
)
class Meta:
app_label = 'sentry'
db_table = 'sentry_projectkey'
__repr__ = sane_repr('project_id', 'public_key')
def __unicode__(self):
return six.text_type(self.public_key)
@classmethod
def generate_api_key(cls):
return uuid4().hex
@classmethod
def looks_like_api_key(cls, key):
return bool(_uuid4_re.match(key))
@classmethod
def from_dsn(cls, dsn):
urlparts = urlparse(dsn)
public_key = urlparts.username
project_id = urlparts.path.rsplit('/', 1)[-1]
try:
return ProjectKey.objects.get(
public_key=public_key,
project=project_id,
)
except ValueError:
# ValueError would come from a non-integer project_id,
# which is obviously a DoesNotExist. We catch and rethrow this
# so anything downstream expecting DoesNotExist works fine
raise ProjectKey.DoesNotExist(
'ProjectKey matching query does not exist.')
@classmethod
def get_default(cls, project):
try:
return cls.objects.filter(
project=project, roles=cls.roles.store, status=ProjectKeyStatus.ACTIVE
)[0]
except IndexError:
return None
@property
def is_active(self):
return self.status == ProjectKeyStatus.ACTIVE
@property
def rate_limit(self):
if self.rate_limit_count and self.rate_limit_window:
return (self.rate_limit_count, self.rate_limit_window)
return (0, 0)
def save(self, *args, **kwargs):
if not self.public_key:
self.public_key = ProjectKey.generate_api_key()
if not self.secret_key:
self.secret_key = ProjectKey.generate_api_key()
if not self.label:
self.label = petname.Generate(2, ' ', letters=10).title()
super(ProjectKey, self).save(*args, **kwargs)
def get_dsn(self, domain=None, secure=True, public=False):
if not public:
key = '%s:%s' % (self.public_key, self.secret_key)
url = settings.SENTRY_ENDPOINT
else:
key = self.public_key
url = settings.SENTRY_PUBLIC_ENDPOINT or settings.SENTRY_ENDPOINT
if url:
urlparts = urlparse(url)
else:
urlparts = urlparse(options.get('system.url-prefix'))
return '%s://%s@%s/%s' % (
urlparts.scheme, key, urlparts.netloc + urlparts.path, self.project_id,
)
@property
def dsn_private(self):
return self.get_dsn(public=False)
@property
def dsn_public(self):
return self.get_dsn(public=True)
@property
def csp_endpoint(self):
endpoint = self.get_endpoint()
return '%s%s?sentry_key=%s' % (
endpoint,
reverse('sentry-api-csp-report', args=[self.project_id]),
self.public_key,
)
@property
def security_endpoint(self):
endpoint = self.get_endpoint()
return '%s%s?sentry_key=%s' % (
endpoint,
reverse('sentry-api-security-report', args=[self.project_id]),
self.public_key,
)
@property
def minidump_endpoint(self):
endpoint = self.get_endpoint()
return '%s%s/?sentry_key=%s' % (
endpoint,
reverse('sentry-api-minidump', args=[self.project_id]),
self.public_key,
)
@property
def js_sdk_loader_cdn_url(self):
if settings.JS_SDK_LOADER_CDN_URL:
return '%s%s.min.js' % (settings.JS_SDK_LOADER_CDN_URL, self.public_key)
else:
endpoint = self.get_endpoint()
return '%s%s' % (
endpoint,
reverse('sentry-js-sdk-loader', args=[self.public_key, '.min'])
)
def get_endpoint(self):
endpoint = settings.SENTRY_PUBLIC_ENDPOINT or settings.SENTRY_ENDPOINT
if not endpoint:
endpoint = options.get('system.url-prefix')
return endpoint
def get_allowed_origins(self):
from sentry.utils.http import get_origins
return get_origins(self.project)
def get_audit_log_data(self):
return {
'label': self.label,
'public_key': self.public_key,
'secret_key': self.secret_key,
'roles': int(self.roles),
'status': self.status,
'rate_limit_count': self.rate_limit_count,
'rate_limit_window': self.rate_limit_window,
}
def get_scopes(self):
return self.scopes
class ApiToken(Model):
__core__ = True
# users can generate tokens without being application-bound
application = FlexibleForeignKey('sentry.ApiApplication', null=True)
user = FlexibleForeignKey('sentry.User')
token = models.CharField(
max_length=64,
unique=True,
default=lambda: ApiToken.generate_token(),
)
refresh_token = models.CharField(
max_length=64,
unique=True,
null=True,
default=lambda: ApiToken.generate_token(),
)
expires_at = models.DateTimeField(
null=True, default=lambda: timezone.now() + DEFAULT_EXPIRATION)
scopes = BitField(flags=ApiScopes().to_bitfield())
scope_list = ArrayField(of=models.TextField)
date_added = models.DateTimeField(default=timezone.now)
objects = BaseManager(cache_fields=('token', ))
class Meta:
app_label = 'sentry'
db_table = 'sentry_apitoken'
__repr__ = sane_repr('user_id', 'token', 'application_id')
def __unicode__(self):
return six.text_type(self.token)
@classmethod
def generate_token(cls):
return uuid4().hex + uuid4().hex
@classmethod
def from_grant(cls, grant):
with transaction.atomic():
return cls.objects.create(
application=grant.application,
user=grant.user,
scope_list=grant.get_scopes(),
)
def is_expired(self):
if not self.expires_at:
return False
return timezone.now() >= self.expires_at
def get_audit_log_data(self):
return {
'scopes': self.get_scopes(),
}
def get_scopes(self):
if self.scope_list:
return self.scope_list
return [k for k, v in six.iteritems(self.scopes) if v]
def has_scope(self, scope):
return scope in self.get_scopes()
def get_allowed_origins(self):
if self.application:
return self.application.get_allowed_origins()
return ()
def refresh(self, expires_at=None):
if expires_at is None:
expires_at = timezone.now() + DEFAULT_EXPIRATION
self.update(
token=type(self).generate_token(),
refresh_token=type(self).generate_token(),
expires_at=expires_at,
)
class AuditLogEntry(Model):
__core__ = False
organization = FlexibleForeignKey("sentry.Organization")
actor_label = models.CharField(max_length=MAX_ACTOR_LABEL_LENGTH,
null=True,
blank=True)
# if the entry was created via a user
actor = FlexibleForeignKey("sentry.User",
related_name="audit_actors",
null=True,
blank=True,
on_delete=models.SET_NULL)
# if the entry was created via an api key
actor_key = FlexibleForeignKey("sentry.ApiKey", null=True, blank=True)
target_object = BoundedPositiveIntegerField(null=True)
target_user = FlexibleForeignKey(
"sentry.User",
null=True,
blank=True,
related_name="audit_targets",
on_delete=models.SET_NULL,
)
# TODO(dcramer): we want to compile this mapping into JSX for the UI
event = BoundedPositiveIntegerField(choices=(
# We emulate github a bit with event naming
(AuditLogEntryEvent.MEMBER_INVITE, "member.invite"),
(AuditLogEntryEvent.MEMBER_ADD, "member.add"),
(AuditLogEntryEvent.MEMBER_ACCEPT, "member.accept-invite"),
(AuditLogEntryEvent.MEMBER_REMOVE, "member.remove"),
(AuditLogEntryEvent.MEMBER_EDIT, "member.edit"),
(AuditLogEntryEvent.MEMBER_JOIN_TEAM, "member.join-team"),
(AuditLogEntryEvent.MEMBER_LEAVE_TEAM, "member.leave-team"),
(AuditLogEntryEvent.MEMBER_PENDING, "member.pending"),
(AuditLogEntryEvent.TEAM_ADD, "team.create"),
(AuditLogEntryEvent.TEAM_EDIT, "team.edit"),
(AuditLogEntryEvent.TEAM_REMOVE, "team.remove"),
(AuditLogEntryEvent.PROJECT_ADD, "project.create"),
(AuditLogEntryEvent.PROJECT_EDIT, "project.edit"),
(AuditLogEntryEvent.PROJECT_REMOVE, "project.remove"),
(AuditLogEntryEvent.PROJECT_SET_PUBLIC, "project.set-public"),
(AuditLogEntryEvent.PROJECT_SET_PRIVATE, "project.set-private"),
(AuditLogEntryEvent.PROJECT_REQUEST_TRANSFER,
"project.request-transfer"),
(AuditLogEntryEvent.PROJECT_ACCEPT_TRANSFER,
"project.accept-transfer"),
(AuditLogEntryEvent.PROJECT_ENABLE, "project.enable"),
(AuditLogEntryEvent.PROJECT_DISABLE, "project.disable"),
(AuditLogEntryEvent.ORG_ADD, "org.create"),
(AuditLogEntryEvent.ORG_EDIT, "org.edit"),
(AuditLogEntryEvent.ORG_REMOVE, "org.remove"),
(AuditLogEntryEvent.ORG_RESTORE, "org.restore"),
(AuditLogEntryEvent.TAGKEY_REMOVE, "tagkey.remove"),
(AuditLogEntryEvent.PROJECTKEY_ADD, "projectkey.create"),
(AuditLogEntryEvent.PROJECTKEY_EDIT, "projectkey.edit"),
(AuditLogEntryEvent.PROJECTKEY_REMOVE, "projectkey.remove"),
(AuditLogEntryEvent.PROJECTKEY_ENABLE, "projectkey.enable"),
(AuditLogEntryEvent.PROJECTKEY_DISABLE, "projectkey.disable"),
(AuditLogEntryEvent.SSO_ENABLE, "sso.enable"),
(AuditLogEntryEvent.SSO_DISABLE, "sso.disable"),
(AuditLogEntryEvent.SSO_EDIT, "sso.edit"),
(AuditLogEntryEvent.SSO_IDENTITY_LINK, "sso-identity.link"),
(AuditLogEntryEvent.APIKEY_ADD, "api-key.create"),
(AuditLogEntryEvent.APIKEY_EDIT, "api-key.edit"),
(AuditLogEntryEvent.APIKEY_REMOVE, "api-key.remove"),
(AuditLogEntryEvent.RULE_ADD, "rule.create"),
(AuditLogEntryEvent.RULE_EDIT, "rule.edit"),
(AuditLogEntryEvent.RULE_REMOVE, "rule.remove"),
(AuditLogEntryEvent.SERVICEHOOK_ADD, "servicehook.create"),
(AuditLogEntryEvent.SERVICEHOOK_EDIT, "servicehook.edit"),
(AuditLogEntryEvent.SERVICEHOOK_REMOVE, "servicehook.remove"),
(AuditLogEntryEvent.SERVICEHOOK_ENABLE, "servicehook.enable"),
(AuditLogEntryEvent.SERVICEHOOK_DISABLE, "servicehook.disable"),
(AuditLogEntryEvent.INTEGRATION_UPGRADE, "integration.upgrade"),
(AuditLogEntryEvent.INTEGRATION_ADD, "integration.add"),
(AuditLogEntryEvent.INTEGRATION_EDIT, "integration.edit"),
(AuditLogEntryEvent.INTEGRATION_REMOVE, "integration.remove"),
(AuditLogEntryEvent.SENTRY_APP_ADD, "sentry-app.add"),
(AuditLogEntryEvent.SENTRY_APP_REMOVE, "sentry-app.remove"),
(AuditLogEntryEvent.SENTRY_APP_INSTALL, "sentry-app.install"),
(AuditLogEntryEvent.SENTRY_APP_UNINSTALL, "sentry-app.uninstall"),
(AuditLogEntryEvent.INTERNAL_INTEGRATION_ADD,
"internal-integration.create"),
(AuditLogEntryEvent.INTERNAL_INTEGRATION_ADD_TOKEN,
"internal-integration.add-token"),
(
AuditLogEntryEvent.INTERNAL_INTEGRATION_REMOVE_TOKEN,
"internal-integration.remove-token",
),
(AuditLogEntryEvent.SET_ONDEMAND, "ondemand.edit"),
(AuditLogEntryEvent.TRIAL_STARTED, "trial.started"),
(AuditLogEntryEvent.PLAN_CHANGED, "plan.changed"),
(AuditLogEntryEvent.PLAN_CANCELLED, "plan.cancelled"),
(AuditLogEntryEvent.INVITE_REQUEST_ADD, "invite-request.create"),
(AuditLogEntryEvent.INVITE_REQUEST_REMOVE, "invite-request.remove"),
))
ip_address = models.GenericIPAddressField(null=True, unpack_ipv4=True)
data = GzippedDictField()
datetime = models.DateTimeField(default=timezone.now)
class Meta:
app_label = "sentry"
db_table = "sentry_auditlogentry"
__repr__ = sane_repr("organization_id", "type")
def save(self, *args, **kwargs):
if not self.actor_label:
assert self.actor or self.actor_key
if self.actor:
self.actor_label = self.actor.username
else:
self.actor_label = self.actor_key.key
# trim label to the max length
self.actor_label = self.actor_label[:MAX_ACTOR_LABEL_LENGTH]
super(AuditLogEntry, self).save(*args, **kwargs)
def get_actor_name(self):
if self.actor:
return self.actor.get_display_name()
elif self.actor_key:
return self.actor_key.key + " (api key)"
return self.actor_label
def get_note(self):
if self.event == AuditLogEntryEvent.MEMBER_INVITE:
return "invited member %s" % (self.data["email"], )
elif self.event == AuditLogEntryEvent.MEMBER_ADD:
if self.target_user == self.actor:
return "joined the organization"
return "added member %s" % (self.target_user.get_display_name(), )
elif self.event == AuditLogEntryEvent.MEMBER_ACCEPT:
return "accepted the membership invite"
elif self.event == AuditLogEntryEvent.MEMBER_REMOVE:
if self.target_user == self.actor:
return "left the organization"
return "removed member %s" % (
self.data.get("email")
or self.target_user.get_display_name(), )
elif self.event == AuditLogEntryEvent.MEMBER_EDIT:
return "edited member %s (role: %s, teams: %s)" % (
self.data.get("email") or self.target_user.get_display_name(),
self.data.get("role") or "N/A",
", ".join(
six.text_type(x)
for x in self.data.get("team_slugs", [])) or "N/A",
)
elif self.event == AuditLogEntryEvent.MEMBER_JOIN_TEAM:
if self.target_user == self.actor:
return "joined team %s" % (self.data["team_slug"], )
return "added %s to team %s" % (
self.data.get("email") or self.target_user.get_display_name(),
self.data["team_slug"],
)
elif self.event == AuditLogEntryEvent.MEMBER_LEAVE_TEAM:
if self.target_user == self.actor:
return "left team %s" % (self.data["team_slug"], )
return "removed %s from team %s" % (
self.data.get("email") or self.target_user.get_display_name(),
self.data["team_slug"],
)
elif self.event == AuditLogEntryEvent.MEMBER_PENDING:
return "required member %s to setup 2FA" % (
self.data.get("email")
or self.target_user.get_display_name(), )
elif self.event == AuditLogEntryEvent.ORG_ADD:
return "created the organization"
elif self.event == AuditLogEntryEvent.ORG_EDIT:
return "edited the organization setting: " + (", ".join(
"{} {}".format(k, v) for k, v in self.data.items()))
elif self.event == AuditLogEntryEvent.ORG_REMOVE:
return "removed the organization"
elif self.event == AuditLogEntryEvent.ORG_RESTORE:
return "restored the organization"
elif self.event == AuditLogEntryEvent.TEAM_ADD:
return "created team %s" % (self.data["slug"], )
elif self.event == AuditLogEntryEvent.TEAM_EDIT:
return "edited team %s" % (self.data["slug"], )
elif self.event == AuditLogEntryEvent.TEAM_REMOVE:
return "removed team %s" % (self.data["slug"], )
elif self.event == AuditLogEntryEvent.PROJECT_ADD:
return "created project %s" % (self.data["slug"], )
elif self.event == AuditLogEntryEvent.PROJECT_EDIT:
return "edited project settings " + (" ".join([
" in %s to %s" % (key, value)
for (key, value) in six.iteritems(self.data)
]))
elif self.event == AuditLogEntryEvent.PROJECT_REMOVE:
return "removed project %s" % (self.data["slug"], )
elif self.event == AuditLogEntryEvent.PROJECT_REQUEST_TRANSFER:
return "requested to transfer project %s" % (self.data["slug"], )
elif self.event == AuditLogEntryEvent.PROJECT_ACCEPT_TRANSFER:
return "accepted transfer of project %s" % (self.data["slug"], )
elif self.event in [
AuditLogEntryEvent.PROJECT_ENABLE,
AuditLogEntryEvent.PROJECT_DISABLE
]:
verb = "enabled" if self.event == AuditLogEntryEvent.PROJECT_ENABLE else "disabled"
# Most logs will just be name of the filter, but legacy browser changes can be bool, str or sets
filter_name = self.data["state"]
if (filter_name in ("0", "1") or isinstance(filter_name, set)
or isinstance(filter_name, bool)):
message = "%s project filter legacy-browsers" % (verb, )
if isinstance(filter_name, set):
message += ": %s" % (", ".join(filter_name), )
return message
else:
return "%s project filter %s" % (verb, filter_name)
elif self.event == AuditLogEntryEvent.TAGKEY_REMOVE:
return "removed tags matching %s = *" % (self.data["key"], )
elif self.event == AuditLogEntryEvent.PROJECTKEY_ADD:
return "added project key %s" % (self.data["public_key"], )
elif self.event == AuditLogEntryEvent.PROJECTKEY_EDIT:
return "edited project key %s" % (self.data["public_key"], )
elif self.event == AuditLogEntryEvent.PROJECTKEY_REMOVE:
return "removed project key %s" % (self.data["public_key"], )
elif self.event == AuditLogEntryEvent.PROJECTKEY_ENABLE:
return "enabled project key %s" % (self.data["public_key"], )
elif self.event == AuditLogEntryEvent.PROJECTKEY_DISABLE:
return "disabled project key %s" % (self.data["public_key"], )
elif self.event == AuditLogEntryEvent.SSO_ENABLE:
return "enabled sso (%s)" % (self.data["provider"], )
elif self.event == AuditLogEntryEvent.SSO_DISABLE:
return "disabled sso (%s)" % (self.data["provider"], )
elif self.event == AuditLogEntryEvent.SSO_EDIT:
return "edited sso settings: " + (", ".join(
"{} {}".format(k, v) for k, v in self.data.items()))
elif self.event == AuditLogEntryEvent.SSO_IDENTITY_LINK:
return "linked their account to a new identity"
elif self.event == AuditLogEntryEvent.APIKEY_ADD:
return "added api key %s" % (self.data["label"], )
elif self.event == AuditLogEntryEvent.APIKEY_EDIT:
return "edited api key %s" % (self.data["label"], )
elif self.event == AuditLogEntryEvent.APIKEY_REMOVE:
return "removed api key %s" % (self.data["label"], )
elif self.event == AuditLogEntryEvent.RULE_ADD:
return 'added rule "%s"' % (self.data["label"], )
elif self.event == AuditLogEntryEvent.RULE_EDIT:
return 'edited rule "%s"' % (self.data["label"], )
elif self.event == AuditLogEntryEvent.RULE_REMOVE:
return 'removed rule "%s"' % (self.data["label"], )
elif self.event == AuditLogEntryEvent.SET_ONDEMAND:
if self.data["ondemand"] == -1:
return "changed on-demand spend to unlimited"
return "changed on-demand max spend to $%d" % (
self.data["ondemand"] / 100, )
elif self.event == AuditLogEntryEvent.TRIAL_STARTED:
return "started trial"
elif self.event == AuditLogEntryEvent.PLAN_CHANGED:
return "changed plan to %s" % (self.data["plan_name"], )
elif self.event == AuditLogEntryEvent.PLAN_CANCELLED:
return "cancelled plan"
elif self.event == AuditLogEntryEvent.SERVICEHOOK_ADD:
return 'added a service hook for "%s"' % (truncatechars(
self.data["url"], 64), )
elif self.event == AuditLogEntryEvent.SERVICEHOOK_EDIT:
return 'edited the service hook for "%s"' % (truncatechars(
self.data["url"], 64), )
elif self.event == AuditLogEntryEvent.SERVICEHOOK_REMOVE:
return 'removed the service hook for "%s"' % (truncatechars(
self.data["url"], 64), )
elif self.event == AuditLogEntryEvent.SERVICEHOOK_ENABLE:
return 'enabled theservice hook for "%s"' % (truncatechars(
self.data["url"], 64), )
elif self.event == AuditLogEntryEvent.SERVICEHOOK_DISABLE:
return 'disabled the service hook for "%s"' % (truncatechars(
self.data["url"], 64), )
elif self.event == AuditLogEntryEvent.INTEGRATION_ADD:
if self.data.get("provider"):
return "installed %s for the %s integration" % (
self.data["name"],
self.data["provider"],
)
else:
return "enabled integration %s for project %s" % (
self.data["integration"],
self.data["project"],
)
elif self.event == AuditLogEntryEvent.INTEGRATION_EDIT:
if self.data.get("provider"):
return "edited the %s for the %s integration" % (
self.data["name"],
self.data["provider"],
)
return "edited integration %s for project %s" % (
self.data["integration"],
self.data["project"],
)
elif self.event == AuditLogEntryEvent.INTEGRATION_REMOVE:
if self.data.get("provider"):
return "uninstalled %s for the %s integration" % (
self.data["name"],
self.data["provider"],
)
return "disabled integration %s from project %s" % (
self.data["integration"],
self.data["project"],
)
elif self.event == AuditLogEntryEvent.INTEGRATION_UPGRADE:
if self.data.get("provider"):
return "upgraded %s for the %s integration" % (
self.data["name"],
self.data["provider"],
)
elif self.event == AuditLogEntryEvent.SENTRY_APP_ADD:
return "created sentry app %s" % (self.data["sentry_app"])
elif self.event == AuditLogEntryEvent.SENTRY_APP_REMOVE:
return "removed sentry app %s" % (self.data["sentry_app"])
elif self.event == AuditLogEntryEvent.SENTRY_APP_INSTALL:
return "installed sentry app %s" % (self.data["sentry_app"])
elif self.event == AuditLogEntryEvent.SENTRY_APP_UNINSTALL:
return "uninstalled sentry app %s" % (self.data["sentry_app"])
elif self.event == AuditLogEntryEvent.INTERNAL_INTEGRATION_ADD:
return "created internal integration %s" % (self.data.get(
"name", ""))
elif self.event == AuditLogEntryEvent.INTERNAL_INTEGRATION_ADD_TOKEN:
return "created a token for internal integration %s" % (
self.data["sentry_app"])
elif self.event == AuditLogEntryEvent.INTERNAL_INTEGRATION_REMOVE_TOKEN:
return "revoked a token for internal integration %s" % (
self.data["sentry_app"])
elif self.event == AuditLogEntryEvent.INVITE_REQUEST_ADD:
return "request added to invite %s" % (self.data["email"], )
elif self.event == AuditLogEntryEvent.INVITE_REQUEST_REMOVE:
return "removed the invite request for %s" % (self.data["email"], )
return ""
class Project(Model):
"""
Projects are permission based namespaces which generally
are the top level entry point for all data.
"""
__core__ = True
slug = models.SlugField(null=True)
name = models.CharField(max_length=200)
forced_color = models.CharField(max_length=6, null=True, blank=True)
organization = FlexibleForeignKey('sentry.Organization')
team = FlexibleForeignKey('sentry.Team')
teams = models.ManyToManyField('sentry.Team',
related_name='teams',
through=ProjectTeam)
public = models.BooleanField(default=False)
date_added = models.DateTimeField(default=timezone.now)
status = BoundedPositiveIntegerField(
default=0,
choices=(
(ObjectStatus.VISIBLE, _('Active')),
(ObjectStatus.PENDING_DELETION, _('Pending Deletion')),
(ObjectStatus.DELETION_IN_PROGRESS, _('Deletion in Progress')),
),
db_index=True)
# projects that were created before this field was present
# will have their first_event field set to date_added
first_event = models.DateTimeField(null=True)
flags = BitField(flags=(('has_releases',
'This Project has sent release data'), ),
default=0,
null=True)
objects = ProjectManager(cache_fields=[
'pk',
'slug',
])
platform = models.CharField(max_length=64, null=True)
class Meta:
app_label = 'sentry'
db_table = 'sentry_project'
unique_together = (('team', 'slug'), ('organization', 'slug'))
__repr__ = sane_repr('team_id', 'name', 'slug')
def __unicode__(self):
return u'%s (%s)' % (self.name, self.slug)
def next_short_id(self):
from sentry.models import Counter
return Counter.increment(self)
def save(self, *args, **kwargs):
if not self.slug:
lock = locks.get('slug:project', duration=5)
with TimedRetryPolicy(10)(lock.acquire):
slugify_instance(self,
self.name,
organization=self.organization)
super(Project, self).save(*args, **kwargs)
else:
super(Project, self).save(*args, **kwargs)
def get_absolute_url(self):
return absolute_uri('/{}/{}/'.format(self.organization.slug,
self.slug))
def is_internal_project(self):
for value in (settings.SENTRY_FRONTEND_PROJECT,
settings.SENTRY_PROJECT):
if six.text_type(self.id) == six.text_type(value) or six.text_type(
self.slug) == six.text_type(value):
return True
return False
# TODO: Make these a mixin
def update_option(self, *args, **kwargs):
from sentry.models import ProjectOption
return ProjectOption.objects.set_value(self, *args, **kwargs)
def get_option(self, *args, **kwargs):
from sentry.models import ProjectOption
return ProjectOption.objects.get_value(self, *args, **kwargs)
def delete_option(self, *args, **kwargs):
from sentry.models import ProjectOption
return ProjectOption.objects.unset_value(self, *args, **kwargs)
@property
def callsign(self):
return self.slug.upper()
@property
def color(self):
if self.forced_color is not None:
return '#%s' % self.forced_color
return get_hashed_color(self.callsign or self.slug)
@property
def member_set(self):
from sentry.models import OrganizationMember
return self.organization.member_set.filter(
id__in=OrganizationMember.objects.filter(
organizationmemberteam__is_active=True,
organizationmemberteam__team=self.team,
).values('id'),
user__is_active=True,
).distinct()
def has_access(self, user, access=None):
from sentry.models import AuthIdentity, OrganizationMember
warnings.warn('Project.has_access is deprecated.', DeprecationWarning)
queryset = self.member_set.filter(user=user)
if access is not None:
queryset = queryset.filter(type__lte=access)
try:
member = queryset.get()
except OrganizationMember.DoesNotExist:
return False
try:
auth_identity = AuthIdentity.objects.get(
auth_provider__organization=self.organization_id,
user=member.user_id,
)
except AuthIdentity.DoesNotExist:
return True
return auth_identity.is_valid(member)
def get_audit_log_data(self):
return {
'id': self.id,
'slug': self.slug,
'name': self.name,
'status': self.status,
'public': self.public,
}
def get_full_name(self):
if self.team.name not in self.name:
return '%s %s' % (self.team.name, self.name)
return self.name
def get_notification_recipients(self, user_option):
from sentry.models import UserOption
alert_settings = dict((o.user_id, int(o.value))
for o in UserOption.objects.filter(
project=self,
key=user_option,
))
disabled = set(u for u, v in six.iteritems(alert_settings) if v == 0)
member_set = set(
self.member_set.exclude(user__in=disabled, ).values_list(
'user', flat=True))
# determine members default settings
members_to_check = set(u for u in member_set
if u not in alert_settings)
if members_to_check:
disabled = set((uo.user_id for uo in UserOption.objects.filter(
key='subscribe_by_default',
user__in=members_to_check,
) if uo.value == '0'))
member_set = [x for x in member_set if x not in disabled]
return member_set
def get_mail_alert_subscribers(self):
user_ids = self.get_notification_recipients('mail:alert')
if not user_ids:
return []
from sentry.models import User
return list(User.objects.filter(id__in=user_ids))
def is_user_subscribed_to_mail_alerts(self, user):
from sentry.models import UserOption
is_enabled = UserOption.objects.get_value(user,
'mail:alert',
project=self)
if is_enabled is None:
is_enabled = UserOption.objects.get_value(user,
'subscribe_by_default',
'1') == '1'
else:
is_enabled = bool(is_enabled)
return is_enabled
def transfer_to(self, team):
from sentry.models import ProjectTeam, ReleaseProject
organization = team.organization
from_team_id = self.team_id
# We only need to delete ReleaseProjects when moving to a different
# Organization. Releases are bound to Organization, so it's not realistic
# to keep this link unless we say, copied all Releases as well.
if self.organization_id != organization.id:
ReleaseProject.objects.filter(project_id=self.id, ).delete()
self.organization = organization
self.team = team
try:
with transaction.atomic():
self.update(
organization=organization,
team=team,
)
except IntegrityError:
slugify_instance(self, self.name, organization=organization)
self.update(
slug=self.slug,
organization=organization,
team=team,
)
ProjectTeam.objects.filter(project=self,
team_id=from_team_id).update(team=team)
def add_team(self, team):
try:
with transaction.atomic():
ProjectTeam.objects.create(project=self, team=team)
except IntegrityError:
return False
else:
return True
def get_security_token(self):
lock = locks.get(self.get_lock_key(), duration=5)
with TimedRetryPolicy(10)(lock.acquire):
security_token = self.get_option('sentry:token', None)
if security_token is None:
security_token = uuid1().hex
self.update_option('sentry:token', security_token)
return security_token
def get_lock_key(self):
return 'project_token:%s' % self.id
class Group(Model):
"""
Aggregated message which summarizes a set of Events.
"""
__core__ = False
project = FlexibleForeignKey('sentry.Project', null=True)
logger = models.CharField(max_length=64,
blank=True,
default=DEFAULT_LOGGER_NAME,
db_index=True)
level = BoundedPositiveIntegerField(choices=LOG_LEVELS.items(),
default=logging.ERROR,
blank=True,
db_index=True)
message = models.TextField()
culprit = models.CharField(max_length=MAX_CULPRIT_LENGTH,
blank=True,
null=True,
db_column='view')
num_comments = BoundedPositiveIntegerField(default=0, null=True)
platform = models.CharField(max_length=64, null=True)
status = BoundedPositiveIntegerField(default=0,
choices=(
(GroupStatus.UNRESOLVED,
_('Unresolved')),
(GroupStatus.RESOLVED,
_('Resolved')),
(GroupStatus.MUTED, _('Muted')),
),
db_index=True)
times_seen = BoundedPositiveIntegerField(default=1, db_index=True)
last_seen = models.DateTimeField(default=timezone.now, db_index=True)
first_seen = models.DateTimeField(default=timezone.now, db_index=True)
first_release = FlexibleForeignKey('sentry.Release',
null=True,
on_delete=models.PROTECT)
resolved_at = models.DateTimeField(null=True, db_index=True)
# active_at should be the same as first_seen by default
active_at = models.DateTimeField(null=True, db_index=True)
time_spent_total = BoundedIntegerField(default=0)
time_spent_count = BoundedIntegerField(default=0)
score = BoundedIntegerField(default=0)
is_public = models.NullBooleanField(default=False, null=True)
data = GzippedDictField(blank=True, null=True)
short_id = BoundedBigIntegerField(null=True)
objects = GroupManager()
class Meta:
app_label = 'sentry'
db_table = 'sentry_groupedmessage'
verbose_name_plural = _('grouped messages')
verbose_name = _('grouped message')
permissions = (("can_view", "Can view"), )
index_together = (('project', 'first_release'), )
unique_together = (('project', 'short_id'), )
__repr__ = sane_repr('project_id')
def __unicode__(self):
return "(%s) %s" % (self.times_seen, self.error())
def save(self, *args, **kwargs):
if not self.last_seen:
self.last_seen = timezone.now()
if not self.first_seen:
self.first_seen = self.last_seen
if not self.active_at:
self.active_at = self.first_seen
# We limit what we store for the message body
self.message = strip(self.message)
if self.message:
self.message = truncatechars(self.message.splitlines()[0], 255)
super(Group, self).save(*args, **kwargs)
def get_absolute_url(self):
return absolute_uri(
reverse('sentry-group',
args=[self.organization.slug, self.project.slug, self.id]))
@property
def qualified_short_id(self):
if self.short_id is not None:
return '%s-%s' % (
self.project.slug.upper(),
base32_encode(self.short_id),
)
@property
def event_set(self):
from sentry.models import Event
return Event.objects.filter(group_id=self.id)
def is_over_resolve_age(self):
resolve_age = self.project.get_option('sentry:resolve_age', None)
if not resolve_age:
return False
return self.last_seen < timezone.now() - timedelta(
hours=int(resolve_age))
def is_muted(self):
return self.get_status() == GroupStatus.MUTED
def is_resolved(self):
return self.get_status() == GroupStatus.RESOLVED
def get_status(self):
# XXX(dcramer): GroupSerializer reimplements this logic
from sentry.models import GroupSnooze
if self.status == GroupStatus.MUTED:
try:
snooze = GroupSnooze.objects.get(group=self)
except GroupSnooze.DoesNotExist:
pass
else:
# XXX(dcramer): if the snooze row exists then we need
# to confirm its still valid
if snooze.until > timezone.now():
return GroupStatus.MUTED
else:
return GroupStatus.UNRESOLVED
if self.status == GroupStatus.UNRESOLVED and self.is_over_resolve_age(
):
return GroupStatus.RESOLVED
return self.status
def get_share_id(self):
return b16encode('{}.{}'.format(self.project_id, self.id)).lower()
@classmethod
def from_share_id(cls, share_id):
if not share_id:
raise cls.DoesNotExist
try:
project_id, group_id = b16decode(share_id.upper()).split('.')
except (ValueError, TypeError):
raise cls.DoesNotExist
if not (project_id.isdigit() and group_id.isdigit()):
raise cls.DoesNotExist
return cls.objects.get(project=project_id, id=group_id)
def get_score(self):
return int(
math.log(self.times_seen) * 600 +
float(time.mktime(self.last_seen.timetuple())))
def get_latest_event(self):
from sentry.models import Event
if not hasattr(self, '_latest_event'):
latest_events = sorted(
Event.objects.filter(
group_id=self.id, ).order_by('-datetime')[0:5],
key=EVENT_ORDERING_KEY,
reverse=True,
)
try:
self._latest_event = latest_events[0]
except IndexError:
self._latest_event = None
return self._latest_event
def get_oldest_event(self):
from sentry.models import Event
if not hasattr(self, '_oldest_event'):
oldest_events = sorted(
Event.objects.filter(
group_id=self.id, ).order_by('datetime')[0:5],
key=EVENT_ORDERING_KEY,
)
try:
self._oldest_event = oldest_events[0]
except IndexError:
self._oldest_event = None
return self._oldest_event
def get_unique_tags(self, tag, since=None, order_by='-times_seen'):
# TODO(dcramer): this has zero test coverage and is a critical path
from sentry.models import GroupTagValue
queryset = GroupTagValue.objects.filter(
group=self,
key=tag,
)
if since:
queryset = queryset.filter(last_seen__gte=since)
return queryset.values_list(
'value',
'times_seen',
'first_seen',
'last_seen',
).order_by(order_by)
def get_tags(self, with_internal=True):
from sentry.models import GroupTagKey, TagKey
if not hasattr(self, '_tag_cache'):
group_tags = GroupTagKey.objects.filter(
group=self,
project=self.project,
)
if not with_internal:
group_tags = group_tags.exclude(key__startswith='sentry:')
group_tags = list(group_tags.values_list('key', flat=True))
tag_keys = dict(
(t.key, t) for t in TagKey.objects.filter(project=self.project,
key__in=group_tags))
results = []
for key in group_tags:
try:
tag_key = tag_keys[key]
except KeyError:
label = key.replace('_', ' ').title()
else:
label = tag_key.get_label()
results.append({
'key': key,
'label': label,
})
self._tag_cache = sorted(results, key=lambda x: x['label'])
return self._tag_cache
def error(self):
return self.message
error.short_description = _('error')
def has_two_part_message(self):
message = strip(self.message)
return '\n' in message or len(message) > 100
@property
def title(self):
culprit = strip(self.culprit)
if culprit:
return culprit
return self.message
@property
def message_short(self):
message = strip(self.message)
if not message:
message = '<unlabeled message>'
else:
message = truncatechars(message.splitlines()[0], 100)
return message
@property
def organization(self):
return self.project.organization
@property
def team(self):
return self.project.team
@property
def checksum(self):
warnings.warn('Group.checksum is no longer used', DeprecationWarning)
return ''
def get_email_subject(self):
return '[%s] %s: %s' % (
self.project.get_full_name().encode('utf-8'),
six.text_type(self.get_level_display()).upper().encode('utf-8'),
self.message_short.encode('utf-8'))
class Rule(Model):
__core__ = True
DEFAULT_CONDITION_MATCH = "all" # any, all
DEFAULT_FILTER_MATCH = "all" # match to apply on filters
DEFAULT_FREQUENCY = 30 # minutes
project = FlexibleForeignKey("sentry.Project")
environment_id = BoundedPositiveIntegerField(null=True)
label = models.CharField(max_length=64)
data = GzippedDictField()
status = BoundedPositiveIntegerField(
default=RuleStatus.ACTIVE,
choices=((RuleStatus.ACTIVE, "Active"), (RuleStatus.INACTIVE, "Inactive")),
db_index=True,
)
date_added = models.DateTimeField(default=timezone.now)
objects = BaseManager(cache_fields=("pk",))
class Meta:
db_table = "sentry_rule"
app_label = "sentry"
__repr__ = sane_repr("project_id", "label")
@classmethod
def get_for_project(cls, project_id):
cache_key = u"project:{}:rules".format(project_id)
rules_list = cache.get(cache_key)
if rules_list is None:
rules_list = list(cls.objects.filter(project=project_id, status=RuleStatus.ACTIVE))
cache.set(cache_key, rules_list, 60)
return rules_list
@property
def created_by(self):
try:
created_activity = RuleActivity.objects.get(
rule=self, type=RuleActivityType.CREATED.value
)
return created_activity.user
except RuleActivity.DoesNotExist:
pass
return None
def delete(self, *args, **kwargs):
rv = super(Rule, self).delete(*args, **kwargs)
cache_key = u"project:{}:rules".format(self.project_id)
cache.delete(cache_key)
return rv
def save(self, *args, **kwargs):
rv = super(Rule, self).save(*args, **kwargs)
cache_key = u"project:{}:rules".format(self.project_id)
cache.delete(cache_key)
return rv
def get_audit_log_data(self):
return {"label": self.label, "data": self.data, "status": self.status}
class Release(Model):
"""
A release is generally created when a new version is pushed into a
production state.
"""
__core__ = False
organization = FlexibleForeignKey('sentry.Organization')
projects = models.ManyToManyField('sentry.Project',
related_name='releases',
through=ReleaseProject)
project_id = BoundedPositiveIntegerField(null=True)
version = models.CharField(max_length=64)
# ref might be the branch name being released
ref = models.CharField(max_length=64, null=True, blank=True)
url = models.URLField(null=True, blank=True)
date_added = models.DateTimeField(default=timezone.now)
date_started = models.DateTimeField(null=True, blank=True)
date_released = models.DateTimeField(null=True, blank=True)
# arbitrary data recorded with the release
data = JSONField(default={})
new_groups = BoundedPositiveIntegerField(default=0)
# generally the release manager, or the person initiating the process
owner = FlexibleForeignKey('sentry.User', null=True, blank=True)
class Meta:
app_label = 'sentry'
db_table = 'sentry_release'
unique_together = (('project_id', 'version'), )
__repr__ = sane_repr('project_id', 'version')
@classmethod
def get_cache_key(cls, project_id, version):
# TODO(jess): update this to use organization id when adding
# unique on Release for organization, version
return 'release:2:%s:%s' % (project_id, md5_text(version).hexdigest())
@classmethod
def get(cls, project, version):
cache_key = cls.get_cache_key(project.id, version)
release = cache.get(cache_key)
if release is None:
try:
release = cls.objects.get(
organization_id=project.organization_id,
projects=project,
version=version,
)
except cls.DoesNotExist:
release = -1
cache.set(cache_key, release, 300)
if release == -1:
return
return release
@classmethod
def get_lock_key(cls, organization_id, version):
return 'release:%s:%s' % (organization_id,
md5_text(version).hexdigest())
@classmethod
def get_or_create(cls, project, version, date_added):
cache_key = cls.get_cache_key(project.id, version)
release = cache.get(cache_key)
if release in (None, -1):
# TODO(dcramer): if the cache result is -1 we could attempt a
# default create here instead of default get
project_version = ('%s-%s' % (project.slug, version))[:64]
releases = list(
cls.objects.filter(organization_id=project.organization_id,
version__in=[version, project_version],
projects=project))
if len(releases) == 1:
release = releases[0]
elif len(releases) > 1:
release = [
r for r in releases if r.version == project_version
][0]
else:
release = cls.objects.filter(
organization_id=project.organization_id,
version=version).first()
if not release:
lock_key = cls.get_lock_key(project.organization_id,
version)
lock = locks.get(lock_key, duration=5)
with TimedRetryPolicy(10)(lock.acquire):
try:
release = cls.objects.get(
organization_id=project.organization_id,
version=version)
except cls.DoesNotExist:
release = cls.objects.create(
organization_id=project.organization_id,
version=version,
date_added=date_added)
release.add_project(project)
# TODO(dcramer): upon creating a new release, check if it should be
# the new "latest release" for this project
cache.set(cache_key, release, 3600)
return release
@classmethod
def merge(cls, to_release, from_releases):
# The following models reference release:
# ReleaseCommit.release
# ReleaseEnvironment.release_id
# ReleaseProject.release
# GroupRelease.release_id
# GroupResolution.release
# Group.first_release
# ReleaseFile.release
from sentry.models import (ReleaseCommit, ReleaseEnvironment,
ReleaseFile, ReleaseProject, Group,
GroupRelease, GroupResolution)
model_list = (ReleaseCommit, ReleaseEnvironment, ReleaseFile,
ReleaseProject, GroupRelease, GroupResolution)
for release in from_releases:
for model in model_list:
if hasattr(model, 'release'):
update_kwargs = {'release': to_release}
else:
update_kwargs = {'release_id': to_release.id}
try:
with transaction.atomic():
model.objects.filter(release_id=release.id).update(
**update_kwargs)
except IntegrityError:
for item in model.objects.filter(release_id=release.id):
try:
with transaction.atomic():
model.objects.filter(id=item.id).update(
**update_kwargs)
except IntegrityError:
item.delete()
Group.objects.filter(first_release=release).update(
first_release=to_release)
release.delete()
@property
def short_version(self):
if _sha1_re.match(self.version):
return self.version[:12]
return self.version
def add_project(self, project):
try:
with transaction.atomic():
ReleaseProject.objects.create(project=project, release=self)
except IntegrityError:
pass
class Activity(Model):
__core__ = False
SET_RESOLVED = 1
SET_UNRESOLVED = 2
SET_IGNORED = 3
SET_PUBLIC = 4
SET_PRIVATE = 5
SET_REGRESSION = 6
CREATE_ISSUE = 7
NOTE = 8
FIRST_SEEN = 9
RELEASE = 10
ASSIGNED = 11
UNASSIGNED = 12
SET_RESOLVED_IN_RELEASE = 13
MERGE = 14
SET_RESOLVED_BY_AGE = 15
SET_RESOLVED_IN_COMMIT = 16
DEPLOY = 17
NEW_PROCESSING_ISSUES = 18
UNMERGE_SOURCE = 19
UNMERGE_DESTINATION = 20
SET_RESOLVED_IN_PULL_REQUEST = 21
TYPE = (
# (TYPE, verb-slug)
(SET_RESOLVED, 'set_resolved'),
(SET_RESOLVED_BY_AGE, 'set_resolved_by_age'),
(SET_RESOLVED_IN_RELEASE, 'set_resolved_in_release'),
(SET_RESOLVED_IN_COMMIT, 'set_resolved_in_commit'),
(SET_RESOLVED_IN_PULL_REQUEST, 'set_resolved_in_pull_request'),
(SET_UNRESOLVED, 'set_unresolved'),
(SET_IGNORED, 'set_ignored'),
(SET_PUBLIC, 'set_public'),
(SET_PRIVATE, 'set_private'),
(SET_REGRESSION, 'set_regression'),
(CREATE_ISSUE, 'create_issue'),
(NOTE, 'note'),
(FIRST_SEEN, 'first_seen'),
(RELEASE, 'release'),
(ASSIGNED, 'assigned'),
(UNASSIGNED, 'unassigned'),
(MERGE, 'merge'),
(DEPLOY, 'deploy'),
(NEW_PROCESSING_ISSUES, 'new_processing_issues'),
(UNMERGE_SOURCE, 'unmerge_source'),
(UNMERGE_DESTINATION, 'unmerge_destination'),
)
project = FlexibleForeignKey('sentry.Project')
group = FlexibleForeignKey('sentry.Group', null=True)
# index on (type, ident)
type = BoundedPositiveIntegerField(choices=TYPE)
ident = models.CharField(max_length=64, null=True)
# if the user is not set, it's assumed to be the system
user = FlexibleForeignKey(settings.AUTH_USER_MODEL, null=True)
datetime = models.DateTimeField(default=timezone.now)
data = GzippedDictField(null=True)
class Meta:
app_label = 'sentry'
db_table = 'sentry_activity'
__repr__ = sane_repr('project_id', 'group_id', 'event_id', 'user_id',
'type', 'ident')
@staticmethod
def get_version_ident(version):
return (version or '')[:64]
def __init__(self, *args, **kwargs):
super(Activity, self).__init__(*args, **kwargs)
from sentry.models import Release
# XXX(dcramer): fix for bad data
if self.type in (self.RELEASE, self.DEPLOY) and isinstance(
self.data['version'], Release):
self.data['version'] = self.data['version'].version
if self.type == self.ASSIGNED:
self.data['assignee'] = six.text_type(self.data['assignee'])
def save(self, *args, **kwargs):
created = bool(not self.id)
super(Activity, self).save(*args, **kwargs)
if not created:
return
# HACK: support Group.num_comments
if self.type == Activity.NOTE:
self.group.update(num_comments=F('num_comments') + 1)
def delete(self, *args, **kwargs):
super(Activity, self).delete(*args, **kwargs)
# HACK: support Group.num_comments
if self.type == Activity.NOTE:
self.group.update(num_comments=F('num_comments') - 1)
def send_notification(self):
activity.send_activity_notifications.delay(self.id)
class Release(Model):
"""
A release is generally created when a new version is pushed into a
production state.
"""
__core__ = False
organization = FlexibleForeignKey('sentry.Organization')
projects = models.ManyToManyField('sentry.Project',
related_name='releases',
through=ReleaseProject)
project_id = BoundedPositiveIntegerField(null=True)
version = models.CharField(max_length=64)
# ref might be the branch name being released
ref = models.CharField(max_length=64, null=True, blank=True)
url = models.URLField(null=True, blank=True)
date_added = models.DateTimeField(default=timezone.now)
# DEPRECATED - not available in UI or editable from API
date_started = models.DateTimeField(null=True, blank=True)
date_released = models.DateTimeField(null=True, blank=True)
# arbitrary data recorded with the release
data = JSONField(default={})
new_groups = BoundedPositiveIntegerField(default=0)
# generally the release manager, or the person initiating the process
owner = FlexibleForeignKey('sentry.User', null=True, blank=True)
# materialized stats
commit_count = BoundedPositiveIntegerField(null=True)
last_commit_id = BoundedPositiveIntegerField(null=True)
authors = ArrayField(null=True)
total_deploys = BoundedPositiveIntegerField(null=True)
last_deploy_id = BoundedPositiveIntegerField(null=True)
class Meta:
app_label = 'sentry'
db_table = 'sentry_release'
unique_together = (('organization', 'version'), )
__repr__ = sane_repr('organization', 'version')
@staticmethod
def is_valid_version(value):
return not (any(c in value for c in BAD_RELEASE_CHARS)
or value in ('.', '..') or not value)
@classmethod
def get_cache_key(cls, organization_id, version):
return 'release:3:%s:%s' % (organization_id,
md5_text(version).hexdigest())
@classmethod
def get(cls, project, version):
cache_key = cls.get_cache_key(project.organization_id, version)
release = cache.get(cache_key)
if release is None:
try:
release = cls.objects.get(
organization_id=project.organization_id,
projects=project,
version=version,
)
except cls.DoesNotExist:
release = -1
cache.set(cache_key, release, 300)
if release == -1:
return
return release
@classmethod
def get_or_create(cls, project, version, date_added=None):
from sentry.models import Project
if date_added is None:
date_added = timezone.now()
cache_key = cls.get_cache_key(project.organization_id, version)
release = cache.get(cache_key)
if release in (None, -1):
# TODO(dcramer): if the cache result is -1 we could attempt a
# default create here instead of default get
project_version = ('%s-%s' % (project.slug, version))[:64]
releases = list(
cls.objects.filter(organization_id=project.organization_id,
version__in=[version, project_version],
projects=project))
if releases:
try:
release = [
r for r in releases if r.version == project_version
][0]
except IndexError:
release = releases[0]
else:
try:
with transaction.atomic():
release = cls.objects.create(
organization_id=project.organization_id,
version=version,
date_added=date_added,
total_deploys=0,
)
except IntegrityError:
release = cls.objects.get(
organization_id=project.organization_id,
version=version)
release.add_project(project)
if not project.flags.has_releases:
project.flags.has_releases = True
project.update(
flags=F('flags').bitor(Project.flags.has_releases))
# TODO(dcramer): upon creating a new release, check if it should be
# the new "latest release" for this project
cache.set(cache_key, release, 3600)
return release
@classmethod
def merge(cls, to_release, from_releases):
# The following models reference release:
# ReleaseCommit.release
# ReleaseEnvironment.release_id
# ReleaseProject.release
# GroupRelease.release_id
# GroupResolution.release
# Group.first_release
# ReleaseFile.release
from sentry.models import (ReleaseCommit, ReleaseEnvironment,
ReleaseFile, ReleaseProject, Group,
GroupRelease, GroupResolution)
model_list = (ReleaseCommit, ReleaseEnvironment, ReleaseFile,
ReleaseProject, GroupRelease, GroupResolution)
for release in from_releases:
for model in model_list:
if hasattr(model, 'release'):
update_kwargs = {'release': to_release}
else:
update_kwargs = {'release_id': to_release.id}
try:
with transaction.atomic():
model.objects.filter(release_id=release.id).update(
**update_kwargs)
except IntegrityError:
for item in model.objects.filter(release_id=release.id):
try:
with transaction.atomic():
model.objects.filter(id=item.id).update(
**update_kwargs)
except IntegrityError:
item.delete()
Group.objects.filter(first_release=release).update(
first_release=to_release)
release.delete()
@property
def short_version(self):
version = self.version
match = _dotted_path_prefix_re.match(version)
if match is not None:
version = version[match.end():]
if _sha1_re.match(version):
return version[:7]
return version
def add_dist(self, name, date_added=None):
from sentry.models import Distribution
if date_added is None:
date_added = timezone.now()
return Distribution.objects.get_or_create(release=self,
name=name,
defaults={
'date_added':
date_added,
'organization_id':
self.organization_id,
})[0]
def get_dist(self, name):
from sentry.models import Distribution
try:
return Distribution.objects.get(name=name, release=self)
except Distribution.DoesNotExist:
pass
def add_project(self, project):
"""
Add a project to this release.
Returns True if the project was added and did not already exist.
"""
from sentry.models import Project
try:
with transaction.atomic():
ReleaseProject.objects.create(project=project, release=self)
if not project.flags.has_releases:
project.flags.has_releases = True
project.update(flags=F('flags').bitor(
Project.flags.has_releases), )
except IntegrityError:
return False
else:
return True
def set_refs(self, refs, user, fetch=False):
from sentry.api.exceptions import InvalidRepository
from sentry.models import Commit, ReleaseHeadCommit, Repository
from sentry.tasks.commits import fetch_commits
# TODO: this does the wrong thing unless you are on the most
# recent release. Add a timestamp compare?
prev_release = type(self).objects.filter(
organization_id=self.organization_id,
projects__in=self.projects.all(),
).exclude(version=self.version).order_by('-date_added').first()
names = {r['repository'] for r in refs}
repos = list(
Repository.objects.filter(
organization_id=self.organization_id,
name__in=names,
))
repos_by_name = {r.name: r for r in repos}
invalid_repos = names - set(repos_by_name.keys())
if invalid_repos:
raise InvalidRepository('Invalid repository names: %s' %
','.join(invalid_repos))
for ref in refs:
repo = repos_by_name[ref['repository']]
commit = Commit.objects.get_or_create(
organization_id=self.organization_id,
repository_id=repo.id,
key=ref['commit'],
)[0]
# update head commit for repo/release if exists
ReleaseHeadCommit.objects.create_or_update(
organization_id=self.organization_id,
repository_id=repo.id,
release=self,
values={
'commit': commit,
})
if fetch:
fetch_commits.apply_async(
kwargs={
'release_id': self.id,
'user_id': user.id,
'refs': refs,
'prev_release_id': prev_release and prev_release.id,
})
def set_commits(self, commit_list):
"""
Bind a list of commits to this release.
These should be ordered from newest to oldest.
This will clear any existing commit log and replace it with the given
commits.
"""
from sentry.models import (Commit, CommitAuthor, Group,
GroupCommitResolution, GroupResolution,
GroupResolutionStatus, GroupStatus,
ReleaseCommit, Repository)
from sentry.plugins.providers.repository import RepositoryProvider
commit_list = [
c for c in commit_list if
not RepositoryProvider.should_ignore_commit(c.get('message', ''))
]
with transaction.atomic():
# TODO(dcramer): would be good to optimize the logic to avoid these
# deletes but not overly important
ReleaseCommit.objects.filter(release=self, ).delete()
authors = {}
repos = {}
latest_commit = None
for idx, data in enumerate(commit_list):
repo_name = data.get('repository') or 'organization-{}'.format(
self.organization_id)
if repo_name not in repos:
repos[repo_name] = repo = Repository.objects.get_or_create(
organization_id=self.organization_id,
name=repo_name,
)[0]
else:
repo = repos[repo_name]
author_email = data.get('author_email')
if author_email is None and data.get('author_name'):
author_email = (re.sub(r'[^a-zA-Z0-9\-_\.]*', '',
data['author_name']).lower() +
'@localhost')
if not author_email:
author = None
elif author_email not in authors:
authors[
author_email] = author = CommitAuthor.objects.get_or_create(
organization_id=self.organization_id,
email=author_email,
defaults={
'name': data.get('author_name'),
})[0]
if data.get('author_name'
) and author.name != data['author_name']:
author.update(name=data['author_name'])
else:
author = authors[author_email]
defaults = {
'message': data.get('message'),
'author': author,
'date_added': data.get('timestamp') or timezone.now(),
}
commit, created = Commit.objects.get_or_create(
organization_id=self.organization_id,
repository_id=repo.id,
key=data['id'],
defaults=defaults,
)
if not created:
update_kwargs = {}
if commit.message is None and defaults[
'message'] is not None:
update_kwargs['message'] = defaults['message']
if commit.author_id is None and defaults[
'author'] is not None:
update_kwargs['author'] = defaults['author']
if update_kwargs:
commit.update(**update_kwargs)
ReleaseCommit.objects.create(
organization_id=self.organization_id,
release=self,
commit=commit,
order=idx,
)
if latest_commit is None:
latest_commit = commit
self.update(
commit_count=len(commit_list),
authors=[six.text_type(a.id) for a in six.itervalues(authors)],
last_commit_id=latest_commit.id if latest_commit else None,
)
group_ids = list(
GroupCommitResolution.objects.filter(
commit_id__in=ReleaseCommit.objects.filter(
release=self).values_list(
'commit_id', flat=True), ).values_list('group_id',
flat=True))
for group_id in group_ids:
GroupResolution.objects.create_or_update(
group_id=group_id,
release=self,
values={
'status': GroupResolutionStatus.RESOLVED,
},
)
if group_ids:
Group.objects.filter(
id__in=group_ids, ).update(status=GroupStatus.RESOLVED)
class Team(Model):
"""
A team represents a group of individuals which maintain ownership of projects.
"""
__core__ = True
organization = FlexibleForeignKey('sentry.Organization')
slug = models.SlugField()
name = models.CharField(max_length=64)
status = BoundedPositiveIntegerField(choices=(
(TeamStatus.VISIBLE, _('Active')),
(TeamStatus.PENDING_DELETION, _('Pending Deletion')),
(TeamStatus.DELETION_IN_PROGRESS, _('Deletion in Progress')),
),
default=TeamStatus.VISIBLE)
date_added = models.DateTimeField(default=timezone.now, null=True)
objects = TeamManager(cache_fields=(
'pk',
'slug',
))
class Meta:
app_label = 'sentry'
db_table = 'sentry_team'
unique_together = (('organization', 'slug'), )
__repr__ = sane_repr('name', 'slug')
def __unicode__(self):
return u'%s (%s)' % (self.name, self.slug)
def save(self, *args, **kwargs):
if not self.slug:
lock = locks.get('slug:team', duration=5)
with TimedRetryPolicy(10)(lock.acquire):
slugify_instance(self,
self.name,
organization=self.organization)
super(Team, self).save(*args, **kwargs)
else:
super(Team, self).save(*args, **kwargs)
@property
def member_set(self):
return self.organization.member_set.filter(
organizationmemberteam__team=self,
organizationmemberteam__is_active=True,
user__is_active=True,
).distinct()
def has_access(self, user, access=None):
from sentry.models import AuthIdentity, OrganizationMember
warnings.warn('Team.has_access is deprecated.', DeprecationWarning)
queryset = self.member_set.filter(user=user, )
if access is not None:
queryset = queryset.filter(type__lte=access)
try:
member = queryset.get()
except OrganizationMember.DoesNotExist:
return False
try:
auth_identity = AuthIdentity.objects.get(
auth_provider__organization=self.organization_id,
user=member.user_id,
)
except AuthIdentity.DoesNotExist:
return True
return auth_identity.is_valid(member)
def transfer_to(self, organization):
"""
Transfers a team and all projects under it to the given organization.
"""
from sentry.models import (OrganizationAccessRequest,
OrganizationMember, OrganizationMemberTeam,
Project, ProjectTeam, ReleaseProject)
try:
with transaction.atomic():
self.update(organization=organization)
except IntegrityError:
# likely this means a team already exists, let's try to coerce to
# it instead of a blind transfer
new_team = Team.objects.get(
organization=organization,
slug=self.slug,
)
else:
new_team = self
project_ids = list(
Project.objects.filter(teams=self, ).exclude(
organization=organization, ).values_list('id', flat=True))
# remove associations with releases from other org
ReleaseProject.objects.filter(project_id__in=project_ids, ).delete()
Project.objects.filter(id__in=project_ids, ).update(
organization=organization, )
ProjectTeam.objects.filter(project_id__in=project_ids, ).update(
team=new_team, )
# remove any pending access requests from the old organization
if self != new_team:
OrganizationAccessRequest.objects.filter(team=self, ).delete()
# identify shared members and ensure they retain team access
# under the new organization
old_memberships = OrganizationMember.objects.filter(
teams=self, ).exclude(organization=organization, )
for member in old_memberships:
try:
new_member = OrganizationMember.objects.get(
user=member.user,
organization=organization,
)
except OrganizationMember.DoesNotExist:
continue
try:
with transaction.atomic():
OrganizationMemberTeam.objects.create(
team=new_team,
organizationmember=new_member,
)
except IntegrityError:
pass
OrganizationMemberTeam.objects.filter(team=self, ).exclude(
organizationmember__organization=organization, ).delete()
if new_team != self:
cursor = connections[router.db_for_write(Team)].cursor()
# we use a cursor here to avoid automatic cascading of relations
# in Django
try:
cursor.execute('DELETE FROM sentry_team WHERE id = %s',
[self.id])
finally:
cursor.close()
def get_audit_log_data(self):
return {
'id': self.id,
'slug': self.slug,
'name': self.name,
'status': self.status,
}
class Release(Model):
"""
A release is generally created when a new version is pushed into a
production state.
"""
__core__ = False
organization = FlexibleForeignKey('sentry.Organization')
projects = models.ManyToManyField('sentry.Project',
related_name='releases',
through=ReleaseProject)
project_id = BoundedPositiveIntegerField(null=True)
version = models.CharField(max_length=64)
# ref might be the branch name being released
ref = models.CharField(max_length=64, null=True, blank=True)
url = models.URLField(null=True, blank=True)
date_added = models.DateTimeField(default=timezone.now)
date_started = models.DateTimeField(null=True, blank=True)
date_released = models.DateTimeField(null=True, blank=True)
# arbitrary data recorded with the release
data = JSONField(default={})
new_groups = BoundedPositiveIntegerField(default=0)
# generally the release manager, or the person initiating the process
owner = FlexibleForeignKey('sentry.User', null=True, blank=True)
class Meta:
app_label = 'sentry'
db_table = 'sentry_release'
unique_together = (('organization', 'version'), )
__repr__ = sane_repr('organization', 'version')
@classmethod
def get_cache_key(cls, organization_id, version):
return 'release:3:%s:%s' % (organization_id,
md5_text(version).hexdigest())
@classmethod
def get(cls, project, version):
cache_key = cls.get_cache_key(project.organization_id, version)
release = cache.get(cache_key)
if release is None:
try:
release = cls.objects.get(
organization_id=project.organization_id,
projects=project,
version=version,
)
except cls.DoesNotExist:
release = -1
cache.set(cache_key, release, 300)
if release == -1:
return
return release
@classmethod
def get_or_create(cls, project, version, date_added):
from sentry.models import Project
cache_key = cls.get_cache_key(project.organization_id, version)
release = cache.get(cache_key)
if release in (None, -1):
# TODO(dcramer): if the cache result is -1 we could attempt a
# default create here instead of default get
project_version = ('%s-%s' % (project.slug, version))[:64]
releases = list(
cls.objects.filter(organization_id=project.organization_id,
version__in=[version, project_version],
projects=project))
if releases:
try:
release = [
r for r in releases if r.version == project_version
][0]
except IndexError:
release = releases[0]
else:
try:
with transaction.atomic():
release = cls.objects.create(
organization_id=project.organization_id,
version=version,
date_added=date_added)
except IntegrityError:
release = cls.objects.get(
organization_id=project.organization_id,
version=version)
release.add_project(project)
if not project.flags.has_releases:
project.flags.has_releases = True
project.update(
flags=F('flags').bitor(Project.flags.has_releases))
# TODO(dcramer): upon creating a new release, check if it should be
# the new "latest release" for this project
cache.set(cache_key, release, 3600)
return release
@classmethod
def merge(cls, to_release, from_releases):
# The following models reference release:
# ReleaseCommit.release
# ReleaseEnvironment.release_id
# ReleaseProject.release
# GroupRelease.release_id
# GroupResolution.release
# Group.first_release
# ReleaseFile.release
from sentry.models import (ReleaseCommit, ReleaseEnvironment,
ReleaseFile, ReleaseProject, Group,
GroupRelease, GroupResolution)
model_list = (ReleaseCommit, ReleaseEnvironment, ReleaseFile,
ReleaseProject, GroupRelease, GroupResolution)
for release in from_releases:
for model in model_list:
if hasattr(model, 'release'):
update_kwargs = {'release': to_release}
else:
update_kwargs = {'release_id': to_release.id}
try:
with transaction.atomic():
model.objects.filter(release_id=release.id).update(
**update_kwargs)
except IntegrityError:
for item in model.objects.filter(release_id=release.id):
try:
with transaction.atomic():
model.objects.filter(id=item.id).update(
**update_kwargs)
except IntegrityError:
item.delete()
Group.objects.filter(first_release=release).update(
first_release=to_release)
release.delete()
@property
def short_version(self):
if _sha1_re.match(self.version):
return self.version[:12]
return self.version
def add_project(self, project):
"""
Add a project to this release.
Returns True if the project was added and did not already exist.
"""
from sentry.models import Project
try:
with transaction.atomic():
ReleaseProject.objects.create(project=project, release=self)
if not project.flags.has_releases:
project.flags.has_releases = True
project.update(flags=F('flags').bitor(
Project.flags.has_releases), )
except IntegrityError:
return False
else:
return True
def set_commits(self, commit_list):
from sentry.models import Commit, CommitAuthor, ReleaseCommit, Repository
with transaction.atomic():
# TODO(dcramer): would be good to optimize the logic to avoid these
# deletes but not overly important
ReleaseCommit.objects.filter(release=self, ).delete()
authors = {}
repos = {}
for idx, data in enumerate(commit_list):
repo_name = data.get('repository') or 'organization-{}'.format(
self.organization_id)
if repo_name not in repos:
repos[repo_name] = repo = Repository.objects.get_or_create(
organization_id=self.organization_id,
name=repo_name,
)[0]
else:
repo = repos[repo_name]
author_email = data.get('author_email')
if author_email is None and data.get('author_name'):
author_email = (re.sub(r'[^a-zA-Z0-9\-_\.]*', '',
data['author_name']).lower() +
'@localhost')
if not author_email:
author = None
elif author_email not in authors:
authors[
author_email] = author = CommitAuthor.objects.get_or_create(
organization_id=self.organization_id,
email=author_email,
defaults={
'name': data.get('author_name'),
})[0]
if data.get('author_name'
) and author.name != data['author_name']:
author.update(name=data['author_name'])
else:
author = authors[author_email]
commit = Commit.objects.get_or_create(
organization_id=self.organization_id,
repository_id=repo.id,
key=data['id'],
defaults={
'message': data.get('message'),
'author': author,
'date_added': data.get('timestamp') or timezone.now(),
})[0]
ReleaseCommit.objects.create(
organization_id=self.organization_id,
release=self,
commit=commit,
order=idx,
)
class ApiKey(Model):
__core__ = True
organization = FlexibleForeignKey('sentry.Organization',
related_name='key_set')
label = models.CharField(max_length=64, blank=True, default='Default')
key = models.CharField(max_length=32, unique=True)
scopes = BitField(flags=(
('project:read', 'project:read'),
('project:write', 'project:write'),
('project:admin', 'project:admin'),
('project:releases', 'project:releases'),
('team:read', 'team:read'),
('team:write', 'team:write'),
('team:admin', 'team:admin'),
('event:read', 'event:read'),
('event:write', 'event:write'),
('event:admin', 'event:admin'),
('org:read', 'org:read'),
('org:write', 'org:write'),
('org:admin', 'org:admin'),
('member:read', 'member:read'),
('member:write', 'member:write'),
('member:admin', 'member:admin'),
))
scope_list = ArrayField(of=models.TextField)
status = BoundedPositiveIntegerField(default=0,
choices=(
(ApiKeyStatus.ACTIVE,
_('Active')),
(ApiKeyStatus.INACTIVE,
_('Inactive')),
),
db_index=True)
date_added = models.DateTimeField(default=timezone.now)
allowed_origins = models.TextField(blank=True, null=True)
objects = BaseManager(cache_fields=('key', ))
class Meta:
app_label = 'sentry'
db_table = 'sentry_apikey'
__repr__ = sane_repr('organization_id', 'key')
def __unicode__(self):
return six.text_type(self.key)
@classmethod
def generate_api_key(cls):
return uuid4().hex
@property
def is_active(self):
return self.status == ApiKeyStatus.ACTIVE
def save(self, *args, **kwargs):
if not self.key:
self.key = ApiKey.generate_api_key()
super(ApiKey, self).save(*args, **kwargs)
def get_allowed_origins(self):
if not self.allowed_origins:
return []
return filter(bool, self.allowed_origins.split('\n'))
def get_audit_log_data(self):
return {
'label': self.label,
'key': self.key,
'scopes': self.get_scopes(),
'status': self.status,
}
def get_scopes(self):
if self.scope_list:
return self.scope_list
return [k for k, v in six.iteritems(self.scopes) if v]
def has_scope(self, scope):
return scope in self.get_scopes()
class Project(Model, PendingDeletionMixin):
"""
Projects are permission based namespaces which generally
are the top level entry point for all data.
"""
__core__ = True
slug = models.SlugField(null=True)
name = models.CharField(max_length=200)
forced_color = models.CharField(max_length=6, null=True, blank=True)
organization = FlexibleForeignKey("sentry.Organization")
teams = models.ManyToManyField("sentry.Team",
related_name="teams",
through=ProjectTeam)
public = models.BooleanField(default=False)
date_added = models.DateTimeField(default=timezone.now)
status = BoundedPositiveIntegerField(
default=0,
choices=(
(ObjectStatus.VISIBLE, _("Active")),
(ObjectStatus.PENDING_DELETION, _("Pending Deletion")),
(ObjectStatus.DELETION_IN_PROGRESS, _("Deletion in Progress")),
),
db_index=True,
)
# projects that were created before this field was present
# will have their first_event field set to date_added
first_event = models.DateTimeField(null=True)
flags = BitField(
flags=(
("has_releases", "This Project has sent release data"),
("has_issue_alerts_targeting",
"This Project has issue alerts targeting"),
("has_transactions", "This Project has sent transactions"),
("has_alert_filters", "This Project has filters"),
),
default=10,
null=True,
)
objects = ProjectManager(cache_fields=["pk"])
platform = models.CharField(max_length=64, null=True)
class Meta:
app_label = "sentry"
db_table = "sentry_project"
unique_together = (("organization", "slug"), )
__repr__ = sane_repr("team_id", "name", "slug")
_rename_fields_on_pending_delete = frozenset(["slug"])
def __str__(self):
return f"{self.name} ({self.slug})"
def next_short_id(self):
from sentry.models import Counter
with sentry_sdk.start_span(
op="project.next_short_id") as span, metrics.timer(
"project.next_short_id"):
span.set_data("project_id", self.id)
span.set_data("project_slug", self.slug)
return Counter.increment(self)
def save(self, *args, **kwargs):
if not self.slug:
lock = locks.get("slug:project", duration=5)
with TimedRetryPolicy(10)(lock.acquire):
slugify_instance(
self,
self.name,
organization=self.organization,
reserved=RESERVED_PROJECT_SLUGS,
max_length=50,
)
super().save(*args, **kwargs)
else:
super().save(*args, **kwargs)
self.update_rev_for_option()
def get_absolute_url(self, params=None):
url = f"/organizations/{self.organization.slug}/issues/"
params = {} if params is None else params
params["project"] = self.id
if params:
url = url + "?" + urlencode(params)
return absolute_uri(url)
def is_internal_project(self):
for value in (settings.SENTRY_FRONTEND_PROJECT,
settings.SENTRY_PROJECT):
if str(self.id) == str(value) or str(self.slug) == str(value):
return True
return False
# TODO: Make these a mixin
def update_option(self, *args, **kwargs):
return projectoptions.set(self, *args, **kwargs)
def get_option(self, *args, **kwargs):
return projectoptions.get(self, *args, **kwargs)
def delete_option(self, *args, **kwargs):
return projectoptions.delete(self, *args, **kwargs)
def update_rev_for_option(self):
return projectoptions.update_rev_for_option(self)
@property
def callsign(self):
warnings.warn(
"Project.callsign is deprecated. Use Group.get_short_id() instead.",
DeprecationWarning)
return self.slug.upper()
@property
def color(self):
if self.forced_color is not None:
return "#%s" % self.forced_color
return get_hashed_color(self.callsign or self.slug)
@property
def member_set(self):
""" :returns a QuerySet of all Users that belong to this Project """
from sentry.models import OrganizationMember
return self.organization.member_set.filter(
id__in=OrganizationMember.objects.filter(
organizationmemberteam__is_active=True,
organizationmemberteam__team__in=self.teams.all(),
).values("id"),
user__is_active=True,
).distinct()
def has_access(self, user, access=None):
from sentry.models import AuthIdentity, OrganizationMember
warnings.warn("Project.has_access is deprecated.", DeprecationWarning)
queryset = self.member_set.filter(user=user)
if access is not None:
queryset = queryset.filter(type__lte=access)
try:
member = queryset.get()
except OrganizationMember.DoesNotExist:
return False
try:
auth_identity = AuthIdentity.objects.get(
auth_provider__organization=self.organization_id,
user=member.user_id)
except AuthIdentity.DoesNotExist:
return True
return auth_identity.is_valid(member)
def get_audit_log_data(self):
return {
"id": self.id,
"slug": self.slug,
"name": self.name,
"status": self.status,
"public": self.public,
}
def get_full_name(self):
return self.slug
def transfer_to(self, team=None, organization=None):
# NOTE: this will only work properly if the new team is in a different
# org than the existing one, which is currently the only use case in
# production
# TODO(jess): refactor this to make it an org transfer only
from sentry.models import (
Environment,
EnvironmentProject,
ProjectTeam,
ReleaseProject,
ReleaseProjectEnvironment,
Rule,
)
if organization is None:
organization = team.organization
old_org_id = self.organization_id
org_changed = old_org_id != organization.id
self.organization = organization
try:
with transaction.atomic():
self.update(organization=organization)
except IntegrityError:
slugify_instance(self,
self.name,
organization=organization,
max_length=50)
self.update(slug=self.slug, organization=organization)
# Both environments and releases are bound at an organization level.
# Due to this, when you transfer a project into another org, we have to
# handle this behavior somehow. We really only have two options here:
# * Copy over all releases/environments into the new org and handle de-duping
# * Delete the bindings and let them reform with new data.
# We're generally choosing to just delete the bindings since new data
# flowing in will recreate links correctly. The tradeoff is that
# historical data is lost, but this is a compromise we're willing to
# take and a side effect of allowing this feature. There are exceptions
# to this however, such as rules, which should maintain their
# configuration when moved across organizations.
if org_changed:
for model in ReleaseProject, ReleaseProjectEnvironment, EnvironmentProject:
model.objects.filter(project_id=self.id).delete()
# this is getting really gross, but make sure there aren't lingering associations
# with old orgs or teams
ProjectTeam.objects.filter(
project=self, team__organization_id=old_org_id).delete()
rules_by_environment_id = defaultdict(set)
for rule_id, environment_id in Rule.objects.filter(
project_id=self.id, environment_id__isnull=False).values_list(
"id", "environment_id"):
rules_by_environment_id[environment_id].add(rule_id)
environment_names = dict(
Environment.objects.filter(
id__in=rules_by_environment_id).values_list("id", "name"))
for environment_id, rule_ids in rules_by_environment_id.items():
Rule.objects.filter(id__in=rule_ids).update(
environment_id=Environment.get_or_create(
self, environment_names[environment_id]).id)
# ensure this actually exists in case from team was null
if team is not None:
self.add_team(team)
def add_team(self, team):
try:
with transaction.atomic():
ProjectTeam.objects.create(project=self, team=team)
except IntegrityError:
return False
else:
return True
def remove_team(self, team):
from sentry.incidents.models import AlertRule
from sentry.models import Rule
ProjectTeam.objects.filter(project=self, team=team).delete()
AlertRule.objects.fetch_for_project(self).filter(
owner_id=team.actor_id).update(owner=None)
Rule.objects.filter(owner_id=team.actor_id,
project=self).update(owner=None)
def get_security_token(self):
lock = locks.get(self.get_lock_key(), duration=5)
with TimedRetryPolicy(10)(lock.acquire):
security_token = self.get_option("sentry:token", None)
if security_token is None:
security_token = uuid1().hex
self.update_option("sentry:token", security_token)
return security_token
def get_lock_key(self):
return "project_token:%s" % self.id
def copy_settings_from(self, project_id):
"""
Copies project level settings of the inputted project
- General Settings
- ProjectTeams
- Alerts Settings and Rules
- EnvironmentProjects
- ProjectOwnership Rules and settings
- Project Inbound Data Filters
Returns True if the settings have successfully been copied over
Returns False otherwise
"""
from sentry.models import EnvironmentProject, ProjectOption, ProjectOwnership, Rule
model_list = [EnvironmentProject, ProjectOwnership, ProjectTeam, Rule]
project = Project.objects.get(id=project_id)
try:
with transaction.atomic():
for model in model_list:
# remove all previous project settings
model.objects.filter(project_id=self.id).delete()
# add settings from other project to self
for setting in model.objects.filter(project_id=project_id):
setting.pk = None
setting.project_id = self.id
setting.save()
options = ProjectOption.objects.get_all_values(project=project)
for key, value in options.items():
self.update_option(key, value)
except IntegrityError as e:
logging.exception(
"Error occurred during copy project settings.",
extra={
"error": str(e),
"project_to": self.id,
"project_from": project_id,
},
)
return False
return True
@staticmethod
def is_valid_platform(value):
if not value or value == "other":
return True
return integration_doc_exists(value)
def delete(self, **kwargs):
from sentry.models import NotificationSetting
# There is no foreign key relationship so we have to manually cascade.
NotificationSetting.objects.remove_for_project(self)
return super().delete(**kwargs)
class Release(Model):
"""
A release is generally created when a new version is pushed into a
production state.
"""
__core__ = False
organization = FlexibleForeignKey('sentry.Organization')
projects = models.ManyToManyField('sentry.Project',
related_name='releases',
through=ReleaseProject)
# DEPRECATED
project_id = BoundedPositiveIntegerField(null=True)
version = models.CharField(max_length=DB_VERSION_LENGTH)
# ref might be the branch name being released
ref = models.CharField(max_length=DB_VERSION_LENGTH, null=True, blank=True)
url = models.URLField(null=True, blank=True)
date_added = models.DateTimeField(default=timezone.now)
# DEPRECATED - not available in UI or editable from API
date_started = models.DateTimeField(null=True, blank=True)
date_released = models.DateTimeField(null=True, blank=True)
# arbitrary data recorded with the release
data = JSONField(default={})
new_groups = BoundedPositiveIntegerField(default=0)
# generally the release manager, or the person initiating the process
owner = FlexibleForeignKey('sentry.User',
null=True,
blank=True,
on_delete=models.SET_NULL)
# materialized stats
commit_count = BoundedPositiveIntegerField(null=True, default=0)
last_commit_id = BoundedPositiveIntegerField(null=True)
authors = ArrayField(null=True)
total_deploys = BoundedPositiveIntegerField(null=True, default=0)
last_deploy_id = BoundedPositiveIntegerField(null=True)
class Meta:
app_label = 'sentry'
db_table = 'sentry_release'
unique_together = (('organization', 'version'), )
__repr__ = sane_repr('organization_id', 'version')
@staticmethod
def is_valid_version(value):
return not (any(c in value
for c in BAD_RELEASE_CHARS) or value in ('.', '..')
or not value or value.lower() == 'latest')
@classmethod
def get_cache_key(cls, organization_id, version):
return 'release:3:%s:%s' % (organization_id,
md5_text(version).hexdigest())
@classmethod
def get_lock_key(cls, organization_id, release_id):
return u'releasecommits:{}:{}'.format(organization_id, release_id)
@classmethod
def get(cls, project, version):
cache_key = cls.get_cache_key(project.organization_id, version)
release = cache.get(cache_key)
if release is None:
try:
release = cls.objects.get(
organization_id=project.organization_id,
projects=project,
version=version,
)
except cls.DoesNotExist:
release = -1
cache.set(cache_key, release, 300)
if release == -1:
return
return release
@classmethod
def get_or_create(cls, project, version, date_added=None):
from sentry.models import Project
if date_added is None:
date_added = timezone.now()
cache_key = cls.get_cache_key(project.organization_id, version)
release = cache.get(cache_key)
if release in (None, -1):
# TODO(dcramer): if the cache result is -1 we could attempt a
# default create here instead of default get
project_version = ('%s-%s' %
(project.slug, version))[:DB_VERSION_LENGTH]
releases = list(
cls.objects.filter(organization_id=project.organization_id,
version__in=[version, project_version],
projects=project))
if releases:
try:
release = [
r for r in releases if r.version == project_version
][0]
except IndexError:
release = releases[0]
else:
try:
with transaction.atomic():
release = cls.objects.create(
organization_id=project.organization_id,
version=version,
date_added=date_added,
total_deploys=0,
)
except IntegrityError:
release = cls.objects.get(
organization_id=project.organization_id,
version=version)
release.add_project(project)
if not project.flags.has_releases:
project.flags.has_releases = True
project.update(
flags=F('flags').bitor(Project.flags.has_releases))
# TODO(dcramer): upon creating a new release, check if it should be
# the new "latest release" for this project
cache.set(cache_key, release, 3600)
return release
@classmethod
def merge(cls, to_release, from_releases):
# The following models reference release:
# ReleaseCommit.release
# ReleaseEnvironment.release_id
# ReleaseProject.release
# GroupRelease.release_id
# GroupResolution.release
# Group.first_release
# ReleaseFile.release
from sentry.models import (ReleaseCommit, ReleaseEnvironment,
ReleaseFile, ReleaseProject,
ReleaseProjectEnvironment, Group,
GroupRelease, GroupResolution)
model_list = (ReleaseCommit, ReleaseEnvironment, ReleaseFile,
ReleaseProject, ReleaseProjectEnvironment, GroupRelease,
GroupResolution)
for release in from_releases:
for model in model_list:
if hasattr(model, 'release'):
update_kwargs = {'release': to_release}
else:
update_kwargs = {'release_id': to_release.id}
try:
with transaction.atomic():
model.objects.filter(release_id=release.id).update(
**update_kwargs)
except IntegrityError:
for item in model.objects.filter(release_id=release.id):
try:
with transaction.atomic():
model.objects.filter(id=item.id).update(
**update_kwargs)
except IntegrityError:
item.delete()
Group.objects.filter(first_release=release).update(
first_release=to_release)
release.delete()
@property
def short_version(self):
return Release.get_display_version(self.version)
@staticmethod
def get_display_version(version):
match = _dotted_path_prefix_re.match(version)
if match is not None:
version = version[match.end():]
if _sha1_re.match(version):
return version[:7]
return version
def add_dist(self, name, date_added=None):
from sentry.models import Distribution
if date_added is None:
date_added = timezone.now()
return Distribution.objects.get_or_create(release=self,
name=name,
defaults={
'date_added':
date_added,
'organization_id':
self.organization_id,
})[0]
def get_dist(self, name):
from sentry.models import Distribution
try:
return Distribution.objects.get(name=name, release=self)
except Distribution.DoesNotExist:
pass
def add_project(self, project):
"""
Add a project to this release.
Returns True if the project was added and did not already exist.
"""
from sentry.models import Project
try:
with transaction.atomic():
ReleaseProject.objects.create(project=project, release=self)
if not project.flags.has_releases:
project.flags.has_releases = True
project.update(flags=F('flags').bitor(
Project.flags.has_releases), )
except IntegrityError:
return False
else:
return True
def handle_commit_ranges(self, refs):
"""
Takes commit refs of the form:
[
{
'previousCommit': None,
'commit': 'previous_commit..commit',
}
]
Note: Overwrites 'previousCommit' and 'commit'
"""
for ref in refs:
if COMMIT_RANGE_DELIMITER in ref['commit']:
ref['previousCommit'], ref['commit'] = ref['commit'].split(
COMMIT_RANGE_DELIMITER)
def set_refs(self, refs, user, fetch=False):
from sentry.api.exceptions import InvalidRepository
from sentry.models import Commit, ReleaseHeadCommit, Repository
from sentry.tasks.commits import fetch_commits
# TODO: this does the wrong thing unless you are on the most
# recent release. Add a timestamp compare?
prev_release = type(self).objects.filter(
organization_id=self.organization_id,
projects__in=self.projects.all(),
).extra(select={
'sort': 'COALESCE(date_released, date_added)',
}).exclude(version=self.version).order_by('-sort').first()
names = {r['repository'] for r in refs}
repos = list(
Repository.objects.filter(
organization_id=self.organization_id,
name__in=names,
))
repos_by_name = {r.name: r for r in repos}
invalid_repos = names - set(repos_by_name.keys())
if invalid_repos:
raise InvalidRepository('Invalid repository names: %s' %
','.join(invalid_repos))
self.handle_commit_ranges(refs)
for ref in refs:
repo = repos_by_name[ref['repository']]
commit = Commit.objects.get_or_create(
organization_id=self.organization_id,
repository_id=repo.id,
key=ref['commit'],
)[0]
# update head commit for repo/release if exists
ReleaseHeadCommit.objects.create_or_update(
organization_id=self.organization_id,
repository_id=repo.id,
release=self,
values={
'commit': commit,
})
if fetch:
fetch_commits.apply_async(
kwargs={
'release_id': self.id,
'user_id': user.id,
'refs': refs,
'prev_release_id': prev_release and prev_release.id,
})
def set_commits(self, commit_list):
"""
Bind a list of commits to this release.
This will clear any existing commit log and replace it with the given
commits.
"""
# Sort commit list in reverse order
commit_list.sort(key=lambda commit: commit.get('timestamp'),
reverse=True)
# TODO(dcramer): this function could use some cleanup/refactoring as its a bit unwieldly
from sentry.models import (Commit, CommitAuthor, Group, GroupLink,
GroupResolution, GroupStatus, ReleaseCommit,
ReleaseHeadCommit, Repository, PullRequest)
from sentry.plugins.providers.repository import RepositoryProvider
from sentry.tasks.integrations import kick_off_status_syncs
# todo(meredith): implement for IntegrationRepositoryProvider
commit_list = [
c for c in commit_list if
not RepositoryProvider.should_ignore_commit(c.get('message', ''))
]
lock_key = type(self).get_lock_key(self.organization_id, self.id)
lock = locks.get(lock_key, duration=10)
with TimedRetryPolicy(10)(lock.acquire):
start = time()
with transaction.atomic():
# TODO(dcramer): would be good to optimize the logic to avoid these
# deletes but not overly important
initial_commit_ids = set(
ReleaseCommit.objects.filter(release=self, ).values_list(
'commit_id', flat=True))
ReleaseCommit.objects.filter(release=self, ).delete()
authors = {}
repos = {}
commit_author_by_commit = {}
head_commit_by_repo = {}
latest_commit = None
for idx, data in enumerate(commit_list):
repo_name = data.get(
'repository') or u'organization-{}'.format(
self.organization_id)
if repo_name not in repos:
repos[
repo_name] = repo = Repository.objects.get_or_create(
organization_id=self.organization_id,
name=repo_name,
)[0]
else:
repo = repos[repo_name]
author_email = data.get('author_email')
if author_email is None and data.get('author_name'):
author_email = (re.sub(r'[^a-zA-Z0-9\-_\.]*', '',
data['author_name']).lower() +
'@localhost')
if not author_email:
author = None
elif author_email not in authors:
author_data = {'name': data.get('author_name')}
author, created = CommitAuthor.objects.create_or_update(
organization_id=self.organization_id,
email=author_email,
values=author_data)
if not created:
author = CommitAuthor.objects.get(
organization_id=self.organization_id,
email=author_email)
authors[author_email] = author
else:
author = authors[author_email]
commit_data = {}
defaults = {}
# Update/set message and author if they are provided.
if author is not None:
commit_data['author'] = author
if 'message' in data:
commit_data['message'] = data['message']
if 'timestamp' in data:
commit_data['date_added'] = data['timestamp']
else:
defaults['date_added'] = timezone.now()
commit, created = Commit.objects.create_or_update(
organization_id=self.organization_id,
repository_id=repo.id,
key=data['id'],
defaults=defaults,
values=commit_data)
if not created:
commit = Commit.objects.get(
organization_id=self.organization_id,
repository_id=repo.id,
key=data['id'])
if author is None:
author = commit.author
commit_author_by_commit[commit.id] = author
patch_set = data.get('patch_set', [])
for patched_file in patch_set:
try:
with transaction.atomic():
CommitFileChange.objects.create(
organization_id=self.organization.id,
commit=commit,
filename=patched_file['path'],
type=patched_file['type'],
)
except IntegrityError:
pass
try:
with transaction.atomic():
ReleaseCommit.objects.create(
organization_id=self.organization_id,
release=self,
commit=commit,
order=idx,
)
except IntegrityError:
pass
if latest_commit is None:
latest_commit = commit
head_commit_by_repo.setdefault(repo.id, commit.id)
self.update(
commit_count=len(commit_list),
authors=[
six.text_type(a_id)
for a_id in ReleaseCommit.objects.filter(
release=self,
commit__author_id__isnull=False,
).values_list('commit__author_id',
flat=True).distinct()
],
last_commit_id=latest_commit.id if latest_commit else None,
)
metrics.timing('release.set_commits.duration', time() - start)
# fill any missing ReleaseHeadCommit entries
for repo_id, commit_id in six.iteritems(head_commit_by_repo):
try:
with transaction.atomic():
ReleaseHeadCommit.objects.create(
organization_id=self.organization_id,
release_id=self.id,
repository_id=repo_id,
commit_id=commit_id,
)
except IntegrityError:
pass
release_commits = list(
ReleaseCommit.objects.filter(
release=self).select_related('commit').values(
'commit_id', 'commit__key'))
final_commit_ids = set(rc['commit_id'] for rc in release_commits)
removed_commit_ids = initial_commit_ids - final_commit_ids
added_commit_ids = final_commit_ids - initial_commit_ids
if removed_commit_ids or added_commit_ids:
release_commits_updated.send_robust(
release=self,
removed_commit_ids=removed_commit_ids,
added_commit_ids=added_commit_ids,
sender=self.__class__,
)
commit_resolutions = list(
GroupLink.objects.filter(
linked_type=GroupLink.LinkedType.commit,
linked_id__in=[rc['commit_id'] for rc in release_commits],
).values_list('group_id', 'linked_id'))
commit_group_authors = [
(
cr[0], # group_id
commit_author_by_commit.get(cr[1]))
for cr in commit_resolutions
]
pr_ids_by_merge_commit = list(
PullRequest.objects.filter(
merge_commit_sha__in=[
rc['commit__key'] for rc in release_commits
],
organization_id=self.organization_id,
).values_list('id', flat=True))
pull_request_resolutions = list(
GroupLink.objects.filter(
relationship=GroupLink.Relationship.resolves,
linked_type=GroupLink.LinkedType.pull_request,
linked_id__in=pr_ids_by_merge_commit,
).values_list('group_id', 'linked_id'))
pr_authors = list(
PullRequest.objects.filter(id__in=[
prr[1] for prr in pull_request_resolutions
], ).select_related('author'))
pr_authors_dict = {pra.id: pra.author for pra in pr_authors}
pull_request_group_authors = [(prr[0], pr_authors_dict.get(prr[1]))
for prr in pull_request_resolutions]
user_by_author = {None: None}
commits_and_prs = list(
itertools.chain(commit_group_authors,
pull_request_group_authors), )
group_project_lookup = dict(
Group.objects.filter(id__in=[
group_id for group_id, _ in commits_and_prs
], ).values_list('id', 'project_id'))
for group_id, author in commits_and_prs:
if author not in user_by_author:
try:
user_by_author[author] = author.find_users()[0]
except IndexError:
user_by_author[author] = None
actor = user_by_author[author]
with transaction.atomic():
GroupResolution.objects.create_or_update(
group_id=group_id,
values={
'release': self,
'type': GroupResolution.Type.in_release,
'status': GroupResolution.Status.resolved,
'actor_id': actor.id if actor else None,
},
)
group = Group.objects.get(id=group_id, )
group.update(status=GroupStatus.RESOLVED)
metrics.incr('group.resolved',
instance='in_commit',
skip_internal=True)
issue_resolved.send_robust(
organization_id=self.organization_id,
user=actor,
group=group,
project=group.project,
resolution_type='with_commit',
sender=type(self),
)
kick_off_status_syncs.apply_async(
kwargs={
'project_id': group_project_lookup[group_id],
'group_id': group_id,
})
class GroupTagValue(Model):
"""
Stores the total number of messages seen by a group matching
the given filter.
"""
__core__ = False
project = FlexibleForeignKey('sentry.Project',
null=True,
related_name='grouptag')
group = FlexibleForeignKey('sentry.Group', related_name='grouptag')
times_seen = BoundedPositiveIntegerField(default=0)
key = models.CharField(max_length=MAX_TAG_KEY_LENGTH)
value = models.CharField(max_length=MAX_TAG_VALUE_LENGTH)
last_seen = models.DateTimeField(default=timezone.now,
db_index=True,
null=True)
first_seen = models.DateTimeField(default=timezone.now,
db_index=True,
null=True)
objects = BaseManager()
class Meta:
app_label = 'sentry'
db_table = 'sentry_messagefiltervalue'
unique_together = (('group', 'key', 'value'), )
index_together = (('project', 'key', 'value', 'last_seen'), )
__repr__ = sane_repr('project_id', 'group_id', 'key', 'value')
def save(self, *args, **kwargs):
if not self.first_seen:
self.first_seen = self.last_seen
super(GroupTag, self).save(*args, **kwargs)
@classmethod
def get_value_count(cls, group_id, key):
if db.is_postgres():
# This doesnt guarantee percentage is accurate, but it does ensure
# that the query has a maximum cost
cursor = connections['default'].cursor()
cursor.execute(
"""
SELECT SUM(t)
FROM (
SELECT times_seen as t
FROM sentry_messagefiltervalue
WHERE group_id = %s
AND key = %s
ORDER BY last_seen DESC
LIMIT 10000
) as a
""", [group_id, key])
return cursor.fetchone()[0] or 0
cutoff = timezone.now() - timedelta(days=7)
return cls.objects.filter(
group=group_id,
key=key,
last_seen__gte=cutoff,
).aggregate(t=Sum('times_seen'))['t']
@classmethod
def get_top_values(cls, group_id, key, limit=3):
if db.is_postgres():
# This doesnt guarantee percentage is accurate, but it does ensure
# that the query has a maximum cost
return list(
cls.objects.raw(
"""
SELECT *
FROM (
SELECT *
FROM sentry_messagefiltervalue
WHERE group_id = %%s
AND key = %%s
ORDER BY last_seen DESC
LIMIT 10000
) as a
ORDER BY times_seen DESC
LIMIT %d
""" % limit, [group_id, key]))
cutoff = timezone.now() - timedelta(days=7)
return list(
cls.objects.filter(
group=group_id,
key=key,
last_seen__gte=cutoff,
).order_by('-times_seen')[:limit])
class Group(Model):
"""
Aggregated message which summarizes a set of Events.
"""
project = FlexibleForeignKey('sentry.Project', null=True)
logger = models.CharField(
max_length=64, blank=True, default='root', db_index=True)
level = BoundedPositiveIntegerField(
choices=LOG_LEVELS.items(), default=logging.ERROR, blank=True,
db_index=True)
message = models.TextField()
culprit = models.CharField(
max_length=MAX_CULPRIT_LENGTH, blank=True, null=True,
db_column='view')
checksum = models.CharField(max_length=32, db_index=True)
num_comments = BoundedPositiveIntegerField(default=0, null=True)
platform = models.CharField(max_length=64, null=True)
status = BoundedPositiveIntegerField(default=0, choices=(
(GroupStatus.UNRESOLVED, _('Unresolved')),
(GroupStatus.RESOLVED, _('Resolved')),
(GroupStatus.MUTED, _('Muted')),
), db_index=True)
times_seen = BoundedPositiveIntegerField(default=1, db_index=True)
last_seen = models.DateTimeField(default=timezone.now, db_index=True)
first_seen = models.DateTimeField(default=timezone.now, db_index=True)
resolved_at = models.DateTimeField(null=True, db_index=True)
# active_at should be the same as first_seen by default
active_at = models.DateTimeField(null=True, db_index=True)
time_spent_total = BoundedIntegerField(default=0)
time_spent_count = BoundedIntegerField(default=0)
score = BoundedIntegerField(default=0)
is_public = models.NullBooleanField(default=False, null=True)
data = GzippedDictField(blank=True, null=True)
objects = GroupManager()
class Meta:
app_label = 'sentry'
db_table = 'sentry_groupedmessage'
unique_together = (('project', 'checksum'),)
verbose_name_plural = _('grouped messages')
verbose_name = _('grouped message')
permissions = (
("can_view", "Can view"),
)
__repr__ = sane_repr('project_id', 'checksum')
def __unicode__(self):
return "(%s) %s" % (self.times_seen, self.error())
def save(self, *args, **kwargs):
if not self.last_seen:
self.last_seen = timezone.now()
if not self.first_seen:
self.first_seen = self.last_seen
if not self.active_at:
self.active_at = self.first_seen
if self.message:
# We limit what we store for the message body
self.message = self.message.splitlines()[0][:255]
super(Group, self).save(*args, **kwargs)
def get_absolute_url(self):
return absolute_uri(reverse('sentry-group', args=[
self.organization.slug, self.project.slug, self.id]))
@property
def avg_time_spent(self):
if not self.time_spent_count:
return
return float(self.time_spent_total) / self.time_spent_count
def natural_key(self):
return (self.project, self.checksum)
def is_over_resolve_age(self):
resolve_age = self.project.get_option('sentry:resolve_age', None)
if not resolve_age:
return False
return self.last_seen < timezone.now() - timedelta(hours=int(resolve_age))
def is_muted(self):
return self.get_status() == GroupStatus.MUTED
def is_resolved(self):
return self.get_status() == GroupStatus.RESOLVED
def get_status(self):
if self.status == GroupStatus.UNRESOLVED and self.is_over_resolve_age():
return GroupStatus.RESOLVED
return self.status
def get_score(self):
return int(math.log(self.times_seen) * 600 + float(time.mktime(self.last_seen.timetuple())))
def get_latest_event(self):
from sentry.models import Event
if not hasattr(self, '_latest_event'):
try:
self._latest_event = Event.objects.filter(
group=self,
).order_by('-datetime')[0]
except IndexError:
self._latest_event = None
return self._latest_event
def get_unique_tags(self, tag, since=None, order_by='-times_seen'):
# TODO(dcramer): this has zero test coverage and is a critical path
from sentry.models import GroupTagValue
queryset = GroupTagValue.objects.filter(
group=self,
key=tag,
)
if since:
queryset = queryset.filter(last_seen__gte=since)
return queryset.values_list(
'value',
'times_seen',
'first_seen',
'last_seen',
).order_by(order_by)
def get_tags(self, with_internal=True):
from sentry.models import GroupTagKey, TagKey
if not hasattr(self, '_tag_cache'):
group_tags = GroupTagKey.objects.filter(
group=self,
project=self.project,
)
if not with_internal:
group_tags = group_tags.exclude(key__startswith='sentry:')
group_tags = list(group_tags.values_list('key', flat=True))
tag_keys = dict(
(t.key, t)
for t in TagKey.objects.filter(
project=self.project,
key__in=group_tags
)
)
results = []
for key in group_tags:
try:
tag_key = tag_keys[key]
except KeyError:
label = key.replace('_', ' ').title()
else:
label = tag_key.get_label()
results.append({
'key': key,
'label': label,
})
self._tag_cache = sorted(results, key=lambda x: x['label'])
return self._tag_cache
def error(self):
return self.message
error.short_description = _('error')
def has_two_part_message(self):
message = strip(self.message)
return '\n' in message or len(message) > 100
@property
def title(self):
culprit = strip(self.culprit)
if culprit:
return culprit
return self.message
@property
def message_short(self):
message = strip(self.message)
if not message:
message = '<unlabeled message>'
else:
message = truncatechars(message.splitlines()[0], 100)
return message
@property
def organization(self):
return self.project.organization
@property
def team(self):
return self.project.team
def get_email_subject(self):
return '[%s %s] %s: %s' % (
self.team.name.encode('utf-8'),
self.project.name.encode('utf-8'),
six.text_type(self.get_level_display()).upper().encode('utf-8'),
self.message_short.encode('utf-8')
)
class OrganizationMember(Model):
"""
Identifies relationships between teams and users.
Users listed as team members are considered to have access to all projects
and could be thought of as team owners (though their access level may not)
be set to ownership.
"""
organization = FlexibleForeignKey('sentry.Organization',
related_name="member_set")
user = FlexibleForeignKey(settings.AUTH_USER_MODEL,
null=True,
blank=True,
related_name="sentry_orgmember_set")
email = models.EmailField(null=True, blank=True)
role = models.CharField(
choices=roles.get_choices(),
max_length=32,
default=roles.get_default().id,
)
flags = BitField(flags=(
('sso:linked', 'sso:linked'),
('sso:invalid', 'sso:invalid'),
),
default=0)
date_added = models.DateTimeField(default=timezone.now)
has_global_access = models.BooleanField(default=True)
counter = BoundedPositiveIntegerField(null=True, blank=True)
teams = models.ManyToManyField('sentry.Team',
blank=True,
through='sentry.OrganizationMemberTeam')
# Deprecated -- no longer used
type = BoundedPositiveIntegerField(default=50, blank=True)
class Meta:
app_label = 'sentry'
db_table = 'sentry_organizationmember'
unique_together = (
('organization', 'user'),
('organization', 'email'),
)
__repr__ = sane_repr(
'organization_id',
'user_id',
'role',
)
@transaction.atomic
def save(self, *args, **kwargs):
assert self.user_id or self.email, \
'Must set user or email'
super(OrganizationMember, self).save(*args, **kwargs)
if not self.counter:
self._set_counter()
@transaction.atomic
def delete(self, *args, **kwargs):
super(OrganizationMember, self).delete(*args, **kwargs)
if self.counter:
self._unshift_counter()
def _unshift_counter(self):
assert self.counter
OrganizationMember.objects.filter(
organization=self.organization,
counter__gt=self.counter,
).update(counter=F('counter') - 1, )
def _set_counter(self):
assert self.id and not self.counter
# XXX(dcramer): this isnt atomic, but unfortunately MySQL doesnt support
# the subquery pattern we'd need
self.update(counter=OrganizationMember.objects.filter(
organization=self.organization, ).count(), )
@property
def is_pending(self):
return self.user_id is None
@property
def token(self):
checksum = md5()
for x in (str(self.organization_id), self.get_email(),
settings.SECRET_KEY):
checksum.update(x)
return checksum.hexdigest()
def send_invite_email(self):
from sentry.utils.email import MessageBuilder
context = {
'email':
self.email,
'organization':
self.organization,
'url':
absolute_uri(
reverse('sentry-accept-invite',
kwargs={
'member_id': self.id,
'token': self.token,
})),
}
msg = MessageBuilder(
subject='Join %s in using Sentry' % self.organization.name,
template='sentry/emails/member-invite.txt',
html_template='sentry/emails/member-invite.html',
context=context,
)
try:
msg.send([self.get_email()])
except Exception as e:
logger = logging.getLogger('sentry.mail.errors')
logger.exception(e)
def send_sso_link_email(self):
from sentry.utils.email import MessageBuilder
context = {
'email':
self.email,
'organization_name':
self.organization.name,
'url':
absolute_uri(
reverse('sentry-auth-organization',
kwargs={
'organization_slug': self.organization.slug,
})),
}
msg = MessageBuilder(
subject='Action Required for %s' % (self.organization.name, ),
template='sentry/emails/auth-link-identity.txt',
html_template='sentry/emails/auth-link-identity.html',
context=context,
)
msg.send_async([self.get_email()])
def get_display_name(self):
if self.user_id:
return self.user.get_display_name()
return self.email
def get_email(self):
if self.user_id:
return self.user.email
return self.email
def get_audit_log_data(self):
from sentry.models import Team
return {
'email':
self.email,
'user':
self.user_id,
'teams':
list(
Team.objects.filter(
id__in=OrganizationMemberTeam.objects.filter(
organizationmember=self,
is_active=True,
).values_list('team', flat=True))),
'has_global_access':
self.has_global_access,
'role':
self.role,
}
def get_teams(self):
from sentry.models import Team
if roles.get(self.role).is_global:
return self.organization.team_set.all()
return Team.objects.filter(
id__in=OrganizationMemberTeam.objects.filter(
organizationmember=self,
is_active=True,
).values('team'))
def get_scopes(self):
return roles.get(self.role).scopes
def can_manage_member(self, member):
return roles.can_manage(self.role, member.role)
class ProjectCodeOwners(DefaultFieldsModel):
__include_in_export__ = False
# no db constraint to prevent locks on the Project table
project = FlexibleForeignKey("sentry.Project", db_constraint=False)
# repository_project_path_config ⇒ use this to transform CODEOWNERS paths to stacktrace paths
repository_project_path_config = FlexibleForeignKey(
"sentry.RepositoryProjectPathConfig", unique=True, on_delete=models.PROTECT
)
# raw ⇒ original CODEOWNERS file.
raw = models.TextField(null=True)
# schema ⇒ transformed into IssueOwner syntax
schema = JSONField(null=True)
# override date_added from DefaultFieldsModel
date_added = models.DateTimeField(default=timezone.now)
class Meta:
app_label = "sentry"
db_table = "sentry_projectcodeowners"
__repr__ = sane_repr("project_id", "id")
@classmethod
def get_cache_key(self, project_id):
return f"projectcodeowners_project_id:1:{project_id}"
@classmethod
def get_codeowners_cached(self, project_id):
"""
Cached read access to sentry_projectcodeowners.
This method implements a negative cache which saves us
a pile of read queries in post_processing as most projects
don't have CODEOWNERS.
"""
cache_key = self.get_cache_key(project_id)
code_owners = cache.get(cache_key)
if code_owners is None:
query = self.objects.filter(project_id=project_id).order_by("-date_added") or False
code_owners = self.merge_code_owners_list(code_owners_list=query) if query else query
cache.set(cache_key, code_owners, READ_CACHE_DURATION)
return code_owners or None
@classmethod
def validate_codeowners_associations(self, codeowners, project):
from sentry.api.endpoints.project_codeowners import validate_association
from sentry.models import (
ExternalActor,
OrganizationMember,
OrganizationMemberTeam,
Project,
UserEmail,
actor_type_to_string,
)
from sentry.ownership.grammar import parse_code_owners
from sentry.types.integrations import ExternalProviders
# Get list of team/user names from CODEOWNERS file
team_names, usernames, emails = parse_code_owners(codeowners)
# Check if there exists Sentry users with the emails listed in CODEOWNERS
user_emails = UserEmail.objects.filter(
email__in=emails,
user__sentry_orgmember_set__organization=project.organization,
)
# Check if the usernames/teamnames have an association
external_actors = ExternalActor.objects.filter(
external_name__in=usernames + team_names,
organization=project.organization,
provider__in=[ExternalProviders.GITHUB.value, ExternalProviders.GITLAB.value],
)
# Convert CODEOWNERS into IssueOwner syntax
users_dict = {}
teams_dict = {}
teams_without_access = []
users_without_access = []
for external_actor in external_actors:
type = actor_type_to_string(external_actor.actor.type)
if type == "user":
user = external_actor.actor.resolve()
organization_members_ids = OrganizationMember.objects.filter(
user_id=user.id, organization_id=project.organization_id
).values_list("id", flat=True)
team_ids = OrganizationMemberTeam.objects.filter(
organizationmember_id__in=Subquery(organization_members_ids)
).values_list("team_id", flat=True)
projects = Project.objects.get_for_team_ids(Subquery(team_ids))
if project in projects:
users_dict[external_actor.external_name] = user.email
else:
users_without_access.append(f"{user.username}")
elif type == "team":
team = external_actor.actor.resolve()
# make sure the sentry team has access to the project
# tied to the codeowner
if project in team.get_projects():
teams_dict[external_actor.external_name] = f"#{team.slug}"
else:
teams_without_access.append(f"#{team.slug}")
emails_dict = {item.email: item.email for item in user_emails}
associations = {**users_dict, **teams_dict, **emails_dict}
errors = {
"missing_user_emails": validate_association(emails, user_emails, "emails"),
"missing_external_users": validate_association(usernames, external_actors, "usernames"),
"missing_external_teams": validate_association(
team_names, external_actors, "team names"
),
"teams_without_access": teams_without_access,
"users_without_access": users_without_access,
}
return associations, errors
@classmethod
def merge_code_owners_list(self, code_owners_list):
"""
Merge list of code_owners into a single code_owners object concating all the rules. We assume schema version is constant.
"""
merged_code_owners = None
for code_owners in code_owners_list:
if code_owners.schema:
if merged_code_owners is None:
merged_code_owners = code_owners
continue
merged_code_owners.schema["rules"] = [
*merged_code_owners.schema["rules"],
*code_owners.schema["rules"],
]
return merged_code_owners
def update_schema(self):
"""
Updating the schema goes through the following steps:
1. parsing the original codeowner file to get the associations
2. convert the codeowner file to the ownership syntax
3. convert the ownership syntax to the schema
"""
associations, _ = self.validate_codeowners_associations(self.raw, self.project)
issue_owner_rules = convert_codeowners_syntax(
codeowners=self.raw,
associations=associations,
code_mapping=self.repository_project_path_config,
)
# Convert IssueOwner syntax into schema syntax
try:
schema = create_schema_from_issue_owners(
issue_owners=issue_owner_rules, project_id=self.project.id
)
# Convert IssueOwner syntax into schema syntax
if schema:
self.schema = schema
self.save()
except ValidationError:
return
class Group(Model):
"""
Aggregated message which summarizes a set of Events.
"""
__core__ = False
project = FlexibleForeignKey("sentry.Project")
logger = models.CharField(max_length=64, blank=True, default=DEFAULT_LOGGER_NAME, db_index=True)
level = BoundedPositiveIntegerField(
choices=LOG_LEVELS.items(), default=logging.ERROR, blank=True, db_index=True
)
message = models.TextField()
culprit = models.CharField(
max_length=MAX_CULPRIT_LENGTH, blank=True, null=True, db_column="view"
)
num_comments = BoundedPositiveIntegerField(default=0, null=True)
platform = models.CharField(max_length=64, null=True)
status = BoundedPositiveIntegerField(
default=0,
choices=(
(GroupStatus.UNRESOLVED, _("Unresolved")),
(GroupStatus.RESOLVED, _("Resolved")),
(GroupStatus.IGNORED, _("Ignored")),
),
db_index=True,
)
times_seen = BoundedPositiveIntegerField(default=1, db_index=True)
last_seen = models.DateTimeField(default=timezone.now, db_index=True)
first_seen = models.DateTimeField(default=timezone.now, db_index=True)
first_release = FlexibleForeignKey("sentry.Release", null=True, on_delete=models.PROTECT)
resolved_at = models.DateTimeField(null=True, db_index=True)
# active_at should be the same as first_seen by default
active_at = models.DateTimeField(null=True, db_index=True)
time_spent_total = BoundedIntegerField(default=0)
time_spent_count = BoundedIntegerField(default=0)
score = BoundedIntegerField(default=0)
# deprecated, do not use. GroupShare has superseded
is_public = models.NullBooleanField(default=False, null=True)
data = GzippedDictField(blank=True, null=True)
short_id = BoundedBigIntegerField(null=True)
objects = GroupManager(cache_fields=("id",))
class Meta:
app_label = "sentry"
db_table = "sentry_groupedmessage"
verbose_name_plural = _("grouped messages")
verbose_name = _("grouped message")
permissions = (("can_view", "Can view"),)
index_together = [("project", "first_release"), ("project", "id")]
unique_together = (("project", "short_id"),)
__repr__ = sane_repr("project_id")
def __unicode__(self):
return "(%s) %s" % (self.times_seen, self.error())
def save(self, *args, **kwargs):
if not self.last_seen:
self.last_seen = timezone.now()
if not self.first_seen:
self.first_seen = self.last_seen
if not self.active_at:
self.active_at = self.first_seen
# We limit what we store for the message body
self.message = strip(self.message)
if self.message:
self.message = truncatechars(self.message.splitlines()[0], 255)
if self.times_seen is None:
self.times_seen = 1
self.score = type(self).calculate_score(
times_seen=self.times_seen, last_seen=self.last_seen
)
super(Group, self).save(*args, **kwargs)
def get_absolute_url(self, params=None):
url = reverse("sentry-organization-issue", args=[self.organization.slug, self.id])
if params:
url = url + "?" + urlencode(params)
return absolute_uri(url)
@property
def qualified_short_id(self):
if self.short_id is not None:
return "%s-%s" % (self.project.slug.upper(), base32_encode(self.short_id))
def is_over_resolve_age(self):
resolve_age = self.project.get_option("sentry:resolve_age", None)
if not resolve_age:
return False
return self.last_seen < timezone.now() - timedelta(hours=int(resolve_age))
def is_ignored(self):
return self.get_status() == GroupStatus.IGNORED
# TODO(dcramer): remove in 9.0 / after plugins no long ref
is_muted = is_ignored
def is_resolved(self):
return self.get_status() == GroupStatus.RESOLVED
def get_status(self):
# XXX(dcramer): GroupSerializer reimplements this logic
from sentry.models import GroupSnooze
status = self.status
if status == GroupStatus.IGNORED:
try:
snooze = GroupSnooze.objects.get_from_cache(group=self)
except GroupSnooze.DoesNotExist:
pass
else:
if not snooze.is_valid(group=self):
status = GroupStatus.UNRESOLVED
if status == GroupStatus.UNRESOLVED and self.is_over_resolve_age():
return GroupStatus.RESOLVED
return status
def get_share_id(self):
from sentry.models import GroupShare
try:
return GroupShare.objects.filter(group_id=self.id).values_list("uuid", flat=True)[0]
except IndexError:
# Otherwise it has not been shared yet.
return None
@classmethod
def from_share_id(cls, share_id):
if not share_id or len(share_id) != 32:
raise cls.DoesNotExist
from sentry.models import GroupShare
return cls.objects.get(id=GroupShare.objects.filter(uuid=share_id).values_list("group_id"))
def get_score(self):
return type(self).calculate_score(self.times_seen, self.last_seen)
def get_latest_event(self):
if not hasattr(self, "_latest_event"):
self._latest_event = self.get_latest_event_for_environments()
return self._latest_event
def get_latest_event_for_environments(self, environments=()):
return get_oldest_or_latest_event_for_environments(
EventOrdering.LATEST,
environments=environments,
issue_id=self.id,
project_id=self.project_id,
)
def get_oldest_event_for_environments(self, environments=()):
return get_oldest_or_latest_event_for_environments(
EventOrdering.OLDEST,
environments=environments,
issue_id=self.id,
project_id=self.project_id,
)
def get_first_release(self):
if self.first_release_id is None:
return tagstore.get_first_release(self.project_id, self.id)
return self.first_release.version
def get_last_release(self):
return tagstore.get_last_release(self.project_id, self.id)
def get_event_type(self):
"""
Return the type of this issue.
See ``sentry.eventtypes``.
"""
return self.data.get("type", "default")
def get_event_metadata(self):
"""
Return the metadata of this issue.
See ``sentry.eventtypes``.
"""
return self.data["metadata"]
@property
def title(self):
et = eventtypes.get(self.get_event_type())()
return et.get_title(self.get_event_metadata())
def location(self):
et = eventtypes.get(self.get_event_type())()
return et.get_location(self.get_event_metadata())
def error(self):
warnings.warn("Group.error is deprecated, use Group.title", DeprecationWarning)
return self.title
error.short_description = _("error")
@property
def message_short(self):
warnings.warn("Group.message_short is deprecated, use Group.title", DeprecationWarning)
return self.title
@property
def organization(self):
return self.project.organization
@property
def checksum(self):
warnings.warn("Group.checksum is no longer used", DeprecationWarning)
return ""
def get_email_subject(self):
return "%s - %s" % (self.qualified_short_id.encode("utf-8"), self.title.encode("utf-8"))
def count_users_seen(self):
return tagstore.get_groups_user_counts([self.project_id], [self.id], environment_ids=None)[
self.id
]
@classmethod
def calculate_score(cls, times_seen, last_seen):
return math.log(float(times_seen or 1)) * 600 + float(last_seen.strftime("%s"))
class SentryApp(ParanoidModel, HasApiScopes):
__core__ = True
application = models.OneToOneField(
'sentry.ApiApplication',
null=True,
on_delete=models.SET_NULL,
related_name='sentry_app',
)
# Much of the OAuth system in place currently depends on a User existing.
# This "proxy user" represents the SentryApp in those cases.
proxy_user = models.OneToOneField(
'sentry.User',
null=True,
on_delete=models.SET_NULL,
related_name='sentry_app'
)
# The Organization the Sentry App was created in "owns" it. Members of that
# Org have differing access, dependent on their role within the Org.
owner = FlexibleForeignKey('sentry.Organization',
related_name='owned_sentry_apps')
name = models.TextField()
slug = models.CharField(max_length=SENTRY_APP_SLUG_MAX_LENGTH, unique=True)
status = BoundedPositiveIntegerField(
default=SentryAppStatus.UNPUBLISHED,
choices=SentryAppStatus.as_choices(),
db_index=True,
)
uuid = models.CharField(max_length=64,
default=default_uuid)
redirect_url = models.URLField(null=True)
webhook_url = models.URLField()
# does the application subscribe to `event.alert`,
# meaning can it be used in alert rules as a {service} ?
is_alertable = models.BooleanField(default=False)
events = ArrayField(of=models.TextField, null=True)
overview = models.TextField(null=True)
schema = EncryptedJsonField(default=dict)
date_added = models.DateTimeField(default=timezone.now)
date_updated = models.DateTimeField(default=timezone.now)
class Meta:
app_label = 'sentry'
db_table = 'sentry_sentryapp'
@classmethod
def visible_for_user(cls, request):
from sentry.auth.superuser import is_active_superuser
if is_active_superuser(request):
return cls.objects.all()
user = request.user
return cls.objects.filter(
Q(status=SentryAppStatus.PUBLISHED) | Q(owner__in=user.get_orgs()),
)
@property
def organizations(self):
if not self.pk:
return Organization.objects.none()
return Organization \
.objects \
.select_related('sentry_app_installations') \
.filter(sentry_app_installations__sentry_app_id=self.id)
@property
def teams(self):
from sentry.models import Team
if not self.pk:
return Team.objects.none()
return Team.objects.filter(organization__in=self.organizations)
@property
def is_published(self):
return self.status == SentryAppStatus.PUBLISHED
def save(self, *args, **kwargs):
self._set_slug()
self.date_updated = timezone.now()
return super(SentryApp, self).save(*args, **kwargs)
def is_installed_on(self, organization):
return self.organizations.filter(pk=organization.pk).exists()
def _set_slug(self):
"""
Matches ``name``, but in lowercase, dash form.
>>> self._set_slug('My Cool App')
>>> self.slug
my-cool-app
"""
if not self.slug:
self.slug = slugify(self.name)
def build_signature(self, body):
secret = self.application.client_secret
return hmac.new(
key=secret.encode('utf-8'),
msg=body.encode('utf-8'),
digestmod=sha256,
).hexdigest()
class SentryApp(ParanoidModel, HasApiScopes):
__core__ = True
application = models.OneToOneField(
"sentry.ApiApplication", null=True, on_delete=models.SET_NULL, related_name="sentry_app"
)
# Much of the OAuth system in place currently depends on a User existing.
# This "proxy user" represents the SentryApp in those cases.
proxy_user = models.OneToOneField(
"sentry.User", null=True, on_delete=models.SET_NULL, related_name="sentry_app"
)
# The Organization the Sentry App was created in "owns" it. Members of that
# Org have differing access, dependent on their role within the Org.
owner = FlexibleForeignKey("sentry.Organization", related_name="owned_sentry_apps")
name = models.TextField()
slug = models.CharField(max_length=SENTRY_APP_SLUG_MAX_LENGTH, unique=True)
author = models.TextField(null=True)
status = BoundedPositiveIntegerField(
default=SentryAppStatus.UNPUBLISHED, choices=SentryAppStatus.as_choices(), db_index=True
)
uuid = models.CharField(max_length=64, default=default_uuid)
redirect_url = models.URLField(null=True)
webhook_url = models.URLField(null=True)
# does the application subscribe to `event.alert`,
# meaning can it be used in alert rules as a {service} ?
is_alertable = models.BooleanField(default=False)
# does the application need to wait for verification
# on behalf of the external service to know if its installations
# are successfully installed ?
verify_install = models.BooleanField(default=True)
events = ArrayField(of=models.TextField, null=True)
overview = models.TextField(null=True)
schema = EncryptedJsonField(default=dict)
date_added = models.DateTimeField(default=timezone.now)
date_updated = models.DateTimeField(default=timezone.now)
date_published = models.DateTimeField(null=True, blank=True)
class Meta:
app_label = "sentry"
db_table = "sentry_sentryapp"
@classmethod
def visible_for_user(cls, request):
from sentry.auth.superuser import is_active_superuser
if is_active_superuser(request):
return cls.objects.all()
return cls.objects.filter(status=SentryAppStatus.PUBLISHED)
# this method checks if a user from a sentry app has permission to a specific project
# for now, only checks if app is installed on the org of the project
@classmethod
def check_project_permission_for_sentry_app_user(cls, user, project):
assert user.is_sentry_app
# if the user exists, so should the sentry_app
sentry_app = cls.objects.get(proxy_user=user)
return sentry_app.is_installed_on(project.organization)
@property
def is_published(self):
return self.status == SentryAppStatus.PUBLISHED
@property
def is_unpublished(self):
return self.status == SentryAppStatus.UNPUBLISHED
@property
def is_internal(self):
return self.status == SentryAppStatus.INTERNAL
@property
def slug_for_metrics(self):
if self.is_internal:
return "internal"
if self.is_unpublished:
return "unpublished"
return self.slug
def save(self, *args, **kwargs):
self.date_updated = timezone.now()
return super(SentryApp, self).save(*args, **kwargs)
def is_installed_on(self, organization):
return SentryAppInstallation.objects.filter(organization=organization).exists()
def build_signature(self, body):
secret = self.application.client_secret
return hmac.new(
key=secret.encode("utf-8"), msg=body.encode("utf-8"), digestmod=sha256
).hexdigest()
def show_auth_info(self, access):
encoded_scopes = set({u"%s" % scope for scope in list(access.scopes)})
return set(self.scope_list).issubset(encoded_scopes)
class ReleaseFile(Model):
r"""
A ReleaseFile is an association between a Release and a File.
The ident of the file should be sha1(name) or
sha1(name '\x00\x00' dist.name) and must be unique per release.
"""
__core__ = False
organization = FlexibleForeignKey('sentry.Organization')
# DEPRECATED
project_id = BoundedBigIntegerField(null=True)
release = FlexibleForeignKey('sentry.Release')
file = FlexibleForeignKey('sentry.File')
ident = models.CharField(max_length=40)
name = models.TextField()
dist = FlexibleForeignKey('sentry.Distribution', null=True)
__repr__ = sane_repr('release', 'ident')
class Meta:
unique_together = (('release', 'ident'), )
index_together = (('release', 'name'), )
app_label = 'sentry'
db_table = 'sentry_releasefile'
def save(self, *args, **kwargs):
if not self.ident and self.name:
dist = self.dist_id and self.dist.name or None
self.ident = type(self).get_ident(self.name, dist)
return super(ReleaseFile, self).save(*args, **kwargs)
def update(self, *args, **kwargs):
# If our name is changing, we must also change the ident
if 'name' in kwargs and 'ident' not in kwargs:
dist = kwargs.get('dist') or self.dist
kwargs['ident'] = self.ident = type(self).get_ident(
kwargs['name'], dist and dist.name or dist
)
return super(ReleaseFile, self).update(*args, **kwargs)
@classmethod
def get_ident(cls, name, dist=None):
if dist is not None:
return sha1_text(name + '\x00\x00' + dist).hexdigest()
return sha1_text(name).hexdigest()
@classmethod
def normalize(cls, url):
"""Transforms a full absolute url into 2 or 4 generalized options
* the original url as input
* (optional) original url without querystring
* the full url, but stripped of scheme and netloc
* (optional) full url without scheme and netloc or querystring
"""
# Always ignore the fragment
scheme, netloc, path, query, _ = urlsplit(url)
uri_without_fragment = (scheme, netloc, path, query, None)
uri_relative = (None, None, path, query, None)
uri_without_query = (scheme, netloc, path, None, None)
uri_relative_without_query = (None, None, path, None, None)
urls = [urlunsplit(uri_without_fragment)]
if query:
urls.append(urlunsplit(uri_without_query))
urls.append('~' + urlunsplit(uri_relative))
if query:
urls.append('~' + urlunsplit(uri_relative_without_query))
return urls
