def query_users(self, query, request):
if not query:
return
try:
bugzilla = Bugzilla(get_bugzilla_api_key(request.user))
except BugzillaError as e:
raise UserQueryError('Bugzilla error: %s' % e.msg)
try:
# We don't want to auto populate just any user because Bugzilla has
# over 300,000 users and most of them aren't relevant to MozReview.
#
# So, we only auto import users if they have IRC nick syntax or
# if the search matches them exactly.
def user_relevant(u):
if BZ_IRCNICK_RE.search(u['real_name']):
return True
if u['email'] == query:
return True
# This might allow too many users through. Let's not get too
# attached to this.
if u['real_name'] == query:
return True
return False
users = bugzilla.query_users(query)
users['users'] = [u for u in users['users'] if user_relevant(u)]
get_or_create_bugzilla_users(users)
except BugzillaError as e:
raise UserQueryError('Bugzilla error: %s' % e.msg)
def get_user_from_irc_nick(self, irc_nick):
irc_nick = irc_nick.lstrip(":").lower()
users = get_or_create_bugzilla_users(self.query_users(":" + irc_nick))
for user in users:
if user.username.lower() == irc_nick:
return user
raise User.DoesNotExist()
def get_user_from_irc_nick(self, irc_nick):
irc_nick = irc_nick.lstrip(":").lower()
users = get_or_create_bugzilla_users(self.query_users(":" + irc_nick))
for user in users:
if user.username.lower() == irc_nick:
return user
raise User.DoesNotExist()
def get_or_create_user(self, username, request):
"""Always check Bugzilla for updates."""
username = username.strip()
try:
bugzilla = Bugzilla(get_bugzilla_api_key(request.user))
except BugzillaUrlError:
return None
except BugzillaError:
raise PermissionDenied
user_data = bugzilla.get_user(username)
if not user_data:
raise self.bz_error_response(request)
# Just store the results.
get_or_create_bugzilla_users(user_data)
try:
return User.objects.get(username=username)
except User.DoesNotExist:
return None
def get_or_create_user(self, username, request):
"""Always check Bugzilla for updates."""
username = username.strip()
try:
bugzilla = Bugzilla(get_bugzilla_api_key(request.user))
except BugzillaUrlError:
return None
except BugzillaError:
raise PermissionDenied
user_data = bugzilla.get_user(username)
if not user_data:
raise self.bz_error_response(request)
# Just store the results.
get_or_create_bugzilla_users(user_data)
try:
return User.objects.get(username=username)
except User.DoesNotExist:
return None
def query_users(self, query, request):
if not query:
return
try:
bugzilla = Bugzilla(get_bugzilla_api_key(request.user))
except BugzillaError as e:
raise UserQueryError('Bugzilla error: %s' % e.msg)
try:
# We don't want to auto populate just any user because Bugzilla has
# over 300,000 users and most of them aren't relevant to MozReview.
#
# So, we only auto import users if they have IRC nick syntax or
# if the search matches them exactly.
def user_relevant(u):
if BMO_IRC_NICK_RE.search(u['real_name']):
return True
if u['email'] == query:
return True
# This might allow too many users through. Let's not get too
# attached to this.
if u['real_name'] == query:
return True
return False
users = bugzilla.query_users(query)
users['users'] = [u for u in users['users'] if user_relevant(u)]
logger.info(
'importing Bugzilla users from query "%s": %s' %
(query, ', '.join(sorted(u['email'] for u in users['users']))))
get_or_create_bugzilla_users(users)
except BugzillaError as e:
raise UserQueryError('Bugzilla error: %s' % e.msg)
def authenticate(self, username, password, cookie=False):
username = username.strip()
# If the user provides an email address when authenticating,
# it is checked against Review Board's email field in the User
# Model. If a match is found, the email will be translated into
# the username field before being passed into this method's
# 'username' argument.
#
# If a match is not found, 'username' will contain whatever was
# entered, which may be the Bugzilla login (email address) for a
# user who does not yet have an entry in the Review Board
# database.
if not cookie:
try:
username = User.objects.get(username=username).email
except User.DoesNotExist:
pass
# There is a *tiny* probability that this will not work, but only if
# user A changes their email address, then user B changes their email
# address to user A's old email, and Review Board doesn't pick up
# user A's change because they aren't currently involved in any
# Review Board reviews. In this case 'username' would have resolved
# to user A's address. There's no easy way to detect this without
# a search on Bugzilla before every log in, and I (mcote) don't think
# that's worth it for such an improbable event.
#
# This also applies to changes to the user's username, since it has
# to be unique (see get_or_create_bugzilla_users()).
try:
bugzilla = Bugzilla()
except BugzillaUrlError:
logging.warn('Login failure for user %s: Bugzilla URL not set.'
% username)
return None
try:
user_data = bugzilla.log_in(username, password, cookie)
except BugzillaError as e:
logging.error('Login failure for user %s: %s' % (username, e))
return None
if not user_data:
return None
users = get_or_create_bugzilla_users(user_data)
if not users:
logging.error('Login failure for user %s: failed to create user.'
% username)
return None
user = users[0]
if not user.is_active:
logging.error('Login failure for user %s: user is not active.'
% username)
return None
return user
def authenticate(self, username, password, cookie=False):
username = username.strip()
logger.info('Login attempt (password) for user %s: ' % username)
# If the user provides an email address when authenticating,
# it is checked against Review Board's email field in the User
# Model. If a match is found, the email will be translated into
# the username field before being passed into this method's
# 'username' argument.
#
# If a match is not found, 'username' will contain whatever was
# entered, which may be the Bugzilla login (email address) for a
# user who does not yet have an entry in the Review Board
# database.
if not cookie:
try:
username = User.objects.get(username=username).email
except User.DoesNotExist:
pass
# There is a *tiny* probability that this will not work, but only if
# user A changes their email address, then user B changes their email
# address to user A's old email, and Review Board doesn't pick up
# user A's change because they aren't currently involved in any
# Review Board reviews. In this case 'username' would have resolved
# to user A's address. There's no easy way to detect this without
# a search on Bugzilla before every log in, and I (mcote) don't think
# that's worth it for such an improbable event.
#
# This also applies to changes to the user's username, since it has
# to be unique (see get_or_create_bugzilla_users()).
try:
bugzilla = Bugzilla()
except BugzillaUrlError:
logger.warn('Login failure (password) for user %s: Bugzilla URL '
' not set.' % username)
return None
try:
user_data = bugzilla.log_in(username, password, cookie)
except BugzillaError as e:
logger.error('Login failure (password) for user %s: %s' %
(username, e))
return None
if not user_data:
return None
users = get_or_create_bugzilla_users(user_data)
if not users:
logger.error('Login failure (password) for user %s: failed to '
'create user.' % username)
return None
user = users[0]
if not user.is_active:
logger.error('Login failure (password) for user %s: user is not '
'active.' % username)
return None
logger.info('Login successful (password) for user %s: ' % username)
return user
