def get(self):
"""Handle a get request."""
fuzzer_logs_bucket = fuzzer_logs.get_bucket()
fuzzers = list(data_types.Fuzzer.query().order(data_types.Fuzzer.name))
jobs = data_handler.get_all_job_type_names()
corpora = [
bundle.name for bundle in data_types.DataBundle.query().order(
data_types.DataBundle.name)
]
privileged = access.has_access(need_privileged_access=True)
# Unprivileged users can't download fuzzers, so hide the download keys.
if not privileged:
for fuzzer in fuzzers:
fuzzer.blobstore_key = ''
template_values = {
'privileged': privileged,
'fuzzers': fuzzers,
'fuzzerLogsBucket': fuzzer_logs_bucket,
'fieldValues': {
'corpora': corpora,
'jobs': jobs,
'uploadInfo': gcs.prepare_blob_upload()._asdict(),
'csrfToken': form.generate_csrf_token(),
}
}
self.render('fuzzers.html', template_values)
def get(self):
"""Handle a get request."""
helpers.log('Jobs', helpers.VIEW_OPERATION)
templates = list(data_types.JobTemplate.query().order(
data_types.JobTemplate.name))
queues = get_queues()
fuzzers = [
fuzzer.name
for fuzzer in data_types.Fuzzer.query(projection=['name'])
]
result, params = get_results(self)
self.render(
'jobs.html', {
'result': result,
'templates': templates,
'fieldValues': {
'csrf_token': form.generate_csrf_token(),
'fuzzers': fuzzers,
'queues': queues,
'update_job_url': '/update-job',
'update_job_template_url': '/update-job-template',
'upload_info': gcs.prepare_blob_upload()._asdict(),
},
'params': params,
})
def get(self):
"""Handles get request."""
email = helpers.get_user_email()
if not email:
raise helpers.AccessDeniedException()
is_privileged_or_domain_user = access.has_access(
need_privileged_access=False)
if is_privileged_or_domain_user or _is_uploader_allowed(email):
# Privileged, domain and upload users can see all job and fuzzer names.
allowed_jobs = data_handler.get_all_job_type_names()
allowed_fuzzers = data_handler.get_all_fuzzer_names_including_children(
include_parents=True)
else:
# Check if this is an external user with access to certain fuzzers/jobs.
allowed_jobs = external_users.allowed_jobs_for_user(email)
allowed_fuzzers = external_users.allowed_fuzzers_for_user(
email, include_from_jobs=True)
if not allowed_fuzzers and not allowed_jobs:
raise helpers.AccessDeniedException()
has_issue_tracker = bool(data_handler.get_issue_tracker_name())
result, params = get_result()
return self.render(
'upload.html', {
'fieldValues': {
'blackboxFuzzers':
filter_blackbox_fuzzers(allowed_fuzzers),
'jobs':
allowed_jobs,
'libfuzzerTargets':
filter_target_names(allowed_fuzzers, 'libFuzzer'),
'aflTargets':
filter_target_names(allowed_fuzzers, 'afl'),
'honggfuzzTargets':
filter_target_names(allowed_fuzzers, 'honggfuzz'),
'isChromium':
utils.is_chromium(),
'sandboxedJobs':
data_types.INTERNAL_SANDBOXED_JOB_TYPES,
'csrfToken':
form.generate_csrf_token(),
'isExternalUser':
not is_privileged_or_domain_user,
'uploadInfo':
gcs.prepare_blob_upload()._asdict(),
'hasIssueTracker':
has_issue_tracker,
},
'params': params,
'result': result
})
def get(self):
"""Handles get request."""
email = helpers.get_user_email()
if not email:
raise helpers.AccessDeniedException()
is_privileged_or_domain_user = access.has_access(
need_privileged_access=False)
if is_privileged_or_domain_user or _is_uploader_allowed(email):
# Privileged, domain and upload users can see all job and fuzzer names.
allowed_jobs = data_handler.get_all_job_type_names()
allowed_fuzzers = data_handler.get_all_fuzzer_names_including_children(
include_parents=True)
else:
# Check if this is an external user with access to certain fuzzers/jobs.
allowed_jobs = external_users.allowed_jobs_for_user(email)
allowed_fuzzers = external_users.allowed_fuzzers_for_user(
email, include_from_jobs=True)
if not allowed_fuzzers and not allowed_jobs:
raise helpers.AccessDeniedException()
has_issue_tracker = bool(data_handler.get_issue_tracker_name())
result, params = get_result(self)
self.render(
"upload.html",
{
"fieldValues": {
"jobs":
allowed_jobs,
"libfuzzerTargets":
filter_target_names(allowed_fuzzers, "libFuzzer"),
"aflTargets":
filter_target_names(allowed_fuzzers, "afl"),
"isChromium":
utils.is_chromium(),
"sandboxedJobs":
data_types.INTERNAL_SANDBOXED_JOB_TYPES,
"csrfToken":
form.generate_csrf_token(),
"isExternalUser":
not is_privileged_or_domain_user,
"uploadInfo":
gcs.prepare_blob_upload()._asdict(),
"hasIssueTracker":
has_issue_tracker,
},
"params": params,
"result": result,
},
)
def get_results():
"""Get results for the jobs page."""
jobs = list(data_types.Job.query().order(data_types.Job.name))
templates = list(data_types.JobTemplate.query().order(
data_types.JobTemplate.name))
queues = get_queues()
return {
'jobs': jobs,
'templates': templates,
'fieldValues': {
'csrf_token': form.generate_csrf_token(),
'queues': queues,
'update_job_url': '/update-job',
'update_job_template_url': '/update-job-template',
'upload_info': gcs.prepare_blob_upload()._asdict(),
},
}
def before_render_json(self, values, status):
"""Add upload info when the request fails."""
values['uploadInfo'] = gcs.prepare_blob_upload()._asdict()
def post(self):
"""Serves the url."""
self.render_json({'uploadInfo': gcs.prepare_blob_upload()._asdict()})
