def wrapper(task, id_or_path, *args, **kwargs):
# This is necessary to prevent timeout exceptions from being set
# as our result, and replacing the partial validation results we'd
# prefer to return.
task.ignore_result = True
try:
data = fn(id_or_path, **kwargs)
results = json.loads(force_text(data))
return results
except UnsupportedFileType as exc:
results = deepcopy(amo.VALIDATOR_SKELETON_RESULTS)
annotations.insert_validation_message(
results, type_='error',
message=exc.message, msg_id='unsupported_filetype')
return results
except BadZipfile:
results = deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT)
annotations.insert_validation_message(
results, type_='error',
message=ugettext('Invalid or corrupt add-on file.'))
return results
except Exception as exc:
log.exception('Unhandled error during validation: %r' % exc)
results = deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT)
return results
finally:
# But we do want to return the results after that exception has
# been handled.
task.ignore_result = False
def wrapper(task, akismet_results, id_or_path, **kwargs):
# This is necessary to prevent timeout exceptions from being set
# as our result, and replacing the partial validation results we'd
# prefer to return.
task.ignore_result = True
try:
data = fn(id_or_path, **kwargs)
results = json.loads(force_text(data))
if akismet_results:
annotations.annotate_akismet_spam_check(
results, akismet_results)
return results
except UnsupportedFileType as exc:
results = deepcopy(amo.VALIDATOR_SKELETON_RESULTS)
annotations.insert_validation_message(
results,
type_='error',
message=exc.message,
msg_id='unsupported_filetype',
compatibility_type=None)
return results
except Exception as exc:
log.exception('Unhandled error during validation: %r' % exc)
return deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT)
finally:
# But we do want to return a result after that exception has
# been handled.
task.ignore_result = False
def wrapper(task, id_or_path, *args, **kwargs):
# This is necessary to prevent timeout exceptions from being set
# as our result, and replacing the partial validation results we'd
# prefer to return.
task.ignore_result = True
try:
data = fn(id_or_path, **kwargs)
results = json.loads(force_text(data))
return results
except UnsupportedFileType as exc:
results = deepcopy(amo.VALIDATOR_SKELETON_RESULTS)
annotations.insert_validation_message(
results, type_='error',
message=exc.message, msg_id='unsupported_filetype')
return results
except BadZipfile:
results = deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT)
annotations.insert_validation_message(
results, type_='error',
message=ugettext('Invalid or corrupt add-on file.'))
return results
except Exception as exc:
log.exception('Unhandled error during validation: %r' % exc)
results = deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT)
return results
finally:
# But we do want to return the results after that exception has
# been handled.
task.ignore_result = False
def wrapper(task, results, pk, *args, **kwargs):
# This is necessary to prevent timeout exceptions from being set as our
# result, and replacing the partial validation results we'd prefer to
# return.
task.ignore_result = True
try:
# All validation tasks should receive `results`.
if not results:
raise Exception('Unexpected call to a validation task without '
'`results`')
if results['errors'] > 0:
return results
return fn(results, pk, *args, **kwargs)
except UnsupportedFileType as exc:
results = deepcopy(amo.VALIDATOR_SKELETON_RESULTS)
annotations.insert_validation_message(
results, type_='error',
message=exc.message, msg_id='unsupported_filetype')
return results
except BadZipfile:
results = deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT)
annotations.insert_validation_message(
results, type_='error',
message=ugettext('Invalid or corrupt add-on file.'))
return results
except Exception as exc:
log.exception('Unhandled error during validation: %r' % exc)
results = deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT)
return results
finally:
# But we do want to return the results after that exception has
# been handled.
task.ignore_result = False
def check_for_api_keys_in_file(results, upload_pk):
upload = FileUpload.objects.get(pk=upload_pk)
if upload.addon:
users = upload.addon.authors.all()
else:
users = [upload.user] if upload.user else []
keys = []
for user in users:
try:
key = APIKey.get_jwt_key(user_id=user.id)
keys.append(key)
except APIKey.DoesNotExist:
pass
try:
if len(keys) > 0:
zipfile = SafeZip(source=upload.path)
for zipinfo in zipfile.info_list:
if zipinfo.file_size >= 64:
file_ = zipfile.read(zipinfo)
for key in keys:
if key.secret in file_.decode(errors='ignore'):
log.info('Developer API key for user %s found in '
'submission.' % key.user)
if key.user == upload.user:
msg = gettext('Your developer API key was '
'found in the submitted file. '
'To protect your account, the '
'key will be revoked.')
else:
msg = gettext('The developer API key of a '
'coauthor was found in the '
'submitted file. To protect '
'your add-on, the key will be '
'revoked.')
annotations.insert_validation_message(
results,
type_='error',
message=msg,
msg_id='api_key_detected',
compatibility_type=None,
)
# Revoke after 2 minutes to allow the developer to
# fetch the validation results
revoke_api_key.apply_async(
kwargs={'key_id': key.id}, countdown=120)
zipfile.close()
except (ValidationError, BadZipFile, IOError):
pass
return results
def check_for_api_keys_in_file(results, upload):
if upload.addon:
users = upload.addon.authors.all()
else:
users = [upload.user] if upload.user else []
keys = []
for user in users:
try:
key = APIKey.get_jwt_key(user_id=user.id)
keys.append(key)
except APIKey.DoesNotExist:
pass
if len(keys) > 0:
zipfile = SafeZip(source=upload.path)
for zipinfo in zipfile.info_list:
if zipinfo.file_size >= 64:
file_ = zipfile.read(zipinfo)
for key in keys:
if key.secret in file_.decode(errors="ignore"):
log.info('Developer API key for user %s found in '
'submission.' % key.user)
if key.user == upload.user:
msg = ugettext('Your developer API key was found '
'in the submitted file. To protect '
'your account, the key will be '
'revoked.')
else:
msg = ugettext('The developer API key of a '
'coauthor was found in the '
'submitted file. To protect your '
'add-on, the key will be revoked.')
annotations.insert_validation_message(
results, type_='error',
message=msg, msg_id='api_key_detected',
compatibility_type=None)
# Revoke after 2 minutes to allow the developer to
# fetch the validation results
revoke_api_key.apply_async(
kwargs={'key_id': key.id}, countdown=120)
zipfile.close()
return results
