def setUp(self):
test_helpers.patch_environ(self)
flaskapp = flask.Flask('testflask')
flaskapp.add_url_rule(
'/apply-ccs',
view_func=oss_fuzz_apply_ccs.Handler.as_view('/apply-ccs'))
self.app = webtest.TestApp(flaskapp)
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='job',
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=False,
auto_cc=data_types.AutoCCType.ALL).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='job',
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=False,
auto_cc=data_types.AutoCCType.ALL).put()
test_helpers.patch(self, [
'clusterfuzz._internal.base.utils.utcnow',
'handlers.base_handler.Handler.is_cron',
'libs.issue_management.issue_tracker.IssueTracker.get_original_issue',
'libs.issue_management.issue_tracker_policy.get',
'libs.issue_management.issue_tracker_utils.'
'get_issue_tracker_for_testcase',
])
self.itm = IssueTrackerManager('oss-fuzz')
self.mock.get_issue_tracker_for_testcase.return_value = (
monorail.IssueTracker(self.itm))
self.mock.utcnow.return_value = datetime.datetime(2016, 1, 1)
self.mock.get.return_value = OSS_FUZZ_POLICY
self.mock.get_original_issue.side_effect = get_original_issue
self.job = data_types.Job(name='job', environment_string='')
self.job.put()
data_types.Testcase(open=True,
status='Processed',
bug_information='1337',
job_type='job').put()
data_types.Testcase(open=True,
status='Processed',
bug_information='1338',
job_type='job').put()
data_types.Testcase(open=True,
status='Processed',
bug_information='1339',
job_type='job').put()
data_types.Testcase(open=True,
status='Processed',
bug_information='1340',
job_type='job').put()
def setUp(self):
test_helpers.patch(self, [
'libs.auth.get_current_user',
'libs.auth.is_current_user_admin',
'handlers.fuzzer_stats.build_results',
])
self.mock.build_results.return_value = json.dumps({})
flaskapp = flask.Flask('testflask')
flaskapp.add_url_rule(
'/fuzzer-stats/load',
view_func=fuzzer_stats.LoadHandler.as_view('/fuzzer-stats/load'))
self.app = webtest.TestApp(flaskapp)
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_kind=data_types.PermissionEntityKind.JOB,
entity_name='job1',
is_prefix=False,
auto_cc=data_types.AutoCCType.ALL).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_kind=data_types.PermissionEntityKind.JOB,
entity_name='job2',
is_prefix=False,
auto_cc=data_types.AutoCCType.ALL).put()
data_types.Job(name='job1').put()
data_types.Job(name='job2').put()
data_types.Job(name='job3').put()
def post(self):
"""Handle a post request."""
email = utils.normalize_email(request.get('email'))
entity_kind = request.get('entity_kind')
entity_name = request.get('entity_name')
is_prefix = request.get('is_prefix')
auto_cc = request.get('auto_cc')
if not email:
raise helpers.EarlyExitException('No email provided.', 400)
if not entity_kind or entity_kind == 'undefined':
raise helpers.EarlyExitException('No entity_kind provided.', 400)
entity_kind = get_value_by_name(USER_PERMISSION_ENTITY_KINDS, entity_kind)
if entity_kind is None:
raise helpers.EarlyExitException('Invalid entity_kind provided.', 400)
if entity_kind == data_types.PermissionEntityKind.UPLOADER:
# Enforce null values for entity name and auto-cc when uploader is chosen.
entity_name = None
auto_cc = data_types.AutoCCType.NONE
else:
if not entity_name:
raise helpers.EarlyExitException('No entity_name provided.', 400)
if not auto_cc or auto_cc == 'undefined':
raise helpers.EarlyExitException('No auto_cc provided.', 400)
auto_cc = get_value_by_name(USER_PERMISSION_AUTO_CC_TYPES, auto_cc)
if auto_cc is None:
raise helpers.EarlyExitException('Invalid auto_cc provided.', 400)
# Check for existing permission.
query = data_types.ExternalUserPermission.query(
data_types.ExternalUserPermission.email == email,
data_types.ExternalUserPermission.entity_kind == entity_kind,
data_types.ExternalUserPermission.entity_name == entity_name)
permission = query.get()
if not permission:
# Doesn't exist, create new one.
permission = data_types.ExternalUserPermission(
email=email, entity_kind=entity_kind, entity_name=entity_name)
permission.is_prefix = bool(is_prefix)
permission.auto_cc = auto_cc
permission.put()
helpers.log('Configuration', helpers.MODIFY_OPERATION)
template_values = {
'title':
'Success',
'message': (f'User {email} permission for entity {entity_name} '
'is successfully added. '
'Redirecting to the configuration page...'),
'redirect_url':
'/configuration',
}
return self.render('message.html', template_values)
def sync_user_permissions(self, project, info):
"""Sync permissions of project based on project.yaml."""
ccs = ccs_from_info(info)
for template in get_jobs_for_project(project, info):
job_name = template.job_name(project, self._config_suffix)
# Delete removed CCs.
existing_ccs = data_types.ExternalUserPermission.query(
data_types.ExternalUserPermission.entity_kind ==
data_types.PermissionEntityKind.JOB,
data_types.ExternalUserPermission.entity_name == job_name)
ndb_utils.delete_multi([
permission.key for permission in existing_ccs
if permission.email not in ccs
])
for cc in ccs:
query = data_types.ExternalUserPermission.query(
data_types.ExternalUserPermission.email == cc,
data_types.ExternalUserPermission.entity_kind ==
data_types.PermissionEntityKind.JOB,
data_types.ExternalUserPermission.entity_name == job_name)
existing_permission = query.get()
if existing_permission:
continue
data_types.ExternalUserPermission(
email=cc,
entity_kind=data_types.PermissionEntityKind.JOB,
entity_name=job_name,
is_prefix=False,
auto_cc=data_types.AutoCCType.ALL).put()
def test_allowed(self):
"""Ensure it is true when check_user_access allows for a specific
job_type."""
data_types.ExternalUserPermission(
email=self.email,
entity_name='job',
entity_kind=data_types.PermissionEntityKind.JOB,
auto_cc=data_types.AutoCCType.ALL).put()
self.testcase.job_type = 'job'
self.testcase.fuzzer_name = 'fuzzer'
self.testcase.security_flag = True
self.assertTrue(access.can_user_access_testcase(self.testcase))
def setUp(self):
helpers.patch_environ(self)
# Fake permissions.
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='fuzzer',
entity_kind=data_types.PermissionEntityKind.FUZZER,
auto_cc=data_types.AutoCCType.ALL).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='fuzz',
entity_kind=data_types.PermissionEntityKind.FUZZER,
is_prefix=True,
auto_cc=data_types.AutoCCType.SECURITY).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='parent_',
entity_kind=data_types.PermissionEntityKind.FUZZER,
is_prefix=True,
auto_cc=data_types.AutoCCType.NONE).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='parent',
entity_kind=data_types.PermissionEntityKind.FUZZER,
auto_cc=data_types.AutoCCType.NONE).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='parent_cg',
entity_kind=data_types.PermissionEntityKind.FUZZER,
is_prefix=True,
auto_cc=data_types.AutoCCType.NONE).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='parens',
entity_kind=data_types.PermissionEntityKind.FUZZER,
is_prefix=True,
auto_cc=data_types.AutoCCType.NONE).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='parent',
entity_kind=data_types.PermissionEntityKind.FUZZER,
is_prefix=True,
auto_cc=data_types.AutoCCType.ALL).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='job',
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=False,
auto_cc=data_types.AutoCCType.ALL).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='job',
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=True,
auto_cc=data_types.AutoCCType.ALL).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='job2',
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=False,
auto_cc=data_types.AutoCCType.ALL).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='job',
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=False,
auto_cc=data_types.AutoCCType.NONE).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='job2',
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=False,
auto_cc=data_types.AutoCCType.NONE).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='job',
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=False,
auto_cc=data_types.AutoCCType.NONE).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='job3',
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=False,
auto_cc=data_types.AutoCCType.NONE).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name=None,
entity_kind=data_types.PermissionEntityKind.UPLOADER,
is_prefix=False,
auto_cc=data_types.AutoCCType.NONE).put()
# Fake fuzzers.
data_types.Fuzzer(name='fuzzer').put()
data_types.Fuzzer(name='parent', jobs=['job', 'job2', 'job3']).put()
data_types.Job(name='job').put()
data_types.Job(name='job2').put()
data_types.Job(name='job3').put()
data_types.FuzzTarget(engine='parent',
binary='child',
project='test-project').put()
data_types.FuzzTargetJob(fuzz_target_name='parent_child',
job='job',
last_run=datetime.datetime.utcnow()).put()
data_types.FuzzTarget(engine='parent',
binary='child2',
project='test-project').put()
data_types.FuzzTargetJob(fuzz_target_name='parent_child2',
job='job',
last_run=datetime.datetime.utcnow()).put()
data_types.FuzzTarget(engine='parent',
binary='child',
project='test-project').put()
data_types.FuzzTargetJob(fuzz_target_name='parent_child',
job='job3',
last_run=datetime.datetime.utcnow()).put()
def setUp(self):
data_types.Job(name='job1',
environment_string=
'ISSUE_VIEW_RESTRICTIONS = all\nPROJECT_NAME = proj',
platform='linux').put()
data_types.Job(name='job2',
environment_string='ISSUE_VIEW_RESTRICTIONS = security',
platform='linux').put()
data_types.Job(name='job3',
environment_string='ISSUE_VIEW_RESTRICTIONS = none',
platform='linux').put()
data_types.Job(name='chromeos_job4',
environment_string='',
platform='linux').put()
data_types.Job(name='ios_job', environment_string='',
platform='mac').put()
testcase_args = {
'crash_type': 'Heap-use-after-free',
'crash_address': '0x1337',
'crash_state': '1\n2\n3\n',
'crash_stacktrace': 'stack\n',
'fuzzer_name': 'fuzzer',
}
self.testcase1 = data_types.Testcase(job_type='job1', **testcase_args)
self.testcase1.put()
self.testcase1_security = data_types.Testcase(security_flag=True,
job_type='job1',
**testcase_args)
self.testcase1_security.put()
self.testcase2 = data_types.Testcase(job_type='job2', **testcase_args)
self.testcase2.put()
self.testcase2_security = data_types.Testcase(security_flag=True,
job_type='job2',
**testcase_args)
self.testcase2_security.put()
self.testcase3 = data_types.Testcase(job_type='job3', **testcase_args)
self.testcase3.put()
self.testcase3_security = data_types.Testcase(job_type='job3',
security_flag=True,
**testcase_args)
self.testcase3_security.put()
self.testcase4 = data_types.Testcase(job_type='chromeos_job4',
**testcase_args)
self.testcase4.put()
self.testcase5 = data_types.Testcase(
job_type='job',
additional_metadata=(
'{"issue_labels": "label1 , label2,,", '
'"issue_components": "component1,component2"}'),
**testcase_args)
self.testcase5.put()
self.testcase6 = data_types.Testcase(job_type='job',
additional_metadata='invalid',
**testcase_args)
self.testcase6.put()
self.testcase7 = data_types.Testcase(job_type='ios_job4',
**testcase_args)
self.testcase7.put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='job2',
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=False,
auto_cc=data_types.AutoCCType.ALL).put()
data_types.ExternalUserPermission(
email='*****@*****.**',
entity_name='job3',
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=False,
auto_cc=data_types.AutoCCType.SECURITY).put()
helpers.patch(self, [
'clusterfuzz._internal.base.utils.utcnow',
'clusterfuzz._internal.datastore.data_handler.get_issue_description',
'libs.issue_management.issue_tracker_policy.get',
])
self.mock.get_issue_description.return_value = 'Issue'
self.mock.utcnow.return_value = datetime.datetime(2016, 1, 1)
def _make_permissions(is_prefix, name):
perm = data_types.ExternalUserPermission()
perm.entity_name = name
perm.is_prefix = is_prefix
return perm
