def wrapper(task, id_or_path, *args, **kwargs): # This is necessary to prevent timeout exceptions from being set # as our result, and replacing the partial validation results we'd # prefer to return. task.ignore_result = True try: data = fn(id_or_path, **kwargs) results = json.loads(force_text(data)) return results except UnsupportedFileType as exc: results = deepcopy(amo.VALIDATOR_SKELETON_RESULTS) annotations.insert_validation_message( results, type_='error', message=exc.message, msg_id='unsupported_filetype') return results except BadZipfile: results = deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT) annotations.insert_validation_message( results, type_='error', message=ugettext('Invalid or corrupt add-on file.')) return results except Exception as exc: log.exception('Unhandled error during validation: %r' % exc) results = deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT) return results finally: # But we do want to return the results after that exception has # been handled. task.ignore_result = False
def wrapper(task, akismet_results, id_or_path, **kwargs): # This is necessary to prevent timeout exceptions from being set # as our result, and replacing the partial validation results we'd # prefer to return. task.ignore_result = True try: data = fn(id_or_path, **kwargs) results = json.loads(force_text(data)) if akismet_results: annotations.annotate_akismet_spam_check( results, akismet_results) return results except UnsupportedFileType as exc: results = deepcopy(amo.VALIDATOR_SKELETON_RESULTS) annotations.insert_validation_message( results, type_='error', message=exc.message, msg_id='unsupported_filetype', compatibility_type=None) return results except Exception as exc: log.exception('Unhandled error during validation: %r' % exc) return deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT) finally: # But we do want to return a result after that exception has # been handled. task.ignore_result = False
def wrapper(task, id_or_path, *args, **kwargs): # This is necessary to prevent timeout exceptions from being set # as our result, and replacing the partial validation results we'd # prefer to return. task.ignore_result = True try: data = fn(id_or_path, **kwargs) results = json.loads(force_text(data)) return results except UnsupportedFileType as exc: results = deepcopy(amo.VALIDATOR_SKELETON_RESULTS) annotations.insert_validation_message( results, type_='error', message=exc.message, msg_id='unsupported_filetype') return results except BadZipfile: results = deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT) annotations.insert_validation_message( results, type_='error', message=ugettext('Invalid or corrupt add-on file.')) return results except Exception as exc: log.exception('Unhandled error during validation: %r' % exc) results = deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT) return results finally: # But we do want to return the results after that exception has # been handled. task.ignore_result = False
def wrapper(task, results, pk, *args, **kwargs): # This is necessary to prevent timeout exceptions from being set as our # result, and replacing the partial validation results we'd prefer to # return. task.ignore_result = True try: # All validation tasks should receive `results`. if not results: raise Exception('Unexpected call to a validation task without ' '`results`') if results['errors'] > 0: return results return fn(results, pk, *args, **kwargs) except UnsupportedFileType as exc: results = deepcopy(amo.VALIDATOR_SKELETON_RESULTS) annotations.insert_validation_message( results, type_='error', message=exc.message, msg_id='unsupported_filetype') return results except BadZipfile: results = deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT) annotations.insert_validation_message( results, type_='error', message=ugettext('Invalid or corrupt add-on file.')) return results except Exception as exc: log.exception('Unhandled error during validation: %r' % exc) results = deepcopy(amo.VALIDATOR_SKELETON_EXCEPTION_WEBEXT) return results finally: # But we do want to return the results after that exception has # been handled. task.ignore_result = False
def check_for_api_keys_in_file(results, upload_pk): upload = FileUpload.objects.get(pk=upload_pk) if upload.addon: users = upload.addon.authors.all() else: users = [upload.user] if upload.user else [] keys = [] for user in users: try: key = APIKey.get_jwt_key(user_id=user.id) keys.append(key) except APIKey.DoesNotExist: pass try: if len(keys) > 0: zipfile = SafeZip(source=upload.path) for zipinfo in zipfile.info_list: if zipinfo.file_size >= 64: file_ = zipfile.read(zipinfo) for key in keys: if key.secret in file_.decode(errors='ignore'): log.info('Developer API key for user %s found in ' 'submission.' % key.user) if key.user == upload.user: msg = gettext('Your developer API key was ' 'found in the submitted file. ' 'To protect your account, the ' 'key will be revoked.') else: msg = gettext('The developer API key of a ' 'coauthor was found in the ' 'submitted file. To protect ' 'your add-on, the key will be ' 'revoked.') annotations.insert_validation_message( results, type_='error', message=msg, msg_id='api_key_detected', compatibility_type=None, ) # Revoke after 2 minutes to allow the developer to # fetch the validation results revoke_api_key.apply_async( kwargs={'key_id': key.id}, countdown=120) zipfile.close() except (ValidationError, BadZipFile, IOError): pass return results
def check_for_api_keys_in_file(results, upload): if upload.addon: users = upload.addon.authors.all() else: users = [upload.user] if upload.user else [] keys = [] for user in users: try: key = APIKey.get_jwt_key(user_id=user.id) keys.append(key) except APIKey.DoesNotExist: pass if len(keys) > 0: zipfile = SafeZip(source=upload.path) for zipinfo in zipfile.info_list: if zipinfo.file_size >= 64: file_ = zipfile.read(zipinfo) for key in keys: if key.secret in file_.decode(errors="ignore"): log.info('Developer API key for user %s found in ' 'submission.' % key.user) if key.user == upload.user: msg = ugettext('Your developer API key was found ' 'in the submitted file. To protect ' 'your account, the key will be ' 'revoked.') else: msg = ugettext('The developer API key of a ' 'coauthor was found in the ' 'submitted file. To protect your ' 'add-on, the key will be revoked.') annotations.insert_validation_message( results, type_='error', message=msg, msg_id='api_key_detected', compatibility_type=None) # Revoke after 2 minutes to allow the developer to # fetch the validation results revoke_api_key.apply_async( kwargs={'key_id': key.id}, countdown=120) zipfile.close() return results