def setUp(self): test_helpers.patch(self, [ 'libs.auth.get_current_user', 'libs.auth.is_current_user_admin', 'handlers.fuzzer_stats.build_results', ]) self.mock.build_results.return_value = json.dumps({}) self.app = webtest.TestApp( webapp2.WSGIApplication([('/fuzzer-stats/load', fuzzer_stats.LoadHandler)])) data_types.ExternalUserPermission( email='*****@*****.**', entity_kind=data_types.PermissionEntityKind.JOB, entity_name='job1', is_prefix=False, auto_cc=data_types.AutoCCType.ALL).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_kind=data_types.PermissionEntityKind.JOB, entity_name='job2', is_prefix=False, auto_cc=data_types.AutoCCType.ALL).put() data_types.Job(name='job1').put() data_types.Job(name='job2').put() data_types.Job(name='job3').put()
def setUp(self): test_helpers.patch(self, [ 'libs.auth.get_current_user', 'libs.auth.is_current_user_admin', 'handlers.fuzzer_stats.build_results', ]) self.mock.build_results.return_value = json.dumps({}) flaskapp = flask.Flask('testflask') flaskapp.add_url_rule( '/fuzzer-stats/load', view_func=fuzzer_stats.LoadHandler.as_view('/fuzzer-stats/load')) self.app = webtest.TestApp(flaskapp) data_types.ExternalUserPermission( email='*****@*****.**', entity_kind=data_types.PermissionEntityKind.JOB, entity_name='job1', is_prefix=False, auto_cc=data_types.AutoCCType.ALL).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_kind=data_types.PermissionEntityKind.JOB, entity_name='job2', is_prefix=False, auto_cc=data_types.AutoCCType.ALL).put() data_types.Job(name='job1').put() data_types.Job(name='job2').put() data_types.Job(name='job3').put()
def setUp(self): test_helpers.patch_environ(self) flaskapp = flask.Flask('testflask') flaskapp.add_url_rule( '/apply-ccs', view_func=oss_fuzz_apply_ccs.Handler.as_view('/apply-ccs')) self.app = webtest.TestApp(flaskapp) data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.ALL).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.ALL).put() test_helpers.patch(self, [ 'base.utils.utcnow', 'handlers.base_handler.Handler.is_cron', 'libs.issue_management.issue_tracker.IssueTracker.get_original_issue', 'libs.issue_management.issue_tracker_policy.get', 'libs.issue_management.issue_tracker_utils.' 'get_issue_tracker_for_testcase', ]) self.itm = IssueTrackerManager('oss-fuzz') self.mock.get_issue_tracker_for_testcase.return_value = ( monorail.IssueTracker(self.itm)) self.mock.utcnow.return_value = datetime.datetime(2016, 1, 1) self.mock.get.return_value = OSS_FUZZ_POLICY self.mock.get_original_issue.side_effect = get_original_issue data_types.Testcase(open=True, status='Processed', bug_information='1337', job_type='job').put() data_types.Testcase(open=True, status='Processed', bug_information='1338', job_type='job').put() data_types.Testcase(open=True, status='Processed', bug_information='1339', job_type='job').put() data_types.Testcase(open=True, status='Processed', bug_information='1340', job_type='job').put()
def setUp(self): test_helpers.patch_environ(self) self.app = webtest.TestApp( webapp2.WSGIApplication([('/apply-ccs', oss_fuzz_apply_ccs.Handler) ])) data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.ALL).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.ALL).put() test_helpers.patch(self, [ 'base.utils.utcnow', 'handlers.base_handler.Handler.is_cron', 'issue_management.issue_tracker_utils.get_issue_tracker_for_testcase', ]) self.itm = IssueTrackerManager('oss-fuzz') self.mock.get_issue_tracker_for_testcase.return_value = ( monorail.IssueTracker(self.itm)) self.mock.utcnow.return_value = datetime.datetime(2016, 1, 1) data_types.Testcase(open=True, status='Processed', bug_information='1337', job_type='job').put() data_types.Testcase(open=True, status='Processed', bug_information='1338', job_type='job').put() data_types.Testcase(open=True, status='Processed', bug_information='1339', job_type='job').put() data_types.Testcase(open=True, status='Processed', bug_information='1340', job_type='job').put()
def post(self): """Handle a post request.""" email = utils.normalize_email(self.request.get('email')) entity_kind = self.request.get('entity_kind') entity_name = self.request.get('entity_name') is_prefix = self.request.get('is_prefix') auto_cc = self.request.get('auto_cc') if not email: raise helpers.EarlyExitException('No email provided.', 400) if not entity_kind or entity_kind == 'undefined': raise helpers.EarlyExitException('No entity_kind provided.', 400) entity_kind = get_value_by_name(USER_PERMISSION_ENTITY_KINDS, entity_kind) if entity_kind is None: raise helpers.EarlyExitException('Invalid entity_kind provided.', 400) if entity_kind == data_types.PermissionEntityKind.UPLOADER: # Enforce null values for entity name and auto-cc when uploader is chosen. entity_name = None auto_cc = data_types.AutoCCType.NONE else: if not entity_name: raise helpers.EarlyExitException('No entity_name provided.', 400) if not auto_cc or auto_cc == 'undefined': raise helpers.EarlyExitException('No auto_cc provided.', 400) auto_cc = get_value_by_name(USER_PERMISSION_AUTO_CC_TYPES, auto_cc) if auto_cc is None: raise helpers.EarlyExitException('Invalid auto_cc provided.', 400) # Check for existing permission. query = data_types.ExternalUserPermission.query( data_types.ExternalUserPermission.email == email, data_types.ExternalUserPermission.entity_kind == entity_kind, data_types.ExternalUserPermission.entity_name == entity_name) permission = query.get() if not permission: # Doesn't exist, create new one. permission = data_types.ExternalUserPermission( email=email, entity_kind=entity_kind, entity_name=entity_name) permission.is_prefix = bool(is_prefix) permission.auto_cc = auto_cc permission.put() helpers.log('Configuration', helpers.MODIFY_OPERATION) template_values = { 'title': 'Success', 'message': ('User %s permission for entity %s is successfully added. ' 'Redirecting to the configuration page...') % (email, entity_name), 'redirect_url': '/configuration', } self.render('message.html', template_values)
def sync_user_permissions(project, info): """Sync permissions of project based on project.yaml.""" ccs = ccs_from_info(info) for template in get_jobs_for_project(project, info): job_name = template.job_name(project) # Delete removed CCs. existing_ccs = data_types.ExternalUserPermission.query( data_types.ExternalUserPermission.entity_kind == data_types.PermissionEntityKind.JOB, data_types.ExternalUserPermission.entity_name == job_name) ndb.delete_multi([ permission.key for permission in existing_ccs if permission.email not in ccs ]) for cc in ccs: query = data_types.ExternalUserPermission.query( data_types.ExternalUserPermission.email == cc, data_types.ExternalUserPermission.entity_kind == data_types.PermissionEntityKind.JOB, data_types.ExternalUserPermission.entity_name == job_name) existing_permission = query.get() if existing_permission: continue data_types.ExternalUserPermission( email=cc, entity_kind=data_types.PermissionEntityKind.JOB, entity_name=job_name, is_prefix=False, auto_cc=data_types.AutoCCType.ALL).put()
def test_allowed(self): """Ensure it is true when check_user_access allows for a specific job_type.""" data_types.ExternalUserPermission( email=self.email, entity_name='job', entity_kind=data_types.PermissionEntityKind.JOB, auto_cc=data_types.AutoCCType.ALL).put() self.testcase.job_type = 'job' self.testcase.fuzzer_name = 'fuzzer' self.testcase.security_flag = True self.assertTrue(access.can_user_access_testcase(self.testcase))
def _make_permissions(is_prefix, name): perm = data_types.ExternalUserPermission() perm.entity_name = name perm.is_prefix = is_prefix return perm
def setUp(self): data_types.Job( name='job1', environment_string='ISSUE_VIEW_RESTRICTIONS = all', platform='linux').put() data_types.Job( name='job2', environment_string='ISSUE_VIEW_RESTRICTIONS = security', platform='linux').put() data_types.Job( name='job3', environment_string='ISSUE_VIEW_RESTRICTIONS = none', platform='linux').put() data_types.Job( name='chromeos_job4', environment_string='', platform='linux').put() testcase_args = { 'crash_type': 'Heap-use-after-free', 'crash_address': '0x1337', 'crash_state': '1\n2\n3\n', 'crash_stacktrace': 'stack\n', 'fuzzer_name': 'fuzzer', } self.testcase1 = data_types.Testcase(job_type='job1', **testcase_args) self.testcase1.put() self.testcase1_security = data_types.Testcase( security_flag=True, job_type='job1', **testcase_args) self.testcase1_security.put() self.testcase2 = data_types.Testcase(job_type='job2', **testcase_args) self.testcase2.put() self.testcase2_security = data_types.Testcase( security_flag=True, job_type='job2', **testcase_args) self.testcase2_security.put() self.testcase3 = data_types.Testcase(job_type='job3', **testcase_args) self.testcase3.put() self.testcase3_security = data_types.Testcase( job_type='job3', security_flag=True, **testcase_args) self.testcase3_security.put() self.testcase4 = data_types.Testcase( job_type='chromeos_job4', **testcase_args) self.testcase4.put() self.testcase5 = data_types.Testcase( job_type='job', additional_metadata='{"issue_labels": "label1 , label2,,"}', **testcase_args) self.testcase5.put() self.testcase6 = data_types.Testcase( job_type='job', additional_metadata='invalid', **testcase_args) self.testcase5.put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job2', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.ALL).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job3', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.SECURITY).put() helpers.patch(self, [ 'base.utils.utcnow', 'datastore.data_handler.get_issue_description', ]) self.mock.get_issue_description.return_value = 'Issue' self.mock.utcnow.return_value = datetime.datetime(2016, 1, 1)
def setUp(self): self.app = webtest.TestApp( webapp2.WSGIApplication([('/setup', oss_fuzz_setup.Handler)])) helpers.patch_environ(self) data_types.Config( revision_vars_url=('libfuzzer_asan_lib2;url\n' 'blah;url2\n')).put() data_types.Job( name='libfuzzer_asan_old_job', environment_string=('MANAGED = True\n' 'PROJECT_NAME = old\n')).put() data_types.Job( name='libfuzzer_msan_old_job', environment_string=('MANAGED = True\n' 'PROJECT_NAME = old\n')).put() data_types.Job(name='unmanaged_job', environment_string='').put() # Will be removed. data_types.ExternalUserPermission( entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.ALL, entity_name='libfuzzer_asan_lib1', email='*****@*****.**').put() # Existing CC. Makes sure no duplicates are created. data_types.ExternalUserPermission( entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.ALL, entity_name='libfuzzer_asan_lib1', email='*****@*****.**').put() # Existing project settings. Should not get modified. data_types.OssFuzzProject(id='lib1', name='lib1', cpu_weight=1.5).put() # Should get deleted. data_types.OssFuzzProject(id='old_lib', name='old_lib').put() self.libfuzzer = data_types.Fuzzer(name='libFuzzer', jobs=[]) self.libfuzzer.data_bundle_name = 'global' self.libfuzzer.jobs = ['libfuzzer_asan_old_job', 'libfuzzer_msan_old_job'] self.libfuzzer.put() self.afl = data_types.Fuzzer(name='afl', jobs=[]) self.afl.data_bundle_name = 'global' self.afl.jobs = ['afl_asan_old_job', 'afl_msan_old_job'] self.afl.put() helpers.patch(self, [ 'base.utils.is_oss_fuzz', ('get_application_id_1', 'google.appengine.api.app_identity.get_application_id'), ('get_application_id_2', 'base.utils.get_application_id'), 'google_cloud_utils.storage.build', 'time.sleep', 'handlers.base_handler.Handler.is_cron', 'handlers.cron.oss_fuzz_setup.get_projects', 'handlers.cron.service_accounts.get_or_create_service_account', 'handlers.cron.service_accounts.set_service_account_roles', ]) self.mock.get_or_create_service_account.side_effect = ( _mock_get_or_create_service_account) self.mock.is_oss_fuzz.return_value = True
def setUp(self): helpers.patch_environ(self) # Fake permissions. data_types.ExternalUserPermission( email='*****@*****.**', entity_name='fuzzer', entity_kind=data_types.PermissionEntityKind.FUZZER, auto_cc=data_types.AutoCCType.ALL).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='fuzz', entity_kind=data_types.PermissionEntityKind.FUZZER, is_prefix=True, auto_cc=data_types.AutoCCType.SECURITY).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='parent_', entity_kind=data_types.PermissionEntityKind.FUZZER, is_prefix=True, auto_cc=data_types.AutoCCType.NONE).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='parent', entity_kind=data_types.PermissionEntityKind.FUZZER, auto_cc=data_types.AutoCCType.NONE).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='parent_cg', entity_kind=data_types.PermissionEntityKind.FUZZER, is_prefix=True, auto_cc=data_types.AutoCCType.NONE).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='parens', entity_kind=data_types.PermissionEntityKind.FUZZER, is_prefix=True, auto_cc=data_types.AutoCCType.NONE).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='parent', entity_kind=data_types.PermissionEntityKind.FUZZER, is_prefix=True, auto_cc=data_types.AutoCCType.ALL).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.ALL).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=True, auto_cc=data_types.AutoCCType.ALL).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job2', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.ALL).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.NONE).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job2', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.NONE).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.NONE).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name='job3', entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.NONE).put() data_types.ExternalUserPermission( email='*****@*****.**', entity_name=None, entity_kind=data_types.PermissionEntityKind.UPLOADER, is_prefix=False, auto_cc=data_types.AutoCCType.NONE).put() # Fake fuzzers. data_types.Fuzzer(name='fuzzer').put() data_types.Fuzzer(name='parent', jobs=['job', 'job2', 'job3']).put() data_types.Job(name='job').put() data_types.Job(name='job2').put() data_types.Job(name='job3').put() data_types.FuzzTarget(engine='parent', binary='child', project='test-project').put() data_types.FuzzTargetJob(fuzz_target_name='parent_child', job='job', last_run=datetime.datetime.utcnow()).put() data_types.FuzzTarget(engine='parent', binary='child2', project='test-project').put() data_types.FuzzTargetJob(fuzz_target_name='parent_child2', job='job', last_run=datetime.datetime.utcnow()).put() data_types.FuzzTarget(engine='parent', binary='child', project='test-project').put() data_types.FuzzTargetJob(fuzz_target_name='parent_child', job='job3', last_run=datetime.datetime.utcnow()).put()
def post(self): """Handle a post request.""" email = utils.normalize_email(self.request.get("email")) entity_kind = self.request.get("entity_kind") entity_name = self.request.get("entity_name") is_prefix = self.request.get("is_prefix") auto_cc = self.request.get("auto_cc") if not email: raise helpers.EarlyExitException("No email provided.", 400) if not entity_kind or entity_kind == "undefined": raise helpers.EarlyExitException("No entity_kind provided.", 400) entity_kind = get_value_by_name(USER_PERMISSION_ENTITY_KINDS, entity_kind) if entity_kind is None: raise helpers.EarlyExitException("Invalid entity_kind provided.", 400) if entity_kind == data_types.PermissionEntityKind.UPLOADER: # Enforce null values for entity name and auto-cc when uploader is chosen. entity_name = None auto_cc = data_types.AutoCCType.NONE else: if not entity_name: raise helpers.EarlyExitException("No entity_name provided.", 400) if not auto_cc or auto_cc == "undefined": raise helpers.EarlyExitException("No auto_cc provided.", 400) auto_cc = get_value_by_name(USER_PERMISSION_AUTO_CC_TYPES, auto_cc) if auto_cc is None: raise helpers.EarlyExitException("Invalid auto_cc provided.", 400) # Check for existing permission. query = data_types.ExternalUserPermission.query( data_types.ExternalUserPermission.email == email, data_types.ExternalUserPermission.entity_kind == entity_kind, data_types.ExternalUserPermission.entity_name == entity_name, ) permission = query.get() if not permission: # Doesn't exist, create new one. permission = data_types.ExternalUserPermission( email=email, entity_kind=entity_kind, entity_name=entity_name) permission.is_prefix = bool(is_prefix) permission.auto_cc = auto_cc permission.put() helpers.log("Configuration", helpers.MODIFY_OPERATION) template_values = { "title": "Success", "message": ("User %s permission for entity %s is successfully added. " "Redirecting to the configuration page...") % (email, entity_name), "redirect_url": "/configuration", } self.render("message.html", template_values)
def setUp(self): helpers.patch_environ(self) # Fake permissions. data_types.ExternalUserPermission( email="*****@*****.**", entity_name="fuzzer", entity_kind=data_types.PermissionEntityKind.FUZZER, auto_cc=data_types.AutoCCType.ALL, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="fuzz", entity_kind=data_types.PermissionEntityKind.FUZZER, is_prefix=True, auto_cc=data_types.AutoCCType.SECURITY, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="parent_", entity_kind=data_types.PermissionEntityKind.FUZZER, is_prefix=True, auto_cc=data_types.AutoCCType.NONE, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="parent", entity_kind=data_types.PermissionEntityKind.FUZZER, auto_cc=data_types.AutoCCType.NONE, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="parent_cg", entity_kind=data_types.PermissionEntityKind.FUZZER, is_prefix=True, auto_cc=data_types.AutoCCType.NONE, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="parens", entity_kind=data_types.PermissionEntityKind.FUZZER, is_prefix=True, auto_cc=data_types.AutoCCType.NONE, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="parent", entity_kind=data_types.PermissionEntityKind.FUZZER, is_prefix=True, auto_cc=data_types.AutoCCType.ALL, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="job", entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.ALL, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="job", entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=True, auto_cc=data_types.AutoCCType.ALL, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="job2", entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.ALL, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="job", entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.NONE, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="job2", entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.NONE, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="job", entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.NONE, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name="job3", entity_kind=data_types.PermissionEntityKind.JOB, is_prefix=False, auto_cc=data_types.AutoCCType.NONE, ).put() data_types.ExternalUserPermission( email="*****@*****.**", entity_name=None, entity_kind=data_types.PermissionEntityKind.UPLOADER, is_prefix=False, auto_cc=data_types.AutoCCType.NONE, ).put() # Fake fuzzers. data_types.Fuzzer(name="fuzzer").put() data_types.Fuzzer(name="parent", jobs=["job", "job2", "job3"]).put() data_types.Job(name="job").put() data_types.Job(name="job2").put() data_types.Job(name="job3").put() data_types.FuzzTarget(engine="parent", binary="child", project="test-project").put() data_types.FuzzTargetJob( fuzz_target_name="parent_child", job="job", last_run=datetime.datetime.utcnow(), ).put() data_types.FuzzTarget(engine="parent", binary="child2", project="test-project").put() data_types.FuzzTargetJob( fuzz_target_name="parent_child2", job="job", last_run=datetime.datetime.utcnow(), ).put() data_types.FuzzTarget(engine="parent", binary="child", project="test-project").put() data_types.FuzzTargetJob( fuzz_target_name="parent_child", job="job3", last_run=datetime.datetime.utcnow(), ).put()