def _update_issue_security_severity_and_get_comment(policy, testcase, issue): """Apply a new security severity label if none exists on issue already and return a comment on this addition. If a label already exists and does not match security severity label on issue, then just return a comment on what the recommended severity is.""" security_severity_label = policy.label('security_severity') if not security_severity_label: return '' if not data_types.SecuritySeverity.is_valid(testcase.security_severity): return '' issue_severity = _get_severity_from_labels(security_severity_label, issue.labels) recommended_severity = issue_filer.apply_substitutions( policy, security_severity_label, testcase) if not recommended_severity: return '' recommended_severity = recommended_severity[0] if issue_severity == data_types.SecuritySeverity.MISSING: issue.labels.add(recommended_severity) return ('\n\nA recommended severity was added to this bug. ' 'Please change the severity if it is inaccurate.') elif issue_severity != testcase.security_severity: return ( '\n\nThe recommended severity (%s) is different from what was assigned ' 'to the bug. Please double check the accuracy of the assigned ' 'severity.' % recommended_severity) return ''
def get(self): """Handle a cron job.""" @memoize.wrap(memoize.FifoInMemory(256)) def cc_users_for_job(job_type, security_flag): """Return users to CC for a job.""" # Memoized per cron run. return external_users.cc_users_for_job(job_type, security_flag) for testcase in get_open_testcases_with_bugs(): issue_tracker = issue_tracker_utils.get_issue_tracker_for_testcase( testcase) if not issue_tracker: logging.error('Failed to get issue tracker manager for %s', testcase.key.id()) continue policy = issue_tracker_policy.get(issue_tracker.project) reported_label = policy.label('reported') if not reported_label: return reported_pattern = issue_filer.get_label_pattern(reported_label) try: issue = issue_tracker.get_original_issue( testcase.bug_information) except: logging.error('Error occurred when fetching issue %s.', testcase.bug_information) continue if not issue or not issue.is_open: continue ccs = cc_users_for_job(testcase.job_type, testcase.security_flag) new_ccs = [cc for cc in ccs if cc not in issue.ccs] if not new_ccs: # Nothing to do. continue for cc in new_ccs: logging.info('CCing %s on %s', cc, issue.id) issue.ccs.add(cc) comment = None if (not issue.labels.has_with_pattern(reported_pattern) and not data_handler.get_value_from_job_definition( testcase.job_type, 'DISABLE_DISCLOSURE', False)): # Add reported label and deadline comment if necessary. for result in issue_filer.apply_substitutions( policy, reported_label, testcase): issue.labels.add(result) if policy.label('restrict_view') in issue.labels: logging.info('Adding deadline comment on %s', issue.id) comment = policy.deadline_policy_message issue.save(new_comment=comment, notify=True)
def update_issue(testcase, issue_id, needs_summary_update): """Associate (or update) an existing issue with the testcase.""" issue_id = helpers.cast(issue_id, int, 'Issue ID (%s) is not a number!' % issue_id) issue_tracker = helpers.get_issue_tracker_for_testcase(testcase) issue = helpers.get_or_exit( lambda: issue_tracker.get_issue(issue_id), 'Issue (id=%d) is not found!' % issue_id, 'Failed to get the issue (id=%s).' % issue_id, Exception) if not issue.is_open: raise helpers.EarlyExitException( ('The issue (%d) is already closed and further updates are not' ' allowed. Please file a new issue instead!') % issue_id, 400) if not testcase.is_crash(): raise helpers.EarlyExitException( 'This is not a crash testcase, so issue update is not applicable.', 400) issue_comment = data_handler.get_issue_description( testcase, helpers.get_user_email()) if needs_summary_update: issue.title = data_handler.get_issue_summary(testcase) policy = issue_tracker_policy.get(issue_tracker.project) properties = policy.get_existing_issue_properties() for label in properties.labels: for result in issue_filer.apply_substitutions( policy, label, testcase): issue.labels.add(result) issue.save(new_comment=issue_comment) testcase.bug_information = str(issue_id) testcase.put() data_handler.update_group_bug(testcase.group_id) helpers.log('Updated issue %sd' % issue_id, helpers.MODIFY_OPERATION)