def get(self): """Handle a GET request.""" # Create a list of externally contributed fuzzers. user_email = helpers.get_user_email() if access.has_access(): # User is an internal user of ClusterFuzz (eg: ClusterFuzz developer). fuzzers_list = ( data_handler.get_all_fuzzer_names_including_children( include_parents=True)) jobs_list = data_handler.get_all_job_type_names() else: # User is an external user of ClusterFuzz (eg: non-Chrome dev who # submitted a fuzzer or someone with a project in OSS-Fuzz). fuzzers_list = external_users.allowed_fuzzers_for_user( user_email, include_from_jobs=True, include_parents=True) if not fuzzers_list: # User doesn't actually have access to any fuzzers. raise helpers.AccessDeniedException() jobs_list = external_users.allowed_jobs_for_user(user_email) fuzzers_list.sort() jobs_list.sort() result = { 'info': { 'fuzzers': fuzzers_list, 'jobs': jobs_list, } } self.render('fuzzer-stats.html', result)
def test_allowed_fuzzers_including_jobs(self): """Tests allowed_fuzzers_for_user with jobs.""" result = external_users.allowed_fuzzers_for_user( '*****@*****.**', include_from_jobs=True) self.assertEqual(['fuzzer', 'parent_child', 'parent_child2'], result) result = external_users.allowed_fuzzers_for_user( '*****@*****.**', include_from_jobs=True) self.assertEqual(['parent_child', 'parent_child2'], result) result = external_users.allowed_fuzzers_for_user( '*****@*****.**', include_from_jobs=True, include_parents=True) self.assertEqual(['parent', 'parent_child', 'parent_child2'], result) result = external_users.allowed_fuzzers_for_user( '*****@*****.**', include_from_jobs=True) self.assertEqual([], result) result = external_users.allowed_fuzzers_for_user('*****@*****.**') self.assertEqual([], result) result = external_users.allowed_fuzzers_for_user( '*****@*****.**', include_from_jobs=True) self.assertEqual(['parent_child', 'parent_child2'], result) result = external_users.allowed_fuzzers_for_user( '*****@*****.**', include_from_jobs=True, include_parents=True) self.assertEqual(['parent', 'parent_child', 'parent_child2'], result)
def test_allowed_fuzzers_including_jobs(self): """Tests allowed_fuzzers_for_user with jobs.""" result = external_users.allowed_fuzzers_for_user( "*****@*****.**", include_from_jobs=True) self.assertEqual(["fuzzer", "parent_child", "parent_child2"], result) result = external_users.allowed_fuzzers_for_user( "*****@*****.**", include_from_jobs=True) self.assertEqual(["parent_child", "parent_child2"], result) result = external_users.allowed_fuzzers_for_user( "*****@*****.**", include_from_jobs=True, include_parents=True) self.assertEqual(["parent", "parent_child", "parent_child2"], result) result = external_users.allowed_fuzzers_for_user( "*****@*****.**", include_from_jobs=True) self.assertEqual([], result) result = external_users.allowed_fuzzers_for_user("*****@*****.**") self.assertEqual([], result) result = external_users.allowed_fuzzers_for_user( "*****@*****.**", include_from_jobs=True) self.assertEqual(["parent_child", "parent_child2"], result) result = external_users.allowed_fuzzers_for_user( "*****@*****.**", include_from_jobs=True, include_parents=True) self.assertEqual(["parent", "parent_child", "parent_child2"], result)
def get(self): """Handles get request.""" email = helpers.get_user_email() if not email: raise helpers.AccessDeniedException() is_privileged_or_domain_user = access.has_access( need_privileged_access=False) if is_privileged_or_domain_user or _is_uploader_allowed(email): # Privileged, domain and upload users can see all job and fuzzer names. allowed_jobs = data_handler.get_all_job_type_names() allowed_fuzzers = data_handler.get_all_fuzzer_names_including_children( include_parents=True) else: # Check if this is an external user with access to certain fuzzers/jobs. allowed_jobs = external_users.allowed_jobs_for_user(email) allowed_fuzzers = external_users.allowed_fuzzers_for_user( email, include_from_jobs=True) if not allowed_fuzzers and not allowed_jobs: raise helpers.AccessDeniedException() has_issue_tracker = bool(data_handler.get_issue_tracker_name()) result, params = get_result() return self.render( 'upload.html', { 'fieldValues': { 'blackboxFuzzers': filter_blackbox_fuzzers(allowed_fuzzers), 'jobs': allowed_jobs, 'libfuzzerTargets': filter_target_names(allowed_fuzzers, 'libFuzzer'), 'aflTargets': filter_target_names(allowed_fuzzers, 'afl'), 'honggfuzzTargets': filter_target_names(allowed_fuzzers, 'honggfuzz'), 'isChromium': utils.is_chromium(), 'sandboxedJobs': data_types.INTERNAL_SANDBOXED_JOB_TYPES, 'csrfToken': form.generate_csrf_token(), 'isExternalUser': not is_privileged_or_domain_user, 'uploadInfo': gcs.prepare_blob_upload()._asdict(), 'hasIssueTracker': has_issue_tracker, }, 'params': params, 'result': result })
def get(self): """Handles get request.""" email = helpers.get_user_email() if not email: raise helpers.AccessDeniedException() is_privileged_or_domain_user = access.has_access( need_privileged_access=False) if is_privileged_or_domain_user or _is_uploader_allowed(email): # Privileged, domain and upload users can see all job and fuzzer names. allowed_jobs = data_handler.get_all_job_type_names() allowed_fuzzers = data_handler.get_all_fuzzer_names_including_children( include_parents=True) else: # Check if this is an external user with access to certain fuzzers/jobs. allowed_jobs = external_users.allowed_jobs_for_user(email) allowed_fuzzers = external_users.allowed_fuzzers_for_user( email, include_from_jobs=True) if not allowed_fuzzers and not allowed_jobs: raise helpers.AccessDeniedException() has_issue_tracker = bool(data_handler.get_issue_tracker_name()) result, params = get_result(self) self.render( "upload.html", { "fieldValues": { "jobs": allowed_jobs, "libfuzzerTargets": filter_target_names(allowed_fuzzers, "libFuzzer"), "aflTargets": filter_target_names(allowed_fuzzers, "afl"), "isChromium": utils.is_chromium(), "sandboxedJobs": data_types.INTERNAL_SANDBOXED_JOB_TYPES, "csrfToken": form.generate_csrf_token(), "isExternalUser": not is_privileged_or_domain_user, "uploadInfo": gcs.prepare_blob_upload()._asdict(), "hasIssueTracker": has_issue_tracker, }, "params": params, "result": result, }, )
def get(self, extra=None): """Handle a GET request.""" if not access.has_access(): # User is an external user of ClusterFuzz (eg: non-Chrome dev who # submitted a fuzzer or someone with a project in OSS-Fuzz). user_email = helpers.get_user_email() fuzzers_list = external_users.allowed_fuzzers_for_user( user_email, include_from_jobs=True, include_parents=True) if not fuzzers_list: # User doesn't actually have access to any fuzzers. raise helpers.AccessDeniedException( "You don't have access to any fuzzers.") return self.render('fuzzer-stats.html', {})
def test_allowed_fuzzers(self): """allowed_fuzzers_for_user tests.""" # Direct match. result = external_users.allowed_fuzzers_for_user('*****@*****.**') self.assertEqual(result, ['fuzzer']) # Prefix on fuzzer name. result = external_users.allowed_fuzzers_for_user('*****@*****.**') self.assertEqual(result, ['fuzzer']) # Prefix on child fuzzer name. result = external_users.allowed_fuzzers_for_user('*****@*****.**') self.assertEqual(result, ['parent_child', 'parent_child2']) # Direct match on a parent fuzzer that has children. Should not have any # results. result = external_users.allowed_fuzzers_for_user('*****@*****.**') self.assertEqual(len(result), 0) # No such user. result = external_users.allowed_fuzzers_for_user( '*****@*****.**') self.assertEqual(result, [])
def get(self): """Handle a GET request.""" project = request.get('project') if access.has_access(): # User is an internal user of ClusterFuzz (eg: ClusterFuzz developer). # Show all projects in the list, since this allows user to pick another # project as needed. projects_list = data_handler.get_all_project_names() # Filter fuzzers and job list if a project is provided. fuzzers_list = ( data_handler.get_all_fuzzer_names_including_children( include_parents=True, project=project)) jobs_list = data_handler.get_all_job_type_names(project=project) else: # User is an external user of ClusterFuzz (eg: non-Chrome dev who # submitted a fuzzer or someone with a project in OSS-Fuzz). user_email = helpers.get_user_email() # TODO(aarya): Filter fuzzer and job if |project| is provided. fuzzers_list = sorted( external_users.allowed_fuzzers_for_user(user_email, include_from_jobs=True, include_parents=True)) if not fuzzers_list: # User doesn't actually have access to any fuzzers. raise helpers.AccessDeniedException( "You don't have access to any fuzzers.") jobs_list = sorted( external_users.allowed_jobs_for_user(user_email)) projects_list = sorted( {data_handler.get_project_name(job) for job in jobs_list}) result = { 'projects': projects_list, 'fuzzers': fuzzers_list, 'jobs': jobs_list, } return self.render_json(result)