def query_users(self, query, request): if not query: return try: bugzilla = Bugzilla(get_bugzilla_api_key(request.user)) except BugzillaError as e: raise UserQueryError('Bugzilla error: %s' % e.msg) try: # We don't want to auto populate just any user because Bugzilla has # over 300,000 users and most of them aren't relevant to MozReview. # # So, we only auto import users if they have IRC nick syntax or # if the search matches them exactly. def user_relevant(u): if BZ_IRCNICK_RE.search(u['real_name']): return True if u['email'] == query: return True # This might allow too many users through. Let's not get too # attached to this. if u['real_name'] == query: return True return False users = bugzilla.query_users(query) users['users'] = [u for u in users['users'] if user_relevant(u)] get_or_create_bugzilla_users(users) except BugzillaError as e: raise UserQueryError('Bugzilla error: %s' % e.msg)
def get_user_from_irc_nick(self, irc_nick): irc_nick = irc_nick.lstrip(":").lower() users = get_or_create_bugzilla_users(self.query_users(":" + irc_nick)) for user in users: if user.username.lower() == irc_nick: return user raise User.DoesNotExist()
def get_or_create_user(self, username, request): """Always check Bugzilla for updates.""" username = username.strip() try: bugzilla = Bugzilla(get_bugzilla_api_key(request.user)) except BugzillaUrlError: return None except BugzillaError: raise PermissionDenied user_data = bugzilla.get_user(username) if not user_data: raise self.bz_error_response(request) # Just store the results. get_or_create_bugzilla_users(user_data) try: return User.objects.get(username=username) except User.DoesNotExist: return None
def query_users(self, query, request): if not query: return try: bugzilla = Bugzilla(get_bugzilla_api_key(request.user)) except BugzillaError as e: raise UserQueryError('Bugzilla error: %s' % e.msg) try: # We don't want to auto populate just any user because Bugzilla has # over 300,000 users and most of them aren't relevant to MozReview. # # So, we only auto import users if they have IRC nick syntax or # if the search matches them exactly. def user_relevant(u): if BMO_IRC_NICK_RE.search(u['real_name']): return True if u['email'] == query: return True # This might allow too many users through. Let's not get too # attached to this. if u['real_name'] == query: return True return False users = bugzilla.query_users(query) users['users'] = [u for u in users['users'] if user_relevant(u)] logger.info( 'importing Bugzilla users from query "%s": %s' % (query, ', '.join(sorted(u['email'] for u in users['users'])))) get_or_create_bugzilla_users(users) except BugzillaError as e: raise UserQueryError('Bugzilla error: %s' % e.msg)
def authenticate(self, username, password, cookie=False): username = username.strip() # If the user provides an email address when authenticating, # it is checked against Review Board's email field in the User # Model. If a match is found, the email will be translated into # the username field before being passed into this method's # 'username' argument. # # If a match is not found, 'username' will contain whatever was # entered, which may be the Bugzilla login (email address) for a # user who does not yet have an entry in the Review Board # database. if not cookie: try: username = User.objects.get(username=username).email except User.DoesNotExist: pass # There is a *tiny* probability that this will not work, but only if # user A changes their email address, then user B changes their email # address to user A's old email, and Review Board doesn't pick up # user A's change because they aren't currently involved in any # Review Board reviews. In this case 'username' would have resolved # to user A's address. There's no easy way to detect this without # a search on Bugzilla before every log in, and I (mcote) don't think # that's worth it for such an improbable event. # # This also applies to changes to the user's username, since it has # to be unique (see get_or_create_bugzilla_users()). try: bugzilla = Bugzilla() except BugzillaUrlError: logging.warn('Login failure for user %s: Bugzilla URL not set.' % username) return None try: user_data = bugzilla.log_in(username, password, cookie) except BugzillaError as e: logging.error('Login failure for user %s: %s' % (username, e)) return None if not user_data: return None users = get_or_create_bugzilla_users(user_data) if not users: logging.error('Login failure for user %s: failed to create user.' % username) return None user = users[0] if not user.is_active: logging.error('Login failure for user %s: user is not active.' % username) return None return user
def authenticate(self, username, password, cookie=False): username = username.strip() logger.info('Login attempt (password) for user %s: ' % username) # If the user provides an email address when authenticating, # it is checked against Review Board's email field in the User # Model. If a match is found, the email will be translated into # the username field before being passed into this method's # 'username' argument. # # If a match is not found, 'username' will contain whatever was # entered, which may be the Bugzilla login (email address) for a # user who does not yet have an entry in the Review Board # database. if not cookie: try: username = User.objects.get(username=username).email except User.DoesNotExist: pass # There is a *tiny* probability that this will not work, but only if # user A changes their email address, then user B changes their email # address to user A's old email, and Review Board doesn't pick up # user A's change because they aren't currently involved in any # Review Board reviews. In this case 'username' would have resolved # to user A's address. There's no easy way to detect this without # a search on Bugzilla before every log in, and I (mcote) don't think # that's worth it for such an improbable event. # # This also applies to changes to the user's username, since it has # to be unique (see get_or_create_bugzilla_users()). try: bugzilla = Bugzilla() except BugzillaUrlError: logger.warn('Login failure (password) for user %s: Bugzilla URL ' ' not set.' % username) return None try: user_data = bugzilla.log_in(username, password, cookie) except BugzillaError as e: logger.error('Login failure (password) for user %s: %s' % (username, e)) return None if not user_data: return None users = get_or_create_bugzilla_users(user_data) if not users: logger.error('Login failure (password) for user %s: failed to ' 'create user.' % username) return None user = users[0] if not user.is_active: logger.error('Login failure (password) for user %s: user is not ' 'active.' % username) return None logger.info('Login successful (password) for user %s: ' % username) return user