def test_denied_no_access(self):
"""Ensure it is false when user has bug access but the relaxation is not
enabled and user's email is not on the allowed domain list."""
self.mock._is_domain_allowed.return_value = False
self.mock.get.return_value = (data_types.Config(
relax_testcase_restrictions=False))
self.testcase.bug_information = '1234'
self.get_issue.return_value = self.bug
self.bug.add_cc(self.email)
self.bug.reporter = self.email
self.bug.owner = ''
self.assertFalse(access.can_user_access_testcase(self.testcase))
def setUp(self):
test_helpers.patch(self, [
'libs.access._is_domain_allowed',
'libs.access.has_access',
'libs.helpers.get_user_email',
'config.db_config.get',
'issue_management.issue_tracker_utils.get_issue_tracker_manager',
'issue_management.issue_tracker_manager.IssueTrackerManager',
])
itm = issue_tracker_manager.IssueTrackerManager('test')
self.mock.get_issue_tracker_manager.return_value = itm
self.get_issue = itm.get_issue
self.email = '*****@*****.**'
self.mock.get_user_email.return_value = self.email
self.bug = issue.Issue()
self.testcase = data_types.Testcase()
self.mock.get.return_value = (data_types.Config(
relax_testcase_restrictions=True))
def setUp(self):
"""Set up."""
super(UntrustedRunnerIntegrationTest, self).setUp()
data_types.Config().put()
environment_string = ('APP_NAME = app\n'
'RELEASE_BUILD_BUCKET_PATH = '
'gs://clusterfuzz-test-data/test_builds/'
'test-build-([0-9]+).zip\n')
data_types.Job(name='job', environment_string=environment_string).put()
environment_string = (
'RELEASE_BUILD_BUCKET_PATH = '
'gs://clusterfuzz-test-data/test_libfuzzer_builds/'
'test-libfuzzer-build-([0-9]+).zip\n'
'UNPACK_ALL_FUZZ_TARGETS_AND_FILES = True')
data_types.Job(name='libfuzzer_asan_job',
environment_string=environment_string).put()
data_types.Fuzzer(name='fuzzer', data_bundle_name='bundle').put()
data_types.DataBundle(name='bundle',
is_local=True,
sync_to_worker=True).put()
def post(self):
"""Handle a post request."""
config = db_config.get()
if not config:
config = data_types.Config()
previous_hash = self.request.get('previous_hash')
if config.previous_hash and config.previous_hash != previous_hash:
raise helpers.EarlyExitException(
'Your change conflicts with another configuration update. '
'Please refresh and try again.', 500)
build_apiary_service_account_private_key = self.request.get(
'build_apiary_service_account_private_key')
bug_report_url = self.request.get('bug_report_url')
client_credentials = self.request.get('client_credentials')
jira_url = self.request.get('jira_url')
jira_credentials = self.request.get('jira_credentials')
component_repository_mappings = self.request.get(
'component_repository_mappings')
contact_string = self.request.get('contact_string')
documentation_url = self.request.get('documentation_url')
github_credentials = self.request.get('github_credentials')
platform_group_mappings = self.request.get('platform_group_mappings')
privileged_users = self.request.get('privileged_users')
blacklisted_users = self.request.get('blacklisted_users')
relax_security_bug_restrictions = self.request.get(
'relax_security_bug_restrictions')
relax_testcase_restrictions = self.request.get(
'relax_testcase_restrictions')
reproduce_tool_client_id = self.request.get('reproduce_tool_client_id')
reproduce_tool_client_secret = self.request.get(
'reproduce_tool_client_secret')
reproduction_help_url = self.request.get('reproduction_help_url')
test_account_email = self.request.get('test_account_email')
test_account_password = self.request.get('test_account_password')
wifi_ssid = self.request.get('wifi_ssid')
wifi_password = self.request.get('wifi_password')
sendgrid_api_key = self.request.get('sendgrid_api_key')
sendgrid_sender = self.request.get('sendgrid_sender')
config.build_apiary_service_account_private_key = (
build_apiary_service_account_private_key)
config.bug_report_url = bug_report_url
config.client_credentials = client_credentials
config.component_repository_mappings = component_repository_mappings
config.contact_string = contact_string
config.documentation_url = documentation_url
config.github_credentials = github_credentials
config.jira_credentials = jira_credentials
config.jira_url = jira_url
config.platform_group_mappings = platform_group_mappings
config.privileged_users = privileged_users
config.blacklisted_users = blacklisted_users
config.relax_security_bug_restrictions = bool(
relax_security_bug_restrictions)
config.relax_testcase_restrictions = bool(relax_testcase_restrictions)
config.reproduce_tool_client_id = reproduce_tool_client_id
config.reproduce_tool_client_secret = reproduce_tool_client_secret
config.reproduction_help_url = reproduction_help_url
config.test_account_email = test_account_email
config.test_account_password = test_account_password
config.wifi_ssid = wifi_ssid
config.wifi_password = wifi_password
config.sendgrid_api_key = sendgrid_api_key
config.sendgrid_sender = sendgrid_sender
helpers.log('Configuration', helpers.MODIFY_OPERATION)
# Before hashing the entity, we must put it so that the internal maps are
# updated.
config.put()
config.previous_hash = utils.entity_hash(config)
config.put()
template_values = {
'title':
'Success',
'message': ('Configuration is successfully updated. '
'Redirecting to the configuration page...'),
'redirect_url':
'/configuration',
}
self.render('message.html', template_values)
def setUp(self): data_types.Config(github_credentials='client_id;client_secret').put()
def setUp(self):
self.app = webtest.TestApp(
webapp2.WSGIApplication([('/setup', oss_fuzz_setup.Handler)]))
helpers.patch_environ(self)
data_types.Config(
revision_vars_url=('libfuzzer_asan_lib2;url\n'
'blah;url2\n')).put()
data_types.Job(
name='libfuzzer_asan_old_job',
environment_string=('MANAGED = True\n'
'PROJECT_NAME = old\n')).put()
data_types.Job(
name='libfuzzer_msan_old_job',
environment_string=('MANAGED = True\n'
'PROJECT_NAME = old\n')).put()
data_types.Job(name='unmanaged_job', environment_string='').put()
# Will be removed.
data_types.ExternalUserPermission(
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=False,
auto_cc=data_types.AutoCCType.ALL,
entity_name='libfuzzer_asan_lib1',
email='*****@*****.**').put()
# Existing CC. Makes sure no duplicates are created.
data_types.ExternalUserPermission(
entity_kind=data_types.PermissionEntityKind.JOB,
is_prefix=False,
auto_cc=data_types.AutoCCType.ALL,
entity_name='libfuzzer_asan_lib1',
email='*****@*****.**').put()
# Existing project settings. Should not get modified.
data_types.OssFuzzProject(id='lib1', name='lib1', cpu_weight=1.5).put()
# Should get deleted.
data_types.OssFuzzProject(id='old_lib', name='old_lib').put()
self.libfuzzer = data_types.Fuzzer(name='libFuzzer', jobs=[])
self.libfuzzer.data_bundle_name = 'global'
self.libfuzzer.jobs = ['libfuzzer_asan_old_job', 'libfuzzer_msan_old_job']
self.libfuzzer.put()
self.afl = data_types.Fuzzer(name='afl', jobs=[])
self.afl.data_bundle_name = 'global'
self.afl.jobs = ['afl_asan_old_job', 'afl_msan_old_job']
self.afl.put()
helpers.patch(self, [
'base.utils.is_oss_fuzz',
('get_application_id_1',
'google.appengine.api.app_identity.get_application_id'),
('get_application_id_2', 'base.utils.get_application_id'),
'google_cloud_utils.storage.build',
'time.sleep',
'handlers.base_handler.Handler.is_cron',
'handlers.cron.oss_fuzz_setup.get_projects',
'handlers.cron.service_accounts.get_or_create_service_account',
'handlers.cron.service_accounts.set_service_account_roles',
])
self.mock.get_or_create_service_account.side_effect = (
_mock_get_or_create_service_account)
self.mock.is_oss_fuzz.return_value = True
def post(self):
"""Handle a post request."""
config = db_config.get()
if not config:
config = data_types.Config()
previous_hash = self.request.get("previous_hash")
if config.previous_hash and config.previous_hash != previous_hash:
raise helpers.EarlyExitException(
"Your change conflicts with another configuration update. "
"Please refresh and try again.",
500,
)
build_apiary_service_account_email = self.request.get(
"build_apiary_service_account_email")
build_apiary_service_account_private_key = self.request.get(
"build_apiary_service_account_private_key")
bug_report_url = self.request.get("bug_report_url")
client_credentials = self.request.get("client_credentials")
component_repository_mappings = self.request.get(
"component_repository_mappings")
contact_string = self.request.get("contact_string")
documentation_url = self.request.get("documentation_url")
github_credentials = self.request.get("github_credentials")
platform_group_mappings = self.request.get("platform_group_mappings")
privileged_users = self.request.get("privileged_users")
relax_security_bug_restrictions = self.request.get(
"relax_security_bug_restrictions")
relax_testcase_restrictions = self.request.get(
"relax_testcase_restrictions")
reproduce_tool_client_id = self.request.get("reproduce_tool_client_id")
reproduce_tool_client_secret = self.request.get(
"reproduce_tool_client_secret")
reproduction_help_url = self.request.get("reproduction_help_url")
test_account_email = self.request.get("test_account_email")
test_account_password = self.request.get("test_account_password")
wifi_ssid = self.request.get("wifi_ssid")
wifi_password = self.request.get("wifi_password")
sendgrid_api_key = self.request.get("sendgrid_api_key")
sendgrid_sender = self.request.get("sendgrid_sender")
config.build_apiary_service_account_email = build_apiary_service_account_email
config.build_apiary_service_account_private_key = (
build_apiary_service_account_private_key)
config.bug_report_url = bug_report_url
config.client_credentials = client_credentials
config.component_repository_mappings = component_repository_mappings
config.contact_string = contact_string
config.documentation_url = documentation_url
config.github_credentials = github_credentials
config.platform_group_mappings = platform_group_mappings
config.privileged_users = privileged_users
config.relax_security_bug_restrictions = bool(
relax_security_bug_restrictions)
config.relax_testcase_restrictions = bool(relax_testcase_restrictions)
config.reproduce_tool_client_id = reproduce_tool_client_id
config.reproduce_tool_client_secret = reproduce_tool_client_secret
config.reproduction_help_url = reproduction_help_url
config.test_account_email = test_account_email
config.test_account_password = test_account_password
config.wifi_ssid = wifi_ssid
config.wifi_password = wifi_password
config.sendgrid_api_key = sendgrid_api_key
config.sendgrid_sender = sendgrid_sender
helpers.log("Configuration", helpers.MODIFY_OPERATION)
# Before hashing the entity, we must put it so that the internal maps are
# updated.
config.put()
config.previous_hash = utils.entity_hash(config)
config.put()
template_values = {
"title":
"Success",
"message": ("Configuration is successfully updated. "
"Redirecting to the configuration page..."),
"redirect_url":
"/configuration",
}
self.render("message.html", template_values)
