def get(self):
"""Handle a GET request."""
# Create a list of externally contributed fuzzers.
user_email = helpers.get_user_email()
if access.has_access():
# User is an internal user of ClusterFuzz (eg: ClusterFuzz developer).
fuzzers_list = (
data_handler.get_all_fuzzer_names_including_children(
include_parents=True))
jobs_list = data_handler.get_all_job_type_names()
else:
# User is an external user of ClusterFuzz (eg: non-Chrome dev who
# submitted a fuzzer or someone with a project in OSS-Fuzz).
fuzzers_list = external_users.allowed_fuzzers_for_user(
user_email, include_from_jobs=True, include_parents=True)
if not fuzzers_list:
# User doesn't actually have access to any fuzzers.
raise helpers.AccessDeniedException()
jobs_list = external_users.allowed_jobs_for_user(user_email)
fuzzers_list.sort()
jobs_list.sort()
result = {
'info': {
'fuzzers': fuzzers_list,
'jobs': jobs_list,
}
}
self.render('fuzzer-stats.html', result)
def test_allowed_fuzzers_including_jobs(self):
"""Tests allowed_fuzzers_for_user with jobs."""
result = external_users.allowed_fuzzers_for_user(
'*****@*****.**', include_from_jobs=True)
self.assertEqual(['fuzzer', 'parent_child', 'parent_child2'], result)
result = external_users.allowed_fuzzers_for_user(
'*****@*****.**', include_from_jobs=True)
self.assertEqual(['parent_child', 'parent_child2'], result)
result = external_users.allowed_fuzzers_for_user(
'*****@*****.**', include_from_jobs=True, include_parents=True)
self.assertEqual(['parent', 'parent_child', 'parent_child2'], result)
result = external_users.allowed_fuzzers_for_user(
'*****@*****.**', include_from_jobs=True)
self.assertEqual([], result)
result = external_users.allowed_fuzzers_for_user('*****@*****.**')
self.assertEqual([], result)
result = external_users.allowed_fuzzers_for_user(
'*****@*****.**', include_from_jobs=True)
self.assertEqual(['parent_child', 'parent_child2'], result)
result = external_users.allowed_fuzzers_for_user(
'*****@*****.**', include_from_jobs=True, include_parents=True)
self.assertEqual(['parent', 'parent_child', 'parent_child2'], result)
def test_allowed_fuzzers_including_jobs(self):
"""Tests allowed_fuzzers_for_user with jobs."""
result = external_users.allowed_fuzzers_for_user(
"*****@*****.**", include_from_jobs=True)
self.assertEqual(["fuzzer", "parent_child", "parent_child2"], result)
result = external_users.allowed_fuzzers_for_user(
"*****@*****.**", include_from_jobs=True)
self.assertEqual(["parent_child", "parent_child2"], result)
result = external_users.allowed_fuzzers_for_user(
"*****@*****.**", include_from_jobs=True, include_parents=True)
self.assertEqual(["parent", "parent_child", "parent_child2"], result)
result = external_users.allowed_fuzzers_for_user(
"*****@*****.**", include_from_jobs=True)
self.assertEqual([], result)
result = external_users.allowed_fuzzers_for_user("*****@*****.**")
self.assertEqual([], result)
result = external_users.allowed_fuzzers_for_user(
"*****@*****.**", include_from_jobs=True)
self.assertEqual(["parent_child", "parent_child2"], result)
result = external_users.allowed_fuzzers_for_user(
"*****@*****.**", include_from_jobs=True, include_parents=True)
self.assertEqual(["parent", "parent_child", "parent_child2"], result)
def get(self):
"""Handles get request."""
email = helpers.get_user_email()
if not email:
raise helpers.AccessDeniedException()
is_privileged_or_domain_user = access.has_access(
need_privileged_access=False)
if is_privileged_or_domain_user or _is_uploader_allowed(email):
# Privileged, domain and upload users can see all job and fuzzer names.
allowed_jobs = data_handler.get_all_job_type_names()
allowed_fuzzers = data_handler.get_all_fuzzer_names_including_children(
include_parents=True)
else:
# Check if this is an external user with access to certain fuzzers/jobs.
allowed_jobs = external_users.allowed_jobs_for_user(email)
allowed_fuzzers = external_users.allowed_fuzzers_for_user(
email, include_from_jobs=True)
if not allowed_fuzzers and not allowed_jobs:
raise helpers.AccessDeniedException()
has_issue_tracker = bool(data_handler.get_issue_tracker_name())
result, params = get_result()
return self.render(
'upload.html', {
'fieldValues': {
'blackboxFuzzers':
filter_blackbox_fuzzers(allowed_fuzzers),
'jobs':
allowed_jobs,
'libfuzzerTargets':
filter_target_names(allowed_fuzzers, 'libFuzzer'),
'aflTargets':
filter_target_names(allowed_fuzzers, 'afl'),
'honggfuzzTargets':
filter_target_names(allowed_fuzzers, 'honggfuzz'),
'isChromium':
utils.is_chromium(),
'sandboxedJobs':
data_types.INTERNAL_SANDBOXED_JOB_TYPES,
'csrfToken':
form.generate_csrf_token(),
'isExternalUser':
not is_privileged_or_domain_user,
'uploadInfo':
gcs.prepare_blob_upload()._asdict(),
'hasIssueTracker':
has_issue_tracker,
},
'params': params,
'result': result
})
def get(self):
"""Handles get request."""
email = helpers.get_user_email()
if not email:
raise helpers.AccessDeniedException()
is_privileged_or_domain_user = access.has_access(
need_privileged_access=False)
if is_privileged_or_domain_user or _is_uploader_allowed(email):
# Privileged, domain and upload users can see all job and fuzzer names.
allowed_jobs = data_handler.get_all_job_type_names()
allowed_fuzzers = data_handler.get_all_fuzzer_names_including_children(
include_parents=True)
else:
# Check if this is an external user with access to certain fuzzers/jobs.
allowed_jobs = external_users.allowed_jobs_for_user(email)
allowed_fuzzers = external_users.allowed_fuzzers_for_user(
email, include_from_jobs=True)
if not allowed_fuzzers and not allowed_jobs:
raise helpers.AccessDeniedException()
has_issue_tracker = bool(data_handler.get_issue_tracker_name())
result, params = get_result(self)
self.render(
"upload.html",
{
"fieldValues": {
"jobs":
allowed_jobs,
"libfuzzerTargets":
filter_target_names(allowed_fuzzers, "libFuzzer"),
"aflTargets":
filter_target_names(allowed_fuzzers, "afl"),
"isChromium":
utils.is_chromium(),
"sandboxedJobs":
data_types.INTERNAL_SANDBOXED_JOB_TYPES,
"csrfToken":
form.generate_csrf_token(),
"isExternalUser":
not is_privileged_or_domain_user,
"uploadInfo":
gcs.prepare_blob_upload()._asdict(),
"hasIssueTracker":
has_issue_tracker,
},
"params": params,
"result": result,
},
)
def get(self, extra=None):
"""Handle a GET request."""
if not access.has_access():
# User is an external user of ClusterFuzz (eg: non-Chrome dev who
# submitted a fuzzer or someone with a project in OSS-Fuzz).
user_email = helpers.get_user_email()
fuzzers_list = external_users.allowed_fuzzers_for_user(
user_email, include_from_jobs=True, include_parents=True)
if not fuzzers_list:
# User doesn't actually have access to any fuzzers.
raise helpers.AccessDeniedException(
"You don't have access to any fuzzers.")
return self.render('fuzzer-stats.html', {})
def test_allowed_fuzzers(self):
"""allowed_fuzzers_for_user tests."""
# Direct match.
result = external_users.allowed_fuzzers_for_user('*****@*****.**')
self.assertEqual(result, ['fuzzer'])
# Prefix on fuzzer name.
result = external_users.allowed_fuzzers_for_user('*****@*****.**')
self.assertEqual(result, ['fuzzer'])
# Prefix on child fuzzer name.
result = external_users.allowed_fuzzers_for_user('*****@*****.**')
self.assertEqual(result, ['parent_child', 'parent_child2'])
# Direct match on a parent fuzzer that has children. Should not have any
# results.
result = external_users.allowed_fuzzers_for_user('*****@*****.**')
self.assertEqual(len(result), 0)
# No such user.
result = external_users.allowed_fuzzers_for_user(
'*****@*****.**')
self.assertEqual(result, [])
def get(self):
"""Handle a GET request."""
project = request.get('project')
if access.has_access():
# User is an internal user of ClusterFuzz (eg: ClusterFuzz developer).
# Show all projects in the list, since this allows user to pick another
# project as needed.
projects_list = data_handler.get_all_project_names()
# Filter fuzzers and job list if a project is provided.
fuzzers_list = (
data_handler.get_all_fuzzer_names_including_children(
include_parents=True, project=project))
jobs_list = data_handler.get_all_job_type_names(project=project)
else:
# User is an external user of ClusterFuzz (eg: non-Chrome dev who
# submitted a fuzzer or someone with a project in OSS-Fuzz).
user_email = helpers.get_user_email()
# TODO(aarya): Filter fuzzer and job if |project| is provided.
fuzzers_list = sorted(
external_users.allowed_fuzzers_for_user(user_email,
include_from_jobs=True,
include_parents=True))
if not fuzzers_list:
# User doesn't actually have access to any fuzzers.
raise helpers.AccessDeniedException(
"You don't have access to any fuzzers.")
jobs_list = sorted(
external_users.allowed_jobs_for_user(user_email))
projects_list = sorted(
{data_handler.get_project_name(job)
for job in jobs_list})
result = {
'projects': projects_list,
'fuzzers': fuzzers_list,
'jobs': jobs_list,
}
return self.render_json(result)