def post(self):
"""Handle a post request."""
email = utils.normalize_email(self.request.get('email'))
entity_kind = self.request.get('entity_kind')
entity_name = self.request.get('entity_name')
is_prefix = self.request.get('is_prefix')
auto_cc = self.request.get('auto_cc')
if not email:
raise helpers.EarlyExitException('No email provided.', 400)
if not entity_kind or entity_kind == 'undefined':
raise helpers.EarlyExitException('No entity_kind provided.', 400)
entity_kind = get_value_by_name(USER_PERMISSION_ENTITY_KINDS, entity_kind)
if entity_kind is None:
raise helpers.EarlyExitException('Invalid entity_kind provided.', 400)
if entity_kind == data_types.PermissionEntityKind.UPLOADER:
# Enforce null values for entity name and auto-cc when uploader is chosen.
entity_name = None
auto_cc = data_types.AutoCCType.NONE
else:
if not entity_name:
raise helpers.EarlyExitException('No entity_name provided.', 400)
if not auto_cc or auto_cc == 'undefined':
raise helpers.EarlyExitException('No auto_cc provided.', 400)
auto_cc = get_value_by_name(USER_PERMISSION_AUTO_CC_TYPES, auto_cc)
if auto_cc is None:
raise helpers.EarlyExitException('Invalid auto_cc provided.', 400)
# Check for existing permission.
query = data_types.ExternalUserPermission.query(
data_types.ExternalUserPermission.email == email,
data_types.ExternalUserPermission.entity_kind == entity_kind,
data_types.ExternalUserPermission.entity_name == entity_name)
permission = query.get()
if not permission:
# Doesn't exist, create new one.
permission = data_types.ExternalUserPermission(
email=email, entity_kind=entity_kind, entity_name=entity_name)
permission.is_prefix = bool(is_prefix)
permission.auto_cc = auto_cc
permission.put()
helpers.log('Configuration', helpers.MODIFY_OPERATION)
template_values = {
'title':
'Success',
'message':
('User %s permission for entity %s is successfully added. '
'Redirecting to the configuration page...') % (email, entity_name),
'redirect_url':
'/configuration',
}
self.render('message.html', template_values)
def _is_domain_allowed(email):
"""Check if the email's domain is allowed."""
domains = local_config.AuthConfig().get('whitelisted_domains', default=[])
for domain in domains:
if utils.normalize_email(email).endswith('@%s' % domain.lower()):
return True
return False
def _get_permissions_query_for_user(user_email, entity_kind=None):
"""Get a permissions query for a given user.
Args:
user_email: The email of the user.
entity_kind: The type (data_types.PermissionEntityKind) of the permission to
filter by, or None.
Returns:
A ndb.Query giving the permissions for the given parameters.
"""
permissions_for_user = data_types.ExternalUserPermission.query(
data_types.ExternalUserPermission.email == utils.normalize_email(
user_email))
if entity_kind is not None:
permissions_for_user = permissions_for_user.filter(
data_types.ExternalUserPermission.entity_kind == entity_kind)
return permissions_for_user
def ccs_from_info(info):
"""Get list of CC's from project info."""
ccs = []
if 'primary_contact' in info:
primary_contact = info['primary_contact']
if isinstance(primary_contact, basestring):
ccs.append(primary_contact)
else:
raise OssFuzzSetupException('Bad primary_contact %s.' % primary_contact)
if 'auto_ccs' in info:
auto_ccs = info.get('auto_ccs')
if isinstance(auto_ccs, list):
ccs.extend(auto_ccs)
elif isinstance(auto_ccs, basestring):
ccs.append(auto_ccs)
else:
raise OssFuzzSetupException('Bad auto_ccs %s.' % auto_ccs)
return [utils.normalize_email(cc) for cc in ccs]
def ccs_from_info(info):
"""Get list of CC's from project info."""
def _get_ccs(field_name, allow_list=True):
"""Return list of emails to cc given a field name."""
if field_name not in info:
return []
field_value = info.get(field_name)
if allow_list and isinstance(field_value, list):
return field_value
if isinstance(field_value, basestring):
return [field_value]
raise ProjectSetupError(
'Bad value for field {field_name}: {field_value}.'.format(
field_name=field_name, field_value=field_value))
ccs = []
ccs.extend(_get_ccs('primary_contact', allow_list=False))
ccs.extend(_get_ccs('auto_ccs'))
ccs.extend(_get_ccs('vendor_ccs'))
return [utils.normalize_email(cc) for cc in ccs]
def test_normalize_email(self):
"""Test normalize email."""
self.assertEqual('*****@*****.**', utils.normalize_email('*****@*****.**'))
self.assertEqual('*****@*****.**', utils.normalize_email('*****@*****.**'))
def post(self):
"""Handle a post request."""
email = utils.normalize_email(self.request.get("email"))
entity_kind = self.request.get("entity_kind")
entity_name = self.request.get("entity_name")
is_prefix = self.request.get("is_prefix")
auto_cc = self.request.get("auto_cc")
if not email:
raise helpers.EarlyExitException("No email provided.", 400)
if not entity_kind or entity_kind == "undefined":
raise helpers.EarlyExitException("No entity_kind provided.", 400)
entity_kind = get_value_by_name(USER_PERMISSION_ENTITY_KINDS,
entity_kind)
if entity_kind is None:
raise helpers.EarlyExitException("Invalid entity_kind provided.",
400)
if entity_kind == data_types.PermissionEntityKind.UPLOADER:
# Enforce null values for entity name and auto-cc when uploader is chosen.
entity_name = None
auto_cc = data_types.AutoCCType.NONE
else:
if not entity_name:
raise helpers.EarlyExitException("No entity_name provided.",
400)
if not auto_cc or auto_cc == "undefined":
raise helpers.EarlyExitException("No auto_cc provided.", 400)
auto_cc = get_value_by_name(USER_PERMISSION_AUTO_CC_TYPES, auto_cc)
if auto_cc is None:
raise helpers.EarlyExitException("Invalid auto_cc provided.",
400)
# Check for existing permission.
query = data_types.ExternalUserPermission.query(
data_types.ExternalUserPermission.email == email,
data_types.ExternalUserPermission.entity_kind == entity_kind,
data_types.ExternalUserPermission.entity_name == entity_name,
)
permission = query.get()
if not permission:
# Doesn't exist, create new one.
permission = data_types.ExternalUserPermission(
email=email, entity_kind=entity_kind, entity_name=entity_name)
permission.is_prefix = bool(is_prefix)
permission.auto_cc = auto_cc
permission.put()
helpers.log("Configuration", helpers.MODIFY_OPERATION)
template_values = {
"title":
"Success",
"message":
("User %s permission for entity %s is successfully added. "
"Redirecting to the configuration page...") %
(email, entity_name),
"redirect_url":
"/configuration",
}
self.render("message.html", template_values)