def get(self):
"""Handle a GET request."""
# pylint: disable=unexpected-keyword-arg
# Memoize all project and job names.
_ = data_handler.get_all_project_names(__memoize_force__=True)
_ = data_handler.get_all_job_type_names(__memoize_force__=True)
# Memoize both variants of get_all_fuzzer_names_including_children.
_ = data_handler.get_all_fuzzer_names_including_children(
include_parents=True, __memoize_force__=True)
_ = data_handler.get_all_fuzzer_names_including_children(
__memoize_force__=True)
# Memoize expensive testcase attribute calls.
for testcase_id in data_handler.get_open_testcase_id_iterator():
try:
testcase = data_handler.get_testcase_by_id(testcase_id)
except errors.InvalidTestcaseError:
# Already deleted.
continue
blobs.get_blob_size(testcase.fuzzed_keys)
blobs.get_blob_size(testcase.minimized_keys)
self.response.headers['Content-Type'] = 'text/plain'
self.response.out.write('OK')
self.response.set_status(200)
def get(self):
"""Handle a GET request."""
# pylint: disable=unexpected-keyword-arg
_ = data_handler.get_all_project_names(__memoize_force__=True)
_ = data_handler.get_all_job_type_names(__memoize_force__=True)
# Memorize both variants of get_all_fuzzer_names_including_children.
_ = data_handler.get_all_fuzzer_names_including_children(
include_parents=True, __memoize_force__=True)
_ = data_handler.get_all_fuzzer_names_including_children(
__memoize_force__=True)
self.response.headers['Content-Type'] = 'text/plain'
self.response.out.write('OK')
self.response.set_status(200)
def _allowed_entities_for_user(user_email, entity_kind):
"""Return the entity names that the given user can access.
Args:
user_email: The email of the user.
entity_kind: The type (data_types.PermissionEntityKind) of the entity.
Returns:
A list of entity names that the user has access to.
"""
if not user_email:
return []
allowed = []
permissions = _get_permissions_query_for_user(user_email, entity_kind)
if entity_kind == data_types.PermissionEntityKind.FUZZER:
all_names = data_handler.get_all_fuzzer_names_including_children()
else:
all_names = data_handler.get_all_job_type_names()
for permission in permissions:
if permission.is_prefix:
allowed.extend(_expand_prefix(all_names, permission.entity_name))
elif permission.entity_name in all_names:
allowed.append(permission.entity_name)
return sorted(allowed)
def get(self):
"""Handle a GET request."""
# Create a list of externally contributed fuzzers.
user_email = helpers.get_user_email()
if access.has_access():
# User is an internal user of ClusterFuzz (eg: ClusterFuzz developer).
fuzzers_list = (
data_handler.get_all_fuzzer_names_including_children(
include_parents=True))
jobs_list = data_handler.get_all_job_type_names()
else:
# User is an external user of ClusterFuzz (eg: non-Chrome dev who
# submitted a fuzzer or someone with a project in OSS-Fuzz).
fuzzers_list = external_users.allowed_fuzzers_for_user(
user_email, include_from_jobs=True, include_parents=True)
if not fuzzers_list:
# User doesn't actually have access to any fuzzers.
raise helpers.AccessDeniedException()
jobs_list = external_users.allowed_jobs_for_user(user_email)
fuzzers_list.sort()
jobs_list.sort()
result = {
'info': {
'fuzzers': fuzzers_list,
'jobs': jobs_list,
}
}
self.render('fuzzer-stats.html', result)
def get(self):
"""Handles get request."""
email = helpers.get_user_email()
if not email:
raise helpers.AccessDeniedException()
is_privileged_or_domain_user = access.has_access(
need_privileged_access=False)
if is_privileged_or_domain_user or _is_uploader_allowed(email):
# Privileged, domain and upload users can see all job and fuzzer names.
allowed_jobs = data_handler.get_all_job_type_names()
allowed_fuzzers = data_handler.get_all_fuzzer_names_including_children(
include_parents=True)
else:
# Check if this is an external user with access to certain fuzzers/jobs.
allowed_jobs = external_users.allowed_jobs_for_user(email)
allowed_fuzzers = external_users.allowed_fuzzers_for_user(
email, include_from_jobs=True)
if not allowed_fuzzers and not allowed_jobs:
raise helpers.AccessDeniedException()
has_issue_tracker = bool(data_handler.get_issue_tracker_name())
result, params = get_result()
return self.render(
'upload.html', {
'fieldValues': {
'blackboxFuzzers':
filter_blackbox_fuzzers(allowed_fuzzers),
'jobs':
allowed_jobs,
'libfuzzerTargets':
filter_target_names(allowed_fuzzers, 'libFuzzer'),
'aflTargets':
filter_target_names(allowed_fuzzers, 'afl'),
'honggfuzzTargets':
filter_target_names(allowed_fuzzers, 'honggfuzz'),
'isChromium':
utils.is_chromium(),
'sandboxedJobs':
data_types.INTERNAL_SANDBOXED_JOB_TYPES,
'csrfToken':
form.generate_csrf_token(),
'isExternalUser':
not is_privileged_or_domain_user,
'uploadInfo':
gcs.prepare_blob_upload()._asdict(),
'hasIssueTracker':
has_issue_tracker,
},
'params': params,
'result': result
})
def get(self):
"""Handles get request."""
email = helpers.get_user_email()
if not email:
raise helpers.AccessDeniedException()
is_privileged_or_domain_user = access.has_access(
need_privileged_access=False)
if is_privileged_or_domain_user or _is_uploader_allowed(email):
# Privileged, domain and upload users can see all job and fuzzer names.
allowed_jobs = data_handler.get_all_job_type_names()
allowed_fuzzers = data_handler.get_all_fuzzer_names_including_children(
include_parents=True)
else:
# Check if this is an external user with access to certain fuzzers/jobs.
allowed_jobs = external_users.allowed_jobs_for_user(email)
allowed_fuzzers = external_users.allowed_fuzzers_for_user(
email, include_from_jobs=True)
if not allowed_fuzzers and not allowed_jobs:
raise helpers.AccessDeniedException()
has_issue_tracker = bool(data_handler.get_issue_tracker_name())
result, params = get_result(self)
self.render(
"upload.html",
{
"fieldValues": {
"jobs":
allowed_jobs,
"libfuzzerTargets":
filter_target_names(allowed_fuzzers, "libFuzzer"),
"aflTargets":
filter_target_names(allowed_fuzzers, "afl"),
"isChromium":
utils.is_chromium(),
"sandboxedJobs":
data_types.INTERNAL_SANDBOXED_JOB_TYPES,
"csrfToken":
form.generate_csrf_token(),
"isExternalUser":
not is_privileged_or_domain_user,
"uploadInfo":
gcs.prepare_blob_upload()._asdict(),
"hasIssueTracker":
has_issue_tracker,
},
"params": params,
"result": result,
},
)
def get(self):
"""Get and render the testcase list in HTML."""
result, params = get_result(self)
field_values = {
'projects':
data_handler.get_all_project_names(),
'fuzzers':
data_handler.get_all_fuzzer_names_including_children(
include_parents=True),
'jobs':
data_handler.get_all_job_type_names(),
'shouldShowImpact':
utils.is_chromium()
}
self.render('testcase-list.html', {
'fieldValues': field_values,
'result': result,
'params': params
})
def get(self):
"""Handle a GET request."""
project = request.get('project')
if access.has_access():
# User is an internal user of ClusterFuzz (eg: ClusterFuzz developer).
# Show all projects in the list, since this allows user to pick another
# project as needed.
projects_list = data_handler.get_all_project_names()
# Filter fuzzers and job list if a project is provided.
fuzzers_list = (
data_handler.get_all_fuzzer_names_including_children(
include_parents=True, project=project))
jobs_list = data_handler.get_all_job_type_names(project=project)
else:
# User is an external user of ClusterFuzz (eg: non-Chrome dev who
# submitted a fuzzer or someone with a project in OSS-Fuzz).
user_email = helpers.get_user_email()
# TODO(aarya): Filter fuzzer and job if |project| is provided.
fuzzers_list = sorted(
external_users.allowed_fuzzers_for_user(user_email,
include_from_jobs=True,
include_parents=True))
if not fuzzers_list:
# User doesn't actually have access to any fuzzers.
raise helpers.AccessDeniedException(
"You don't have access to any fuzzers.")
jobs_list = sorted(
external_users.allowed_jobs_for_user(user_email))
projects_list = sorted(
{data_handler.get_project_name(job)
for job in jobs_list})
result = {
'projects': projects_list,
'fuzzers': fuzzers_list,
'jobs': jobs_list,
}
return self.render_json(result)
def get(self):
"""Get and render the crash stats in HTML."""
result, params = get_result(self)
field_values = {
'fuzzers':
data_handler.get_all_fuzzer_names_including_children(
include_parents=True),
'jobs':
data_handler.get_all_job_type_names(),
'platforms':
get_all_platforms(),
'projects':
data_handler.get_all_project_names(),
'minHour':
crash_stats_common.get_min_hour(),
'maxHour':
crash_stats_common.get_max_hour()
}
self.render('crash-stats.html', {
'result': result,
'fieldValues': field_values,
'params': params
})
