def get(self): """Handle a GET request.""" # pylint: disable=unexpected-keyword-arg # Memoize all project and job names. _ = data_handler.get_all_project_names(__memoize_force__=True) _ = data_handler.get_all_job_type_names(__memoize_force__=True) # Memoize both variants of get_all_fuzzer_names_including_children. _ = data_handler.get_all_fuzzer_names_including_children( include_parents=True, __memoize_force__=True) _ = data_handler.get_all_fuzzer_names_including_children( __memoize_force__=True) # Memoize expensive testcase attribute calls. for testcase_id in data_handler.get_open_testcase_id_iterator(): try: testcase = data_handler.get_testcase_by_id(testcase_id) except errors.InvalidTestcaseError: # Already deleted. continue blobs.get_blob_size(testcase.fuzzed_keys) blobs.get_blob_size(testcase.minimized_keys) self.response.headers['Content-Type'] = 'text/plain' self.response.out.write('OK') self.response.set_status(200)
def get(self): """Handle a GET request.""" # pylint: disable=unexpected-keyword-arg _ = data_handler.get_all_project_names(__memoize_force__=True) _ = data_handler.get_all_job_type_names(__memoize_force__=True) # Memorize both variants of get_all_fuzzer_names_including_children. _ = data_handler.get_all_fuzzer_names_including_children( include_parents=True, __memoize_force__=True) _ = data_handler.get_all_fuzzer_names_including_children( __memoize_force__=True) self.response.headers['Content-Type'] = 'text/plain' self.response.out.write('OK') self.response.set_status(200)
def _allowed_entities_for_user(user_email, entity_kind): """Return the entity names that the given user can access. Args: user_email: The email of the user. entity_kind: The type (data_types.PermissionEntityKind) of the entity. Returns: A list of entity names that the user has access to. """ if not user_email: return [] allowed = [] permissions = _get_permissions_query_for_user(user_email, entity_kind) if entity_kind == data_types.PermissionEntityKind.FUZZER: all_names = data_handler.get_all_fuzzer_names_including_children() else: all_names = data_handler.get_all_job_type_names() for permission in permissions: if permission.is_prefix: allowed.extend(_expand_prefix(all_names, permission.entity_name)) elif permission.entity_name in all_names: allowed.append(permission.entity_name) return sorted(allowed)
def get(self): """Handle a GET request.""" # Create a list of externally contributed fuzzers. user_email = helpers.get_user_email() if access.has_access(): # User is an internal user of ClusterFuzz (eg: ClusterFuzz developer). fuzzers_list = ( data_handler.get_all_fuzzer_names_including_children( include_parents=True)) jobs_list = data_handler.get_all_job_type_names() else: # User is an external user of ClusterFuzz (eg: non-Chrome dev who # submitted a fuzzer or someone with a project in OSS-Fuzz). fuzzers_list = external_users.allowed_fuzzers_for_user( user_email, include_from_jobs=True, include_parents=True) if not fuzzers_list: # User doesn't actually have access to any fuzzers. raise helpers.AccessDeniedException() jobs_list = external_users.allowed_jobs_for_user(user_email) fuzzers_list.sort() jobs_list.sort() result = { 'info': { 'fuzzers': fuzzers_list, 'jobs': jobs_list, } } self.render('fuzzer-stats.html', result)
def get(self): """Handles get request.""" email = helpers.get_user_email() if not email: raise helpers.AccessDeniedException() is_privileged_or_domain_user = access.has_access( need_privileged_access=False) if is_privileged_or_domain_user or _is_uploader_allowed(email): # Privileged, domain and upload users can see all job and fuzzer names. allowed_jobs = data_handler.get_all_job_type_names() allowed_fuzzers = data_handler.get_all_fuzzer_names_including_children( include_parents=True) else: # Check if this is an external user with access to certain fuzzers/jobs. allowed_jobs = external_users.allowed_jobs_for_user(email) allowed_fuzzers = external_users.allowed_fuzzers_for_user( email, include_from_jobs=True) if not allowed_fuzzers and not allowed_jobs: raise helpers.AccessDeniedException() has_issue_tracker = bool(data_handler.get_issue_tracker_name()) result, params = get_result() return self.render( 'upload.html', { 'fieldValues': { 'blackboxFuzzers': filter_blackbox_fuzzers(allowed_fuzzers), 'jobs': allowed_jobs, 'libfuzzerTargets': filter_target_names(allowed_fuzzers, 'libFuzzer'), 'aflTargets': filter_target_names(allowed_fuzzers, 'afl'), 'honggfuzzTargets': filter_target_names(allowed_fuzzers, 'honggfuzz'), 'isChromium': utils.is_chromium(), 'sandboxedJobs': data_types.INTERNAL_SANDBOXED_JOB_TYPES, 'csrfToken': form.generate_csrf_token(), 'isExternalUser': not is_privileged_or_domain_user, 'uploadInfo': gcs.prepare_blob_upload()._asdict(), 'hasIssueTracker': has_issue_tracker, }, 'params': params, 'result': result })
def get(self): """Handles get request.""" email = helpers.get_user_email() if not email: raise helpers.AccessDeniedException() is_privileged_or_domain_user = access.has_access( need_privileged_access=False) if is_privileged_or_domain_user or _is_uploader_allowed(email): # Privileged, domain and upload users can see all job and fuzzer names. allowed_jobs = data_handler.get_all_job_type_names() allowed_fuzzers = data_handler.get_all_fuzzer_names_including_children( include_parents=True) else: # Check if this is an external user with access to certain fuzzers/jobs. allowed_jobs = external_users.allowed_jobs_for_user(email) allowed_fuzzers = external_users.allowed_fuzzers_for_user( email, include_from_jobs=True) if not allowed_fuzzers and not allowed_jobs: raise helpers.AccessDeniedException() has_issue_tracker = bool(data_handler.get_issue_tracker_name()) result, params = get_result(self) self.render( "upload.html", { "fieldValues": { "jobs": allowed_jobs, "libfuzzerTargets": filter_target_names(allowed_fuzzers, "libFuzzer"), "aflTargets": filter_target_names(allowed_fuzzers, "afl"), "isChromium": utils.is_chromium(), "sandboxedJobs": data_types.INTERNAL_SANDBOXED_JOB_TYPES, "csrfToken": form.generate_csrf_token(), "isExternalUser": not is_privileged_or_domain_user, "uploadInfo": gcs.prepare_blob_upload()._asdict(), "hasIssueTracker": has_issue_tracker, }, "params": params, "result": result, }, )
def get(self): """Get and render the testcase list in HTML.""" result, params = get_result(self) field_values = { 'projects': data_handler.get_all_project_names(), 'fuzzers': data_handler.get_all_fuzzer_names_including_children( include_parents=True), 'jobs': data_handler.get_all_job_type_names(), 'shouldShowImpact': utils.is_chromium() } self.render('testcase-list.html', { 'fieldValues': field_values, 'result': result, 'params': params })
def get(self): """Handle a GET request.""" project = request.get('project') if access.has_access(): # User is an internal user of ClusterFuzz (eg: ClusterFuzz developer). # Show all projects in the list, since this allows user to pick another # project as needed. projects_list = data_handler.get_all_project_names() # Filter fuzzers and job list if a project is provided. fuzzers_list = ( data_handler.get_all_fuzzer_names_including_children( include_parents=True, project=project)) jobs_list = data_handler.get_all_job_type_names(project=project) else: # User is an external user of ClusterFuzz (eg: non-Chrome dev who # submitted a fuzzer or someone with a project in OSS-Fuzz). user_email = helpers.get_user_email() # TODO(aarya): Filter fuzzer and job if |project| is provided. fuzzers_list = sorted( external_users.allowed_fuzzers_for_user(user_email, include_from_jobs=True, include_parents=True)) if not fuzzers_list: # User doesn't actually have access to any fuzzers. raise helpers.AccessDeniedException( "You don't have access to any fuzzers.") jobs_list = sorted( external_users.allowed_jobs_for_user(user_email)) projects_list = sorted( {data_handler.get_project_name(job) for job in jobs_list}) result = { 'projects': projects_list, 'fuzzers': fuzzers_list, 'jobs': jobs_list, } return self.render_json(result)
def get(self): """Get and render the crash stats in HTML.""" result, params = get_result(self) field_values = { 'fuzzers': data_handler.get_all_fuzzer_names_including_children( include_parents=True), 'jobs': data_handler.get_all_job_type_names(), 'platforms': get_all_platforms(), 'projects': data_handler.get_all_project_names(), 'minHour': crash_stats_common.get_min_hour(), 'maxHour': crash_stats_common.get_max_hour() } self.render('crash-stats.html', { 'result': result, 'fieldValues': field_values, 'params': params })