diff options
author | Tiago Mello <timello@gmail.com> | 2010-12-20 20:49:10 -0200 |
---|---|---|
committer | Tiago Mello <timello@gmail.com> | 2010-12-20 20:49:10 -0200 |
commit | ed3e015a1c21061ed9f30cfc3fe3c3e83c0d2fb1 (patch) | |
tree | 16a3b61e4fd8f04479bcbe02c8ed4d367b97e9f4 /Bugzilla/BugUrl | |
parent | Bug 475894 - Send the 'X-Frame-Options: SAMEORIGIN' header to help protect ag... (diff) | |
download | bugzilla-ed3e015a1c21061ed9f30cfc3fe3c3e83c0d2fb1.tar.gz bugzilla-ed3e015a1c21061ed9f30cfc3fe3c3e83c0d2fb1.tar.bz2 bugzilla-ed3e015a1c21061ed9f30cfc3fe3c3e83c0d2fb1.zip |
Bug 593539: Refactor See Also to use separate modules for each type of URL
r/a=mkanat
Diffstat (limited to 'Bugzilla/BugUrl')
-rw-r--r-- | Bugzilla/BugUrl/Bugzilla.pm | 61 | ||||
-rw-r--r-- | Bugzilla/BugUrl/Bugzilla/Local.pm | 105 | ||||
-rw-r--r-- | Bugzilla/BugUrl/Debian.pm | 62 | ||||
-rw-r--r-- | Bugzilla/BugUrl/Google.pm | 64 | ||||
-rw-r--r-- | Bugzilla/BugUrl/Launchpad.pm | 58 |
5 files changed, 350 insertions, 0 deletions
diff --git a/Bugzilla/BugUrl/Bugzilla.pm b/Bugzilla/BugUrl/Bugzilla.pm new file mode 100644 index 000000000..3957afc9d --- /dev/null +++ b/Bugzilla/BugUrl/Bugzilla.pm @@ -0,0 +1,61 @@ +# -*- Mode: perl; indent-tabs-mode: nil -*- +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Bugzilla Bug Tracking System. +# +# The Initial Developer of the Original Code is Tiago Mello +# Portions created by Tiago Mello are Copyright (C) 2010 +# Tiago Mello. All Rights Reserved. +# +# Contributor(s): Tiago Mello <timello@linux.vnet.ibm.com> + +package Bugzilla::BugUrl::Bugzilla; +use strict; +use base qw(Bugzilla::BugUrl); + +use Bugzilla::Error; +use Bugzilla::Util; + +############################### +#### Methods #### +############################### + +sub should_handle { + my ($class, $uri) = @_; + return ($uri->path =~ /show_bug\.cgi$/) ? 1 : 0; +} + +sub _check_value { + my ($class, $uri) = @_; + + $uri = $class->SUPER::_check_value($uri); + + my $bug_id = $uri->query_param('id'); + # We don't currently allow aliases, because we can't check to see + # if somebody's putting both an alias link and a numeric ID link. + # When we start validating the URL by accessing the other Bugzilla, + # we can allow aliases. + detaint_natural($bug_id); + if (!$bug_id) { + my $value = $uri->as_string; + ThrowUserError('bug_url_invalid', { url => $value, reason => 'id' }); + } + + # Make sure that "id" is the only query parameter. + $uri->query("id=$bug_id"); + # And remove any # part if there is one. + $uri->fragment(undef); + + return $uri; +} + +1; diff --git a/Bugzilla/BugUrl/Bugzilla/Local.pm b/Bugzilla/BugUrl/Bugzilla/Local.pm new file mode 100644 index 000000000..22812d085 --- /dev/null +++ b/Bugzilla/BugUrl/Bugzilla/Local.pm @@ -0,0 +1,105 @@ +# -*- Mode: perl; indent-tabs-mode: nil -*- +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Bugzilla Bug Tracking System. +# +# The Initial Developer of the Original Code is Tiago Mello +# Portions created by Tiago Mello are Copyright (C) 2010 +# Tiago Mello. All Rights Reserved. +# +# Contributor(s): Tiago Mello <timello@linux.vnet.ibm.com> + +package Bugzilla::BugUrl::Bugzilla::Local; +use strict; +use base qw(Bugzilla::BugUrl::Bugzilla); + +use Bugzilla::Error; +use Bugzilla::Util; + +############################### +#### Initialization #### +############################### + +use constant VALIDATOR_DEPENDENCIES => { + value => ['bug_id'], +}; + +############################### +#### Methods #### +############################### + +sub insert_create_data { + my ($class, $field_values) = @_; + + my $ref_bug = delete $field_values->{ref_bug}; + my $url = $class->local_uri . $field_values->{bug_id}; + my $bug_url = $class->SUPER::insert_create_data($field_values); + + # Check if the ref bug has already the url and then, + # update the ref bug to point to the current bug. + if (!grep { $_ eq $url } @{ $ref_bug->see_also }) { + $class->SUPER::insert_create_data( + { value => $url, bug_id => $ref_bug->id } ); + } + + return $bug_url; +} + +sub should_handle { + my ($class, $uri) = @_; + + return $uri->as_string =~ m/^\w+$/ ? 1 : 0; + + my $canonical_local = URI->new($class->_local_uri)->canonical; + + # Treating the domain case-insensitively and ignoring http(s):// + return ($canonical_local->authority eq $uri->canonical->authority + and $canonical_local->path eq $uri->canonical->path) ? 1 : 0; +} + +sub _check_value { + my ($class, $uri, undef, $params) = @_; + + # At this point we are going to treat any word as a + # bug id/alias to the local Bugzilla. + my $value = $uri->as_string; + if ($value =~ m/^\w+$/) { + $uri = new URI($class->local_uri . $value); + } else { + # It's not a word, then we have to check + # if it's a valid Bugzilla url. + $uri = $class->SUPER::_check_value($uri); + } + + my $ref_bug_id = $uri->query_param('id'); + my $ref_bug = Bugzilla::Bug->check($ref_bug_id); + my $self_bug_id = $params->{bug_id}; + $params->{ref_bug} = $ref_bug; + + if ($ref_bug->id == $self_bug_id) { + ThrowUserError('see_also_self_reference'); + } + + my $product = $ref_bug->product_obj; + if (!Bugzilla->user->can_edit_product($product->id)) { + ThrowUserError("product_edit_denied", + { product => $product->name }); + } + + return $uri; +} + +sub local_uri { + return correct_urlbase() . "show_bug.cgi?id="; +} + +1; diff --git a/Bugzilla/BugUrl/Debian.pm b/Bugzilla/BugUrl/Debian.pm new file mode 100644 index 000000000..90d61a69a --- /dev/null +++ b/Bugzilla/BugUrl/Debian.pm @@ -0,0 +1,62 @@ +# -*- Mode: perl; indent-tabs-mode: nil -*- +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Bugzilla Bug Tracking System. +# +# The Initial Developer of the Original Code is Tiago Mello +# Portions created by Tiago Mello are Copyright (C) 2010 +# Tiago Mello. All Rights Reserved. +# +# Contributor(s): Tiago Mello <timello@linux.vnet.ibm.com> + +package Bugzilla::BugUrl::Debian; +use strict; +use base qw(Bugzilla::BugUrl); + +use Bugzilla::Error; +use Bugzilla::Util; + +############################### +#### Methods #### +############################### + +sub should_handle { + my ($class, $uri) = @_; + return ($uri->authority =~ /^bugs.debian.org$/i) ? 1 : 0; +} + +sub _check_value { + my $class = shift; + + my $uri = $class->SUPER::_check_value(@_); + + # Debian BTS URLs can look like various things: + # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1234 + # http://bugs.debian.org/1234 + my $bug_id; + if ($uri->path =~ m|^/(\d+)$|) { + $bug_id = $1; + } + elsif ($uri->path =~ /bugreport\.cgi$/) { + $bug_id = $uri->query_param('bug'); + detaint_natural($bug_id); + } + if (!$bug_id) { + ThrowUserError('bug_url_invalid', + { url => $uri->path, reason => 'id' }); + } + # This is the shortest standard URL form for Debian BTS URLs, + # and so we reduce all URLs to this. + return new URI("http://bugs.debian.org/" . $bug_id); +} + +1; diff --git a/Bugzilla/BugUrl/Google.pm b/Bugzilla/BugUrl/Google.pm new file mode 100644 index 000000000..4f6321e74 --- /dev/null +++ b/Bugzilla/BugUrl/Google.pm @@ -0,0 +1,64 @@ +# -*- Mode: perl; indent-tabs-mode: nil -*- +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Bugzilla Bug Tracking System. +# +# The Initial Developer of the Original Code is Tiago Mello +# Portions created by Tiago Mello are Copyright (C) 2010 +# Tiago Mello. All Rights Reserved. +# +# Contributor(s): Tiago Mello <timello@linux.vnet.ibm.com> + +package Bugzilla::BugUrl::Google; +use strict; +use base qw(Bugzilla::BugUrl); + +use Bugzilla::Error; +use Bugzilla::Util; + +############################### +#### Methods #### +############################### + +sub should_handle { + my ($class, $uri) = @_; + return ($uri->authority =~ /^code.google.com$/i) ? 1 : 0; +} + +sub _check_value { + my ($class, $uri) = @_; + + $uri = $class->SUPER::_check_value($uri); + + my $value = $uri->as_string; + # Google Code URLs only have one form: + # http(s)://code.google.com/p/PROJECT_NAME/issues/detail?id=1234 + my $project_name; + if ($uri->path =~ m|^/p/([^/]+)/issues/detail$|) { + $project_name = $1; + } else { + ThrowUserError('bug_url_invalid', { url => $value }); + } + my $bug_id = $uri->query_param('id'); + detaint_natural($bug_id); + if (!$bug_id) { + ThrowUserError('bug_url_invalid', { url => $value, reason => 'id' }); + } + # While Google Code URLs can be either HTTP or HTTPS, + # always go with the HTTP scheme, as that's the default. + $value = "http://code.google.com/p/" . $project_name . + "/issues/detail?id=" . $bug_id; + + return new URI($value); +} + +1; diff --git a/Bugzilla/BugUrl/Launchpad.pm b/Bugzilla/BugUrl/Launchpad.pm new file mode 100644 index 000000000..bb16b3b30 --- /dev/null +++ b/Bugzilla/BugUrl/Launchpad.pm @@ -0,0 +1,58 @@ +# -*- Mode: perl; indent-tabs-mode: nil -*- +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Bugzilla Bug Tracking System. +# +# The Initial Developer of the Original Code is Tiago Mello +# Portions created by Tiago Mello are Copyright (C) 2010 +# Tiago Mello. All Rights Reserved. +# +# Contributor(s): Tiago Mello <timello@linux.vnet.ibm.com> + +package Bugzilla::BugUrl::Launchpad; +use strict; +use base qw(Bugzilla::BugUrl); + +use Bugzilla::Error; + +############################### +#### Methods #### +############################### + +sub should_handle { + my ($class, $uri) = @_; + return ($uri->authority =~ /launchpad.net$/) ? 1 : 0; +} + +sub _check_value { + my ($class, $uri) = @_; + + $uri = $class->SUPER::_check_value($uri); + + my $value = $uri->as_string; + # Launchpad bug URLs can look like various things: + # https://bugs.launchpad.net/ubuntu/+bug/1234 + # https://launchpad.net/bugs/1234 + # All variations end with either "/bugs/1234" or "/+bug/1234" + if ($uri->path =~ m|bugs?/(\d+)$|) { + # This is the shortest standard URL form for Launchpad bugs, + # and so we reduce all URLs to this. + $value = "https://launchpad.net/bugs/$1"; + } + else { + ThrowUserError('bug_url_invalid', { url => $value, reason => 'id' }); + } + + return new URI($value); +} + +1; |