[#1207] Job names now using first 10 digits of commit sha
Signed-off-by: David Seifried <email@example.com>
* Per #209: Don't allow actions to happen without tokens with just a GET or POST request (goes for both the API and the GUI). All authenticated actions now: - Require POST - Require authToken - Ignore the session / prevent CSRF This documented with the '@actionAuth: Yes' annotation. Centralized authentication logic and error handling in a new method Action::doRequireAuth(), which optionally takes a username parameter to additionally strict authentication not only to a valid pair, but also to a specific pair. For example, in actions Wiperun and Wipejob the authentication must match account that owns the relevant job. And in LogoutAction authentication must match the session (otherwise CSRF is still possible when the attacker sends his own credentials - in case the attacker is internal - muhahaha). Now that authorization is more structured, replacing error code 'requires-auth' with a more precise one 'unauthorized'. * Updated front-end to send authUsername/authToken where needed. - job.js: wiperun - testswarm.js: logout-link. Although LogoutPage will build a form with the tokens as hidden inputs, for convenience a direct logout link should still be possible. - AddjobPage: Pre-fill authToken for logged-in users. * Issues: - fixes #209 * Follows-up: - 2073672 * Misc: - Clean up some older surrounding code, such as consistency in in using !count() and single quotes instead of count()===0 and double quotes. - Fix erroneous HTML ids in LoginPage.php. 'id="form-password"' got all mixed up to everywhere but the one line where it should be.. And adding missing id form-username so that the <label for> works there as well.
* Branch "foo/123/bar" was being shown as "bar" due to use of basename(). Instead using a regex for refs/heads/*, and falling back to the complete name. * Correcting property name from 'HEAD' to 'SHA1'. Updated usage of that property.
* Per #209: Don't allow actions to happen without tokens with just a GET or POST request (goes for both the API and the GUI). WipejobAction now requires a token to be passed and ignores the session. * Since we use the API in the GUI as well, we need the auth token in the webpage state. Exporting as SWARM.user. Not including in InfoAction since that might introduce a venerability in the API. * job.js: Wrapping event binding in an if statement for SWARM.user, other wise it would throw a TypeError when trying to access SWARM.user.authToken of undefined SWARM.user when clicking things without being logged in. This also naturally fixes #210. And now sending authUsername/authToken to action=wipejob * Issues: - makes progress on #209 - closes #204 - fixes #210
* The Page classs now has a method for setting the frameOptions. This will default to DENY. * From ResultPage, we send X-Frame-Options: SAMEORIGIN; to still allow it to be embedded within TestSwarm. We need this since we send the `report_html` snapshot to the user through an iframe. Note we can't use the Page class method here, since this raw response bypasses the Page class, it is a raw html response that is not build following the regular flow Page::output(). * While at it, adding argument `true` to the header() call for Content-Type, which is for "replacing" for good measure.
This reverts commit ddb8637.
To maintain table readability with many browser columns.
* "badge-error" -> "badge-important" According to bootstrap release-notes the former was only a docs fix suggesting it never worked, but it did work. So fixing the class name in our code base. * Misc.: - Re-adding table-bordered on ResultPage, matching the JobPage. - quotes/whitespace
* Twitter Bootstrap v2.0.4 - http://twitter.github.com/bootstrap/ - https://github.com/twitter/bootstrap/tree/v2.0.4
* If job is deleted, 'job' and 'otherRuns' property are null. (instead of throwing a data-corrupt error). * Update ResultPage to handle this situation by falling back to a simple message in place of the job-navigation bar. The rest of the data can still be displayed fine. * Misc.: Remove old @todo comment that has been resolved.
* With issue #180 being fixed by dc7bb99 pendingRuns now no longer includes run already taken care of. However the testswarm-browserstack script uses this to determine whether it is okay to terminate a worker. This resulted in a situation shortly on swarm.jquery.org where any test taking longer than a minute while being the last run in a job, it would never complete because the worker was killed by testswarm-browserstack.run.sh since pendingRuns === 0. Introducing activeRuns, which is the statistic that script needs to fix this. * Misc.: Code conventions.
* MAX(jobs.created) selects the highest value of that column, which seems good, but actually isn't. Because it should instead get the created time for job_latest. Needs a separate query. It was showing the same timestamp for all projects. * Follows-up 57b101b * Misc.: Code conventions
* Drop redundant `run_useragent.runs` column. This was duplicating the role of `run_useragent.completed`. The purpose of the duplicate row was to keep track of runs that have finished running, but need (or don't need) additional re-runs. This is now done using the 'status' and completed/max columns. run_useragent.status: Re-defined. * Replace `run_client` table with `runresults` table. Main difference is that the `runresults` has its own identifier column which means it can be accessed directly. Also rows from this table are to be never removed, not even when a run is re-run, wiped, reset or cleaned up. A link to /result/123 is to be considered permanent. Of course they can be unlinked from the run_useragent table (i.e. when a job is reset, that field is NULLed, and if a better re-run is saved, it overwrites that link with the new one). But this data is preserved. This also improves performance in several places by not having to do a full table scan of run_client and client to find all entries for a certain user_agent (which was very slow). Uses a `store_token` to control ability to save results into the stub row. Previously clients could basically pass anything to SaverunAction, and screw up stats. This whole in the system is now fixed. Update dbUpdate.php: Use run_client as check for 1.0.0 Although both `useragents` and `run_client` are good checks to detect pre-1.0.0, using the latter as a check allows testers of the alpha versions before this commit to be notified as well. * New `run_useragents.results_id` column. No longer "guess" which belongs to which (by looking up the run_id and all possible client_id's), but tie them together right there. * Implement ping system - Clients ping every (conf->client->pingTime) seconds through AJAX. We use this to determine whether the client is still alive. Up until now we used a combination of connectTime and "last time a run was saved" to determine client connection. Which means you couldn't consider a client to be "gone" without also requiring that runs may run for a very long time. Now the pingTime can be set to 30 seconds and the runTimeout (maximum execution time) to 5 minutes. And a run can perfectly be allowed to take 5 minutes, but if the client is gone after anywhere in less than 5 minutes (e.g. 2 seconds, 3 minutes whatever) the run can be reset earlier and the client considered "offline" much faster. This should speed up things on swarm.jquery.org in case there is a run causing a browser freeze of whatever. Because we can allow a run to run for 5 minutes while being able to assume "disconnection" much earlier than that. * Moved confUpdate from getrun/saverun to pingAction. * Removed properties: - JobAction: runRuns, runMax No longer relevant, don't exist any more. * New "Result" page which shows navigation to results from other browsers for the same run. As well as some generic data and the client ID / username. and displays runID/jobID pair as well. (previously this was next to impossible to extract after the run was saved). Now serving the runresults html through an iframe instead of directly to the client. Getting it directly is still possible through query parameter "?raw=". State constants are defined in ResultAction class as static members named ResultAction::$STATE_*. Using these in PHP instead of using the primitive number values directly (and ending up clarifying code with comments explaining the numbers, again, and again..) Updated logic to show a link to the Result report even if the test is still in progress or if it timed out (not just if it passed or completed with failures). We store the report either way, so we might as well show it. Previously this was quite annoying when the test was infinitely "in progress" or timed out, there was no link and nothing to see. Now it links to the report and at least shows the data we have, can help solving problems.
* Variable names, whitespace, quotes, trailing new line at end of file * Code conventions: https://github.com/jquery/testswarm/wiki/Style-Guidelines * Rough JSHint pass
* Needs a `return;` after the setError. * Must be before the INSER for the job row.
* Notes: - Need to cast prevRet to boolean, because otherwise === false will return false which is wrong. QUnit, for example, returns (implied) undefined. Which should result in the default behavior, not a suppression (only with res * Issues: - fixes #191.
Issue 174: Add NGINX support
* swarm01: Error in doQuery: Unknown column 'useragent_id' in 'field list' * issue #185
* Removed WebRequest::hasKey which was used anywhere. getBool now works like hasKey. * Minor whitespace, documentation, messaging fixes
Previously it only refreshed if there any cells in representing a run "in progress" or "scheduled". But there is 2 cases where this causes incorrect display: * The user is logged in and presses "Reset job". * The user is logged out and someone else does "Reset job" from another screen. In both situations does the table no longer refresh (because the job is completed), but the state has in fact changed. I considered moving the `if` to around the setTimeout invocation, but then the second case described above would still happen.
* Issues: - fixes #189: Shouldn't distribute runs that are being run already * Misc.: - Remove redundant JOIN to `client` in CleanupAction. The client_id is right there in run_client, no need to filter or join. Presumably left from when it joined to client to get some other information. This will slightly improve performance of CleanupAction as well.
All others do so already.
* Misc.: - EOF new line in nginx.conf
* Also displayed on UserPage, naturally. Previously it was impossible to track how long a client has been idle (except that it is less than 5 minutes since other wise it would not be shown on the page at all and considered off line). * Misc.: - Re-order rows in testswarm.sql to be like the other tables (updated and created as last).