Switch branches/tags
Nothing to show
Commits on Jul 18, 2012
  1. Merge pull request #1 from dseif/t1207

    [#1207] Job names now using first 10 digits of commit sha
    committed Jul 18, 2012
  2. [#1207] Fixed some styling issues

    committed Jul 18, 2012
  3. Job names are now the first 10 digits of the commit sha

    Signed-off-by: David Seifried <>
    committed with Jul 18, 2012
Commits on Jul 16, 2012
Commits on Jul 9, 2012
  1. Security: Use tokens instead of sessions. Fixes #209.

    * Per #209: Don't allow actions to happen without tokens with just
      a GET or POST request (goes for both the API and the GUI).
      All authenticated actions now:
      - Require POST
      - Require authToken
      - Ignore the session / prevent CSRF
      This documented with the '@actionAuth: Yes' annotation.
      Centralized authentication logic and error handling in
      a new method Action::doRequireAuth(), which optionally takes
      a username parameter to additionally strict authentication not
      only to a valid pair, but also to a specific pair. For example,
      in actions Wiperun and Wipejob the authentication must match
      account that owns the relevant job. And in LogoutAction
      authentication must match the session (otherwise CSRF is still
      possible when the attacker sends his own credentials - in case
      the attacker is internal - muhahaha).
      Now that authorization is more structured, replacing error code
      'requires-auth' with a more precise one 'unauthorized'.
    * Updated front-end to send authUsername/authToken where needed.
     - job.js: wiperun
     - testswarm.js: logout-link.
       Although LogoutPage will build a form with the tokens as hidden
       inputs, for convenience a direct logout link should still be
     - AddjobPage: Pre-fill authToken for logged-in users.
    * Issues:
     - fixes #209
    * Follows-up:
     - 2073672
    * Misc:
     - Clean up some older surrounding code, such as consistency in
       in using !count() and single quotes instead of count()===0 and
       double quotes.
     - Fix erroneous HTML ids in LoginPage.php. 'id="form-password"'
       got all mixed up to everywhere but the one line where it should
       And adding missing id form-username so that the <label for>
       works there as well.
    Krinkle committed Jul 9, 2012
  2. Update calculateVersionInfo: Fix bug with slashes in head names.

    * Branch "foo/123/bar" was being shown as "bar" due to use of
      basename(). Instead using a regex for refs/heads/*, and falling
      back to the complete name.
    * Correcting property name from 'HEAD' to 'SHA1'.
      Updated usage of that property.
    Krinkle committed Jul 9, 2012
Commits on Jul 8, 2012
Commits on Jul 5, 2012
  1. WipejobAction: Use tokens instead of sessions. Addresses #209.

    * Per #209: Don't allow actions to happen without tokens with just
      a GET or POST request (goes for both the API and the GUI).
      WipejobAction now requires a token to be passed and ignores the
    * Since we use the API in the GUI as well, we need the auth token
      in the webpage state. Exporting as SWARM.user.
      Not including in InfoAction since that might introduce a
      venerability in the API.
    * job.js: Wrapping event binding in an if statement for SWARM.user,
      other wise it would throw a TypeError when trying to access
      SWARM.user.authToken of undefined SWARM.user when clicking things
      without being logged in. This also naturally fixes #210.
      And now sending authUsername/authToken to action=wipejob
    * Issues:
     - makes progress on #209
     - closes #204
     - fixes #210
    jayarjo committed with Krinkle Jun 29, 2012
Commits on Jul 4, 2012
  1. Security: Implement clickjacking protection. Fixes #207.

    * The Page classs now has a method for setting the frameOptions.
      This will default to DENY.
    * From ResultPage, we send X-Frame-Options: SAMEORIGIN; to still
      allow it to be embedded within TestSwarm. We need this since
      we send the `report_html` snapshot to the user through an iframe.
      Note we can't use the Page class method here, since this raw
      response bypasses the Page class, it is a raw html response that is
      not build following the regular flow Page::output().
    * While at it, adding argument `true` to the header() call for
      Content-Type, which is for "replacing" for good measure.
    Krinkle committed Jul 4, 2012
Commits on Jul 2, 2012
  1. Revert "Replacing Chrome 17 with Chrome 20 (now stable)"

    This reverts commit ddb8637.
    Krinkle committed Jul 2, 2012
Commits on Jun 30, 2012
Commits on Jun 28, 2012
  1. CSS: .swarm-results should not wrap

    To maintain table readability with many browser columns.
    Krinkle committed Jun 28, 2012
Commits on Jun 27, 2012
Commits on Jun 24, 2012
Commits on Jun 13, 2012
  1. update html for bootstrap v2.0.4 incompatibility

    * "badge-error" -> "badge-important"
       According to bootstrap release-notes the former was only a docs fix
       suggesting it never worked, but it did work. So fixing the class
       name in our code base.
    * Misc.:
     - Re-adding table-bordered on ResultPage, matching the JobPage.
     - quotes/whitespace
    Krinkle committed Jun 13, 2012
  2. ResultAction: Fix case where job has been deleted.

    * If job is deleted, 'job' and 'otherRuns' property are null.
      (instead of throwing a data-corrupt error).
    * Update ResultPage to handle this situation by falling back to
      a simple message in place of the job-navigation bar.
      The rest of the data can still be displayed fine.
    * Misc.: Remove old @todo comment that has been resolved.
    Krinkle committed Jun 13, 2012
Commits on Jun 12, 2012
  1. SwarmstateAction: Expose activeRuns

    * With issue #180 being fixed by dc7bb99
      pendingRuns now no longer includes run already taken care of.
      However the testswarm-browserstack script uses this to determine
      whether it is okay to terminate a worker.
      This resulted in a situation shortly on where any
      test taking longer than a minute while being the last run in a job,
      it would never complete because the worker was killed by since pendingRuns === 0.
      Introducing activeRuns, which is the statistic that script needs to
      fix this.
    * Misc.: Code conventions.
    Krinkle committed Jun 12, 2012
  2. ProjectsAction: Fix job_latest_created field

    * MAX(jobs.created) selects the highest value of that column, which
      seems good, but actually isn't. Because it should instead get
      the created time for job_latest. Needs a separate query.
      It was showing the same timestamp for all projects.
    * Follows-up 57b101b
    * Misc.: Code conventions
    Krinkle committed Jun 12, 2012
  3. Implement new results storage and pinging system

    * Drop redundant `run_useragent.runs` column.
      This was duplicating the role of `run_useragent.completed`.
      The purpose of the duplicate row was to keep track of runs that
      have finished running, but need (or don't need) additional re-runs.
      This is now done using the 'status' and completed/max columns.
      run_useragent.status: Re-defined.
    * Replace `run_client` table with `runresults` table.
      Main difference is that the `runresults` has its own identifier
      column which means it can be accessed directly.
      Also rows from this table are to be never removed, not even when
      a run is re-run, wiped, reset or cleaned up.
      A link to /result/123 is to be considered permanent.
      Of course they can be unlinked from the run_useragent table (i.e.
      when a job is reset, that field is NULLed, and if a better re-run
      is saved, it overwrites that link with the new one). But this data
      is preserved.
      This also improves performance in several places by not having to do
      a full table scan of run_client and client to find all entries for
      a certain user_agent (which was very slow).
      Uses a `store_token` to control ability to save results into the
      stub row. Previously clients could basically pass anything to
      SaverunAction, and screw up stats. This whole in the system is now
      Update dbUpdate.php: Use run_client as check for 1.0.0
      Although both `useragents` and `run_client` are good checks to
      detect pre-1.0.0, using the latter as a check allows testers of the
      alpha versions before this commit to be notified as well.
    * New `run_useragents.results_id` column.
      No longer "guess" which belongs to which (by looking up the run_id
      and all possible client_id's), but tie them together right there.
    * Implement ping system
     - Clients ping every (conf->client->pingTime) seconds through AJAX.
       We use this to determine whether the client is still alive.
       Up until now we used a combination of connectTime and "last time
       a run was saved" to determine client connection. Which means you
       couldn't consider a client to be "gone" without also requiring that
       runs may run for a very long time.
       Now the pingTime can be set to 30 seconds and the runTimeout
       (maximum execution time) to 5 minutes. And a run can perfectly be
       allowed to take 5 minutes, but if the client is gone after anywhere
       in less than 5 minutes (e.g. 2 seconds, 3 minutes whatever) the run
       can be reset earlier and the client considered "offline" much
       This should speed up things on in case there is a
       run causing a browser freeze of whatever. Because we can allow a
       run to run for 5 minutes while being able to assume "disconnection"
       much earlier than that.
    * Moved confUpdate from getrun/saverun to pingAction.
    * Removed properties:
     - JobAction: runRuns, runMax
       No longer relevant, don't exist any more.
    * New "Result" page which shows navigation to results from other
      browsers for the same run.
      As well as some generic data and the client ID / username.
      and displays runID/jobID pair as well.
      (previously this was next to impossible to extract after the run was
      Now serving the runresults html through an iframe instead of
      directly to the client. Getting it directly is still possible
      through query parameter "?raw=".
      State constants are defined in ResultAction class as static
      members named ResultAction::$STATE_*. Using these in PHP instead of
      using the primitive number values directly
      (and ending up clarifying code with comments explaining the numbers,
      again, and again..)
      Updated logic to show a link to the Result report even if the test
      is still in progress or if it timed out (not just if it passed
      or completed with failures).
      We store the report either way, so we might as well show it.
      Previously this was quite annoying when the test was infinitely
      "in progress" or timed out, there was no link and nothing to see.
      Now it links to the report and at least shows the data we have,
      can help solving problems.
    Krinkle committed Jun 11, 2012
  4. various code clean up

    * Variable names, whitespace, quotes, trailing new line at end of file
    * Code conventions:
    * Rough JSHint pass
    Krinkle committed Jun 12, 2012
  5. AddjobAction: Fix bug for job with invalid browserSets.

    * Needs a `return;` after the setError.
    * Must be before the INSER for the job row.
    Krinkle committed Jun 12, 2012
  6. Preserve other window.onerror handlers (if there are any).

    * Notes:
     - Need to cast prevRet to boolean, because otherwise
       === false will return false which is wrong.
      QUnit, for example, returns (implied) undefined. Which should result
      in the default behavior, not a suppression (only with res
    * Issues:
     - fixes #191.
    Krinkle committed Jun 12, 2012
Commits on Jun 11, 2012
  1. Merge pull request #188 from jquery/nginx

    Issue 174: Add NGINX support
    Krinkle committed Jun 11, 2012
  2. CleanupAction: remove dead code, fix syntax error

    * swarm01: Error in doQuery: Unknown column 'useragent_id' in 'field list'
    * issue #185
    Krinkle committed Jun 11, 2012
  3. Fix WebRequest::getBool (foo in &foo=&bar& should return true)

    * Removed WebRequest::hasKey which was used anywhere. getBool now
      works like hasKey.
    * Minor whitespace, documentation, messaging fixes
    Krinkle committed Jun 11, 2012
  4. fix typo in

    Krinkle committed Jun 11, 2012
Commits on Jun 10, 2012
  1. Update job.js: Fix refresh bug

    Previously it only refreshed if there any cells in representing a run
    "in progress" or "scheduled".
    But there is 2 cases where this causes incorrect display:
    * The user is logged in and presses "Reset job".
    * The user is logged out and someone else does "Reset job" from another
    In both situations does the table no longer refresh (because the job is
    completed), but the state has in fact changed.
    I considered moving the `if` to around the setTimeout invocation, but
    then the second case described above would still happen.
    Krinkle committed Jun 10, 2012
  2. Slight refactor of getrun/saverun.

    * Issues:
     - fixes #189: Shouldn't distribute runs that are being run already
    * Misc.:
     - Remove redundant JOIN to `client` in CleanupAction. The client_id
       is right there in run_client, no need to filter or join.
       Presumably left from when it joined to client to get some other
       This will slightly improve performance of CleanupAction as well.
    Krinkle committed Jun 10, 2012
  3. sql: index names should start with idx_

    All others do so already.
    Krinkle committed Jun 10, 2012
  4. Merged README for NGINX into general one

    * Misc.:
     - EOF new line in nginx.conf
    Krinkle committed Jun 10, 2012
  5. Merge branch 'master' of into…

    … levidehaan-master
    Krinkle committed Jun 10, 2012
  6. Expose last ping time in UserAction

    * Also displayed on UserPage, naturally.
      Previously it was impossible to track how long a client has been
      idle (except that it is less than 5 minutes since other wise it would
      not be shown on the page at all and considered off line).
    * Misc.:
    - Re-order rows in testswarm.sql to be like the other tables
      (updated and created as last).
    Krinkle committed Jun 10, 2012