Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Bug 703789: Add validation to Mozmill dashboard

Bug 703789: Add validation to Mozmill dashboard

Updated after review items and discussion on IRC

added validation for Firefox App ID

Updated after comments from @whimboo
  • Loading branch information...
commit 6c876cb0264afceeb9c1c49f7ce8ed81a4096b93 1 parent e4af699
@AutomatedTester AutomatedTester authored
Showing with 45 additions and 0 deletions.
  1. +2 −0  .gitignore
  2. +43 −0 dashboard.js
View
2  .gitignore
@@ -1,3 +1,5 @@
.DS_Store
*.pyc
.couchapprc
+*.swp
+node_modules/
View
43 dashboard.js
@@ -11,6 +11,49 @@ ddoc = {
]
};
+ddoc.validate_doc_update = function(newDoc, oldDoc, userCtx) {
+ const MAX_SIZE = 1024 * 1024 * 10;
+ const FIREFOX_APP_ID = "{ec8030f7-c20a-464f-9b0e-13a3a9e97384}";
+
+ if (newDoc._attachments) {
+ throw ({ forbidden : "Attachments are not allowed" });
+ }
+
+ if (JSON.stringify(newDoc).length > MAX_SIZE){
+ throw({ forbidden : "Document is too large to be stored" });
+ }
+
+ // If we have a document on disk check if user is logged in
+ if (oldDoc && userCtx.roles.indexOf('_admin') === -1) {
+ // We only allow deleting if there is an admin
+ if (newDoc._deleted) {
+ throw ({ forbidden : "Only an admin is allowed to delete data" });
+ } else {
+ throw ({ forbidden : "Modifying of data is not allowed" });
+ }
+ }
+
+ var requiredFields = [ "application_id",
+ "mozmill_version",
+ "system_info",
+ "tests_passed",
+ "tests_failed",
+ "tests_skipped",
+ "time_start",
+ "time_end",
+ "report_type",
+ "report_version"];
+
+ requiredFields.forEach(function (field) {
+ if (!newDoc[field]) {
+ throw ({ forbidden : "This document requires the field " + field });
+ }
+ });
+
+ if (newDoc.application_id !== FIREFOX_APP_ID) {
+ throw ({ forbidden : "This document requires the Firefox Application ID"});
+ }
+}
var functionalReportsMap = function(doc) {
const REPORT_TYPES = [
Please sign in to comment.
Something went wrong with that request. Please try again.