Browse files

Fixes bug 497731 - Added exploitability to Super Search. r=peterbe

  • Loading branch information...
1 parent 53c6653 commit 03c3a1b8819cd7e5401819d177a252331366efc0 @adngdb adngdb committed Feb 19, 2014
View
1 socorro/external/elasticsearch/supersearch.py
@@ -30,6 +30,7 @@
'distributor_version',
# 'dump', # the dump is a huge piece of data, we should not return it
'email',
+ 'exploitability',
'flash_version',
'hangid',
'hang_type',
View
1 socorro/lib/search_common.py
@@ -81,6 +81,7 @@ class SearchBase(object):
SearchFilter('distributor_version'),
SearchFilter('dump', data_type='str'),
SearchFilter('email', data_type='str'),
+ SearchFilter('exploitability'),
SearchFilter('flash_version'),
SearchFilter('hang_type'),
SearchFilter('install_age', data_type='int'),
View
28 socorro/unittest/external/elasticsearch/test_settings.py
@@ -234,3 +234,31 @@ def test_hang_type_field(self):
res = self.api.get(hang_type=['crash', 'hang'])
self.assertEqual(res['total'], 2)
+
+ def test_exploitability_field(self):
+ """Verify that the 'exploitability' field can be queried as expected.
+ """
+ processed_crash = {
+ 'uuid': '06a0c9b5-0381-42ce-855a-ccaaa2120100',
+ 'date_processed': self.now,
+ 'exploitability': 'high',
+ }
+ self.storage.save_processed(processed_crash)
+ processed_crash = {
+ 'uuid': '06a0c9b5-0381-42ce-855a-ccaaa2120101',
+ 'date_processed': self.now,
+ 'exploitability': 'unknown',
+ }
+ self.storage.save_processed(processed_crash)
+ self.storage.es.refresh()
+
+ res = self.api.get(exploitability='high')
+ self.assertEqual(res['total'], 1)
+ self.assertEqual(res['hits'][0]['exploitability'], 'high')
+
+ res = self.api.get(exploitability='unknown')
+ self.assertEqual(res['total'], 1)
+ self.assertEqual(res['hits'][0]['exploitability'], 'unknown')
+
+ res = self.api.get(exploitability=['high', 'unknown'])
+ self.assertEqual(res['total'], 2)
View
14 webapp-django/crashstats/settings/base.py
@@ -230,6 +230,20 @@
'name',
)
+# exploitability values to allow in queries
+EXPLOITABILITY_VALUES = (
+ 'high',
+ 'normal',
+ 'low',
+ 'none',
+ 'analyze',
+ 'dump',
+ 'error',
+ 'unable',
+ 'unknown',
+ 'wrong',
+)
+
# the number of result filter on tcbs
TCBS_RESULT_COUNTS = (
'50',
View
20 webapp-django/crashstats/supersearch/forms.py
@@ -4,16 +4,24 @@
from crashstats.supersearch import form_fields
+def make_restricted_choices(sequence, exclude=None):
+ if exclude is None:
+ exclude = []
+ return [(x, x) for x in sequence if x not in exclude]
+
+
PII_RESTRICTED_FIELDS = {
'email': form_fields.StringField(required=False),
'url': form_fields.StringField(required=False),
}
-def make_restricted_choices(sequence, exclude=None):
- if exclude is None:
- exclude = []
- return [(x, x) for x in sequence if x not in exclude]
+EXPLOITABILITY_RESTRICTED_FIELDS = {
+ 'exploitability': form_fields.MultipleValueField(
+ required=False,
+ choices=make_restricted_choices(settings.EXPLOITABILITY_VALUES)
+ ),
+}
class SearchForm(forms.Form):
@@ -109,6 +117,7 @@ def __init__(
current_versions,
current_platforms,
pii_mode,
+ exploitability_mode,
*args,
**kwargs
):
@@ -128,6 +137,9 @@ def __init__(
if pii_mode:
self.fields.update(PII_RESTRICTED_FIELDS)
+ if exploitability_mode:
+ self.fields.update(EXPLOITABILITY_RESTRICTED_FIELDS)
+
def get_fields_list(self):
'''Return a dictionary describing the fields, to pass to the
dynamic_form.js library. '''
View
2 webapp-django/crashstats/supersearch/models.py
@@ -10,7 +10,7 @@ class SuperSearch(models.SocorroMiddleware):
# Generate the list of possible parameters from the associated form.
# This way we only manage one list of parameters.
possible_params = tuple(
- x for x in forms.SearchForm([], [], [], True).fields
+ x for x in forms.SearchForm([], [], [], True, True).fields
) + (
'_results_offset',
'_results_number',
View
10 webapp-django/crashstats/supersearch/tests/test_forms.py
@@ -59,6 +59,7 @@ def get_new_form(data):
self.current_versions,
self.current_platforms,
False,
+ False,
data
)
@@ -86,10 +87,12 @@ def get_new_form(data):
# Verify admin restricted fields are not accepted
form = get_new_form({
- 'email': 'something'
+ 'email': 'something',
+ 'exploitability': 'high'
})
ok_(form.is_valid(), form.errors)
ok_('email' not in form.fields)
+ ok_('exploitability' not in form.fields)
def test_search_form_with_admin_mode(self):
@@ -99,6 +102,7 @@ def get_new_form(data):
self.current_versions,
self.current_platforms,
True,
+ True,
data
)
@@ -123,9 +127,11 @@ def get_new_form(data):
'build_id': '<20200101344556',
'email': ['^mail.com'],
'url': ['$http://'],
+ 'exploitability': ['high', 'medium'],
})
ok_(form.is_valid(), form.errors)
- # Verify admin restricted fields are not accepted
+ # Verify admin restricted fields are accepted
ok_('email' in form.fields)
ok_('url' in form.fields)
+ ok_('exploitability' in form.fields)
View
30 webapp-django/crashstats/supersearch/tests/test_views.py
@@ -331,7 +331,8 @@ def mocked_get(url, **options):
"platform": "Linux",
"build_id": 888981,
"email": "bob@example.org",
- "url": "http://example.org"
+ "url": "http://example.org",
+ "exploitability": "high"
},
{
"signature": "mySignatureIsCool",
@@ -342,7 +343,8 @@ def mocked_get(url, **options):
"platform": "Linux",
"build_id": 888981,
"email": "bob@example.org",
- "url": "http://example.org"
+ "url": "http://example.org",
+ "exploitability": "low"
},
{
"signature": "mineIsCoolerThanYours",
@@ -353,7 +355,8 @@ def mocked_get(url, **options):
"platform": "Linux",
"build_id": null,
"email": "bob@example.org",
- "url": "http://example.org"
+ "url": "http://example.org",
+ "exploitability": "error"
}
],
"facets": %s,
@@ -373,7 +376,7 @@ def mocked_get(url, **options):
response = self.client.get(
url,
{
- '_columns': ['version', 'email', 'url'],
+ '_columns': ['version', 'email', 'url', 'exploitability'],
'_facets': ['url', 'platform']
}
)
@@ -386,6 +389,25 @@ def mocked_get(url, **options):
ok_('Version' in response.content)
ok_('1.0' in response.content)
+ # Without the correct permission the user cannot see exploitability.
+ ok_('Exploitability' not in response.content)
+
+ exp_group = self._create_group_with_permission('view_exploitability')
+ user.groups.add(exp_group)
+
+ response = self.client.get(
+ url,
+ {
+ '_columns': ['version', 'email', 'url', 'exploitability'],
+ '_facets': ['url', 'platform']
+ }
+ )
+
+ eq_(response.status_code, 200)
+ ok_('Email' in response.content)
+ ok_('Exploitability' in response.content)
+ ok_('high' in response.content)
+
# Logged out user, cannot see the email field
self._logout()
response = self.client.get(
View
10 webapp-django/crashstats/supersearch/views.py
@@ -100,6 +100,10 @@
'url',
)
+EXPLOITABILITY_RESTRICTED_FIELDS = (
+ 'exploitability',
+)
+
DEFAULT_COLUMNS = (
'date',
'signature',
@@ -125,6 +129,8 @@ def search(request, default_context=None):
allowed_fields = ALL_POSSIBLE_FIELDS
if request.user.has_perm('crashstats.view_pii'):
allowed_fields += PII_RESTRICTED_FIELDS
+ if request.user.has_perm('crashstats.view_exploitability'):
+ allowed_fields += EXPLOITABILITY_RESTRICTED_FIELDS
context = default_context
context['possible_facets'] = [
@@ -153,6 +159,7 @@ def search_results(request):
versions,
platforms,
request.user.has_perm('crashstats.view_pii'),
+ request.user.has_perm('crashstats.view_exploitability'),
request.GET
)
@@ -178,6 +185,8 @@ def search_results(request):
allowed_fields = ALL_POSSIBLE_FIELDS
if request.user.has_perm('crashstats.view_pii'):
allowed_fields += PII_RESTRICTED_FIELDS
+ if request.user.has_perm('crashstats.view_exploitability'):
+ allowed_fields += EXPLOITABILITY_RESTRICTED_FIELDS
current_query = request.GET.copy()
if 'page' in current_query:
@@ -275,6 +284,7 @@ def search_fields(request):
versions,
platforms,
request.user.has_perm('crashstats.view_pii'),
+ request.user.has_perm('crashstats.view_exploitability'),
request.GET
)
return form.get_fields_list()

0 comments on commit 03c3a1b

Please sign in to comment.