Skip to content

Commit

Permalink
Merge pull request #167 from devenbansod/fix_74
Browse files Browse the repository at this point in the history 
Add a read-only public interface for non-team contributors
  • Loading branch information
@nijel
nijel committed Jun 30, 2017
2 parents dcce7f0 + ec8dd51 commit 83780eb
Show file tree
Hide file tree
Showing 8 changed files with 156 additions and 130 deletions.
66 changes: 63 additions & 3 deletions src/Controller/AppController.php
View file
@@ -1,6 +1,6 @@
<?php

/* vim: set expandtab sw=4 ts=4 sts=4: */

/**
* Application level Controller.
*
Expand Down Expand Up @@ -48,6 +48,19 @@ class AppController extends Controller
'Events'
);

public $readonly_whitelist = array(
'Developers',
'Pages',
'Reports' => array(
'index',
'view',
'data_tables'
),
'Incidents' => array(
'view'
)
);

public $css_files = array(
'jquery.dataTables',
'jquery.dataTables_themeroller',
Expand Down Expand Up @@ -118,6 +131,8 @@ public function beforeFilter(Event $event)
$notif_count = 0;

if ($this->request->session()->read('Developer.id')) {
$this->_checkReadonlyAccess();

$current_developer = TableRegistry::get('Developers')->
findById($this->request->session()->read('Developer.id'))->all()->first();

Expand All @@ -129,8 +144,15 @@ public function beforeFilter(Event $event)
)->count();
$this->set('current_developer', $current_developer);
$this->set('developer_signed_in', true);

$read_only = false;
if ($this->request->session()->read('read_only')) {
$read_only = true;
}
$this->set('read_only', $read_only);
} else {
$this->set('developer_signed_in', false);
$this->set('read_only', true);
$this->_checkAccess();
}
$this->set('notif_count', $notif_count);
Expand All @@ -147,8 +169,9 @@ protected function _checkAccess()
if (in_array($controller, $this->whitelist)) {
return;
}
if (isset($this->whitelist[$controller]) &&
in_array($action, $this->whitelist[$controller])) {
if (isset($this->whitelist[$controller])
&& in_array($action, $this->whitelist[$controller])
) {
return;
}
$flash_class = 'alert';
Expand All @@ -161,4 +184,41 @@ protected function _checkAccess()

return $this->redirect('/');
}

protected function _checkReadonlyAccess()
{
$controller = $this->request->controller;
$action = $this->request->action;
$read_only = $this->request->session()->read('read_only');

// If developer has commit access on phpmyadmin/phpmyadmin
if (!$read_only) {
return;
}

if (in_array($controller, $this->readonly_whitelist)) {
return;
}
if (isset($this->readonly_whitelist[$controller])
&& in_array($action, $this->readonly_whitelist[$controller])
) {
return;
}

$this->request->session()->destroy();
$this->request->session()->write('last_page', '');

$flash_class = 'alert';
$this->Flash->default(
'You need to have commit access on phpmyadmin/phpmyadmin '
. 'repository on Github.com to do this',
array(
'params' => array(
'class' => $flash_class
)
)
);

$this->redirect('/');
}
}
12 changes: 8 additions & 4 deletions src/Controller/Component/GithubApiComponent.php
View file
Expand Up @@ -177,11 +177,15 @@ public function getRedirectUrl($scope = null)
*
* @return bool true if the user is a collaborator and false if they arent
*/
public function canCommitTo($username, $repoPath)
public function canCommitTo($username, $repoPath, $access_token)
{
list(, $status) = $this->
apiRequest("repos/$repoPath/collaborators/$username",
http_build_query(array()), 'GET', true);
list(, $status) = $this->apiRequest(
"repos/$repoPath/collaborators/$username",
array(),
'GET',
true,
$access_token
);

return $status === 204;
}
Expand Down
67 changes: 5 additions & 62 deletions src/Controller/DevelopersController.php
View file
Expand Up @@ -59,7 +59,10 @@ public function callback()
array('class' => 'alert alert-error'));
} else {
$userInfo['has_commit_access'] = $this->GithubApi->canCommitTo(
$userInfo['login'], $this->GithubApi->githubRepo);
$userInfo['login'],
$this->GithubApi->githubRepo,
Configure::read('GithubAccessToken')
);

$this->_authenticateDeveloper($userInfo, $accessToken);

Expand Down Expand Up @@ -90,49 +93,6 @@ public function logout()
$this->redirect('/');
}

public function currentDeveloper()
{
$this->autoRender = false;

return json_encode($this->GithubApi->canCommitTo('smita786',
'smita786/phpmyadmin'));
}

public function create_issue($reportId)
{
if (!$reportId) {
throw new \NotFoundException(__('Invalid report'));
}

$report = TableRegistry::get('Reports')->findById($reportId)->toArray();
if (!$report) {
throw new NotFoundException(__('Invalid report'));
}

if (empty($this->request->data)) {
$this->set('pma_version', $report[0]['pma_version']);
$this->set('error_name', $report[0]['error_name']);
$this->set('error_message', $report[0]['error_message']);

return;
}
$data = array(
'title' => $this->request->data['summary'],
'body' => $this->_augmentDescription(
$this->request->data['description'], $reportId),
'labels' => $this->request->data['labels'] ? explode(',', $this->request->data['labels']) : array(),
);
$data['labels'][] = 'automated-error-report';
list($issueDetails, $status) = $this->GithubApi->create_issue(
'smita786/tic-tac-toe-php',
$data,
$this->request->session()->read('access_token')
);

$this->redirect(array('controller' => 'reports', 'action' => 'view',
$reportId, ));
}

protected function _authenticateDeveloper($userInfo, $accessToken)
{
$developers = $this->Developers->findByGithubId($userInfo['id']);
Expand All @@ -145,23 +105,6 @@ protected function _authenticateDeveloper($userInfo, $accessToken)
$this->Developers->id = $this->Developers->saveFromGithub($userInfo, $accessToken, $developer);
$this->request->session()->write('Developer.id', $this->Developers->id);
$this->request->session()->write('access_token', $accessToken);
}

/**
* Returns the description with the added string to link to the report.
*
* @param string $description the original description submitted by the dev
* @param string $reportId the report id relating to the ticket
*
* @return string augmented description
*/
protected function _augmentDescription($description, $reportId)
{
$report = TableRegistry::get('Reports');
$report->id = $reportId;

return '$description\n\n\nThis report is related to user submitted report '
. '[#' . $report->id . '](' . $report->getUrl()
. ') on the phpmyadmin error reporting server.';
$this->request->session()->write('read_only', !($userInfo['has_commit_access']));
}
}
1 change: 1 addition & 0 deletions src/Controller/GithubController.php
View file
Expand Up @@ -440,6 +440,7 @@ public function sync_issue_status()
);

$this->redirect('/');
return;
}

$this->autoRender = false;
Expand Down
38 changes: 23 additions & 15 deletions src/Template/Layout/default.ctp
View file
Expand Up @@ -51,22 +51,30 @@ use Cake\Utility\Inflector;
<div class="navbar">
<div class="navbar-inner">
<a class="brand" href="<?= $baseURL; ?>">phpMyAdmin</a>
<ul class="nav">
<?php
$controllers = array('reports', 'stats', 'notifications');
foreach ($controllers as $controller) {
$class = '';
if ($current_controller === $controller) {
$class = 'active';
<?php if ($developer_signed_in): ?>
<ul class="nav">
<?php
$controllers = array('reports');

// Show these only if Developer has commit access
if (! $read_only) {
$controllers[] = 'stats';
$controllers[] = 'notifications';
}
echo "<li class='$class' id='nav_"
. $controller . "'><a href='"
. $baseURL . $controller . "'>";
echo Inflector::humanize($controller);
echo "</a></li>";
}
?>
</ul>
foreach ($controllers as $controller) {
$class = '';
if ($current_controller === $controller) {
$class = 'active';
}
echo "<li class='$class' id='nav_"
. $controller . "'><a href='"
. $baseURL . $controller . "'>";
echo Inflector::humanize($controller);
echo "</a></li>";
}
?>
</ul>
<?php endif; ?>
<ul class="nav pull-right">
<?php if ($developer_signed_in): ?>
<li>
Expand Down
7 changes: 3 additions & 4 deletions src/Template/Pages/home.ctp
View file
Expand Up @@ -2,7 +2,6 @@
<h1>phpMyAdmin Error Reporting System</h1>
<p>This is the error reporting system for phpMyAdmin. Error reports are sent
here where they are collected, stored, tagged and archived. They may also be
siphoned off to the bug tracker at github.com</p>
<p>To view the error reports you have to have commit access to the phpmyadmin
repo on github. To validate your status you need to click the login button on
top and authorize us to validate your commit access status on github.</p>
siphoned off by the team developers to the bug tracker at Github.com</p>
<p>You can view the error reports by logging in with Github. For editing the reports, you need to have commit access to the phpmyadmin repo on Github.
To validate your status you need to click the login button on top and authorize us to validate your commit access status on Github.</p>
46 changes: 25 additions & 21 deletions src/Template/Reports/index.ctp
View file
Expand Up @@ -90,25 +90,29 @@
</tr>
</tfoot>
</table>
<div style="margin:10px; clear:both;">
<input type="checkbox" id="resultsForm_checkall"
class="checkall_box" title="Check All"
style="display:inline-block; margin:0;" />
<label for="resultsForm_checkall" style="pointer:cursor; display: inline-block;">
Check all
</label>
<span style="margin-left:2em">
With <i>selected </i>Change state to:
</span>
<?=
$this->Form->select(
'state',
$statuses,
array(
'empty' => false
)
);
?>
<input type="submit" value="Change" class="btn btn-primary" />
</div>

<!-- Show this only if Developer has commit access -->
<?php if (!$read_only): ?>
<div style="margin:10px; clear:both;">
<input type="checkbox" id="resultsForm_checkall"
class="checkall_box" title="Check All"
style="display:inline-block; margin:0;" />
<label for="resultsForm_checkall" style="pointer:cursor; display: inline-block;">
Check all
</label>
<span style="margin-left:2em">
With <i>selected </i>Change state to:
</span>
<?=
$this->Form->select(
'state',
$statuses,
array(
'empty' => false
)
);
?>
<input type="submit" value="Change" class="btn btn-primary" />
</div>
<?php endif; ?>
</form>

0 comments on commit 83780eb

Please sign in to comment.