Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[server] Change required permission to view access for some API request #3440

Merged
merged 1 commit into from
Nov 3, 2021
Merged

[server] Change required permission to view access for some API request #3440

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 29 additions & 29 deletions web/api/report_server.thrift
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -425,27 +425,27 @@ struct CleanupPlanFilter {
service codeCheckerDBAccess {

// Gives back all analyzed runs.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
RunDataList getRunData(1: RunFilter runFilter,
2: optional i64 limit,
3: optional i64 offset,
4: optional RunSortMode sortMode)
throws (1: codechecker_api_shared.RequestFailed requestError),

// Returns the number of available runs based on the run filter parameter.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
i64 getRunCount(1: RunFilter runFilter)
throws (1: codechecker_api_shared.RequestFailed requestError),

// Get check command for a run.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
// !DEPRECATED Use getAnalysisInfo API to get the check commands.
string getCheckCommand(1: i64 runHistoryId,
2: i64 runId)
throws (1: codechecker_api_shared.RequestFailed requestError),

// Get analyzer commands based on the given filters.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
list<AnalysisInfo> getAnalysisInfo(1: AnalysisInfoFilter analysisInfoFilter,
2: i64 limit,
3: i64 offset)
Expand All @@ -454,21 +454,21 @@ service codeCheckerDBAccess {
// Get run history for runs.
// If an empty run id list is provided the history
// will be returned for all the available runs ordered by run history date.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
RunHistoryDataList getRunHistory(1: list<i64> runIds,
2: i64 limit,
3: i64 offset,
4: RunHistoryFilter runHistoryFilter)
throws (1: codechecker_api_shared.RequestFailed requestError),

// Get the number of run history for runs.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
i64 getRunHistoryCount(1: list<i64> runIds,
2: RunHistoryFilter runHistoryFilter)
throws (1: codechecker_api_shared.RequestFailed requestError),

// Returns report hashes based on the diffType parameter.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
// skipDetectionStatuses - you can filter out reports from the database which
// have these detection statuses, so these hashes will be marked as
// New/Unresolved reports when doing the comparison.
Expand All @@ -479,13 +479,13 @@ service codeCheckerDBAccess {
5: optional list<i64> tagIds)
throws (1: codechecker_api_shared.RequestFailed requestError)

// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
ReportData getReport(1: i64 reportId)
throws (1: codechecker_api_shared.RequestFailed requestError),

// Get the results for some runIds
// can be used in diff mode if cmpData is set.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
ReportDataList getRunResults(1: list<i64> runIds,
2: i64 limit,
3: i64 offset,
Expand All @@ -499,15 +499,15 @@ service codeCheckerDBAccess {
// Count the results separately for multiple runs.
// If an empty run id list is provided the report
// counts will be calculated for all of the available runs.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
RunReportCounts getRunReportCounts(1: list<i64> runIds,
2: ReportFilter reportFilter,
3: i64 limit,
4: i64 offset)
throws (1: codechecker_api_shared.RequestFailed requestError),

// Count all the results some runIds can be used for diff counting.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
i64 getRunResultCount(1: list<i64> runIds,
2: ReportFilter reportFilter,
3: CompareData cmpData)
Expand All @@ -516,7 +516,7 @@ service codeCheckerDBAccess {
// Get the number of failed files in the latest storage of the given runs.
// If an empty run id list is provided the number of failed files will be
// calculated for all of the available runs.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
i64 getFailedFilesCount(1: list<i64> runIds)
throws (1: codechecker_api_shared.RequestFailed requestError),

Expand All @@ -525,32 +525,32 @@ service codeCheckerDBAccess {
// all of the available runs.
// For each files it will return a list where each element contains
// information in which run the failure happened.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
FailedFiles getFailedFiles(1: list<i64> runIds)
throws (1: codechecker_api_shared.RequestFailed requestError),

// gives back the all marked region and message for a report
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
ReportDetails getReportDetails(1: i64 reportId)
throws (1: codechecker_api_shared.RequestFailed requestError),

// get file information, if fileContent is true the content of the source
// file will be also returned
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
SourceFileData getSourceFileData(1: i64 fileId,
2: bool fileContent,
3: Encoding encoding)
throws (1: codechecker_api_shared.RequestFailed requestError),

// Get blame information for a given file.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
BlameInfo getBlameInfo(1: i64 fileId)
throws (1: codechecker_api_shared.RequestFailed requestError),

// Get line content information for multiple files in different positions.
// The first key of the map is a file id, the second is a line number:
// (e.g.: lineContent = result[fileId][line])
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
map<i64, map<i64, string>> getLinesInSourceFileContents(1: LinesInFilesRequestedList linesInFilesRequested,
2: Encoding encoding)
throws (1: codechecker_api_shared.RequestFailed requestError),
Expand All @@ -568,12 +568,12 @@ service codeCheckerDBAccess {
throws (1: codechecker_api_shared.RequestFailed requestError),

// get comments for a bug
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
CommentDataList getComments(1: i64 reportId)
throws(1: codechecker_api_shared.RequestFailed requestError),

// count all the comments for one bug
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
i64 getCommentCount(1: i64 reportId)
throws(1: codechecker_api_shared.RequestFailed requestError),

Expand Down Expand Up @@ -638,7 +638,7 @@ service codeCheckerDBAccess {
// If the run id list is empty the metrics will be counted
// for all of the runs and in compare mode all of the runs
// will be used as a baseline excluding the runs in compare data.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
map<Severity, i64> getSeverityCounts(1: list<i64> runIds,
2: ReportFilter reportFilter,
3: CompareData cmpData)
Expand All @@ -647,7 +647,7 @@ service codeCheckerDBAccess {
// If the run id list is empty the metrics will be counted
// for all of the runs and in compare mode all of the runs
// will be used as a baseline excluding the runs in compare data.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
map<string, i64> getCheckerMsgCounts(1: list<i64> runIds,
2: ReportFilter reportFilter,
3: CompareData cmpData,
Expand All @@ -658,7 +658,7 @@ service codeCheckerDBAccess {
// If the run id list is empty the metrics will be counted
// for all of the runs and in compare mode all of the runs
// will be used as a baseline excluding the runs in compare data.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
map<ReviewStatus, i64> getReviewStatusCounts(1: list<i64> runIds,
2: ReportFilter reportFilter,
3: CompareData cmpData)
Expand All @@ -667,7 +667,7 @@ service codeCheckerDBAccess {
// If the run id list is empty the metrics will be counted
// for all of the runs and in compare mode all of the runs
// will be used as a baseline excluding the runs in compare data.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
map<DetectionStatus, i64> getDetectionStatusCounts(1: list<i64> runIds,
2: ReportFilter reportFilter,
3: CompareData cmpData)
Expand All @@ -676,7 +676,7 @@ service codeCheckerDBAccess {
// If the run id list is empty the metrics will be counted
// for all of the runs and in compare mode all of the runs
// will be used as a baseline excluding the runs in compare data.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
map<string, i64> getFileCounts(1: list<i64> runIds,
2: ReportFilter reportFilter,
3: CompareData cmpData,
Expand All @@ -687,7 +687,7 @@ service codeCheckerDBAccess {
// If the run id list is empty the metrics will be counted
// for all of the runs and in compare mode all of the runs
// will be used as a baseline excluding the runs in compare data.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
CheckerCounts getCheckerCounts(1: list<i64> runIds,
2: ReportFilter reportFilter,
3: CompareData cmpData,
Expand All @@ -698,7 +698,7 @@ service codeCheckerDBAccess {
// If the run id list is empty the metrics will be counted
// for all of the runs and in compare mode all of the runs
// will be used as a baseline excluding the runs in compare data.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
RunTagCounts getRunHistoryTagCounts(1: list<i64> runIds,
2: ReportFilter reportFilter,
3: CompareData cmpData,
Expand All @@ -709,7 +709,7 @@ service codeCheckerDBAccess {
// If the run id list is empty the metrics will be counted
// for all of the runs and in compare mode all of the runs
// will be used as a baseline excluding the runs in compare data.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
map<string, i64> getAnalyzerNameCounts(1: list<i64> runIds,
2: ReportFilter reportFilter,
3: CompareData cmpData,
Expand All @@ -729,7 +729,7 @@ service codeCheckerDBAccess {
throws (1: codechecker_api_shared.RequestFailed requestError),

// Get source components.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
SourceComponentDataList getSourceComponents(1: list<string> sourceComponentFilter)
throws (1: codechecker_api_shared.RequestFailed requestError),

Expand Down Expand Up @@ -794,7 +794,7 @@ service codeCheckerDBAccess {
throws (1: codechecker_api_shared.RequestFailed requestError),

// Get analysis statistics for a run.
// PERMISSION: PRODUCT_ACCESS
// PERMISSION: PRODUCT_VIEW
AnalyzerStatisticsData getAnalysisStatistics(1: i64 runId,
2: i64 runHistoryId)
throws (1: codechecker_api_shared.RequestFailed requestError),
Expand Down
11 changes: 6 additions & 5 deletions web/server/codechecker_server/api/report_server.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1237,6 +1237,8 @@ def getRunCount(self, run_filter):
# DEPRECATED: use getAnalysisInfo API function instead of this function.
def getCheckCommand(self, run_history_id, run_id):
""" Get analyzer command based on the given filter. """
self.__require_view()

limit = None
offset = 0
analysis_info_filter = AnalysisInfoFilter(
Expand All @@ -1245,15 +1247,14 @@ def getCheckCommand(self, run_history_id, run_id):

analysis_info = self.getAnalysisInfo(
analysis_info_filter, limit, offset)
self.__require_view()

return "; ".join([i.analyzerCommand for i in analysis_info])

@exc_to_thrift_reqfail
@timeit
def getAnalysisInfo(self, analysis_info_filter, limit, offset):
""" Get analysis information based on the given filter. """
self.__require_access()
self.__require_view()

res: List[ttypes.AnalysisInfo] = []
if not analysis_info_filter:
Expand Down Expand Up @@ -1307,7 +1308,7 @@ def getAnalysisInfo(self, analysis_info_filter, limit, offset):
@exc_to_thrift_reqfail
@timeit
def getRunHistory(self, run_ids, limit, offset, run_history_filter):
self.__require_access()
self.__require_view()

limit = verify_limit_range(limit)

Expand Down Expand Up @@ -1347,7 +1348,7 @@ def getRunHistory(self, run_ids, limit, offset, run_history_filter):
@exc_to_thrift_reqfail
@timeit
def getRunHistoryCount(self, run_ids, run_history_filter):
self.__require_access()
self.__require_view()

with DBSession(self._Session) as session:
query = session.query(RunHistory.id)
Expand Down Expand Up @@ -1399,7 +1400,7 @@ def getReport(self, reportId):
@timeit
def getDiffResultsHash(self, run_ids, report_hashes, diff_type,
skip_detection_statuses, tag_ids):
self.__require_access()
self.__require_view()

if not skip_detection_statuses:
skip_detection_statuses = [ttypes.DetectionStatus.RESOLVED,
Expand Down