Merge branch 'master' into nolurk

endpoints/api/superuser.py

@@ -238,8 +238,8 @@ class SuperUserSendRecoveryEmail(ApiResource):
   @nickname('sendInstallUserRecoveryEmail')
   def post(self, username):
     if SuperUserPermission().can():
-      user = model.get_user(username)
-      if not user or user.organization or user.robot:
+      user = model.get_nonrobot_user(username)
+      if not user:
         abort(404)
 
       if superusers.is_superuser(username):
@@ -288,8 +288,8 @@ class SuperUserManagement(ApiResource):
   def get(self, username):
     """ Returns information about the specified user. """
     if SuperUserPermission().can():
-      user = model.get_user(username)
-      if not user or user.organization or user.robot:
+      user = model.get_nonrobot_user(username)
+      if not user:
         abort(404)
 
       return user_view(user)
@@ -302,8 +302,8 @@ class SuperUserManagement(ApiResource):
   def delete(self, username):
     """ Deletes the specified user. """
     if SuperUserPermission().can():
-      user = model.get_user(username)
-      if not user or user.organization or user.robot:
+      user = model.get_nonrobot_user(username)
+      if not user:
         abort(404)
 
       if superusers.is_superuser(username):
@@ -321,8 +321,8 @@ class SuperUserManagement(ApiResource):
   def put(self, username):
     """ Updates information about the specified user. """
     if SuperUserPermission().can():
-        user = model.get_user(username)
-        if not user or user.organization or user.robot:
+        user = model.get_nonrobot_user(username)
+        if not user:
           abort(404)
 
         if superusers.is_superuser(username):

endpoints/api/user.py

@@ -283,7 +283,7 @@ class User(ApiResource):
     user_data = request.get_json()
     invite_code = user_data.get('invite_code', '')
 
-    existing_user = model.get_user(user_data['username'])
+    existing_user = model.get_nonrobot_user(user_data['username'])
     if existing_user:
       raise request_error(message='The username already exists')
 
@@ -372,8 +372,7 @@ class ClientKey(ApiResource):
     """  Return's the user's private client key. """
     username = get_authenticated_user().username
     password = request.get_json()['password']
-
-    (result, error_message) = authentication.verify_user(username, password)
+    (result, error_message) = authentication.confirm_existing_user(username, password)
     if not result:
       raise request_error(message=error_message)
 
@@ -541,7 +540,17 @@ class VerifyUser(ApiResource):
     """ Verifies the signed in the user with the specified credentials. """
     signin_data = request.get_json()
     password = signin_data['password']
-    return conduct_signin(get_authenticated_user().username, password)
+
+    username = get_authenticated_user().username
+    (result, error_message) = authentication.confirm_existing_user(username, password)
+    if not result:
+      return {
+        'message': error_message,
+        'invalidCredentials': True,
+      }, 403
+
+    common_login(result)
+    return {'success': True}
 
 
 @resource('/v1/signout')
@@ -815,8 +824,8 @@ class Users(ApiResource):
   @nickname('getUserInformation')
   def get(self, username):
     """ Get user information for the specified user. """
-    user = model.get_user(username)
-    if user is None or user.organization or user.robot:
+    user = model.get_nonrobot_user(username)
+    if user is None:
       abort(404)
 
     return user_view(user)

endpoints/notificationmethod.py

@@ -71,7 +71,7 @@ class QuayNotificationMethod(NotificationMethod):
     target_info = config_data['target']
 
     if target_info['kind'] == 'user':
-      target = model.get_user(target_info['name'])
+      target = model.get_nonrobot_user(target_info['name'])
       if not target:
         # Just to be safe.
         return (True, 'Unknown user %s' % target_info['name'], [])

endpoints/trigger.py

@@ -244,7 +244,11 @@ class BitbucketBuildTrigger(BuildTriggerHandler):
   def _get_authorized_client(self):
     base_client = self._get_client()
     auth_token = self.auth_token or 'invalid:invalid'
-    (access_token, access_token_secret) = auth_token.split(':')
+    token_parts = auth_token.split(':')
+    if len(token_parts) != 2:
+      token_parts = ['invalid', 'invalid']
+
+    (access_token, access_token_secret) = token_parts
     return base_client.get_authorized_client(access_token, access_token_secret)
 
   def _get_repository_client(self):
@@ -253,6 +257,13 @@ class BitbucketBuildTrigger(BuildTriggerHandler):
     bitbucket_client = self._get_authorized_client()
     return bitbucket_client.for_namespace(namespace).repositories().get(name)
 
+  def _get_default_branch(self, repository, default_value='master'):
+    (result, data, _) = repository.get_main_branch()
+    if result:
+      return data['name']
+
+    return default_value
+
   def get_oauth_url(self):
     bitbucket_client = self._get_client()
     (result, data, err_msg) = bitbucket_client.get_authorization_url()
@@ -372,6 +383,9 @@ class BitbucketBuildTrigger(BuildTriggerHandler):
     # Find the first matching branch.
     repo_branches = self.list_field_values('branch_name') or []
     branches = find_matching_branches(config, repo_branches)
+    if not branches:
+      branches = [self._get_default_branch(repository)]
+
     (result, data, err_msg) = repository.get_path_contents('', revision=branches[0])
     if not result:
       raise RepositoryReadException(err_msg)
@@ -432,10 +446,7 @@ class BitbucketBuildTrigger(BuildTriggerHandler):
 
     # Lookup the default branch associated with the repository. We use this when building
     # the tags.
-    default_branch = ''
-    (result, data, _) = repository.get_main_branch()
-    if result:
-      default_branch = data['name']
+    default_branch = self._get_default_branch(repository)
 
     # Lookup the commit sha.
     (result, data, _) = repository.changesets().get(commit_sha)
@@ -488,30 +499,36 @@ class BitbucketBuildTrigger(BuildTriggerHandler):
     # Parse the JSON payload.
     payload_json = request.form.get('payload')
     if not payload_json:
+      logger.debug('Skipping BitBucket request due to missing payload')
       raise SkipRequestException()
 
     try:
       payload = json.loads(payload_json)
     except ValueError:
+      logger.debug('Skipping BitBucket request due to invalid payload')
       raise SkipRequestException()
 
     logger.debug('BitBucket trigger payload %s', payload)
 
     # Make sure we have a commit in the payload.
     if not payload.get('commits'):
+      logger.debug('Skipping BitBucket request due to missing commits block')
       raise SkipRequestException()
 
     # Check if this build should be skipped by commit message.
     commit = payload['commits'][0]
     commit_message = commit['message']
     if should_skip_commit(commit_message):
+      logger.debug('Skipping BitBucket request due to commit message request')
       raise SkipRequestException()
 
     # Check to see if this build should be skipped by ref.
     if not commit.get('branch') and not commit.get('tag'):
+      logger.debug('Skipping BitBucket request due to missing branch and tag')
       raise SkipRequestException()
 
     ref = 'refs/heads/' + commit['branch'] if commit.get('branch') else 'refs/tags/' + commit['tag']
+    logger.debug('Checking BitBucket request: %s', ref)
     raise_if_skipped(self.config, ref)
 
     commit_sha = commit['node']
@@ -523,10 +540,7 @@ class BitbucketBuildTrigger(BuildTriggerHandler):
     repository = self._get_repository_client()
 
     # Find the branch to build.
-    branch_name = run_parameters.get('branch_name')
-    (result, data, _) = repository.get_main_branch()
-    if result:
-      branch_name = branch_name or data['name']
+    branch_name = run_parameters.get('branch_name') or self._get_default_branch(repository)
 
     # Lookup the commit SHA for the branch.
     (result, data, _) = repository.get_branches()
@@ -1048,7 +1062,7 @@ class CustomBuildTrigger(BuildTriggerHandler):
     }
 
     prepared = PreparedBuild(self.trigger)
-    prepared.tags = [commit_sha]
+    prepared.tags = [commit_sha[:7]]
     prepared.name_from_sha(commit_sha)
     prepared.subdirectory = config['subdir']
     prepared.metadata = metadata

endpoints/web.py

@@ -9,10 +9,11 @@ from health.healthcheck import get_healthchecker
 
 from data import model
 from data.model.oauth import DatabaseAuthorizationProvider
-from app import app, billing as stripe, build_logs, avatar, signer
+from app import app, billing as stripe, build_logs, avatar, signer, log_archive
 from auth.auth import require_session_login, process_oauth
 from auth.permissions import (AdministerOrganizationPermission, ReadRepositoryPermission,
-                              SuperUserPermission, AdministerRepositoryPermission)
+                              SuperUserPermission, AdministerRepositoryPermission,
+                              ModifyRepositoryPermission)
 
 from util.invoice import renderInvoiceToPdf
 from util.seo import render_snapshot
@@ -250,6 +251,31 @@ def robots():
   return send_from_directory('static', 'robots.txt')
 
 
+@web.route('/buildlogs/<build_uuid>', methods=['GET'])
+@route_show_if(features.BUILD_SUPPORT)
+@require_session_login
+def buildlogs(build_uuid):
+  build = model.get_repository_build(build_uuid)
+  if not build:
+    abort(403)
+
+  repo = build.repository
+  if not ModifyRepositoryPermission(repo.namespace_user.username, repo.name).can():
+    abort(403)
+
+  # If the logs have been archived, just return a URL of the completed archive
+  if build.logs_archived:
+    return redirect(log_archive.get_file_url(build.uuid))
+
+  _, logs = build_logs.get_log_entries(build.uuid, 0)
+  response = jsonify({
+    'logs': [log for log in logs]
+  })
+
+  response.headers["Content-Disposition"] = "attachment;filename=" + build.uuid + ".json"
+  return response
+
+
 @web.route('/receipt', methods=['GET'])
 @route_show_if(features.BILLING)
 @require_session_login