Making WordPress.org

Changeset 1801


Ignore:
Timestamp:
08/02/2015 01:26:10 AM (9 years ago)
Author:
nacin
Message:

Some infrastructure changes for the security team.

Location:
sites/trunk/api.wordpress.org/public_html/dotorg
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/api.wordpress.org/public_html/dotorg/slack/security-team.php

    r1611 r1801  
    22
    33namespace {
    4     require dirname( dirname( __DIR__ ) ) . '/includes/hyperdb/bb-10-hyper-db.php';
     4    if ( ! isset( $GLOBALS['wpdb'] ) ) {
     5        require dirname( dirname( __DIR__ ) ) . '/includes/hyperdb/bb-10-hyper-db.php';
     6    }
    57}
    68
     
    911require dirname( dirname( __DIR__ ) ) . '/includes/slack-config.php';
    1012
    11 function api_call( $method, $content = array() ) {
     13function slack_api( $method, $content = array() ) {
    1214    $content['token'] = SLACK_TOKEN;
    1315    $content = http_build_query( $content );
     
    2426}
    2527
    26 header( 'Content-type: text/plain' );
     28function get_security_team() {
     29    global $wpdb;
     30    $group = slack_api( 'groups.info', array( 'channel' => SECURITY_GROUP_ID ) );
    2731
    28 // Confirm it came from the Trac server.
    29 if ( $_GET['token'] !== API_TOKEN ) {
    30     die;
     32    if ( empty( $group['ok'] ) ) {
     33        return false;
     34    }
     35
     36    $slack_user_ids = $group['group']['members'];
     37    $slack_user_ids = array_filter( $slack_user_ids, function( $user_id ) {
     38        return (bool) preg_match( '/^U[A-Z0-9]+$/', $user_id );
     39    });
     40    $slack_user_ids_for_sql = "'" . implode( "', '", $slack_user_ids ) . "'";
     41    $user_ids = $wpdb->get_col( "SELECT user_id FROM slack_users WHERE slack_id IN ($slack_user_ids_for_sql)" );
     42
     43    $user_ids = array_map( 'intval', $user_ids );
     44    $user_ids_for_sql = implode( ', ', $user_ids );
     45    $user_logins = $wpdb->get_col( "SELECT user_login FROM $wpdb->users WHERE ID IN ($user_ids_for_sql)" );
     46    return $user_logins;
    3147}
    3248
    33 $group = api_call( 'groups.info', array( 'channel' => SECURITY_GROUP_ID ) );
     49function api_call() {
     50    header( 'Content-type: text/plain' );
    3451
    35 if ( empty( $group['ok'] ) ) {
    36     die;
     52    // Confirm it came from the Trac server.
     53    if ( $_GET['token'] !== API_TOKEN ) {
     54        exit;
     55    }
     56
     57    $team = get_security_team();
     58    if ( $team === false ) {
     59        exit;
     60    }
     61
     62    echo implode( "\n", $team ) . "\n"; // Trailing newline critical.
     63    exit;
    3764}
    3865
    39 $slack_user_ids = $group['group']['members'];
    40 $slack_user_ids = array_filter( $slack_user_ids, function( $user_id ) {
    41     return (bool) preg_match( '/^U[A-Z0-9]+$/', $user_id );
    42 });
    43 $slack_user_ids_for_sql = "'" . implode( "', '", $slack_user_ids ) . "'";
    44 $user_ids = $wpdb->get_col( "SELECT user_id FROM slack_users WHERE slack_id IN ($slack_user_ids_for_sql)" );
    45 
    46 $user_ids = array_map( 'intval', $user_ids );
    47 $user_ids_for_sql = implode( ', ', $user_ids );
    48 $user_logins = $wpdb->get_col( "SELECT user_login FROM $wpdb->users WHERE ID IN ($user_ids_for_sql)" );
    49 
    50 echo implode( "\n", $user_logins ) . "\n"; // Trailing newline critical.
     66if ( isset( $_SERVER['REQUEST_URI'] ) && false !== strpos( $_SERVER['REQUEST_URI'], '/security-team.php?token=' ) ) {
     67    api_call();
     68}
    5169
    5270}
  • sites/trunk/api.wordpress.org/public_html/dotorg/trac/mentions-handler.php

    r1187 r1801  
    2828    $search_text = preg_replace( "/^>.*\n\n/sm", '', $search_text );
    2929    $user_login  = $payload->author;
     30} elseif ( $payload->trac === 'security' ) {
     31    // Security Trac only handles comments.
     32    // Ticket data is found via a HTTP request, comments are from parsing the email.
     33    exit;
    3034} else {
    3135    $search_text = $payload->summary . ' ' . $payload->description;
     
    5458}
    5559
     60function wporg_mentions_limit_to_security_team( $usernames, $data ) {
     61    require_once dirname( __DIR__ ) . '/slack/security-team.php';
     62    $team = \Dotorg\Slack\Security_Team\get_security_team();
     63
     64    if ( ! empty( $data['object']->cc ) ) {
     65        // Add single ticket access users.
     66        $ccs = explode( ", ", $data['object']->cc );
     67        $team = array_merge( $team, $ccs );
     68    }
     69
     70    return $team;
     71}
     72
    5673if ( ! wporg_user_has_visited_trac( $user_login ) ) {
    5774    $wpdb->insert( 'trac_users', compact( 'user_login' ) );
     75}
     76
     77if ( $payload->trac === 'security' ) {
     78    add_filter( 'wporg_notifications_notifiable_usernames', 'wporg_mentions_limit_to_security_team', 10, 2 );
    5879}
    5980
Note: See TracChangeset for help on using the changeset viewer.