I'm writing a plugin for Gerrit, that temporary locks one branch (or more) for all but one user (in order to preform a merge of two branches, for example).
I'm using Gerrit 2.11.3.
My problem is, that I can't get the current user in my implementation of the MergeValidationListener interface.
The code is:
private final Provider<CurrentUser> user;
...
user.get()
The exception is:
1) Error in custom provider, com.google.inject.OutOfScopeException: No user on merge thread
at com.google.gerrit.server.util.ThreadLocalRequestContext$1.provideCurrentUser(ThreadLocalRequestContext.java:56) (via modules: com.google.gerrit.server.config.GerritGlobalModule -> com.google.gerrit.server.util.ThreadLocalRequestContext$1)
while locating com.google.gerrit.server.CurrentUser
at com.google.gerrit.server.plugins.PluginGuiceEnvironment$2.configure(PluginGuiceEnvironment.java:534) (via modules: com.google.gerrit.server.plugins.PluginGuiceEnvironment$1 -> com.google.gerrit.server.plugins.PluginGuiceEnvironment$2)
while locating com.google.gerrit.server.CurrentUser
1 error
at com.google.inject.internal.InjectorImpl$2.get(InjectorImpl.java:1025)
Caused by: com.google.inject.OutOfScopeException: No user on merge thread
I understand it so, that the actual submit (or merge) is performed in a separated thread, that has no user context.
Is there some way to get hands on the actual user, that clicks on the "submit" button or issues the ssh-command?
Maybe there is some other Listener, that can get user information and able to prevent the submit?
As a last possibility I would consider an upgrade to a later version.
Related
Our team is migrating to BitBucket. Our workflow requires certain formatting for commit messages for code that is merged into the main origin repo.
Each developer has one (or more) fork(s). Our workflow is to push a feature/bug branch to the fork and create a pull request from that branch. Two other devs must review and +1 the pull request before it can be merged.
When someone clicks Merge, BitBucket displays a dialog with the title "Merge Pull Request". At that point, the dev can edit the text message that is logged for the merge before clicking the second Merge button. This is the message that needs to conform to a specific format.
I have read the documentation here: https://scriptrunner.adaptavist.com/latest/bitbucket/StashMergeChecks.html It has several very specific examples, but nothing that pertains to our use case. I have not been able to find a good, general-purpose reference for how to create merge checks.
I can write a condition that checks for a specific string value:
mergeRequest.message == "My Message"
But I need it to check against a regular expression.
How can I write a pre-merge hook to reject the merge if the message doesn't conform to a regex?
Addition
From the documentation, it seems like the condition check script code would be the right place to enforce this condition. The script can be added in Repository Settings > SCRIPTRUNNER > Script Merge Checks > Conditional merge check. There is a long list of examples shown for the conditional merge check, including things like:
Current user in a particular group
Changed files contains .XYZ files
Changed files in sensitive directory
Target branch is release
After some search & experiment I found I could block merges based on the commit message. But so far I have only found examples of comparing entire strings against constant string expressions. I haven't found how to use a regex in this comparison.
OP here after pushing this issue to the back burner for a few weeks. Issue is solved. You can check your merge commit messages against a regular expression without using a plugin. Solution is here for those who come searching with the same problem.
First, it was more challenging than it should have been to find the documentation for the objects that are most relevant to writing a Merge Check script. So here are a couple of links for the current 6.3.0 API:
PullRequest - In the end, my script didn't use this object, but the pull request is closely related to the merge request and others may need the documentation.
MergeRequest - This object has a method to determine the context (see below).
Second, the Merge Check script fires in two distinct contexts: (1) when bitbucket is trying to determine if it should enable/disable the Merge button on the Pull Request page, and (2) when someone clicks the Merge button on the Merge pull request dialog. In the first context the merge message is null, so it cannot match a regex. And anyway it doesn't make sense to disable the button in this case. I really only wanted the check to occur in the second context. So the script needs a way to distinguish the contexts.
Third, the message object is a Java String, so the script can call the matches() method to check if the message matches a regex.
After you have all the information at your fingertips, writing the script is pretty easy:
// the message regex
String pattern = "(PATTERN1|PATTERN2|etc)"
// reject if not dry-run and
// message doesn't match regex
! mergeRequest.isDryRun() &&
! mergeRequest.message.matches(pattern)
You could try some of the plugins for Bitbucket like YACC:
https://marketplace.atlassian.com/apps/1211854/yet-another-commit-checker?hosting=server&tab=overview
If that doesn't meet your requirements, you could write your own:
https://developer.atlassian.com/server/bitbucket/how-tos/hooks-merge-checks-guide/
In my application i got the error as con't update stale object. I don't know about this object. When it will create and why it was called a stale object. I want to know. Is it used in Only in ROR or other languges are also uses, this object and purpose?
According to the documentation:
http://api.rubyonrails.org/classes/ActiveRecord/StaleObjectError.html
Reason of Stale object exception is:
Record is stale when it's being saved in another query after instantiation, for example, when two users edit the same wiki page and one starts editing and saves the page before the other.
Solution: To avoid this exception use the locking system:
http://api.rubyonrails.org/classes/ActiveRecord/Locking/Optimistic.html
In my application multiple threads to be able to edit the same work -> version -> element record. its detecting error and raising the suitable error.
I typically did to handle the error:
I print a flash message such as "Sorry, please try after someone time, someone else editing this working version element".
element.lock_version = Document::Element.find(element.id).lock_version
element.save!
For example, such as detecting that one edit changed the element's type, where as the other edit changed the element's name by different creator, and then code of the two record should be merged done in one save.
In general, I used to element.reload to fetch a fresh version of the element.
worked fine!!
We ran the Fortify scan and had some Access Control: Database issues. The code is getting the textbox value and setting it to a string variable. In this case, it's passing the value from the TextBox to the stored procedure in a database. Any ideas on how I can get around this Access Control: Database issue?
Without proper access control, the method ExecuteNonQuery() in DataBase.cs
can execute a SQL statement on line 320 that contains an attacker-controlled primary
key, thereby allowing the attacker to access unauthorized records.
Source: Tool.ascx.cs:591 System.Web.UI.WebControls.TextBox.get_Text()
rptItem.FindControl("lblClmInvalidEntry").Visible = false;
ToolDataAccess.UpdateToolData(strSDN, strSSNum, strRANC, strAdvRecDate, strAdvSubDate, strClmRecDate, strClmAuth, strClmSubDate, strAdvAuth, txtNoteEntry.Text);
Sink: DataBase.cs:278
System.Data.SqlClient.SqlParameterCollection.Add()
// Add parameters
foreach (SqlParameter parameter in parameters)
cmd.Parameters.Add(parameter);
The point of "Access Control: Database" is where it isn't being specific enough in the query and so could potentially allow a user to see information that they're not supposed to.
An easy example of this vulnerability would be a payroll database where there is a textbox that says the ID of the employee and gives their salary, this could potentially allow the user to change the ID and see the salary of other employees.
Another example where this is often intended functionality is in a website URL where the product ID is used in a parameter, meaning a user could go through every product you have on your site. But as this only allows users to see information they're supposed to be able to, it's not particularly a security issue.
For instance:
"SELECT account_balance FROM accounts WHERE account_number = " + $input_from_attacker + ";"
// even if we safely build the query above, preventing change to the query structure,
// the attacker can still send someone else's account number, and read Grandma's balance!
As this is pretty context based, it's difficult to determine statically so there are lots of examples where Fortify may catch this but it's actually intended functionality. That's not to say the tool is broken, it's just one of the limitations of static analysis and depending on what your program is supposed to be doing it may or may not be intended.
If this is intended to work like this, then I would suggest auditing it as not an issue or suppressing the issue.
If you can see that this is definitely an issue and users can see information that they shouldn't be able to, then the stored procedure needs to be more specific so that users can only see information they should be able to. However SCA will likely still pick this up in a latter scan so you would still then need to audit it as fixed and no longer an issue.
This is a bit of a complex, abstract question, so forgive me if it's not specific enough.
I've encountered a specific type of problem numerous times: That on one hand, a data source is used to update a certain data structure in an automated fashion at regular intervals, but on the other hand, stakeholders want to be able to manually override the automated entries.
Example:
You have a list of products, which are kept up-to-date (title, description, etc.) by some automated script which uses external data sources (product databases, etc.).
Let's say that in your data source you have a toaster "Freshtoast XYZ 300" and if its name changes to "FreshToast! XYZ-300", you want to propagate that update into your own (differently structured) product model.
At the same time, if a co-worker doesn't like the name "Freshtoast XYZ 300" and wants to change it to "Toaster XYZ 300 by Freshtoast" (manually), you don't want to override that change automatically (he would get angry), but you also don't want to simply ignore the updated name, since if the co-worker knew about the change, he'd adjust the name to "Toaster XYZ-300 by FreshToast!".
What's the best method to "consider" updated data sources - even for overridden data - while still allowing manual override?
PS: I'm using mostly Ruby / Rails, but I guess the question is very general. Also, to be clear, automated updates are the rule, while manual overrides are the exception in this scenario. So let's say 200,000 products get updated every single day, only 20 of which have manually overridden titles. So, for example, having to approve every single update is not an option.
Here goes nothing...
Hands off approach: Add a string column to products table that contains a serialized list of user-touched columns. Anytime a user touches a column in the products table, put it in the serialized list. When the automatic updater hits that record it checks the list for columns it should ignore.
Hand-wringing micro-manager approach: Use a versioning library (e.g. vestal_versions gem) and add a user_id column to the products table. Anytime a user-touched record is automatically updated, send them a notification and allow them to view a before/after which they can approve or reject.
I am working on a website created in ModX. I need to know the way I could execute a php code when any resource is created and also edit template variable associated to the created resource.
You can do this using a plugin, set to run on the OnDocFormSave event. This event has a mode property which will be set to new when the document being saved has just been created - you can do a simple check for this to prevent the plugin being run every time a document is saved.
To set a TV value for the current resource, do this:
// get the required TV object by name (or id)
$tv = $modx->getObject('modTemplateVar',array('name'=>'tvName'));
// set the new value and save it
$tv->setValue($modx->resource->get('id'), $newValue);
$tv->save();
The answer by okyanet is correct, but I've added details for those unfamiliar with MODX.
Create a plugin, and configure it to execute on the two system events 'onBeforeDocFormSave' and 'onDocFormSave'. The two events are fired just before and just after a resource is saved. When a resource is saved, the $mode variable is available to your plugin, and if it is a new resource it's value is modSystemEvent::MODE_NEW and if an update its value is modSystemEvent:MODE_UPD
I've written a gist that includes the full code with examples:
https://gist.github.com/2768300
This example shows you how to target either event through a switch statement, and how to further target the 'new' or 'update' status of the action. For intercepting and changing resource fields, its quite easy using the onBeforeDocFormSave event as you can simply change any resource fieldname with $resource->set('yourFieldname'). There is no $resource->save() required as this happens automatically after this event.
It's apparently much more difficult to save a tv using the onBeforeDocFormSave event, because of the way tvs are processed, so therefore the example shows how to update a tv using the system event 'onDocFormSave'. Again there is no $resource->save() required as tvs are saved immediately when you call 'setValue' on them.
A plugin could be made to function requiring only one of the system events, but as there are advantages to using both states as shown above, and to help explain, I have used both.