Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F10427069
patch.patch
Paladox (Paladox)
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
Paladox
Oct 25 2017, 11:20 AM
2017-10-25 11:20:01 (UTC+0)
Size
10 KB
Referenced Files
None
Subscribers
None
patch.patch
View Options
commit e38884dacfaeecf77de5d7e81a97067726fe7cc0
Author: Paladox <thomasmulhall410@yahoo.com>
Date: Wed Oct 25 12:17:43 2017 +0100
Gerrit: Convert its base templates to soy (closure template)
This fixes a security issue described in T140366
This change can be merged once we upgrade to 2.14.
and deploy change
https://gerrit-review.googlesource.com/#/c/plugins/its-base/+/108215/
Bug: T140366
Change-Id: I48eb3f1b60a0cfb4b6f9b611059c495710f8f173
diff --git a/modules/gerrit/files/etc/its/actions.config b/modules/gerrit/files/etc/its/actions.config
index c9ad7b1f24..006d3247ac 100644
--- a/modules/gerrit/files/etc/its/actions.config
+++ b/modules/gerrit/files/etc/its/actions.config
@@ -10,18 +10,18 @@
status = !,DRAFT
is-draft = !,true
association = subject,footer-Bug,footer-bug
- action = add-velocity-comment PatchSetMerged
+ action = add-soy-comment PatchSetMerged
[rule "patchSetCreated"]
event-type = patchset-created
status = !,DRAFT
is-draft = !,true
association = added@subject,added@footer-Bug,added@footer-bug
- action = add-velocity-comment PatchSetCreated
+ action = add-soy-comment PatchSetCreated
action = add-project Patch-For-Review
[rule "changeDraftPublished"]
event-type = draft-published
association = added@subject,added@footer-Bug,added@footer-bug
- action = add-velocity-comment DraftPublished
+ action = add-soy-comment DraftPublished
action = add-project Patch-For-Review
diff --git a/modules/gerrit/files/etc/its/templates/DraftPublished.soy b/modules/gerrit/files/etc/its/templates/DraftPublished.soy
new file mode 100644
index 0000000000..03f898dfc1
--- /dev/null
+++ b/modules/gerrit/files/etc/its/templates/DraftPublished.soy
@@ -0,0 +1,38 @@
+/**
+ * Copyright (C) 2017 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+{namespace etc.its.templates}
+
+/**
+ * The .DraftPublished template will determine the contents the published comment
+ * line for all related published comments
+ * @param branch
+ * @param project
+ * @param subject
+ * @param changeNumber
+ * @param authorName
+ * @param authorUsername
+ * @param formatChangeUrl
+ *
+ */
+{template .DraftPublished autoescape="strict" kind="text"}
+
+ Change {$changeNumber} had a related patch set (by {$authorName ? $authorName : $authorUsername}) published:{\n}
+ [{$project}@{$branch}] {$subject|escapeUri}{\n}{\n}
+
+ {$formatChangeUrl}
+{/template}
+
diff --git a/modules/gerrit/files/etc/its/templates/PatchSetCreated.soy b/modules/gerrit/files/etc/its/templates/PatchSetCreated.soy
new file mode 100644
index 0000000000..0c22c9ae9f
--- /dev/null
+++ b/modules/gerrit/files/etc/its/templates/PatchSetCreated.soy
@@ -0,0 +1,40 @@
+/**
+ * Copyright (C) 2017 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+{namespace etc.its.templates}
+
+/**
+ * The .PatchSetCreated template will determine the contents of the email subject
+ * line for ALL emails related to changes.
+ * @param branch
+ * @param project
+ * @param subject
+ * @param changeNumber
+ * @param authorName
+ * @param authorUsername
+ * @param uploaderName
+ * @param uploaderUsername
+ * @param formatChangeUrl
+ *
+ */
+{template .PatchSetCreated autoescape="strict" kind="text"}
+
+ Change {$changeNumber} had a related patch set uploaded (by {$uploaderName ? $uploaderName : $uploaderUsername}; owner: {$authorName ? $authorName : $authorUsername}):{\n}
+ [{$project}@{$branch}] {$subject|escapeUri}{\n}{\n}
+
+ {$formatChangeUrl}
+{/template}
+
diff --git a/modules/gerrit/files/etc/its/templates/PatchSetMerged.soy b/modules/gerrit/files/etc/its/templates/PatchSetMerged.soy
new file mode 100644
index 0000000000..5747c9bc01
--- /dev/null
+++ b/modules/gerrit/files/etc/its/templates/PatchSetMerged.soy
@@ -0,0 +1,37 @@
+/**
+ * Copyright (C) 2017 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+{namespace etc.its.templates}
+
+/**
+ * The .PatchSetMerged template will determine the contents of the email subject
+ * line for ALL emails related to changes.
+ * @param changeNumber
+ * @param submitterName
+ * @param submitterUsername
+ * @param project
+ * @param branch
+ * @param subject
+ * @param formatChangeUrl
+ *
+ */
+{template .PatchSetMerged autoescape="strict" kind="text"}
+ Change {$changeNumber} merged by {$submitterName ? $submitterName : $submitterUsername}:{\n}
+ [{$project}@{$branch}] {$subject|escapeUri}{\n}{\n}
+
+ {$formatChangeUrl}
+{/template}
+
diff --git a/modules/gerrit/files/etc/its/templates/patch.patch b/modules/gerrit/files/etc/its/templates/patch.patch
new file mode 100644
index 0000000000..56fe6e978f
--- /dev/null
+++ b/modules/gerrit/files/etc/its/templates/patch.patch
@@ -0,0 +1,133 @@
+diff --git a/modules/gerrit/files/etc/its/templates/DraftPublished.soy b/modules/gerrit/files/etc/its/templates/DraftPublished.soy
+new file mode 100644
+index 0000000000..03f898dfc1
+--- /dev/null
++++ b/modules/gerrit/files/etc/its/templates/DraftPublished.soy
+@@ -0,0 +1,38 @@
++/**
++ * Copyright (C) 2017 The Android Open Source Project
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ * http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ */
++
++{namespace etc.its.templates}
++
++/**
++ * The .DraftPublished template will determine the contents the published comment
++ * line for all related published comments
++ * @param branch
++ * @param project
++ * @param subject
++ * @param changeNumber
++ * @param authorName
++ * @param authorUsername
++ * @param formatChangeUrl
++ *
++ */
++{template .DraftPublished autoescape="strict" kind="text"}
++
++ Change {$changeNumber} had a related patch set (by {$authorName ? $authorName : $authorUsername}) published:{\n}
++ [{$project}@{$branch}] {$subject|escapeUri}{\n}{\n}
++
++ {$formatChangeUrl}
++{/template}
++
+diff --git a/modules/gerrit/files/etc/its/templates/PatchSetCreated.soy b/modules/gerrit/files/etc/its/templates/PatchSetCreated.soy
+new file mode 100644
+index 0000000000..0c22c9ae9f
+--- /dev/null
++++ b/modules/gerrit/files/etc/its/templates/PatchSetCreated.soy
+@@ -0,0 +1,40 @@
++/**
++ * Copyright (C) 2017 The Android Open Source Project
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ * http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ */
++
++{namespace etc.its.templates}
++
++/**
++ * The .PatchSetCreated template will determine the contents of the email subject
++ * line for ALL emails related to changes.
++ * @param branch
++ * @param project
++ * @param subject
++ * @param changeNumber
++ * @param authorName
++ * @param authorUsername
++ * @param uploaderName
++ * @param uploaderUsername
++ * @param formatChangeUrl
++ *
++ */
++{template .PatchSetCreated autoescape="strict" kind="text"}
++
++ Change {$changeNumber} had a related patch set uploaded (by {$uploaderName ? $uploaderName : $uploaderUsername}; owner: {$authorName ? $authorName : $authorUsername}):{\n}
++ [{$project}@{$branch}] {$subject|escapeUri}{\n}{\n}
++
++ {$formatChangeUrl}
++{/template}
++
+diff --git a/modules/gerrit/files/etc/its/templates/PatchSetMerged.soy b/modules/gerrit/files/etc/its/templates/PatchSetMerged.soy
+new file mode 100644
+index 0000000000..5747c9bc01
+--- /dev/null
++++ b/modules/gerrit/files/etc/its/templates/PatchSetMerged.soy
+@@ -0,0 +1,37 @@
++/**
++ * Copyright (C) 2017 The Android Open Source Project
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ * http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ */
++
++{namespace etc.its.templates}
++
++/**
++ * The .PatchSetMerged template will determine the contents of the email subject
++ * line for ALL emails related to changes.
++ * @param changeNumber
++ * @param submitterName
++ * @param submitterUsername
++ * @param project
++ * @param branch
++ * @param subject
++ * @param formatChangeUrl
++ *
++ */
++{template .PatchSetMerged autoescape="strict" kind="text"}
++ Change {$changeNumber} merged by {$submitterName ? $submitterName : $submitterUsername}:{\n}
++ [{$project}@{$branch}] {$subject|escapeUri}{\n}{\n}
++
++ {$formatChangeUrl}
++{/template}
++
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
5038161
Default Alt Text
patch.patch (10 KB)
Attached To
Mode
T140366: @gerritbot probably allows users to make arbitrary changes to Phabricator tasks by submitting crafted Gerrit changesets
Attached
Detach File
Event Timeline
Log In to Comment