From ae7a980ce1641be15aeace573ff9d36668030913 Mon Sep 17 00:00:00 2001
From: farhaanbukhsh <farhaan.bukhsh@gmail.com>
Date: Jul 26 2016 07:41:45 +0000
Subject: Fix token and some code shedding


---

diff --git a/pagure/hooks/jenkins_hook.py b/pagure/hooks/jenkins_hook.py
index d4055b8..0309caf 100644
--- a/pagure/hooks/jenkins_hook.py
+++ b/pagure/hooks/jenkins_hook.py
@@ -2,7 +2,6 @@
 
 
 import os
-import uuid
 
 import sqlalchemy as sa
 import pygit2
@@ -38,10 +37,6 @@ class PagureCI(BASE):
     jenkins_url = sa.Column(sa.String(255), nullable=False,
                             default='http://jenkins.fedorainfracloud.org/')
     jenkins_token = sa.Column(sa.String(64))
-    hook_token = sa.Column(sa.String(64),
-                           nullable=True,
-                           unique=True,
-                           index=True)
 
     project = relation(
         'Project',
@@ -52,9 +47,6 @@ class PagureCI(BASE):
             single_parent=True)
     )
 
-    def __init__(self):
-        self.hook_token = uuid.uuid4().hex
-
     def __repr__(self):
         return '<PagureCI {.name}>'.format(self)
 
diff --git a/pagure/lib/pagure_ci.py b/pagure/lib/pagure_ci.py
index 43d1992..a4aa7c2 100644
--- a/pagure/lib/pagure_ci.py
+++ b/pagure/lib/pagure_ci.py
@@ -56,22 +56,17 @@ def process_build(logger, cfg, build_id):
     # Comment in Pagure
     logger.info('Updating %s PR %d: %s', cfg.pagure_name, pr_id, result)
     try:
-        post_flag(logger, cfg.display_name, APP.config['APP_URL'], cfg.pagure_token,
-                  cfg.pagure_name, pr_id, result, url)
+        pagure_ci_flag(logger,
+                    username=cfg.display_name,
+                    repo=cfg.pagure_name,
+                    requestid=pr_id,
+                    result=result,
+                    url=url)
+
     except KeyError as exc:
         logger.warning('Unknown build status', exc_info=exc)
 
 
-def post_flag(logger, name, base, token, repo, pr, result, url):
-    comment, percent = {
-        'SUCCESS': ('Build successful', 100),
-        'FAILURE': ('Build failed', 0),
-    }[result]
-
-    pagure_ci_flag(logger, repo=repo, username=name, percent=percent, comment=comment,
-                   url=url, requestid=pr)
-
-
 def post_data(logger, *args, **kwargs):
     resp = requests.post(*args, **kwargs)
     logger.debug('Received response status %s', resp.status_code)
@@ -80,7 +75,12 @@ def post_data(logger, *args, **kwargs):
                      resp.status_code, resp.text)
 
 
-def pagure_ci_flag(logger, repo, username, percent, comment, url, requestid):
+def pagure_ci_flag(logger, repo, username, url, result, requestid):
+
+    comment, percent = {
+        'SUCCESS': ('Build successful', 100),
+        'FAILURE': ('Build failed', 0),
+    }[result]
 
     repo = pagure.lib.get_project(SESSION, repo, user=None)
     output = {}
diff --git a/pagure/templates/plugin.html b/pagure/templates/plugin.html
index 7803aa6..bf10f6a 100644
--- a/pagure/templates/plugin.html
+++ b/pagure/templates/plugin.html
@@ -17,11 +17,11 @@
                   ) }}" method="post">
   {{ plugin.description | markdown | noJS | safe }}
 
-  {% if post_token and (plugin.name == 'Pagure CI') %}
+  {% if plugin.name == 'Pagure CI' %}
   <div class="form-group">
     <label>Report results via
       <code>POST</code> to this URL</label>
-    <input class="form-control" readonly type="text" value="{{config.get('APP_URL')[:-1]}}{{ url_for('hook_finished', token= post_token)}}">
+    <input class="form-control" readonly type="text" value="{{config.get('APP_URL')[:-1]}}{{ url_for('hook_finished', repo_id=repo.id)}}">
   </div>
   {% endif %}
 
diff --git a/pagure/ui/plugins.py b/pagure/ui/plugins.py
index dc5ab38..1274f05 100644
--- a/pagure/ui/plugins.py
+++ b/pagure/ui/plugins.py
@@ -91,7 +91,7 @@ def view_plugin(repo, plugin, username=None, full=True):
     new = True
     post_token = None
     dbobj = plugin.db_object()
-    
+
     if hasattr(repo, plugin.backref):
         dbobj = getattr(repo, plugin.backref)
 
@@ -99,9 +99,6 @@ def view_plugin(repo, plugin, username=None, full=True):
         if dbobj and len(dbobj) > 0:
             dbobj = dbobj[0]
             new = False
-            # hook_token of pagure shouldn't leak so to put a check on it
-            if hasattr(dbobj, "hook_token") and plugin.backref == "hook_pagure_ci":
-                post_token = dbobj.hook_token
         else:
             dbobj = plugin.db_object()
 
@@ -133,7 +130,6 @@ def view_plugin(repo, plugin, username=None, full=True):
                 username=username,
                 plugin=plugin,
                 form=form,
-                post_token=post_token,
                 fields=fields)
 
         if form.active.data:
@@ -167,19 +163,18 @@ def view_plugin(repo, plugin, username=None, full=True):
         username=username,
         plugin=plugin,
         form=form,
-        post_token=post_token,
         fields=fields)
 
 
-@APP.route('/hooks/<token>/build-finished', methods=['POST'])
-def hook_finished(token):
+@APP.route('/hooks/<repo_id>/build-finished', methods=['POST'])
+def hook_finished(repo_id):
     try:
         data = json.loads(flask.request.get_data())
         cfg = jenkins_hook.get_configs(
             data['name'], jenkins_hook.Service.JENKINS)[0]
         build_id = data['build']['number']
-        if token != cfg.hook_token:
-            raise ValueError('Token mismatch')
+        if repo_id != str(cfg.project_id):
+            raise ValueError('Project ID mismatch')
     except (TypeError, ValueError, KeyError, jenkins_hook.ConfigNotFound) as exc:
         APP.logger.error('Error processing jenkins notification', exc_info=exc)
         return ('Bad request...\n', 400, {'Content-Type': 'text/plain'})