Debbugs/CGI/Bugreport.pm

   1 # This module is part of debbugs, and is released
   2 # under the terms of the GPL version 2, or any later version. See the
   3 # file README and COPYING for more information.
   4 #
   5 # [Other people have contributed to this file; their copyrights should
   6 # be listed here too.]
   7 # Copyright 2008 by Don Armstrong <don@donarmstrong.com>.
   8
   9
  10 package Debbugs::CGI::Bugreport;
  11
  12 =head1 NAME
  13
  14 Debbugs::CGI::Bugreport -- specific routines for the bugreport cgi script
  15
  16 =head1 SYNOPSIS
  17
  18
  19 =head1 DESCRIPTION
  20
  21
  22 =head1 BUGS
  23
  24 None known.
  25
  26 =cut
  27
  28 use warnings;
  29 use strict;
  30 use vars qw($VERSION $DEBUG %EXPORT_TAGS @EXPORT_OK @EXPORT);
  31 use base qw(Exporter);
  32
  33 use IO::Scalar;
  34 use Params::Validate qw(validate_with :types);
  35 use Digest::MD5 qw(md5_hex);
  36 use Debbugs::Mail qw(get_addresses);
  37 use Debbugs::MIME qw(decode_rfc1522 create_mime_message);
  38 use Debbugs::CGI qw(:url :html :util);
  39 use Debbugs::Common qw(globify_scalar english_join);
  40 use Debbugs::UTF8;
  41 use Debbugs::Config qw(:config);
  42 use POSIX qw(strftime);
  43 use Encode qw(decode_utf8 encode_utf8);
  44 use URI::Escape qw(uri_escape);
  45
  46 BEGIN{
  47      ($VERSION) = q$Revision: 494 $ =~ /^Revision:\s+([^\s+])/;
  48      $DEBUG = 0 unless defined $DEBUG;
  49
  50      @EXPORT = ();
  51      %EXPORT_TAGS = ();
  52      @EXPORT_OK = (qw(display_entity handle_record handle_email_message));
  53      Exporter::export_ok_tags(keys %EXPORT_TAGS);
  54      $EXPORT_TAGS{all} = [@EXPORT_OK];
  55 }
  56
  57
  58
  59 =head2 display_entity
  60
  61      display_entity(entity      => $entity,
  62                     bug_num     => $ref,
  63                     outer       => 1,
  64                     msg_num     => $msg_num,
  65                     attachments => \@attachments,
  66                     output      => \$output);
  67
  68
  69 =over
  70
  71 =item entity -- MIME::Parser entity
  72
  73 =item bug_num -- Bug number
  74
  75 =item outer -- Whether this is the outer entity; defaults to 1
  76
  77 =item msg_num -- message number in the log
  78
  79 =item attachments -- arrayref of attachments
  80
  81 =item output -- scalar reference for output
  82
  83 =back
  84
  85 =cut
  86
  87 sub display_entity {
  88     my %param = validate_with(params => \@_,
  89                               spec   => {entity      => {type => OBJECT,
  90                                                         },
  91                                          bug_num     => {type => SCALAR,
  92                                                          regex => qr/^\d+$/,
  93                                                         },
  94                                          outer       => {type => BOOLEAN,
  95                                                          default => 1,
  96                                                         },
  97                                          msg_num     => {type => SCALAR,
  98                                                         },
  99                                          attachments => {type => ARRAYREF,
 100                                                          default => [],
 101                                                         },
 102                                          output      => {type => SCALARREF|HANDLE,
 103                                                          default => \*STDOUT,
 104                                                         },
 105                                          terse       => {type => BOOLEAN,
 106                                                          default => 0,
 107                                                         },
 108                                          msg         => {type => SCALAR,
 109                                                          optional => 1,
 110                                                         },
 111                                          att         => {type => SCALAR,
 112                                                          optional => 1,
 113                                                         },
 114                                          trim_headers => {type => BOOLEAN,
 115                                                           default => 1,
 116                                                          },
 117                                          avatars => {type => BOOLEAN,
 118                                                      default => 1,
 119                                                     },
 120                                         }
 121                              );
 122
 123     my $output = globify_scalar($param{output});
 124     my $entity = $param{entity};
 125     my $ref = $param{bug_num};
 126     my $top = $param{outer};
 127     my $xmessage = $param{msg_num};
 128     my $attachments = $param{attachments};
 129
 130     my $head = $entity->head;
 131     my $disposition = $head->mime_attr('content-disposition');
 132     $disposition = 'inline' if not defined $disposition or $disposition eq '';
 133     my $type = $entity->effective_type;
 134     my $filename = $entity->head->recommended_filename;
 135     $filename = '' unless defined $filename;
 136     $filename = decode_rfc1522($filename);
 137
 138     if ($param{outer} and
 139         not $param{terse} and
 140         not exists $param{att}) {
 141          my $header = $entity->head;
 142          print {$output} "<div class=\"headers\">\n";
 143          if ($param{trim_headers}) {
 144               my @headers;
 145               foreach (qw(From To Cc Subject Date)) {
 146                    my $head_field = $head->get($_);
 147                    next unless defined $head_field and $head_field ne '';
 148                    chomp $head_field;
 149                    if ($_ eq 'From' and $param{avatars}) {
 150                        my $libravatar_url = __libravatar_url(decode_rfc1522($head_field));
 151                        if (defined $libravatar_url and length $libravatar_url) {
 152                            push @headers,q(<img src="http://).html_escape($libravatar_url).qq(" alt="">\n);
 153                        }
 154                    }
 155                    push @headers, qq(<div class="header"><span class="headerfield">$_:</span> ) . html_escape(decode_rfc1522($head_field))."</div>\n";
 156               }
 157               print {$output} join(qq(), @headers);
 158          } else {
 159               print {$output} "<pre>".html_escape(decode_rfc1522($entity->head->stringify))."</pre>\n";
 160          }
 161          print {$output} "</div>\n";
 162     }
 163
 164     if (not (($param{outer} and $type =~ m{^text(?:/plain)?(?:;|$)})
 165              or $type =~ m{^multipart/}
 166             )) {
 167         push @$attachments, $param{entity};
 168         # output this attachment
 169         if (exists $param{att} and
 170             $param{att} == $#$attachments) {
 171             my $head = $entity->head;
 172             chomp(my $type = $entity->effective_type);
 173             my $body = $entity->stringify_body;
 174             # this attachment has its own content type, so we must not
 175             # try to convert it to UTF-8 or do anything funky.
 176             binmode($output,':raw');
 177             print {$output} "Content-Type: $type";
 178             my ($charset) = $head->get('Content-Type:') =~ m/charset\s*=\s*\"?([\w-]+)\"?/i;
 179             print {$output} qq(; charset="$charset") if defined $charset;
 180             print {$output} "\n";
 181             if ($filename ne '') {
 182                 my $qf = $filename;
 183                 $qf =~ s/"/\\"/g;
 184                 $qf =~ s[.*/][];
 185                 print {$output} qq{Content-Disposition: inline; filename="$qf"\n};
 186             }
 187             print {$output} "\n";
 188             my $decoder = MIME::Decoder->new($head->mime_encoding);
 189             $decoder->decode(IO::Scalar->new(\$body), $output);
 190             # we don't reset the layers here, because it makes no
 191             # sense to add anything to the output handle after this
 192             # point.
 193             return(1);
 194         }
 195         elsif (not exists $param{att}) {
 196              my @dlargs = (msg=>$xmessage, att=>$#$attachments);
 197              push @dlargs, (filename=>$filename) if $filename ne '';
 198              my $printname = $filename;
 199              $printname = 'Message part ' . ($#$attachments + 1) if $filename eq '';
 200              print {$output} '<pre class="mime">[<a href="' .
 201                   html_escape(bug_links(bug => $ref,
 202                                         links_only => 1,
 203                                         options => {@dlargs})
 204                              ) . qq{">$printname</a> } .
 205                                   "($type, $disposition)]</pre>\n";
 206         }
 207     }
 208
 209     return 0 if not $param{outer} and $disposition eq 'attachment' and not exists $param{att};
 210     return 0 unless (($type =~ m[^text/?] and
 211                       $type !~ m[^text/(?:html|enriched)(?:;|$)]) or
 212                      $type =~ m[^application/pgp(?:;|$)] or
 213                      $entity->parts);
 214
 215     if ($entity->is_multipart) {
 216         my @parts = $entity->parts;
 217         foreach my $part (@parts) {
 218             my $raw_output =
 219                 display_entity(entity => $part,
 220                                bug_num => $ref,
 221                                outer => 0,
 222                                msg_num => $xmessage,
 223                                output => $output,
 224                                attachments => $attachments,
 225                                terse => $param{terse},
 226                                exists $param{msg}?(msg=>$param{msg}):(),
 227                                exists $param{att}?(att=>$param{att}):(),
 228                                exists $param{avatars}?(avatars=>$param{avatars}):(),
 229                               );
 230             if ($raw_output) {
 231                 return $raw_output;
 232             }
 233             # print {$output} "\n";
 234         }
 235     } elsif ($entity->parts) {
 236         # We must be dealing with a nested message.
 237          if (not exists $param{att}) {
 238               print {$output} "<blockquote>\n";
 239          }
 240         my @parts = $entity->parts;
 241         foreach my $part (@parts) {
 242             display_entity(entity => $part,
 243                            bug_num => $ref,
 244                            outer => 1,
 245                            msg_num => $xmessage,
 246                            output => $output,
 247                            attachments => $attachments,
 248                            terse => $param{terse},
 249                            exists $param{msg}?(msg=>$param{msg}):(),
 250                            exists $param{att}?(att=>$param{att}):(),
 251                            exists $param{avatars}?(avatars=>$param{avatars}):(),
 252                           );
 253             # print {$output} "\n";
 254         }
 255          if (not exists $param{att}) {
 256               print {$output} "</blockquote>\n";
 257          }
 258     } elsif (not $param{terse}) {
 259          my $content_type = $entity->head->get('Content-Type:') || "text/html";
 260          my ($charset) = $content_type =~ m/charset\s*=\s*\"?([\w-]+)\"?/i;
 261          my $body = $entity->bodyhandle->as_string;
 262          $body = convert_to_utf8($body,$charset//'utf8');
 263          $body = html_escape($body);
 264          # Attempt to deal with format=flowed
 265          if ($content_type =~ m/format\s*=\s*\"?flowed\"?/i) {
 266               $body =~ s{^\ }{}mgo;
 267               # we ignore the other things that you can do with
 268               # flowed e-mails cause they don't really matter.
 269          }
 270          # Add links to URLs
 271          # We don't html escape here because we escape above;
 272          # wierd terminators are because of that
 273          $body =~ s{((?:ftp|http|https|svn|ftps|rsync)://[\S~-]+?/?) # Url
 274                     ((?:\&gt\;)?[)]?(?:'|\&\#39\;)?[:.\,]?(?:\s|$)) # terminators
 275               }{<a href=\"$1\">$1</a>$2}gox;
 276          # Add links to bug closures
 277          $body =~ s[(closes:\s*(?:bug)?\#?\s?\d+(?:,?\s*(?:bug)?\#?\s?\d+)*)]
 278                    [my $temp = $1;
 279                     $temp =~ s{(\d+)}
 280                               {bug_links(bug=>$1)}ge;
 281                     $temp;]gxie;
 282          if (defined $config{cve_tracker} and
 283              length $config{cve_tracker}
 284             ) {
 285              # Add links to CVE vulnerabilities (closes #568464)
 286              $body =~ s{(^|\s)(CVE-\d{4}-\d{4,})(\s|[,.-\[\]]|$)}
 287                        {$1<a href="http://$config{cve_tracker}$2">$2</a>$3}gxm;
 288          }
 289          if (not exists $param{att}) {
 290               print {$output} qq(<pre class="message">$body</pre>\n);
 291          }
 292     }
 293     return 0;
 294 }
 295
 296
 297 =head2 handle_email_message
 298
 299      handle_email_message($record->{text},
 300                           ref        => $bug_number,
 301                           msg_num => $msg_number,
 302                          );
 303
 304 Returns a decoded e-mail message and displays entities/attachments as
 305 appropriate.
 306
 307
 308 =cut
 309
 310 sub handle_email_message{
 311      my ($email,%param) = @_;
 312
 313      my $output;
 314      my $output_fh = globify_scalar(\$output);
 315      my $parser = MIME::Parser->new();
 316      # Because we are using memory, not tempfiles, there's no need to
 317      # clean up here like in Debbugs::MIME
 318      $parser->tmp_to_core(1);
 319      $parser->output_to_core(1);
 320      my $entity = $parser->parse_data( $email);
 321      my @attachments = ();
 322      my $raw_output =
 323          display_entity(entity  => $entity,
 324                         bug_num => $param{ref},
 325                         outer   => 1,
 326                         msg_num => $param{msg_num},
 327                         output => $output_fh,
 328                         attachments => \@attachments,
 329                         terse       => $param{terse},
 330                         exists $param{msg}?(msg=>$param{msg}):(),
 331                         exists $param{att}?(att=>$param{att}):(),
 332                         exists $param{trim_headers}?(trim_headers=>$param{trim_headers}):(),
 333                         exists $param{avatars}?(avatars=>$param{avatars}):(),
 334                        );
 335      return $raw_output?$output:decode_utf8($output);
 336 }
 337
 338 =head2 handle_record
 339
 340      push @log, handle_record($record,$ref,$msg_num);
 341
 342 Deals with a record in a bug log as returned by
 343 L<Debbugs::Log::read_log_records>; returns the log information that
 344 should be output to the browser.
 345
 346 =cut
 347
 348 sub handle_record{
 349      my ($record,$bug_number,$msg_number,$seen_msg_ids,%param) = @_;
 350
 351      # output needs to have the is_utf8 flag on to avoid double
 352      # encoding
 353      my $output = decode_utf8('');
 354      local $_ = $record->{type};
 355      if (/html/) {
 356          # $record->{text} is not in perl's internal encoding; convert it
 357          my $text = decode_rfc1522(decode_utf8($record->{text}));
 358           my ($time) = $text =~ /<!--\s+time:(\d+)\s+-->/;
 359           my $class = $text =~ /^<strong>(?:Acknowledgement|Reply|Information|Report|Notification)/m ? 'infmessage':'msgreceived';
 360           $output .= $text;
 361           # Link to forwarded http:// urls in the midst of the report
 362           # (even though these links already exist at the top)
 363           $output =~ s,((?:ftp|http|https)://[\S~-]+?/?)((?:[\)\'\:\.\,]|\&\#39;)?(?:\s|\.<|$)),<a href=\"$1\">$1</a>$2,go;
 364           # Add links to the cloned bugs
 365           $output =~ s{(Bug )(\d+)( cloned as bugs? )(\d+)(?:\-(\d+)|)}{$1.bug_links(bug=>$2).$3.bug_links(bug=>(defined $5)?[$4..$5]:$4)}eo;
 366           # Add links to merged bugs
 367           $output =~ s{(?<=Merged )([\d\s]+)(?=\.)}{join(' ',map {bug_links(bug=>$_)} (split /\s+/, $1))}eo;
 368           # Add links to blocked bugs
 369           $output =~ s{(?<=Blocking bugs)(?:( of )(\d+))?( (?:added|set to|removed):\s+)([\d\s\,]+)}
 370                       {(defined $2?$1.bug_links(bug=>$2):'').$3.
 371                            english_join([map {bug_links(bug=>$_)} (split /\,?\s+/, $4)])}eo;
 372           $output =~ s{((?:[Aa]dded|[Rr]emoved)\ blocking\ bug(?:\(s\))?)(?:(\ of\ )(\d+))?(:?\s+)
 373                        (\d+(?:,\s+\d+)*(?:\,?\s+and\s+\d+)?)}
 374                       {$1.(defined $3?$2.bug_links(bug=>$3):'').$4.
 375                            english_join([map {bug_links(bug=>$_)} (split /\,?\s+(?:and\s+)?/, $5)])}xeo;
 376           $output =~ s{([Aa]dded|[Rr]emoved)( indication that bug )(\d+)( blocks )([\d\s\,]+)}
 377                       {$1.$2.(bug_links(bug=>$3)).$4.
 378                            english_join([map {bug_links(bug=>$_)} (split /\,?\s+(?:and\s+)?/, $5)])}eo;
 379           # Add links to reassigned packages
 380           $output =~ s{(Bug reassigned from package \`)([^']+?)((?:'|\&\#39;) to \`)([^']+?)((?:'|\&\#39;))}
 381           {$1.q(<a href=").html_escape(package_links(package=>$2)).qq(">$2</a>).$3.q(<a href=").html_escape(package_links(package=>$4)).qq(">$4</a>).$5}eo;
 382           if (defined $time) {
 383                $output .= ' ('.strftime('%a, %d %b %Y %T GMT',gmtime($time)).') ';
 384           }
 385           $output .= '<a href="' .
 386                html_escape(bug_links(bug => $bug_number,
 387                                      options => {msg => ($msg_number+1)},
 388                                      links_only => 1,
 389                                     )
 390                           ) . '">Full text</a> and <a href="' .
 391                                html_escape(bug_links(bug => $bug_number,
 392                                                      options => {msg => ($msg_number+1),
 393                                                                  mbox => 'yes'},
 394                                                      links_only => 1)
 395                                           ) . '">rfc822 format</a> available.';
 396
 397           $output = qq(<div class="$class"><hr>\n<a name="$msg_number"></a>\n) . $output . "</div>\n";
 398      }
 399      elsif (/recips/) {
 400           my ($msg_id) = $record->{text} =~ /^Message-Id:\s+<(.+)>/im;
 401           if (defined $msg_id and exists $$seen_msg_ids{$msg_id}) {
 402                return ();
 403           }
 404           elsif (defined $msg_id) {
 405                $$seen_msg_ids{$msg_id} = 1;
 406           }
 407           $output .= qq(<hr><p class="msgreceived"><a name="$msg_number"></a>\n);
 408           $output .= 'View this message in <a href="' . html_escape(bug_links(bug=>$bug_number, links_only => 1, options=>{msg=>$msg_number, mbox=>'yes'})) . '">rfc822 format</a></p>';
 409           $output .= handle_email_message($record->{text},
 410                                           ref     => $bug_number,
 411                                           msg_num => $msg_number,
 412                                           %param,
 413                                          );
 414      }
 415      elsif (/autocheck/) {
 416           # Do nothing
 417      }
 418      elsif (/incoming-recv/) {
 419           my ($msg_id) = $record->{text} =~ /^Message-Id:\s+<(.+)>/im;
 420           if (defined $msg_id and exists $$seen_msg_ids{$msg_id}) {
 421                return ();
 422           }
 423           elsif (defined $msg_id) {
 424                $$seen_msg_ids{$msg_id} = 1;
 425           }
 426           # Incomming Mail Message
 427           my ($received,$hostname) = $record->{text} =~ m/Received: \(at (\S+)\) by (\S+)\;/;
 428           $output .= qq|<hr><p class="msgreceived"><a name="$msg_number"></a><a name="msg$msg_number"></a><a href="#$msg_number">Message #$msg_number</a> received at |.
 429                html_escape("$received\@$hostname") .
 430                     q| (<a href="| . html_escape(bug_links(bug => $bug_number, links_only => 1, options => {msg=>$msg_number})) . '">full text</a>'.
 431                          q|, <a href="| . html_escape(bug_links(bug => $bug_number,
 432                                                                 links_only => 1,
 433                                                                 options => {msg=>$msg_number,
 434                                                                             mbox=>'yes'}
 435                                                                )
 436                                                      ) .'">mbox</a>)'.":</p>\n";
 437           $output .= handle_email_message($record->{text},
 438                                           ref     => $bug_number,
 439                                           msg_num => $msg_number,
 440                                           %param,
 441                                          );
 442      }
 443      else {
 444           die "Unknown record type $_";
 445      }
 446      return $output;
 447 }
 448
 449
 450 sub __libravatar_url {
 451     my ($email) = @_;
 452     if (not defined $config{libravatar_uri} or not length $config{libravatar_uri}) {
 453         return undef;
 454     }
 455     ($email) = get_addresses($email);
 456     return $config{libravatar_uri}.uri_escape($email.($config{libravatar_uri_options}//''));
 457 }
 458
 459
 460 1;
 461
 462
 463 __END__
 464
 465
 466
 467
 468
 469