Mercurial > p > roundup > code
annotate scripts/weekly-report @ 6375:c4371ec7d1c0
Call verifyPassword even if user does not exist.
Address timing attack caused by not doing the password check if the
user doesn't exist. Can expose valid usernames. Really only useful for
a tracker that doesn't allow anonymous access to issues. Issues
usually show usernames as part of the message display.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 06 Apr 2021 22:51:55 -0400 |
| parents | c75defc1c2f0 |
| children | 20ab9a4b76e9 |
| rev | line source |
|---|---|
| 4041 | 1 #! /usr/bin/env python |
| 3764 | 2 |
| 3 # This script generates a simple report outlining the activity in one | |
| 4 # tracker for the most recent week. | |
| 5 | |
| 6 # This script is free software, you may redistribute it | |
| 7 # and/or modify under the same terms as Python. | |
| 8 | |
|
5412
c75defc1c2f0
Python 3 preparation: miscellaneous Python scripts not named *.py.
Joseph Myers <jsm@polyomino.org.uk>
parents:
4041
diff
changeset
|
9 from __future__ import print_function |
| 3764 | 10 import sys, math |
| 11 from roundup import instance, date | |
| 12 | |
| 13 # open the instance | |
| 14 if len(sys.argv) != 2: | |
|
5412
c75defc1c2f0
Python 3 preparation: miscellaneous Python scripts not named *.py.
Joseph Myers <jsm@polyomino.org.uk>
parents:
4041
diff
changeset
|
15 print('You need to specify an instance home dir') |
| 3764 | 16 instance_home = sys.argv[1] |
| 17 instance = instance.open(instance_home) | |
| 18 db = instance.open('admin') | |
| 19 | |
| 20 old = date.Date('-1w') | |
| 21 | |
| 22 created = [] | |
| 23 summary = {} | |
| 24 messages = [] | |
| 25 | |
| 26 # loop through all the recently-active issues | |
| 27 for issue_id in db.issue.filter(None, {'activity': '-1w;'}): | |
| 28 num = 0 | |
| 29 for x,ts,userid,action,data in db.issue.history(issue_id): | |
| 30 if ts < old: continue | |
| 31 if action == 'create': | |
| 32 created.append(issue_id) | |
|
5412
c75defc1c2f0
Python 3 preparation: miscellaneous Python scripts not named *.py.
Joseph Myers <jsm@polyomino.org.uk>
parents:
4041
diff
changeset
|
33 elif action == 'set' and 'messages' in data: |
| 3764 | 34 num += 1 |
| 35 summary.setdefault(db.issue.get(issue_id, 'status'), []).append(issue_id) | |
| 36 messages.append((num, issue_id)) | |
| 37 | |
| 38 #print 'STATUS SUMMARY:' | |
| 39 #for k,v in summary.items(): | |
| 40 # print k, len(v) | |
| 41 | |
|
5412
c75defc1c2f0
Python 3 preparation: miscellaneous Python scripts not named *.py.
Joseph Myers <jsm@polyomino.org.uk>
parents:
4041
diff
changeset
|
42 print('\nCREATED:') |
|
c75defc1c2f0
Python 3 preparation: miscellaneous Python scripts not named *.py.
Joseph Myers <jsm@polyomino.org.uk>
parents:
4041
diff
changeset
|
43 print('\n'.join(['%s: %s'%(id, db.issue.get(id, 'title')) |
|
c75defc1c2f0
Python 3 preparation: miscellaneous Python scripts not named *.py.
Joseph Myers <jsm@polyomino.org.uk>
parents:
4041
diff
changeset
|
44 for id in created])) |
| 3764 | 45 |
|
5412
c75defc1c2f0
Python 3 preparation: miscellaneous Python scripts not named *.py.
Joseph Myers <jsm@polyomino.org.uk>
parents:
4041
diff
changeset
|
46 print('\nRESOLVED:') |
| 3764 | 47 resolved_id = db.status.lookup('resolved') |
|
5412
c75defc1c2f0
Python 3 preparation: miscellaneous Python scripts not named *.py.
Joseph Myers <jsm@polyomino.org.uk>
parents:
4041
diff
changeset
|
48 print('\n'.join(['%s: %s'%(id, db.issue.get(id, 'title')) |
|
c75defc1c2f0
Python 3 preparation: miscellaneous Python scripts not named *.py.
Joseph Myers <jsm@polyomino.org.uk>
parents:
4041
diff
changeset
|
49 for id in summary.get(resolved_id, [])])) |
| 3764 | 50 |
|
5412
c75defc1c2f0
Python 3 preparation: miscellaneous Python scripts not named *.py.
Joseph Myers <jsm@polyomino.org.uk>
parents:
4041
diff
changeset
|
51 print('\nTOP TEN MOST DISCUSSED:') |
| 3764 | 52 messages.sort() |
| 53 messages.reverse() | |
| 54 nmax = messages[0][0] | |
| 55 fmt = '%%%dd - %%s: %%s'%(int(math.log(nmax, 10)) + 1) | |
|
5412
c75defc1c2f0
Python 3 preparation: miscellaneous Python scripts not named *.py.
Joseph Myers <jsm@polyomino.org.uk>
parents:
4041
diff
changeset
|
56 print('\n'.join([fmt%(num, id, db.issue.get(id, 'title')) |
|
c75defc1c2f0
Python 3 preparation: miscellaneous Python scripts not named *.py.
Joseph Myers <jsm@polyomino.org.uk>
parents:
4041
diff
changeset
|
57 for num, id in messages[:10]])) |
| 3764 | 58 |
| 59 # vim: set filetype=python ts=4 sw=4 et si |