lib/msf/util/document_generator/pull_request_finder.rb
require 'octokit'
require 'nokogiri'
require 'net/http'
module Msf
module Util
module DocumentGenerator
class PullRequestFinder
class Exception < RuntimeError; end
MANUAL_BASE_PATH = File.expand_path(File.join(Msf::Config.module_directory, '..', 'documentation', 'modules' ))
USER_MANUAL_BASE_PATH = File.expand_path(File.join(Msf::Config.user_module_directory, '..', 'documentation', 'modules' ))
# @return [Octokit::Client] Git client
attr_accessor :git_client
# @return [String] Metasploit Framework's repository
attr_accessor :repository
# @return [String] Metasploit Framework's branch
attr_accessor :branch
# @return [String] Metasploit Framework's repository owner
attr_accessor :owner
# @return [String] Git access token
attr_accessor :git_access_token
# Initializes Msf::Util::DocumenGenerator::PullRequestFinder
#
# @raise [PullRequestFinder::Exception] No GITHUB_OAUTH_TOKEN environment variable
# @return [void]
def initialize
unless ENV.has_key?('GITHUB_OAUTH_TOKEN')
msg = ''
raise PullRequestFinder::Exception, 'GITHUB_OAUTH_TOKEN environment variable not set.'
end
self.owner = 'rapid7'
self.repository = "#{owner}/metasploit-framework"
self.branch = 'master'
self.git_access_token = ENV['GITHUB_OAUTH_TOKEN']
self.git_client = Octokit::Client.new(access_token: git_access_token)
end
# Returns pull requests associated with a particular Metasploit module.
#
# @param mod [Msf::Module] Metasploit module.
# @return [Hash]
def search(mod)
file_name = get_normalized_module_name(mod)
commits = get_commits_from_file(file_name)
get_pull_requests_from_commits(commits)
end
private
# Returns the normalized module full name.
#
# @param mod [Msf::Module] Metasploit module.
# @return [String]
def get_normalized_module_name(mod)
source_fname = mod.method(:initialize).source_location.first
source_fname.scan(/(modules.+)/).flatten.first || ''
end
# Returns git commits for a particular file.
#
# @param path [String] File path.
# @raise [PullRequestFinder::Exception] No commits found.
# @return [Array<Sawyer::Resource>]
def get_commits_from_file(path)
begin
commits = git_client.commits(repository, branch, path: path)
rescue Faraday::ConnectionFailed
raise PullRequestFinder::Exception, 'No network connection to Github.'
rescue Octokit::Unauthorized
raise PullRequestFinder::Exception, 'Github Authentication Failed.'
end
if commits.empty?
# Possibly the path is wrong.
raise PullRequestFinder::Exception, 'No commits found.'
end
commits
end
# Returns the author for the commit.
#
# @param commit [Sawyer::Resource]
# @return [String]
def get_author(commit)
if commit.author
return commit.author[:login].to_s
end
''
end
# Checks whether the author should be skipped or not.
#
# @param commit [Sawyer::Resource]
# @return [Boolean] TrueClass if the author should be skipped, otherwise false.
def is_author_blacklisted?(commit)
['tabassassin'].include?(get_author(commit))
end
# Returns unique pull requests for a collection of commits.
#
# @param commits [Array<Sawyer::Resource>]
# @return [Hash]
def get_pull_requests_from_commits(commits)
pull_requests = {}
commits.each do |commit|
next if is_author_blacklisted?(commit)
pr = get_pull_request_from_commit(commit)
unless pr.empty?
pull_requests[pr[:number]] = pr
end
end
pull_requests
end
# Returns unique pull requests for a commit.
#
# @param commit [Sawyer::Resource]
# @return [Hash]
def get_pull_request_from_commit(commit)
sha = commit.sha
url = URI.parse("https://github.com/#{repository}/branch_commits/#{sha}")
cli = Net::HTTP.new(url.host, url.port)
cli.use_ssl = true
req = Net::HTTP::Get.new(url.request_uri)
res = cli.request(req)
n = Nokogiri::HTML(res.body)
found_pr_link = n.at('li[@class="pull-request"]//a')
# If there is no PR associated with this commit, it's probably from the SVN days.
return {} unless found_pr_link
href = found_pr_link.attributes['href'].text
title = found_pr_link.attributes['title'].text
# Filter out all the pull requests that do not belong to rapid7.
# If this happens, it's probably because the PR was submitted to somebody's fork.
return {} unless /^\/#{owner}\// === href
{ number: href.scan(/\d+$/).flatten.first, title: title }
end
end
end
end
end