Add better security, errors, and setup for incoming Bitbucket web hooks.

Review Request #6315 — Created Sept. 12, 2014 and submitted

Information

Review Board
release-2.0.x
9806e67...

Reviewers

This change improves many aspects of the incoming Bitbucket web hook
support, to improve security, error responses, and to ease setup of
hooks.

The Bitbucket URL now requires a valid hooks_uuid value, making the URL
practically unguessable. When accessing the URL for the repository, the
value provided in the URL will be matched against that of the repository
that was also referenced in the URL, returning 404 if they don't match.

The error responses have improved when the payload is incorrect. Instead
of just returning an empty HTTP 400, we now return an error string, in
order to help identify what went wrong.

Like GitHub, there's now instructions when setting up a Bitbucket hook.
Bitbucket has a helpful URL for adding a new hook with the hook detailed
pre-filled, which we use in the instructions to make it even easier to
get going.

Unit tests pass.

Tested adding a webhook through the instructions, and verified the resulting
URL.

Description From Last Updated

Col: 9 E303 too many blank lines (2)

reviewbotreviewbot
reviewbot
  1. Tool: Pyflakes
    Processed Files:
        reviewboard/hostingsvcs/tests.py
        reviewboard/hostingsvcs/hook_utils.py
        reviewboard/hostingsvcs/bitbucket.py
    
    Ignored Files:
        reviewboard/templates/hostingsvcs/bitbucket/repo_hook_instructions.html
    
    
    
    Tool: PEP8 Style Checker
    Processed Files:
        reviewboard/hostingsvcs/tests.py
        reviewboard/hostingsvcs/hook_utils.py
        reviewboard/hostingsvcs/bitbucket.py
    
    Ignored Files:
        reviewboard/templates/hostingsvcs/bitbucket/repo_hook_instructions.html
    
    
  2. reviewboard/hostingsvcs/bitbucket.py (Diff revision 1)
     
     
    Show all issues
    Col: 9
     E303 too many blank lines (2)
    
  3. 
      
david
  1. Ship It!

  2. 
      
chipx86
Review request changed
Status:
Completed