Merge pull request #6479 from NuGet/dev

[ReleasePrep][2018.25.09]RI of dev into master

Author: loic-sharma

src/NuGetGallery.Core/Auditing/AuditedAuthenticatedOperationAction.cs

@@ -23,6 +23,11 @@ public enum AuditedAuthenticatedOperationAction
         /// <summary>
         /// Login failed, user is an organization and should not have credentials.
         /// </summary>
-        FailedLoginUserIsOrganization
+        FailedLoginUserIsOrganization,
+
+        /// <summary>
+        /// Symbol package push was attempted by a non-owner of the package
+        /// </summary>
+        SymbolsPackagePushAttemptByNonOwner
     }
 }

src/NuGetGallery.Core/Auditing/AuditedPackageAction.cs

@@ -15,6 +15,8 @@ public enum AuditedPackageAction
         Edit,
         [Obsolete("Undo package edit functionality is being retired.")]
         UndoEdit,
-        Verify
+        Verify,
+        SymbolsCreate,
+        SymbolsDelete
     }
 }

src/NuGetGallery.Core/CoreConstants.cs

@@ -39,5 +39,7 @@ public static class CoreConstants
         public const string SymbolPackagesFolderName = "symbol-packages";
         public const string NuGetSymbolPackageFileExtension = ".snupkg";
         public const string SymbolPackageBackupsFolderName = "symbol-package-backups";
+
+        public const string UploadTracingKeyHeaderName = "upload-id";
     }
 }

src/NuGetGallery.Core/Infrastructure/TableErrorLog.cs

@@ -190,6 +190,12 @@ public override string Log(Error error)
 
             private void Obfuscate(Error error)
             {
+                error.User = string.Empty;
+                if (error.Form != null)
+                {
+                    error.Form.Clear();
+                }
+
                 //ServerVariables overrides requiring context from the http request should be handled in NuGetGallery.QuietLog
                 var elmahException = error.Exception as ElmahException;
                 if (elmahException != null)

src/NuGetGallery.Core/NuGetGallery.Core.csproj

@@ -168,6 +168,7 @@
     <Compile Include="Infrastructure\ElmahException.cs" />
     <Compile Include="Infrastructure\TableErrorLog.cs" />
     <Compile Include="Authentication\NuGetClaims.cs" />
+    <Compile Include="PackageMetadataExtensions.cs" />
     <Compile Include="PackageReaderCoreExtensions.cs" />
     <Compile Include="PackageStatus.cs" />
     <Compile Include="Packaging\InvalidPackageException.cs" />

src/NuGetGallery.Core/PackageMetadataExtensions.cs

@@ -0,0 +1,32 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using NuGetGallery.Packaging;
+using System.Linq;
+using ClientPackageType = NuGet.Packaging.Core.PackageType;
+
+namespace NuGetGallery
+{
+    /// <summary>
+    /// Utilities extending PackageMetadata
+    /// </summary>
+    public static class PackageMetadataExtensions
+    {
+        private const string SymbolPackageTypeName = "SymbolsPackage";
+        private static readonly ClientPackageType SymbolPackageType = new ClientPackageType(SymbolPackageTypeName, ClientPackageType.EmptyVersion);
+
+        /// <summary>
+        /// The package is a symbol package, if and only if it has metadata 
+        /// element of type <see cref="SymbolPackageTypeName"/> and only that element in package types.
+        /// </summary>
+        /// <param name="metadata"><see cref="PackageMetadata"/> for package</param>
+        /// <returns>True if the package is a symbols package</returns>
+        public static bool IsSymbolPackage(this PackageMetadata metadata)
+        {
+            var packageTypes = metadata.GetPackageTypes();
+            return packageTypes.Any()
+                && packageTypes.Count() == 1
+                && packageTypes.First() == SymbolPackageType;
+        }
+    }
+}

src/NuGetGallery.Core/Services/CoreMessageService.cs

@@ -72,6 +72,46 @@ [change your email notification settings]({emailSettingsUrl}).
             }
         }
 
+        public async Task SendSymbolPackageAddedNoticeAsync(SymbolPackage symbolPackage, string packageUrl, string packageSupportUrl, string emailSettingsUrl, IEnumerable<string> warningMessages = null)
+        {
+            bool hasWarnings = warningMessages != null && warningMessages.Any();
+
+            string subject;
+            var warningMessagesPlaceholder = string.Empty;
+            if (hasWarnings)
+            {
+                subject = $"[{CoreConfiguration.GalleryOwner.DisplayName}] Symbol package published with warnings - {symbolPackage.Id} {symbolPackage.Version}";
+                warningMessagesPlaceholder = Environment.NewLine + string.Join(Environment.NewLine, warningMessages);
+            }
+            else
+            {
+                subject = $"[{CoreConfiguration.GalleryOwner.DisplayName}] Symbol package published - {symbolPackage.Id} {symbolPackage.Version}";
+            }
+
+            string body = $@"The symbol package [{symbolPackage.Id} {symbolPackage.Version}]({packageUrl}) was recently published on {CoreConfiguration.GalleryOwner.DisplayName} by {symbolPackage.Package.User.Username}. If this was not intended, please [contact support]({packageSupportUrl}).
+{warningMessagesPlaceholder}
+
+-----------------------------------------------
+<em style=""font-size: 0.8em;"">
+    To stop receiving emails as an owner of this package, sign in to the {CoreConfiguration.GalleryOwner.DisplayName} and
+    [change your email notification settings]({emailSettingsUrl}).
+</em>";
+
+            using (var mailMessage = new MailMessage())
+            {
+                mailMessage.Subject = subject;
+                mailMessage.Body = body;
+                mailMessage.From = CoreConfiguration.GalleryNoReplyAddress;
+
+                AddOwnersSubscribedToPackagePushedNotification(symbolPackage.Package.PackageRegistration, mailMessage);
+
+                if (mailMessage.To.Any())
+                {
+                    await SendMessageAsync(mailMessage);
+                }
+            }
+        }
+
         public async Task SendPackageAddedWithWarningsNoticeAsync(Package package, string packageUrl, string packageSupportUrl, IEnumerable<string> warningMessages)
         {
             var subject = $"[{CoreConfiguration.GalleryOwner.DisplayName}] Package pushed with warnings - {package.PackageRegistration.Id} {package.Version}";
@@ -142,6 +182,52 @@ public async Task SendPackageValidationFailedNoticeAsync(Package package, Packag
             }
         }
 
+        public async Task SendSymbolPackageValidationFailedNoticeAsync(SymbolPackage symbolPackage, PackageValidationSet validationSet, string packageUrl, string packageSupportUrl, string announcementsUrl, string twitterUrl)
+        {
+            var validationIssues = validationSet.GetValidationIssues();
+
+            var subject = $"[{CoreConfiguration.GalleryOwner.DisplayName}] Symbol package validation failed - {symbolPackage.Id} {symbolPackage.Version}";
+            var bodyBuilder = new StringBuilder();
+            bodyBuilder.Append($@"The symbol package [{symbolPackage.Id} {symbolPackage.Version}]({packageUrl}) failed validation because of the following reason(s):
+");
+
+            foreach (var validationIssue in validationIssues)
+            {
+                bodyBuilder.Append($@"
+- {ParseValidationIssue(validationIssue, announcementsUrl, twitterUrl)}");
+            }
+
+            bodyBuilder.Append($@"
+
+Your symbol package was not published on {CoreConfiguration.GalleryOwner.DisplayName} and is not available for consumption.
+
+");
+
+            if (validationIssues.Any(i => i.IssueCode == ValidationIssueCode.Unknown))
+            {
+                bodyBuilder.Append($"Please [contact support]({packageSupportUrl}) to help.");
+            }
+            else
+            {
+                var issuePluralString = validationIssues.Count() > 1 ? "all the issues" : "the issue";
+                bodyBuilder.Append($"You can reupload your symbol package once you've fixed {issuePluralString} with it.");
+            }
+
+            using (var mailMessage = new MailMessage())
+            {
+                mailMessage.Subject = subject;
+                mailMessage.Body = bodyBuilder.ToString();
+                mailMessage.From = CoreConfiguration.GalleryNoReplyAddress;
+
+                AddAllOwnersToMailMessage(symbolPackage.Package.PackageRegistration, mailMessage);
+
+                if (mailMessage.To.Any())
+                {
+                    await SendMessageAsync(mailMessage);
+                }
+            }
+        }
+
         private static string ParseValidationIssue(ValidationIssue validationIssue, string announcementsUrl, string twitterUrl)
         {
             switch (validationIssue.IssueCode)
@@ -168,6 +254,10 @@ private static string ParseValidationIssue(ValidationIssue validationIssue, stri
                 case ValidationIssueCode.PackageIsSignedWithUnauthorizedCertificate:
                     var certIssue = (UnauthorizedCertificateFailure)validationIssue;
                     return $"The package was signed, but the signing certificate {(certIssue != null ? $"(SHA-1 thumbprint {certIssue.Sha1Thumbprint})" : "")} is not associated with your account. You must register this certificate to publish signed packages. [Read more...](https://aka.ms/nuget-signed-ref)";
+                case ValidationIssueCode.SymbolErrorCode_ChecksumDoesNotMatch:
+                    return "The checksum does not match for the dll(s) and corresponding pdb(s).";
+                case ValidationIssueCode.SymbolErrorCode_MatchingPortablePDBNotFound:
+                    return "The uploaded symbols package contains pdb(s) for a corresponding dll(s) not found in the nuget package.";
                 default:
                     return "There was an unknown failure when validating your package.";
             }
@@ -210,6 +300,42 @@ public async Task SendValidationTakingTooLongNoticeAsync(Package package, string
             }
         }
 
+        public async Task SendValidationTakingTooLongNoticeAsync(SymbolPackage symbolPackage, string packageUrl)
+        {
+            string subject = "[{0}] Symbol package validation taking longer than expected - {1} {2}";
+            string body = "It is taking longer than expected for your symbol package [{1} {2}]({3}) to get published.\n\n" +
+                "We are looking into it and there is no action on you at this time. We’ll send you an email notification when your symbol package has been published.\n\n" +
+                "Thank you for your patience.";
+
+            body = string.Format(
+                CultureInfo.CurrentCulture,
+                body,
+                CoreConfiguration.GalleryOwner.DisplayName,
+                symbolPackage.Id,
+                symbolPackage.Version,
+                packageUrl);
+
+            subject = string.Format(
+                CultureInfo.CurrentCulture,
+                subject,
+                CoreConfiguration.GalleryOwner.DisplayName,
+                symbolPackage.Id,
+                symbolPackage.Version);
+
+            using (var mailMessage = new MailMessage())
+            {
+                mailMessage.Subject = subject;
+                mailMessage.Body = body;
+                mailMessage.From = CoreConfiguration.GalleryNoReplyAddress;
+
+                AddOwnersSubscribedToPackagePushedNotification(symbolPackage.Package.PackageRegistration, mailMessage);
+
+                if (mailMessage.To.Any())
+                {
+                    await SendMessageAsync(mailMessage);
+                }
+            }
+        }
 
         protected static void AddAllOwnersToMailMessage(PackageRegistration packageRegistration, MailMessage mailMessage)
         {

src/NuGetGallery.Core/Services/ICoreMessageService.cs

@@ -13,5 +13,8 @@ public interface ICoreMessageService
         Task SendPackageAddedWithWarningsNoticeAsync(Package package, string packageUrl, string packageSupportUrl, IEnumerable<string> warningMessages);
         Task SendPackageValidationFailedNoticeAsync(Package package, PackageValidationSet validationSet, string packageUrl, string packageSupportUrl, string announcementsUrl, string twitterUrl);
         Task SendValidationTakingTooLongNoticeAsync(Package package, string packageUrl);
+        Task SendValidationTakingTooLongNoticeAsync(SymbolPackage symbolPackage, string packageUrl);
+        Task SendSymbolPackageAddedNoticeAsync(SymbolPackage symbolPackage, string packageUrl, string packageSupportUrl, string emailSettingsUrl, IEnumerable<string> warningMessages = null);
+        Task SendSymbolPackageValidationFailedNoticeAsync(SymbolPackage symbolPackage, PackageValidationSet validationSet, string packageUrl, string packageSupportUrl, string announcementsUrl, string twitterUrl);
     }
 }

src/NuGetGallery.Core/StreamExtensions.cs

@@ -2,7 +2,6 @@
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System.IO;
-using System.Threading.Tasks;
 
 namespace NuGetGallery
 {

src/NuGetGallery/App_Start/DefaultDependenciesModule.cs

@@ -323,6 +323,11 @@ protected override void Load(ContainerBuilder builder)
                 .As<ICertificateService>()
                 .InstancePerLifetimeScope();
 
+            builder.RegisterType<TyposquattingService>()
+                .AsSelf()
+                .As<ITyposquattingService>()
+                .InstancePerLifetimeScope();
+
             Func<MailSender> mailSenderFactory = () =>
                 {
                     var settings = configuration;