From 6651bcba4a88827f3503112b3f108da9ecc44a4e Mon Sep 17 00:00:00 2001
From: Andreas Hasenkopf <ahasenkopf@suse.de>
Date: Fri, 11 Oct 2024 17:10:58 +0200
Subject: [PATCH 1/2] test: Use a class to organize tests in
 test_backend_rest.py

---
 tests/test_backend_rest.py | 45 +++++++++++++++++++++++---------------
 1 file changed, 27 insertions(+), 18 deletions(-)

diff --git a/tests/test_backend_rest.py b/tests/test_backend_rest.py
index fdfbd05b..45e3e780 100644
--- a/tests/test_backend_rest.py
+++ b/tests/test_backend_rest.py
@@ -4,32 +4,41 @@
 from bugzilla._session import _BugzillaSession
 
 
-def test_getbug():
-    session = _BugzillaSession(url="http://example.com",
+class TestGetBug:
+    @property
+    def session(self):
+        return _BugzillaSession(url="http://example.com",
                                user_agent="py-bugzilla-test",
                                sslverify=False,
                                cert=None,
                                tokencache={},
                                api_key="",
                                is_redhat_bugzilla=False)
-    backend = _BackendREST(url="http://example.com",
-                           bugzillasession=session)
 
-    def _assertion(self, *args):
-        self.assertion_called = True
-        assert args and args[0] == url
+    @property
+    def backend(self):
+        return _BackendREST(url="http://example.com",
+                           bugzillasession=self.session)
 
-    setattr(backend, "_get", MethodType(_assertion, backend))
+    def test_getbug__not_permissive(self):
+        backend = self.backend
 
-    for _ids, aliases, url in (
-            (1, None, "/bug/1"),
-            ([1], [], "/bug/1"),
-            (None, "CVE-1999-0001", "/bug/CVE-1999-0001"),
-            ([], ["CVE-1999-0001"], "/bug/CVE-1999-0001"),
-            (1, "CVE-1999-0001", "/bug"),
-    ):
-        backend.assertion_called = False
+        def _assertion(self, *args):
+            self.assertion_called = True
+            assert args and args[0] == url
 
-        backend.bug_get(_ids, aliases, {})
+        setattr(backend, "_get", MethodType(_assertion, backend))
 
-        assert backend.assertion_called is True
+        for _ids, aliases, url in (
+                (1, None, "/bug/1"),
+                ([1], [], "/bug/1"),
+                (None, "CVE-1999-0001", "/bug/CVE-1999-0001"),
+                ([], ["CVE-1999-0001"], "/bug/CVE-1999-0001"),
+                (1, "CVE-1999-0001", "/bug"),
+                ([1, 2], None, "/bug")
+        ):
+            backend.assertion_called = False
+
+            backend.bug_get(_ids, aliases, {})
+
+            assert backend.assertion_called is True

From a349e81dcff9fb6efae3903afa0862faf55daa55 Mon Sep 17 00:00:00 2001
From: Andreas Hasenkopf <ahasenkopf@suse.de>
Date: Fri, 11 Oct 2024 17:11:28 +0200
Subject: [PATCH 2/2] fix: Emulate `permissive` on REST backend (closes #222)

`_BackendREST.bug_get` cannot pass a `permissive` parameter
to the server as the REST API does not honor such a
parameter.

With this change, permissiveness is handled inside the
method:

If `permissive` is false and a single ID or alias is requested, the "get" method is used and an exception gets
raised in case of error.
Otherwise, the "search" method is used, which may return
an empty list, if the client is not authenticated or an
ID or alias does not exist.
---
 bugzilla/_backendrest.py   |  3 ++-
 tests/test_backend_rest.py | 23 +++++++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/bugzilla/_backendrest.py b/bugzilla/_backendrest.py
index 00b5563a..45bc4999 100644
--- a/bugzilla/_backendrest.py
+++ b/bugzilla/_backendrest.py
@@ -109,6 +109,7 @@ def bug_fields(self, paramdict):
     def bug_get(self, bug_ids, aliases, paramdict):
         bug_list = listify(bug_ids)
         alias_list = listify(aliases)
+        permissive = paramdict.pop("permissive", False)
         data = paramdict.copy()
 
         # FYI: The high-level API expects the backends to raise an exception
@@ -116,7 +117,7 @@ def bug_get(self, bug_ids, aliases, paramdict):
         # API), but the REST API simply returns an empty search result set.
         # To ensure compliant behavior, the REST backend needs to use the
         # explicit URL to get a single bug.
-        if len(bug_list or []) + len(alias_list or []) == 1:
+        if not permissive and len(bug_list or []) + len(alias_list or []) == 1:
             for id_list in (bug_list, alias_list):
                 if id_list:
                     return self._get("/bug/%s" % id_list[0], data)
diff --git a/tests/test_backend_rest.py b/tests/test_backend_rest.py
index 45e3e780..14836975 100644
--- a/tests/test_backend_rest.py
+++ b/tests/test_backend_rest.py
@@ -42,3 +42,26 @@ def _assertion(self, *args):
             backend.bug_get(_ids, aliases, {})
 
             assert backend.assertion_called is True
+
+    def test_getbug__permissive(self):
+        backend = self.backend
+
+        def _assertion(self, *args):
+            self.assertion_called = True
+            assert args and args[0] == url and args[1] == params
+
+        setattr(backend, "_get", MethodType(_assertion, backend))
+
+        for _ids, aliases, url, params in (
+                (1, None, "/bug", {"id": [1], "alias": None}),
+                ([1], [], "/bug", {"id": [1], "alias": []}),
+                (None, "CVE-1999-0001", "/bug", {"alias": ["CVE-1999-0001"], "id": None}),
+                ([], ["CVE-1999-0001"], "/bug", {"alias": ["CVE-1999-0001"], "id": []}),
+                (1, "CVE-1999-0001", "/bug", {"id": [1], "alias": ["CVE-1999-0001"]}),
+                ([1, 2], None, "/bug", {"id": [1, 2], "alias": None})
+        ):
+            backend.assertion_called = False
+
+            backend.bug_get(_ids, aliases, {"permissive": True})
+
+            assert backend.assertion_called is True