views.py 56.7 KB
Newer Older
BERJON Matthieu's avatar
BERJON Matthieu committed
1 2 3 4 5 6 7 8 9 10 11
# -*- coding: utf-8 -*-
"""Main view module

This module handles most of the front-end for the Allgo system. You'll find
all the logic (controller) in an MVC pattern.

Attributes:
    log: module level variable to save information as a log data.

"""
# Python standard libraries
12
import glob
BERJON Matthieu's avatar
BERJON Matthieu committed
13
import io
14
import itertools
15 16
import json
import logging
17
import re
18
import os
19
import re
20
import shutil
21
import tempfile
22
import zipfile
23

BERJON Matthieu's avatar
BERJON Matthieu committed
24
# Third party imports
25 26 27
import iso8601
import natsort
import requests
28
import robot_detection
29
from django.conf import settings
30
from django.contrib import messages
31
from django.contrib.auth.forms import PasswordChangeForm
32
from django.contrib.auth.mixins import LoginRequiredMixin
BERJON Matthieu's avatar
BERJON Matthieu committed
33
from django.contrib.auth.models import User
34
from django.contrib.contenttypes.models import ContentType
35
from django.contrib.messages.views import SuccessMessageMixin
36
from django.core.exceptions import ObjectDoesNotExist
CAMPION Sebastien's avatar
CAMPION Sebastien committed
37
from django.core.urlresolvers import reverse
38
from django.db import transaction
BERJON Matthieu's avatar
BERJON Matthieu committed
39
from django.db.models import Count
40
from django.http import HttpResponse, JsonResponse, HttpResponseRedirect, FileResponse, Http404
BERJON Matthieu's avatar
BERJON Matthieu committed
41
from django.shortcuts import render, get_object_or_404, redirect
42
from django.urls import reverse, reverse_lazy
43
from django.utils.crypto import get_random_string
44
from django.utils.text import slugify
45
from django.views.decorators.csrf import csrf_exempt
BERJON Matthieu's avatar
BERJON Matthieu committed
46
from django.views.generic import (
CAMPION Sebastien's avatar
pep8  
CAMPION Sebastien committed
47 48 49
    CreateView,
    DeleteView,
    DetailView,
50
    FormView,
CAMPION Sebastien's avatar
pep8  
CAMPION Sebastien committed
51 52 53 54 55
    ListView,
    RedirectView,
    TemplateView,
    UpdateView,
    View,
BERJON Matthieu's avatar
BERJON Matthieu committed
56
)
57
from django.views.generic.detail import SingleObjectMixin
BERJON Matthieu's avatar
BERJON Matthieu committed
58
from taggit.models import Tag
BERJON Matthieu's avatar
BERJON Matthieu committed
59

BERJON Matthieu's avatar
BERJON Matthieu committed
60
from .forms import (
CAMPION Sebastien's avatar
cosmit  
CAMPION Sebastien committed
61 62 63 64 65
    UserForm,
    HomeSignupForm,
    JobForm,
    SSHForm,
    RunnerForm,
66 67
    WebappForm,
    WebappSandboxForm,
68
    WebappImportForm,
CAMPION Sebastien's avatar
cosmit  
CAMPION Sebastien committed
69
)
CAMPION Sebastien's avatar
pep8  
CAMPION Sebastien committed
70
# Local imports
BAIRE Anthony's avatar
BAIRE Anthony committed
71
import config
72
from .helpers import get_base_url, get_ssh_data, upload_data, notify_controller, lookup_job_file, get_request_user, query_webapps_for_user
73
from .mixins import UserAccessMixin, ProviderAccessMixin, AllAccessMixin, JobAuthMixin
CAMPION Sebastien's avatar
pep8  
CAMPION Sebastien committed
74 75
from .models import (
    AllgoUser,
76
    DockerOs,
CAMPION Sebastien's avatar
pep8  
CAMPION Sebastien committed
77
    Job,
78
    JobQueue,
CAMPION Sebastien's avatar
pep8  
CAMPION Sebastien committed
79 80 81
    Quota,
    Runner,
    Webapp,
82
    WebappParameter,
CAMPION Sebastien's avatar
pep8  
CAMPION Sebastien committed
83
    WebappVersion,
BERJON Matthieu's avatar
BERJON Matthieu committed
84
    Tos,
85
    UserAgreement,
CAMPION Sebastien's avatar
pep8  
CAMPION Sebastien committed
86
)
BAIRE Anthony's avatar
BAIRE Anthony committed
87
from .signals import job_post_save
88
from .templatetags.converters import status_icon
BERJON Matthieu's avatar
BERJON Matthieu committed
89

BERJON Matthieu's avatar
BERJON Matthieu committed
90
# Start logger
91
log = logging.getLogger('allgo')
CAMPION Sebastien's avatar
CAMPION Sebastien committed
92

93 94 95 96 97 98 99 100 101 102 103 104 105 106 107
def error_handler(status, reason, default, request, exception=None):
    """Generic error handler

    Since django is unable to handle per-app error handlers, we have to define
    global ones.

    The behaviour of this view is to generate a json-formatted message
    {"error": "something"} when the url starts with /api/, otherwise it just
    uses django's default error handler.
    """
    if request.path_info.startswith("/api/"):
        return JsonResponse({"error": "%d %s" % (status, reason)}, status=status)
    else:
        return default(request, exception)

CAMPION Sebastien's avatar
CAMPION Sebastien committed
108

BAIRE Anthony's avatar
BAIRE Anthony committed
109
class IndexDetail(AllAccessMixin, TemplateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
110 111 112 113 114 115 116 117 118
    """Home view

    Generate the home as a standard `TemplateView` by calling a specific
    template. Most of the data are handled in the template itself, only few
    contexte data are provided for specific use.

    Attributes:
        template_name:  filename of the template used.

119
    """
BERJON Matthieu's avatar
BERJON Matthieu committed
120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141
    template_name = 'home.html'

    def get_context_data(self, **kwargs):
        """ Generate specific data to pass on in the context of the template.

        Returns:
            user_nb (int): number of users recorded in the database.
            webapp_nb (int): number of webapps recorded in the database.
            job_nb (int): number of jobs recorded in the database.
            signup_form: form specific for signin-up directly on the home page.
        """
        context = super(IndexDetail, self).get_context_data(**kwargs)
        users = User.objects.all().count()
        webapps = Webapp.objects.all().count()
        jobs = Job.objects.all().count()

        context['user_nb'] = users
        context['webapp_nb'] = webapps
        context['job_nb'] = jobs
        context['signup_form'] = HomeSignupForm()

        return context
BERJON Matthieu's avatar
BERJON Matthieu committed
142 143


BAIRE Anthony's avatar
BAIRE Anthony committed
144 145 146 147 148 149 150 151 152
# Legacy views
class LegacyWebappDetail(SingleObjectMixin, RedirectView):
    model = Webapp
    permanent = True
    slug_field = "docker_name"
    def get_redirect_url(self, **kwargs):
        return reverse("main:webapp_detail",
                args=(self.get_object().docker_name,))

153 154
# WEBAPPS
# -----------------------------------------------------------------------------
BAIRE Anthony's avatar
BAIRE Anthony committed
155 156 157

# FIXME: should merge WebappList with UserWebappList
# FIXME: should filter out webapps that have not published versions and that do not belong to the current user
BAIRE Anthony's avatar
BAIRE Anthony committed
158
class WebappList(AllAccessMixin, ListView):
BERJON Matthieu's avatar
BERJON Matthieu committed
159
    """ Display a paginated list of available webapps.
160

BERJON Matthieu's avatar
BERJON Matthieu committed
161 162
    The webapps are filtered from the most recent to the oldest and no private
    apps are displayed.
163

BERJON Matthieu's avatar
BERJON Matthieu committed
164 165 166 167 168 169 170
    Attributes:
        model:  Webapp model is used.
        context_object_name:    the name used in the template to display each
                                variable.
        paginate_by: the number of occurences per page
        template_name: name of the template loaded with this view.
        queryset: a specific queryset designed to filter the data.
171

BERJON Matthieu's avatar
BERJON Matthieu committed
172 173 174
    Todo:
        - the number of occurences per page could be loaded from the config
        file.
175 176

    """
BERJON Matthieu's avatar
BERJON Matthieu committed
177
    model = Webapp
BERJON Matthieu's avatar
BERJON Matthieu committed
178
    context_object_name = 'webapps'
BERJON Matthieu's avatar
BERJON Matthieu committed
179 180
    paginate_by = 10
    template_name = 'webapp_list.html'
181

182 183
    def get_queryset(self):
        return query_webapps_for_user(self.request.user).order_by('-created_at')
BERJON Matthieu's avatar
BERJON Matthieu committed
184

185

BAIRE Anthony's avatar
BAIRE Anthony committed
186
class UserWebappList(AllAccessMixin, ListView):
BERJON Matthieu's avatar
BERJON Matthieu committed
187 188 189 190 191 192 193 194 195 196 197 198 199
    """List of user's webapp

    Returns all the webapps owned by a specific user. Only the user can its
    apps.

    Attributes:
        model: database model
        context_object_name: variable name used in the template to display the
                            data.
        paginate_by: number of occurences by page.
        template_name: template filename.
                            
    """
BERJON Matthieu's avatar
BERJON Matthieu committed
200 201 202 203 204 205 206
    model = Webapp
    context_object_name = 'webapps'
    paginate_by = 10
    template_name = 'webapp_list.html'

    def get_queryset(self):
        """Filter apps for a given user"""
BAIRE Anthony's avatar
BAIRE Anthony committed
207
        # FIXME: infoleak: any user can display all the apps of any user
BERJON Matthieu's avatar
BERJON Matthieu committed
208 209 210 211 212
        user = User.objects.get(username=self.kwargs['username'])
        queryset = Webapp.objects.filter(user=user)
        return queryset


213
class WebappUpdate(UserAccessMixin, SuccessMessageMixin, UpdateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
214 215 216 217 218 219 220 221
    """Form to update the webapp data

    Attributes:
        form_class: form object.
        template_name: template filename.
        success_message: message when the form is properly submitted.

    """
222 223
    form_class = WebappForm
    template_name = 'webapp_add_update.html'
BERJON Matthieu's avatar
BERJON Matthieu committed
224
    success_message = 'Your app has been successfully updated.'
225
    error_message = 'The email doesn\'t belong to any registered user. Please enter a valid owner email address.'
BERJON Matthieu's avatar
BERJON Matthieu committed
226 227

    def get_success_url(self):
228 229
        """If successful redirect to the webapp details page"""
        return reverse('main:webapp_detail', args=(self.object.docker_name,))
BERJON Matthieu's avatar
BERJON Matthieu committed
230 231

    def get_object(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
232
        """Returns the object according to its docker name or a 404 error"""
BERJON Matthieu's avatar
BERJON Matthieu committed
233 234 235 236
        data = self.kwargs.get('docker_name', None)
        queryset = get_object_or_404(Webapp, docker_name=data, user_id=self.request.user.id)
        return queryset

BAIRE Anthony's avatar
BAIRE Anthony committed
237 238 239
    def get_context_data(self, **kwargs):
        ctx=super().get_context_data(**kwargs)
        ctx["action"] = "Update"
240 241 242 243 244

        # we expand the 'advanced' tab if any of its field has a validation error
        ctx["show_advanced"] = bool(set(ctx["form"].errors)
                .intersection(ctx["form"].ADVANCED_FIELDS))

BAIRE Anthony's avatar
BAIRE Anthony committed
245 246
        return ctx

247 248 249 250 251 252
    def get_form(self):
        form = super().get_form()
        if not self.request.user.is_superuser:
            form.fields['memory_limit_mb'].widget.attrs['readonly'] = True
        return form

BERJON Matthieu's avatar
BERJON Matthieu committed
253
    def form_valid(self, form):
BERJON Matthieu's avatar
BERJON Matthieu committed
254
        """Save data coming from the form in the database """
BERJON Matthieu's avatar
BERJON Matthieu committed
255
        obj = form.save(commit=False)
256

BERJON Matthieu's avatar
BERJON Matthieu committed
257 258 259
        try:
            user = User.objects.get(username=form.cleaned_data['owner'])
            obj.user_id = user.id
260
            obj.memory_limit = form.get_memory_limit(self.request)
BERJON Matthieu's avatar
BERJON Matthieu committed
261
            form.save()
BERJON Matthieu's avatar
BERJON Matthieu committed
262 263
            # Add the tag to the database (specific because it's a many to 
            # many relationship)
264
            form.save_m2m()
BERJON Matthieu's avatar
BERJON Matthieu committed
265
            if user != self.request.user:
266
                messages.success(self.request, self.success_message)
BERJON Matthieu's avatar
BERJON Matthieu committed
267 268
                return redirect('main:user_webapp_list', self.request.user.username)
            else:
269
                return super().form_valid(form)
BERJON Matthieu's avatar
BERJON Matthieu committed
270
        except User.DoesNotExist:
271
            messages.error(self.request, self.error_message)
272
            return super().form_invalid(form)
BERJON Matthieu's avatar
BERJON Matthieu committed
273 274


275
class WebappCreate(ProviderAccessMixin, SuccessMessageMixin, CreateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
276 277 278 279 280 281 282 283 284 285
    """Create a new webapp

    Attributes:
        model: model to use in this class.
        form_class: form object passed to the template.
        success_message: successfull message sent to the template
        template_name: template filename.
        group_required: groups that user must belong to.

    """
286 287 288
    model = Webapp
    form_class = WebappForm
    success_message = 'Webapp created successfully.'
289
    template_name = 'webapp_add_update.html'
290
    #  group_required = ['inria', ]
291 292

    def get_success_url(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
293
        """If successful redirect to the webapp list page"""
294
        return reverse('main:webapp_sandbox_panel', args=(self.webapp.docker_name,))
295

296 297 298 299 300 301
    def get_form(self):
        form = super().get_form()
        if not self.request.user.is_superuser:
            form.fields['memory_limit_mb'].widget.attrs['readonly'] = True
        return form

BAIRE Anthony's avatar
BAIRE Anthony committed
302 303 304
    def get_context_data(self, **kwargs):
        ctx=super().get_context_data(**kwargs)
        ctx["action"] = "Create"
305
        ctx["show_advanced"] = False
BAIRE Anthony's avatar
BAIRE Anthony committed
306 307
        return ctx

308
    def form_valid(self, form):
BERJON Matthieu's avatar
BERJON Matthieu committed
309
        """Save data coming from the form in the database """
310 311 312 313
        obj = form.save(commit=False)
        obj.user_id = self.request.user.id
        if not form.cleaned_data['contact']:
            obj.contact = self.request.user.email
314
        obj.sandbox_state = Webapp.IDLE
315 316 317
        # Ensure that all specials characters are removed, spaces are replaced
        # by hyphens and everything is lower-cased
        obj.docker_name = slugify(form.cleaned_data['name'])
318
        obj.memory_limit = form.get_memory_limit(self.request)
319 320 321 322 323 324 325 326 327 328

        # validate the Webapp record before saving
        # (this is a safety measure, do not remove)
        # FIXME: currently this raises an exception if the slugify-generated
        #        docker_name does not comply with the model constraints
        #        (for example: 'root' and 'sshd' are reserved names)
        #        To solve this, i think we should let the user choose the
        #        docker_name
        obj.full_clean()

329 330 331 332
        obj.save()

        # set up the docker container for the app
        Quota.objects.create(user=self.request.user, webapp=obj)
333 334 335 336
        # pass on the webapp data to get_successful_url to redirect with the
        # correct arguments (for instance the docker_name)
        self.webapp = obj
        return super().form_valid(form)
BERJON Matthieu's avatar
BERJON Matthieu committed
337

338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364
def get_rails_webapp_metadata(*, webapp_id=None, docker_name=None):
    """Download the metadata of a webapp from the legacy rails server
    
    Must provide either `webapp_id` or `docker_name`, but not both
    """
    assert bool(webapp_id) != bool(docker_name)

    if docker_name:
        url = "%s/app/%s/export" % (config.env.ALLGO_IMPORT_URL, docker_name)
    else:
        url = "%s/webapp/%d/export" % (config.env.ALLGO_IMPORT_URL, webapp_id)
    try:
        # use a 1s timeout to avoid blocking the django thread if the rails
        # server is not responding
        rep = requests.get(url, timeout=1)
        if rep.status_code == 404:
            raise Http404()
        rep.raise_for_status()
        js = rep.json()
        if (webapp_id not in (None, js["id"])
                or docker_name not in ("", js["docker_name"])):
            raise Exception("rails returned a webapp with inconsistent id or docker_name")
        return js
    except Exception as e:
        log.error("webapp import error: failed to get %s (%s)", url, e)
        raise

365

366
class WebappImport(ProviderAccessMixin, SuccessMessageMixin, FormView):
367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396
    """Import a new webapp

    This only creates the Webapp entry (along with the tags and webapp
    parameters), versions are imported separately.

    Once the webapp is imported, the Webapp entry is created with
    imported=True which enables the WebappVersionImport view (for import the
    actual versions, including the docker images).

    A webapp can be imported only if the e-mail of the current user strictly
    matches the owner e-mail of the imported app. If not, then the app has to
    be imported by a superuser, who can then transfer its ownership to the
    requesting user.

    An imported webapp will keep the same id and docker_name (to preserve the
    published urls). The import fails the id or docker_name is already used by
    another webapp.

    """
    model = Webapp
    form_class = WebappImportForm
    success_message = 'Webapp imported successfully.'
    template_name = 'webapp_import.html'

    def get_success_url(self):
        return reverse('main:webapp_version_import', args=(self.object.docker_name,))

    def get_context_data(self, **kwargs):
        ctx=super().get_context_data()
        ctx["import_url"] = config.env.ALLGO_IMPORT_URL+"/apps"
397 398
        ctx["imported_apps"] = Webapp.objects.filter(
                imported=True, user=self.request.user).order_by("name")
399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431
        return ctx

    def form_valid(self, form):
        def error(msg = "500 Internal Server Error"):
            messages.error(self.request, "Import failed : " + msg)
            return self.form_invalid(form)

        # parse the form parameters an prepare the import url
        webapp_id = form.cleaned_data["webapp_id"]
        docker_name = form.cleaned_data["docker_name"]
        if bool(webapp_id) == bool(docker_name):
            return error("You must provide either a name or an id")
            
        # get the metadata from the rails server an store them in var 'js'
        try:
            js = get_rails_webapp_metadata(webapp_id=webapp_id,
                    docker_name=docker_name)
        except Http404:
            return error("application not found")
        except Exception as e:
            return error()

        webapp_id   = js["id"]
        docker_name = js["docker_name"]

        # ensure this app does not already exist locally
        if Webapp.objects.filter(docker_name=docker_name).exists():
            return error("webapp named %r already exists" % docker_name)
        if Webapp.objects.filter(id=webapp_id).exists():
            return error("webapp id %r already exists" % webapp_id)
        
        current_user = self.request.user
        if not current_user.is_superuser:
432
            # get the user EmailAddress that matches the owner of the imported app
433 434
            email_addr = current_user.email_addresses.filter(
                    email=js["user"]).first()
435

436
            # ensure this app has the same owner
437
            if email_addr is None:
438 439 440
                return error("""this webapp belongs to another user (different
                e-mail address). If this other e-mail address belongs to you,
                then you should add it to your profile.""")
441 442

            # ensure the user email is verified
443
            if not email_addr.verified:
444 445 446 447
                messages.error(self.request,
                        "Webapp %r belongs to %r but this address is still not verified"
                        % (docker_name, email_addr.email))
                return redirect("main:user_need_validation")
448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476

        # We can import the webapp !

        webapp = Webapp(user=current_user, imported=True,
                docker_os=DockerOs.objects.first())
        # TODO: import logo+readme (but they are not yet implemented in django)
        for field_name in ("id", "docker_name", "name", "description",
                "contact", "default_quota", "entrypoint", "private",
                "memory_limit"):
            setattr(webapp, field_name, js[field_name])

        # try to use job queue with same name or fallback to the default queue
        webapp.job_queue = JobQueue.objects.filter(name=js["default_job_queue"]
                ).first() or JobQueue.objects.filter(is_default=True).first()

        webapp.save()

        # import the tags and parameters
        webapp.tags.add(*js["tags"])
        for param in js["parameters"]:
            if (param["value"], param["name"], param["detail"]) != (
                    None, None, None):
                WebappParameter.objects.create(webapp=webapp,
                        name=param["name"], value=param["value"],
                        detail=param["detail"])

        self.object = webapp
        return super().form_valid(form)

477

478
class WebappVersionImport(UserAccessMixin, DetailView):
479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571
    """Import version

    This view is enabled only for webapps created with imported=True

    The GET view lists the current status of remote version along with the
    local version (if any). If the remote version can be imported, it displays
    a checkbox to allow requesting its import.

    The POST view creates the WebappVersion entries with state=IMPORT and
    notifies the controller (which performs the actual import). The import is
    considered done as soon as the entry reaches the COMMITTED state.
    """
    template_name = 'webapp_version_import.html'

    def get_object(self):
        """Returns the object according to its docker name or a 404 error"""
        data = self.kwargs.get('docker_name', None)
        queryset = get_object_or_404(Webapp, docker_name=data, user_id=self.request.user.id)
        return queryset

    def get_context_data(self, **kwargs):
        ctx = super().get_context_data(**kwargs)
        webapp = self.object

        if not webapp.imported:
            raise Http404()

        # url of this webapp on the legacy server
        ctx["import_url"] = "%s/app/%s" % (
                config.env.ALLGO_IMPORT_URL, webapp.docker_name)

        # get the webapp metadata from the legacy server
        remote_versions = get_rails_webapp_metadata(
                docker_name=webapp.docker_name)["versions"]

        # dict of local webapp versions (indexed by the number) 
        # (if multiple entries exist with the same number (this happens if a
        # commit/push/import is in progress), we keep the one with the highest
        # id)
        local_versions = {}
        for v in WebappVersion.objects.filter(webapp=webapp).exclude(
                state__in=(WebappVersion.ERROR,
                    WebappVersion.REPLACED)).order_by("id"):
            local_versions[v.number] = v

        # list of versions to be displayed on the page
        versions = {}
        for remote in remote_versions:
            number = remote["number"]
            assert number not in versions, "rails must not export duplicated versions"
            local_version = local_versions.get(number)
            in_progress = getattr(local_version, "state", None) == WebappVersion.IMPORT
            versions[number] = {
                    "number":    number,
                    "remote_ts": iso8601.parse_date(remote["updated_at"]),
                    "local_ts":         "-" if in_progress else getattr(local_version, "updated_at", ""),
                    "local_imported":   None if in_progress else getattr(local_version, "imported", None),
                    "in_progress":      in_progress,
                    }
        ctx["versions"] = natsort.versorted(versions.values(),
                key=lambda v: v["number"], reverse=True)

        return ctx

    def post(self, request, *, docker_name):
        webapp = self.get_object()
        if not webapp.imported:
            raise Http404()

        remote_versions = get_rails_webapp_metadata(
                docker_name=webapp.docker_name)["versions"]

        for remote in remote_versions:
            number = remote["number"]
            if request.POST.get("version_"+number):
                log.info("import version %s", number)
                version = WebappVersion.objects.update_or_create({
                    "imported": True,
                    "published":         remote["published"],
                    "description":       remote["changelog"],
                    "docker_image_size": remote["docker_image_size"],
                    },
                    webapp=webapp,
                    number=number,
                    state=WebappVersion.IMPORT)[0]
                version.created_at = remote["created_at"]
                version.updated_at = remote["updated_at"]
                version.save()

        transaction.on_commit(lambda: notify_controller(webapp))

        return HttpResponseRedirect(request.path_info)

BERJON Matthieu's avatar
BERJON Matthieu committed
572

573
class WebappJson(UserAccessMixin, DetailView):
574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591
    """json variant of the application details
    
    (used by the /aio/apps/<DOCKER_NAME>/events endpoint)
    """

    def get_object(self):
        """Returns the object according to its docker name or a 404 error"""
        data = self.kwargs.get('docker_name', None)
        queryset = get_object_or_404(Webapp, docker_name=data)
        return queryset

    def render_to_response(self, context, **kwargs):
        webapp = context["webapp"]
        return JsonResponse({
            "id":               webapp.id,
            "sandbox_state":    webapp.get_sandbox_state_display(),
            })

592

593
class WebappSandboxPanel(UserAccessMixin, TemplateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
594 595 596 597 598 599 600 601
    """Create a new sandbox for a given application

    Attributes:
        form_class: form object to pass on the template.
        model: model to use in this class
        template_name: template filename

    """
602
    template_name = 'webapp_sandbox_panel.html'
603 604

    def get_object(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
605
        """Returns the object according to its docker name or a 404 error"""
606
        data = self.kwargs.get('docker_name', None)
607
        queryset = get_object_or_404(Webapp, docker_name=data, user_id=self.request.user.id)
608 609 610
        return queryset

    def get_context_data(self, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
611 612 613 614 615 616 617
        """Recover data to pass on to the template context
        
        In order to give the user a feedback regarding the way to push its image
        to the registry, we need to pass both the webapp `docker_name` and the
        `registry` URL.

        """
618
        context = super().get_context_data(**kwargs)
619
        context['webapp'] = self.get_object()
620 621 622 623 624 625 626 627 628 629 630 631 632 633 634

        context["ssh_command"] = "ssh%s %s@%s" % (
                (" -p %s" % config.env.ALLGO_SSH_PORT
                    if config.env.ALLGO_SSH_PORT != "22" else ""),
                (kwargs["docker_name"]),
                (config.env.ALLGO_SSH_HOST))

        # candidate docker os (start from scratch)
        context['docker_os_list'] = DockerOs.objects.all()

        # candidate versions (start from an existing version)
        versions = {}
        for state in (WebappVersion.READY, WebappVersion.COMMITTED):
            versions.update((v.number, v) for v in WebappVersion.objects.filter(
                webapp=context["webapp"], state=state))
635 636
        context['versions'] = natsort.versorted(versions.values(), key=lambda v: v.number)
        context['versions'].reverse()
637 638
        return context

639 640 641
    def post(self, request, *, docker_name):
        log.info("POST %r", request.POST)

642
        webapp = self.get_object()
643 644
        action = request.POST["action"]

BAIRE Anthony's avatar
BAIRE Anthony committed
645 646 647 648 649
        def stop_sandbox():
            webapp.sandbox_state = Webapp.STOPPING
            webapp.sandbox_version_id = None
            webapp.save()

650 651
        log.info("action %r", request.POST["action"])
        if action == "start":
BAIRE Anthony's avatar
BAIRE Anthony committed
652 653 654 655 656
            if webapp.sandbox_state != Webapp.IDLE:
                messages.error(request,
                        "unable to start sandbox %r because it not idle"
                        % webapp.name)
            else:
657 658 659 660 661 662 663 664 665
                if "webapp_version_id" in request.POST:
                    # start from an existing version
                    webapp.sandbox_version_id = int(request.POST["webapp_version_id"])
                else:
                    # start from scratch
                    webapp.docker_os_id = request.POST["docker_os_id"]
                    webapp.sandbox_version = None
                webapp.sandbox_state = Webapp.STARTING
                webapp.save()
BAIRE Anthony's avatar
BAIRE Anthony committed
666
                messages.success(request, "starting sandbox %r" % webapp.name)
667 668

        elif action == "commit":
BAIRE Anthony's avatar
BAIRE Anthony committed
669 670 671 672 673
            if webapp.sandbox_state != Webapp.RUNNING:
                messages.error(request,
                        "unable to commit sandbox %r because it is not running"
                        % webapp.name)
            else:
674 675 676 677 678
                # query previous active versions of this webapp
                previous = WebappVersion.objects.filter(webapp=webapp,
                            state__in = (WebappVersion.READY, WebappVersion.COMMITTED))
                extra = {}

679 680
                if request.POST["version-action"] == "replace-version":
                    number = request.POST["version-select"]
681 682
                    # keep the previous 'created_at' timestamp when replacing an image
                    extra["created_at"] = getattr(previous.filter(number=number).first(), "created_at")
683 684
                else:
                    number = request.POST["version-new"]
685 686 687

                    # ensure that this version number does not already exist
                    if previous.filter(number=number).exists():
688 689 690
                        messages.error(request, "unable to commit because version %r already exists"
                                " (if you want to overwrite this version, then use"
                                "  'replace version' instead)" % number)
BAIRE Anthony's avatar
BAIRE Anthony committed
691
                        return HttpResponseRedirect(request.path_info)
692

693 694
                WebappVersion.objects.create(
                        webapp=webapp,
695
                        number=number,
696 697
                        state=WebappVersion.SANDBOX,
                        published=True,
698
                        description=request.POST["description"],
699
                        **extra)
BAIRE Anthony's avatar
BAIRE Anthony committed
700
                stop_sandbox()
701

BAIRE Anthony's avatar
BAIRE Anthony committed
702 703
                messages.success(request, "committing sandbox %r version %r"
                        % (webapp.name, number))
704

705 706
        elif action == "rollback":
            if webapp.sandbox_state == Webapp.RUNNING:
BAIRE Anthony's avatar
BAIRE Anthony committed
707
                stop_sandbox()
BAIRE Anthony's avatar
BAIRE Anthony committed
708 709 710 711
                messages.success(request, "rolling back sandbox %r" % webapp.name)
            else:
                messages.error(request, "unable to roll back, sandbox %r is not running"
                        % webapp.name)
712 713 714

        elif action == "abort":
            if webapp.sandbox_state == Webapp.START_ERROR:
BAIRE Anthony's avatar
BAIRE Anthony committed
715
                stop_sandbox()
BAIRE Anthony's avatar
BAIRE Anthony committed
716
                messages.success(request, "reset sandbox %r" % webapp.name)
717 718 719 720 721

        elif action == "retry":
            if webapp.sandbox_state == Webapp.START_ERROR:
                webapp.sandbox_state = Webapp.STARTING
                webapp.save()
BAIRE Anthony's avatar
BAIRE Anthony committed
722
                messages.success(request, "starting sandbox %r" % webapp.name)
723
            elif webapp.sandbox_state == Webapp.STOP_ERROR:
BAIRE Anthony's avatar
BAIRE Anthony committed
724
                stop_sandbox()
BAIRE Anthony's avatar
BAIRE Anthony committed
725
                messages.success(request, "stopping sandbox %r" % webapp.name)
726

BAIRE Anthony's avatar
BAIRE Anthony committed
727
        log.debug("new sandbox state: %r -> %r",
728
                webapp.docker_name, webapp.get_sandbox_state())
729

BAIRE Anthony's avatar
BAIRE Anthony committed
730 731 732 733 734
        # NOTE: we return a 302 redirect to the same page (instead of rendering
        # it directly) to force the browser to make a separate GET request.
        # This prevent reexecuting the POST request if the user refreshes the
        # page.
        return HttpResponseRedirect(request.path_info)
735

736 737
# TAGS
# -----------------------------------------------------------------------------
BAIRE Anthony's avatar
BAIRE Anthony committed
738
class TagList(AllAccessMixin, ListView):
739 740 741 742 743 744 745 746
    """List all available tag along with their number of occurences

    Attributes:
        model: database model
        context_object_name: variable name used in the template to display the
                            data.
        template_name: template filename.
    """
BERJON Matthieu's avatar
BERJON Matthieu committed
747
    model = Tag
748 749 750 751 752
    context_object_name = 'tags'
    template_name = 'tag_list.html'

    def get_queryset(self):
        """Return all available tags
BERJON Matthieu's avatar
BERJON Matthieu committed
753

754 755
        Each tag return as well the number of webapps attached to it
        """
756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781

        
        # Compute the list of tags with the count of webapps visible by this user
        #
        # We need a raw request because filtering on Count() is not supported
        # in django 1.11.
        #
        # In django>=2.0 we should be able to write something like:
        #    tags = Tag.objects.annotate(num_tag=Count('taggit_taggeditem_items',
        #                                              filter = Q(...)))
        #
    
        # list of webapp ids visible by the current user
        webapp_ids = tuple(itertools.chain(
            *query_webapps_for_user(self.request.user).values_list("id")))
        # webapp content id (to select onl the tags on Webapp objects)
        webapp_content_id = ContentType.objects.get(app_label="main", model="Webapp").id
        # compute the list of tags with the webapp count (in the webapp_ids subset)
        tags = Tag.objects.raw("""
            SELECT taggit_tag.*, count(*) as num_tag
                FROM taggit_tag JOIN taggit_taggeditem
                ON taggit_tag.id=taggit_taggeditem.tag_id
                WHERE content_type_id=%s AND object_id in %s
                GROUP BY tag_id
                """, (webapp_content_id, webapp_ids))

782 783 784
        return tags


BAIRE Anthony's avatar
BAIRE Anthony committed
785
class TagWebappList(AllAccessMixin, ListView):
786 787 788 789 790 791 792 793 794
    """List all available webapps for a given tag

    Attributes:
        model: database model
        context_object_name: variable name used in the template to display the
                            data.
        paginated_by: number of occurences per page.
        template_name: template filename.
    """
BERJON Matthieu's avatar
BERJON Matthieu committed
795
    model = Webapp
796 797 798 799 800
    context_object_name = 'webapps'
    paginated_by = 10
    template_name = 'tag_webapp_list.html'

    def get_queryset(self):
801 802
        return query_webapps_for_user(self.request.user
                ).filter(tags__slug=self.kwargs['slug'])
803

804 805 806
    def get_context_data(self, **kwargs):
        return super().get_context_data(tag=self.kwargs["slug"], **kwargs)

807

808 809
# PROFILE
# -----------------------------------------------------------------------------
810
class UserUpdate(LoginRequiredMixin, SuccessMessageMixin, UpdateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
811 812 813 814 815 816 817
    """Update the user profile

    Attributes:
        form_class: form object to pass on the template.
        template_name: template filename
        success_message: successfull message sent to the template
    """
818
    form_class = UserForm
819
    template_name = "user_update.html"
820 821 822
    success_message = 'Profile updated successfully.'

    def get_success_url(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
823
        """If successful redirect to the user page"""
824 825 826
        return reverse('main:user_detail')

    def get_object(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
827
        """Only get the User record for the user making the request"""
828 829 830
        return User.objects.get(username=self.request.user.username)

    def get_context_data(self, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
831 832 833 834 835 836 837
        """Recover data to pass on to the template

        In order to display specific data, I process the SSH key to get its
        fingerprint and comment. Both the SSH key, fingerprint, comment and
        token to context template.

        """
838 839 840 841 842
        queryset = AllgoUser.objects.get(user_id=self.request.user.id)
        key = queryset.sshkey
        token = queryset.token
        if key:
            fingerprint, comment = get_ssh_data(key)
BERJON Matthieu's avatar
BERJON Matthieu committed
843
            kwargs['sshkey'] = True
844 845 846 847
            kwargs['ssh_comment'] = comment
            kwargs['ssh_fingerprint'] = fingerprint
        if token:
            kwargs['token'] = token
848 849 850 851

        kwargs['agreements'] = UserAgreement.objects.filter(
                user=self.request.user).order_by("-created_at")
        
852 853 854 855
        return super(UserUpdate, self).get_context_data(**kwargs)


class UserToken(LoginRequiredMixin, RedirectView):
BERJON Matthieu's avatar
BERJON Matthieu committed
856
    """Regenerate the user token"""
857

858 859
    success_message = 'Token generated successfully.'

860
    def dispatch(self, request, *args, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
861
        """Generate the token and save it into the database"""
862 863 864 865 866 867
        queryset = AllgoUser.objects.get(user_id=self.request.user.id)
        queryset.token = get_random_string(length=32)
        queryset.save()
        return super(UserToken, self).dispatch(request, *args, **kwargs)

    def get_redirect_url(self, *args, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
868
        """Redirect the user to the user page and display a successful message"""
869
        messages.success(self.request, self.success_message)
870 871
        return reverse('main:user_detail')

BERJON Matthieu's avatar
BERJON Matthieu committed
872

873
class UserSSHAdd(LoginRequiredMixin, SuccessMessageMixin, UpdateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
874 875 876 877 878 879 880
    """Save a SSH key to the database.
    
    Attributes:
        form_class: form object to pass on the template.
        template_name: template filename
        success_message: successfull message sent to the template
    """
BERJON Matthieu's avatar
BERJON Matthieu committed
881
    form_class = SSHForm
882
    template_name = 'user_ssh_add.html'
BERJON Matthieu's avatar
BERJON Matthieu committed
883 884 885
    success_message = 'SSH key added successfully.'

    def get_success_url(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
886
        """If successful redirect to the user page"""
BERJON Matthieu's avatar
BERJON Matthieu committed
887 888 889
        return reverse('main:user_detail')

    def get_object(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
890
        """Only get the User record for the user making the request"""
BERJON Matthieu's avatar
BERJON Matthieu committed
891
        return AllgoUser.objects.get(user_id=self.request.user.id)
892 893 894


class UserSSHDelete(LoginRequiredMixin, RedirectView):
BERJON Matthieu's avatar
BERJON Matthieu committed
895
    """Delete the user SSH key"""
896

897 898
    success_message = 'The SSH key has been successfully deleted.'

899
    def dispatch(self, request, *args, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
900
        """Generate an empty SSH key and save it into the database"""
901 902 903 904 905 906
        queryset = AllgoUser.objects.get(user_id=request.user.id)
        queryset.sshkey = ''
        queryset.save()
        return super(UserSSHDelete, self).dispatch(request, *args, **kwargs)

    def get_redirect_url(self, *args, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
907
        """If successful redirect to the user page"""
908
        messages.success(self.request, self.success_message)
909 910 911
        return reverse('main:user_detail')


912
class UserPasswordUpdate(LoginRequiredMixin, SuccessMessageMixin, UpdateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
913
    """Update the user's password.
914 915 916

    We reuse the Django password form system in order to keep something robust
    even if it dedicates a specific view for it.
BERJON Matthieu's avatar
BERJON Matthieu committed
917 918 919 920 921 922

    Attributes:
        success_url: URL or handle where the user will be redirected.
        form_class: form object to pass on the template.
        template_name: template filename
        success_message: successfull message sent to the template
923 924 925
    """
    success_url = reverse_lazy('main:user_detail')
    form_class = PasswordChangeForm
926
    template_name = "user_password_update.html"
927 928 929
    success_message = 'Password updated successfully.'

    def get_object(self, queryset=None):
BERJON Matthieu's avatar
BERJON Matthieu committed
930 931 932 933 934
        """Return the user data
        
        Todo:
            - Not sure the relevance of getting this information to the template
        """
935 936 937
        return self.request.user

    def get_form_kwargs(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
938
        """Return the arguments related to the user"""
939 940 941 942 943
        kwargs = super(UserPasswordUpdate, self).get_form_kwargs()
        kwargs['user'] = kwargs.pop('instance')
        return kwargs

    def dispatch(self, request, *args, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
944 945 946 947 948 949
        """
        Todo:
            - I'm not sure why I wrote that and why it is useful in the present
              case. It needs to be investigated.

        """
950 951
        return super(UserPasswordUpdate, self) \
            .dispatch(request, *args, **kwargs)
BERJON Matthieu's avatar
BERJON Matthieu committed
952

953

954 955 956 957 958 959 960 961 962 963 964
class UserNeedValidation(LoginRequiredMixin, DetailView):
    """This page is displayed when the user has not completed the registration process

    Causes:
    - email address needs verification
    """
    template_name = "user_need_validation.html"

    def get_object(self):
        return None

965 966 967 968
    def get_context_data(self, **kwargs):

        # last ToS agreement by the user
        agreement = UserAgreement.objects.filter(user=self.request.user
969
                ).order_by("-created_at").first()
970 971 972 973 974 975 976 977 978 979 980

        # next ToS to be signed
        next_tos = Tos.get_latest()

        if agreement is not None and agreement.tos == next_tos:
            # latest agreement already signed
            next_tos = None

        return super().get_context_data(
                agreement=agreement, next_tos=next_tos, **kwargs)

981
    def get(self, request):
982 983
        if all(addr.verified for addr in request.user.email_addresses
                ) and request.user.has_agreed_tos:
984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002
            # redirect to the main page if validation is complete
            messages.success(request, "Your account is fully validated")
            return redirect("main:home")
        else:
            return super().get(request)

    def post(self, request):
        # re-send a confirmation e-mail if 'confirm_address_id' is provided
        try:
            email_addr = request.user.email_addresses.get(
                    id=request.POST["confirm_address_id"])
        except (KeyError, ValueError, ObjectDoesNotExist):
            pass
        else:
            if not email_addr.verified:
                email_addr.send_confirmation(request)
                messages.info(self.request, 
                        "Confirmation e-mail sent to %s" % email_addr.email)

1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014
        # store user agreement
        if "yes_i_agree" in request.POST:
            try:
                tos = Tos.objects.get(id=int(request.POST["agree_tos_id"]))
            except (KeyError, ValueError, ObjectDoesNotExist):
                pass
            else:
                if UserAgreement.objects.get_or_create(
                        tos=tos, user=request.user)[1]:
                    messages.success(self.request,
                            "Terms of Service version %s agreed" % tos.version)

1015 1016
        return redirect(request.path_info)

BERJON Matthieu's avatar
BERJON Matthieu committed
1017 1018 1019
# JOBS
# -----------------------------------------------------------------------------

1020
class JobList(UserAccessMixin, ListView):
BERJON Matthieu's avatar
BERJON Matthieu committed
1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032
    """Display the list of jobs for a given identified user

    Attributes:
        model:  model used in the view.
        context_object_name:    the name used in the template to display each
                                variable.
        paginate_by: the number of occurences per page
        template_name: name of the template loaded with this view.
        redirect_field_name: None

    Todo:
        - Check the relevance of `redirect_field_name` and delete it if necessary
BERJON Matthieu's avatar
BERJON Matthieu committed
1033 1034 1035 1036 1037 1038 1039 1040 1041
    """
    model = Job
    context_object_name = 'job_list'
    template_name = 'job_list.html'
    paginate_by = 10
    redirect_field_name = 'redirect_to'

    def get_queryset(self):
        """Filter jobs for a given user"""
1042 1043
        queryset = Job.objects.filter(user_id=self.request.user.id
                ).exclude(state__in=(Job.DELETED, Job.ARCHIVED)).order_by('-id')
BERJON Matthieu's avatar
BERJON Matthieu committed
1044
        return queryset
BERJON Matthieu's avatar
BERJON Matthieu committed
1045

1046
class JobDetail(JobAuthMixin, DetailView):
1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061
    """Get a job detail for a specific user

    Attributes:
        model:  model used in the view.
        context_object_name:    the name used in the template to display each
                                variable.
        template_name: name of the template loaded with this view.

    """
    model = Job
    template_name = 'job_detail.html'
    context_object_name = 'job'

    def get_context_data(self, **kwargs):
        """Recover the logs and files related to this job"""
BERJON Matthieu's avatar
BERJON Matthieu committed
1062 1063
        job = Job.objects.get(pk=self.object.pk)

1064 1065 1066
        if job.state == Job.DONE:
            # job is done
            # -> read the `allgo.log` file
1067
            log_file = os.path.join(job.data_dir, 'allgo.log')
1068
            try:
1069
                with open(log_file, 'r', errors="replace") as log_data:
BERJON Matthieu's avatar
BERJON Matthieu committed
1070
                    logs = log_data.read()
1071 1072 1073 1074 1075 1076 1077
            except OSError as e:
                logs = '(logs not available)'
                log.error("Log file not available for job #%d (%s)", job.id, e)
        else:
            # job is pending
            # -> logs will be streamed (ajax request)
            logs = ""
BERJON Matthieu's avatar
BERJON Matthieu committed
1078 1079
        kwargs['logs'] = logs

1080 1081 1082
        # Hide the logs panel if the job is not yet started
        kwargs["logs_hidden"] = "hidden" if job.state in (Job.NEW, Job.WAITING) else ""

BERJON Matthieu's avatar
BERJON Matthieu committed
1083 1084
        # Get the files and some metadata such as the webapp version
        webapp = Webapp.objects.get(docker_name=self.object.webapp.docker_name)
1085 1086 1087 1088 1089 1090

        # List all job files
        # NOTE: calling lookup_job_file is a security feature
        kwargs['files'] = [x for x in os.listdir(job.data_dir)
                if lookup_job_file(job.id, x)]

BERJON Matthieu's avatar
BERJON Matthieu committed
1091
        return super().get_context_data(**kwargs)
1092

1093 1094
    def render_to_response(self, context, **kwargs):
        if self.request.META.get("HTTP_ACCEPT") == "application/json":
1095 1096
            # json variant of the job details
            # (used by the /aio/jobs/<ID>/events endpoint)
1097 1098 1099 1100
            job = context["job"]
            return JsonResponse({
                "id":           job.id,
                "state":        job.get_state_display(),
1101
                "result":       job.get_result_display(),
1102 1103 1104 1105 1106
                "rendered_status": status_icon(job),
                "exec_time":    job.exec_time,
                })
        else:
            return super().render_to_response(context, **kwargs)
1107

BAIRE Anthony's avatar
BAIRE Anthony committed
1108
class JobCreate(AllAccessMixin, SuccessMessageMixin, CreateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
1109 1110
    """ Display the data related a specific web and create a job instance
        into the database
BERJON Matthieu's avatar
BERJON Matthieu committed
1111 1112 1113 1114 1115 1116 1117 1118 1119

    Attributes:
        model:  model used in the view.
        form_class: form object to pass on the template.
        success_url: URL or handle where the user will be redirected.
        success_message: successfull message sent to the template
        template_name: name of the template loaded with this view.

    """
1120 1121 1122
    model = Job
    form_class = JobForm
    success_message = 'Job created successfully.'
BERJON Matthieu's avatar
BERJON Matthieu committed
1123
    template_name = 'webapp_detail.html'
1124

1125 1126 1127
    def get_success_url(self):
        return reverse('main:job_detail', args=(self.job_id,))

1128
    def form_valid(self, form):
BERJON Matthieu's avatar
BERJON Matthieu committed
1129
        """Save data coming from the form in the database """
1130 1131
        webapp = Webapp.objects.get(docker_name=self.kwargs['docker_name'])

BERJON Matthieu's avatar
BERJON Matthieu committed
1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146
        # If the user isn't identified, we send back an error message and
        # and redirect the user.
        if self.request.user.is_anonymous():
            messages.add_message(self.request, messages.ERROR, 'You must be identified to create a job.')
            log.warning("Someone tried to run a job without being identified.")
            return redirect('main:webapp_detail', webapp.docker_name)
        else:
            obj = form.save(commit=False)
            obj.queue_id = form.cleaned_data.get('queue_id').id
            obj.state = Job.NEW
            obj.result = 0
            obj.user_id = self.request.user.id
            obj.webapp_id = webapp.id
            obj.version = form.cleaned_data.get('version')
            obj.save()
1147

BERJON Matthieu's avatar
BERJON Matthieu committed
1148
            # Upload files if there are any
1149
            upload_data(self.request.FILES.getlist('files'), obj)
BERJON Matthieu's avatar
BERJON Matthieu committed
1150

BERJON Matthieu's avatar
BERJON Matthieu committed
1151 1152 1153
            # start the job
            obj.state = Job.WAITING
            obj.save()
1154
            self.job_id = obj.id
1155

BERJON Matthieu's avatar
BERJON Matthieu committed
1156
            return super().form_valid(form)
1157 1158

    def get_context_data(self, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
1159
        """Pass on the docker name to the template"""
1160
        webapp = Webapp.objects.get(docker_name=self.kwargs['docker_name'])
BERJON Matthieu's avatar
BERJON Matthieu committed
1161 1162
        kwargs['webapp'] = webapp

1163 1164 1165 1166 1167 1168 1169 1170 1171 1172
        # Private apps should not be indexed by search engines
        #
        # -> return 404 if we detect a robot
        #    (but we let authenticated user through, so that the app is still
        #     usable if robot_detection gets broken)
        if (webapp.private and self.request.user.is_anonymous() and
                robot_detection.is_robot(
                    self.request.META.get("HTTP_USER_AGENT") or " ")):
            raise Http404

BERJON Matthieu's avatar
BERJON Matthieu committed
1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185
        # Check if a readme is declared in the database
        if webapp.readme:
            readme_file = os.path.join(
                settings.MEDIA_ROOT,
                self.object.docker_name,
                'Readme')
            if os.path.exists(readme_file):
                with open(readme_file, 'r') as md_data:
                    kwargs['readme'] = md_data.read()
            else:
                log.warning("No README available for app %s", self.model.name)
        else:
            readme_file = None
1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202

        # select the list of versions to be displayed
        versions = natsort.versorted(set(v for v, in WebappVersion.objects
                .filter(webapp=webapp, state__in=(  WebappVersion.SANDBOX,
                                                    WebappVersion.COMMITTED,
                                                    WebappVersion.READY))
                .values_list("number")))

        # also list 'sandbox' if the sandbox is running and if the current user
        # is allowed to use the sandbox
        if webapp.sandbox_state == Webapp.RUNNING and (
            webapp.is_pushable_by(self.request.user)):
            versions.append("sandbox")
        
        versions.reverse()
        kwargs['versions'] = versions

1203 1204 1205 1206 1207 1208 1209 1210 1211 1212
        # build the sample command lines for using the REST API
        base_url = get_base_url(self.request)
        user = self.request.user
        auth = "Authorization: Token token=" + (
                user.allgouser.token if user.is_authenticated else "<your private_token>")

        kwargs["job_create_cmd"] = ["curl", "-H", auth,
                "-X", "POST", base_url + reverse("api:jobs"),
                None, "-F", "job[webapp_id]=" + str(webapp.id),
                None, "-F", "job[param]=",
1213
                None, "-F", "job[queue]=" + webapp.job_queue.name,
1214 1215 1216 1217 1218 1219 1220
                None, "-F", "files[0]=@test.txt",
                None, "-F", "files[1]=@test2.csv",
                None, "-F", "job[file_url]=<my_file_url>",
                None, "-F", "job[dataset]=<my_dataset_name>",
                ]

        kwargs["job_result_cmd"] = ["curl", "-H", auth,
1221
                base_url + reverse("api:job", args=(42,)).replace("42", "<job_id>")]
1222

BERJON Matthieu's avatar
BERJON Matthieu committed
1223
        return super().get_context_data(**kwargs)
1224

1225 1226
    def get_form_kwargs(self):
        """Return webapp data"""
BERJON Matthieu's avatar
BERJON Matthieu committed
1227
        kwargs = super().get_form_kwargs()
1228 1229 1230 1231
        queryset = Webapp.objects.get(docker_name=self.kwargs['docker_name'])
        kwargs['webapp'] = queryset
        return kwargs

1232

1233
class JobAbort(JobAuthMixin, View):
BAIRE Anthony's avatar
BAIRE Anthony committed
1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245
    def post(self, request, *, pk):
        job_id = int(pk)
        # switch state to ABORTING if the job is running (this is done
        # atomically to avoid messing up with the controller)
        if Job.objects.filter(id=job_id, state=Job.RUNNING
                ).update(state=Job.ABORTING):
            job_post_save(Job.objects.get(id=job_id))
            messages.success(request, "aborting job %s" % job_id)
        else:
            messages.error(request, "unable to abort job %s because is not running" % job_id)
        return redirect('main:job_detail', job_id)

1246

1247
class JobDelete(JobAuthMixin,  DeleteView):
BERJON Matthieu's avatar
BERJON Matthieu committed
1248 1249 1250 1251 1252 1253 1254 1255
    """Delete a job from the database

    Attributes:
        model:  model used in the view.
        success_url: URL or handle where the user will be redirected.
        success_message: successfull message sent to the template
        template_name: name of the template loaded with this view.

1256 1257 1258 1259 1260 1261 1262 1263
    Note:
        The `success_message` can't be used alone with the
        `SuccessMessageMixin` because it's hooked to `form_valid` method and 
        can't work with a `DeleteView`.

    See also:
        https://code.djangoproject.com/ticket/21926

BERJON Matthieu's avatar
BERJON Matthieu committed
1264 1265 1266 1267 1268 1269
    """
    model = Job
    success_message = 'Job successfully deleted.'
    success_url = reverse_lazy('main:job_list')
    template_name = 'job_delete.html'

1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284
    @classmethod
    def as_view(cls, **kw):
        # manage db transactions manually
        return transaction.non_atomic_requests(super().as_view(**kw))

    def delete(self, request, *args, pk, **kwargs):
        # NOTE: if job is in WAITING state, then any state update must be done
        # atomically so as not to mess up with che controller
        if not (Job.objects.filter(id=pk, state=Job.DONE
                    ).update(state=Job.ARCHIVED)
            or  Job.objects.filter(id=pk, state__in=(Job.NEW, Job.WAITING)
                    ).update(state=Job.DELETED)
            or  Job.objects.filter(id=pk, state__in=(Job.DELETED, Job.ARCHIVED)).exists()
            ):

1285
            messages.error(self.request, "cannot delete a running job")
1286
            return redirect('main:job_detail', pk)
1287

1288
        transaction.commit()
1289

1290
        self.object = job = self.get_object()
1291
        notify_controller(job) # so that the DELETED/ARCHIVED state is propagated into the redis db
1292 1293 1294

        # delete the data dir if present
        # FIXME: if this fail then we have dangling files staying in the way
1295
        job_dir = job.data_dir
1296 1297 1298
        if os.path.exists(job_dir):
            shutil.rmtree(job_dir)

1299 1300 1301 1302 1303
        if job.state == Job.DELETED:
            job.delete()

        messages.success(self.request, self.success_message)
        return redirect(self.get_success_url())
1304

1305

1306
class JobFileDownload(JobAuthMixin, View):
BERJON Matthieu's avatar
BERJON Matthieu committed
1307 1308 1309 1310 1311 1312 1313 1314
    """Download a given file"""

    def get(self, request, *args, **kwargs):
        """Return a file for a given job and filename
        """
        # get file
        job_id = self.kwargs['pk']
        filename = self.kwargs['filename']
1315
        return redirect("/datastore/%s/%s" % (job_id, filename))