views.py 56.3 KB
Newer Older
BERJON Matthieu's avatar
BERJON Matthieu committed
1
2
3
4
5
6
7
8
9
10
11
# -*- coding: utf-8 -*-
"""Main view module

This module handles most of the front-end for the Allgo system. You'll find
all the logic (controller) in an MVC pattern.

Attributes:
    log: module level variable to save information as a log data.

"""
# Python standard libraries
12
import glob
BERJON Matthieu's avatar
BERJON Matthieu committed
13
import io
14
import itertools
15
16
import json
import logging
17
import re
18
import os
19
import re
20
import shutil
21
import tempfile
22
import zipfile
23

BERJON Matthieu's avatar
BERJON Matthieu committed
24
# Third party imports
25
26
27
import iso8601
import natsort
import requests
28
import robot_detection
29
from django.conf import settings
30
from django.contrib import messages
31
from django.contrib.auth.forms import PasswordChangeForm
32
from django.contrib.auth.mixins import LoginRequiredMixin
BERJON Matthieu's avatar
BERJON Matthieu committed
33
from django.contrib.auth.models import User
34
from django.contrib.contenttypes.models import ContentType
35
from django.contrib.messages.views import SuccessMessageMixin
36
from django.core.exceptions import ObjectDoesNotExist
CAMPION Sebastien's avatar
CAMPION Sebastien committed
37
from django.core.urlresolvers import reverse
38
from django.db import transaction
39
from django.db.models import Count, Q
40
from django.http import HttpResponse, JsonResponse, HttpResponseRedirect, FileResponse, Http404
BERJON Matthieu's avatar
BERJON Matthieu committed
41
from django.shortcuts import render, get_object_or_404, redirect
42
from django.urls import reverse, reverse_lazy
43
from django.utils.crypto import get_random_string
44
from django.utils.text import slugify
45
from django.views.decorators.csrf import csrf_exempt
BERJON Matthieu's avatar
BERJON Matthieu committed
46
from django.views.generic import (
CAMPION Sebastien's avatar
pep8    
CAMPION Sebastien committed
47
48
49
    CreateView,
    DeleteView,
    DetailView,
50
    FormView,
CAMPION Sebastien's avatar
pep8    
CAMPION Sebastien committed
51
52
53
54
55
    ListView,
    RedirectView,
    TemplateView,
    UpdateView,
    View,
BERJON Matthieu's avatar
BERJON Matthieu committed
56
)
57
from django.views.generic.detail import SingleObjectMixin
BERJON Matthieu's avatar
BERJON Matthieu committed
58
from taggit.models import Tag
BERJON Matthieu's avatar
BERJON Matthieu committed
59

BERJON Matthieu's avatar
BERJON Matthieu committed
60
from .forms import (
CAMPION Sebastien's avatar
cosmit    
CAMPION Sebastien committed
61
62
63
64
65
    UserForm,
    HomeSignupForm,
    JobForm,
    SSHForm,
    RunnerForm,
66
67
    WebappForm,
    WebappSandboxForm,
68
    WebappImportForm,
CAMPION Sebastien's avatar
cosmit    
CAMPION Sebastien committed
69
)
CAMPION Sebastien's avatar
pep8    
CAMPION Sebastien committed
70
# Local imports
BAIRE Anthony's avatar
BAIRE Anthony committed
71
import config
72
from .helpers import get_base_url, get_ssh_data, upload_data, notify_controller, lookup_job_file, get_request_user, query_webapps_for_user
73
from .mixins import UserAccessMixin, ProviderAccessMixin, AllAccessMixin, JobAuthMixin
CAMPION Sebastien's avatar
pep8    
CAMPION Sebastien committed
74
75
from .models import (
    AllgoUser,
76
    DockerOs,
CAMPION Sebastien's avatar
pep8    
CAMPION Sebastien committed
77
    Job,
78
    JobQueue,
CAMPION Sebastien's avatar
pep8    
CAMPION Sebastien committed
79
80
81
    Quota,
    Runner,
    Webapp,
82
    WebappParameter,
CAMPION Sebastien's avatar
pep8    
CAMPION Sebastien committed
83
    WebappVersion,
BERJON Matthieu's avatar
BERJON Matthieu committed
84
    Tos,
85
    UserAgreement,
CAMPION Sebastien's avatar
pep8    
CAMPION Sebastien committed
86
)
BAIRE Anthony's avatar
BAIRE Anthony committed
87
from .signals import job_post_save
88
from .templatetags.converters import status_icon
BERJON Matthieu's avatar
BERJON Matthieu committed
89

BERJON Matthieu's avatar
BERJON Matthieu committed
90
# Start logger
91
log = logging.getLogger('allgo')
CAMPION Sebastien's avatar
CAMPION Sebastien committed
92

93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
def error_handler(status, reason, default, request, exception=None):
    """Generic error handler

    Since django is unable to handle per-app error handlers, we have to define
    global ones.

    The behaviour of this view is to generate a json-formatted message
    {"error": "something"} when the url starts with /api/, otherwise it just
    uses django's default error handler.
    """
    if request.path_info.startswith("/api/"):
        return JsonResponse({"error": "%d %s" % (status, reason)}, status=status)
    else:
        return default(request, exception)

CAMPION Sebastien's avatar
CAMPION Sebastien committed
108

BAIRE Anthony's avatar
BAIRE Anthony committed
109
class IndexDetail(AllAccessMixin, TemplateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
110
111
112
113
114
115
116
117
118
    """Home view

    Generate the home as a standard `TemplateView` by calling a specific
    template. Most of the data are handled in the template itself, only few
    contexte data are provided for specific use.

    Attributes:
        template_name:  filename of the template used.

119
    """
BERJON Matthieu's avatar
BERJON Matthieu committed
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
    template_name = 'home.html'

    def get_context_data(self, **kwargs):
        """ Generate specific data to pass on in the context of the template.

        Returns:
            user_nb (int): number of users recorded in the database.
            webapp_nb (int): number of webapps recorded in the database.
            job_nb (int): number of jobs recorded in the database.
            signup_form: form specific for signin-up directly on the home page.
        """
        context = super(IndexDetail, self).get_context_data(**kwargs)
        users = User.objects.all().count()
        webapps = Webapp.objects.all().count()
        jobs = Job.objects.all().count()

        context['user_nb'] = users
        context['webapp_nb'] = webapps
        context['job_nb'] = jobs
        context['signup_form'] = HomeSignupForm()

        return context
BERJON Matthieu's avatar
BERJON Matthieu committed
142
143


BAIRE Anthony's avatar
BAIRE Anthony committed
144
145
146
147
148
149
150
151
152
# Legacy views
class LegacyWebappDetail(SingleObjectMixin, RedirectView):
    model = Webapp
    permanent = True
    slug_field = "docker_name"
    def get_redirect_url(self, **kwargs):
        return reverse("main:webapp_detail",
                args=(self.get_object().docker_name,))

153
154
# WEBAPPS
# -----------------------------------------------------------------------------
BAIRE Anthony's avatar
BAIRE Anthony committed
155
156
157

# FIXME: should merge WebappList with UserWebappList
# FIXME: should filter out webapps that have not published versions and that do not belong to the current user
BAIRE Anthony's avatar
BAIRE Anthony committed
158
class WebappList(AllAccessMixin, ListView):
BERJON Matthieu's avatar
BERJON Matthieu committed
159
    """ Display a paginated list of available webapps.
160

BERJON Matthieu's avatar
BERJON Matthieu committed
161
162
    The webapps are filtered from the most recent to the oldest and no private
    apps are displayed.
163

BERJON Matthieu's avatar
BERJON Matthieu committed
164
165
166
167
168
169
170
    Attributes:
        model:  Webapp model is used.
        context_object_name:    the name used in the template to display each
                                variable.
        paginate_by: the number of occurences per page
        template_name: name of the template loaded with this view.
        queryset: a specific queryset designed to filter the data.
171

BERJON Matthieu's avatar
BERJON Matthieu committed
172
173
174
    Todo:
        - the number of occurences per page could be loaded from the config
        file.
175
176

    """
BERJON Matthieu's avatar
BERJON Matthieu committed
177
    model = Webapp
BERJON Matthieu's avatar
BERJON Matthieu committed
178
    context_object_name = 'webapps'
BERJON Matthieu's avatar
BERJON Matthieu committed
179
180
    paginate_by = 10
    template_name = 'webapp_list.html'
181

182
183
    def get_queryset(self):
        return query_webapps_for_user(self.request.user).order_by('-created_at')
BERJON Matthieu's avatar
BERJON Matthieu committed
184

BAIRE Anthony's avatar
BAIRE Anthony committed
185
class UserWebappList(AllAccessMixin, ListView):
BERJON Matthieu's avatar
BERJON Matthieu committed
186
187
188
189
190
191
192
193
194
195
196
197
198
    """List of user's webapp

    Returns all the webapps owned by a specific user. Only the user can its
    apps.

    Attributes:
        model: database model
        context_object_name: variable name used in the template to display the
                            data.
        paginate_by: number of occurences by page.
        template_name: template filename.
                            
    """
BERJON Matthieu's avatar
BERJON Matthieu committed
199
200
201
202
203
204
205
    model = Webapp
    context_object_name = 'webapps'
    paginate_by = 10
    template_name = 'webapp_list.html'

    def get_queryset(self):
        """Filter apps for a given user"""
BAIRE Anthony's avatar
BAIRE Anthony committed
206
        # FIXME: infoleak: any user can display all the apps of any user
BERJON Matthieu's avatar
BERJON Matthieu committed
207
208
209
210
211
        user = User.objects.get(username=self.kwargs['username'])
        queryset = Webapp.objects.filter(user=user)
        return queryset


212
class WebappUpdate(UserAccessMixin, SuccessMessageMixin, UpdateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
213
214
215
216
217
218
219
220
    """Form to update the webapp data

    Attributes:
        form_class: form object.
        template_name: template filename.
        success_message: message when the form is properly submitted.

    """
221
222
    form_class = WebappForm
    template_name = 'webapp_add_update.html'
BERJON Matthieu's avatar
BERJON Matthieu committed
223
    success_message = 'Your app has been successfully updated.'
224
    error_message = 'The email doesn\'t belong to any registered user. Please enter a valid owner email address.'
BERJON Matthieu's avatar
BERJON Matthieu committed
225
226

    def get_success_url(self):
227
228
        """If successful redirect to the webapp details page"""
        return reverse('main:webapp_detail', args=(self.object.docker_name,))
BERJON Matthieu's avatar
BERJON Matthieu committed
229
230

    def get_object(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
231
        """Returns the object according to its docker name or a 404 error"""
BERJON Matthieu's avatar
BERJON Matthieu committed
232
233
234
235
        data = self.kwargs.get('docker_name', None)
        queryset = get_object_or_404(Webapp, docker_name=data, user_id=self.request.user.id)
        return queryset

BAIRE Anthony's avatar
BAIRE Anthony committed
236
237
238
    def get_context_data(self, **kwargs):
        ctx=super().get_context_data(**kwargs)
        ctx["action"] = "Update"
239
240
241
242
243

        # we expand the 'advanced' tab if any of its field has a validation error
        ctx["show_advanced"] = bool(set(ctx["form"].errors)
                .intersection(ctx["form"].ADVANCED_FIELDS))

BAIRE Anthony's avatar
BAIRE Anthony committed
244
245
        return ctx

246
247
248
249
250
251
    def get_form(self):
        form = super().get_form()
        if not self.request.user.is_superuser:
            form.fields['memory_limit_mb'].widget.attrs['readonly'] = True
        return form

BERJON Matthieu's avatar
BERJON Matthieu committed
252
    def form_valid(self, form):
BERJON Matthieu's avatar
BERJON Matthieu committed
253
        """Save data coming from the form in the database """
BERJON Matthieu's avatar
BERJON Matthieu committed
254
        obj = form.save(commit=False)
255

BERJON Matthieu's avatar
BERJON Matthieu committed
256
257
258
        try:
            user = User.objects.get(username=form.cleaned_data['owner'])
            obj.user_id = user.id
259
            obj.memory_limit = form.get_memory_limit(self.request)
BERJON Matthieu's avatar
BERJON Matthieu committed
260
            form.save()
BERJON Matthieu's avatar
BERJON Matthieu committed
261
262
            # Add the tag to the database (specific because it's a many to 
            # many relationship)
263
            form.save_m2m()
BERJON Matthieu's avatar
BERJON Matthieu committed
264
            if user != self.request.user:
265
                messages.success(self.request, self.success_message)
BERJON Matthieu's avatar
BERJON Matthieu committed
266
267
                return redirect('main:user_webapp_list', self.request.user.username)
            else:
268
                return super().form_valid(form)
BERJON Matthieu's avatar
BERJON Matthieu committed
269
        except User.DoesNotExist:
270
            messages.error(self.request, self.error_message)
271
            return super().form_invalid(form)
BERJON Matthieu's avatar
BERJON Matthieu committed
272
273


274
class WebappCreate(ProviderAccessMixin, SuccessMessageMixin, CreateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
275
276
277
278
279
280
281
282
283
284
    """Create a new webapp

    Attributes:
        model: model to use in this class.
        form_class: form object passed to the template.
        success_message: successfull message sent to the template
        template_name: template filename.
        group_required: groups that user must belong to.

    """
285
286
287
    model = Webapp
    form_class = WebappForm
    success_message = 'Webapp created successfully.'
288
    template_name = 'webapp_add_update.html'
289
    #  group_required = ['inria', ]
290
291

    def get_success_url(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
292
        """If successful redirect to the webapp list page"""
293
        return reverse('main:webapp_sandbox_panel', args=(self.webapp.docker_name,))
294

295
296
297
298
299
300
    def get_form(self):
        form = super().get_form()
        if not self.request.user.is_superuser:
            form.fields['memory_limit_mb'].widget.attrs['readonly'] = True
        return form

BAIRE Anthony's avatar
BAIRE Anthony committed
301
302
303
    def get_context_data(self, **kwargs):
        ctx=super().get_context_data(**kwargs)
        ctx["action"] = "Create"
304
        ctx["show_advanced"] = False
BAIRE Anthony's avatar
BAIRE Anthony committed
305
306
        return ctx

307
    def form_valid(self, form):
BERJON Matthieu's avatar
BERJON Matthieu committed
308
        """Save data coming from the form in the database """
309
310
311
312
        obj = form.save(commit=False)
        obj.user_id = self.request.user.id
        if not form.cleaned_data['contact']:
            obj.contact = self.request.user.email
313
        obj.sandbox_state = Webapp.IDLE
314
315
316
        # Ensure that all specials characters are removed, spaces are replaced
        # by hyphens and everything is lower-cased
        obj.docker_name = slugify(form.cleaned_data['name'])
317
        obj.memory_limit = form.get_memory_limit(self.request)
318
319
320
321
322
323
324
325
326
327

        # validate the Webapp record before saving
        # (this is a safety measure, do not remove)
        # FIXME: currently this raises an exception if the slugify-generated
        #        docker_name does not comply with the model constraints
        #        (for example: 'root' and 'sshd' are reserved names)
        #        To solve this, i think we should let the user choose the
        #        docker_name
        obj.full_clean()

328
329
330
331
        obj.save()

        # set up the docker container for the app
        Quota.objects.create(user=self.request.user, webapp=obj)
332
333
334
335
        # pass on the webapp data to get_successful_url to redirect with the
        # correct arguments (for instance the docker_name)
        self.webapp = obj
        return super().form_valid(form)
BERJON Matthieu's avatar
BERJON Matthieu committed
336

337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
def get_rails_webapp_metadata(*, webapp_id=None, docker_name=None):
    """Download the metadata of a webapp from the legacy rails server
    
    Must provide either `webapp_id` or `docker_name`, but not both
    """
    assert bool(webapp_id) != bool(docker_name)

    if docker_name:
        url = "%s/app/%s/export" % (config.env.ALLGO_IMPORT_URL, docker_name)
    else:
        url = "%s/webapp/%d/export" % (config.env.ALLGO_IMPORT_URL, webapp_id)
    try:
        # use a 1s timeout to avoid blocking the django thread if the rails
        # server is not responding
        rep = requests.get(url, timeout=1)
        if rep.status_code == 404:
            raise Http404()
        rep.raise_for_status()
        js = rep.json()
        if (webapp_id not in (None, js["id"])
                or docker_name not in ("", js["docker_name"])):
            raise Exception("rails returned a webapp with inconsistent id or docker_name")
        return js
    except Exception as e:
        log.error("webapp import error: failed to get %s (%s)", url, e)
        raise

364
class WebappImport(ProviderAccessMixin, SuccessMessageMixin, FormView):
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
    """Import a new webapp

    This only creates the Webapp entry (along with the tags and webapp
    parameters), versions are imported separately.

    Once the webapp is imported, the Webapp entry is created with
    imported=True which enables the WebappVersionImport view (for import the
    actual versions, including the docker images).

    A webapp can be imported only if the e-mail of the current user strictly
    matches the owner e-mail of the imported app. If not, then the app has to
    be imported by a superuser, who can then transfer its ownership to the
    requesting user.

    An imported webapp will keep the same id and docker_name (to preserve the
    published urls). The import fails the id or docker_name is already used by
    another webapp.

    """
    model = Webapp
    form_class = WebappImportForm
    success_message = 'Webapp imported successfully.'
    template_name = 'webapp_import.html'

    def get_success_url(self):
        return reverse('main:webapp_version_import', args=(self.object.docker_name,))

    def get_context_data(self, **kwargs):
        ctx=super().get_context_data()
        ctx["import_url"] = config.env.ALLGO_IMPORT_URL+"/apps"
395
396
        ctx["imported_apps"] = Webapp.objects.filter(
                imported=True, user=self.request.user).order_by("name")
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
        return ctx

    def form_valid(self, form):
        def error(msg = "500 Internal Server Error"):
            messages.error(self.request, "Import failed : " + msg)
            return self.form_invalid(form)

        # parse the form parameters an prepare the import url
        webapp_id = form.cleaned_data["webapp_id"]
        docker_name = form.cleaned_data["docker_name"]
        if bool(webapp_id) == bool(docker_name):
            return error("You must provide either a name or an id")
            
        # get the metadata from the rails server an store them in var 'js'
        try:
            js = get_rails_webapp_metadata(webapp_id=webapp_id,
                    docker_name=docker_name)
        except Http404:
            return error("application not found")
        except Exception as e:
            return error()

        webapp_id   = js["id"]
        docker_name = js["docker_name"]

        # ensure this app does not already exist locally
        if Webapp.objects.filter(docker_name=docker_name).exists():
            return error("webapp named %r already exists" % docker_name)
        if Webapp.objects.filter(id=webapp_id).exists():
            return error("webapp id %r already exists" % webapp_id)
        
        current_user = self.request.user
        if not current_user.is_superuser:
430
            # get the user EmailAddress that matches the owner of the imported app
431
432
            email_addr = current_user.email_addresses.filter(
                    email=js["user"]).first()
433

434
            # ensure this app has the same owner
435
            if email_addr is None:
436
437
438
                return error("""this webapp belongs to another user (different
                e-mail address). If this other e-mail address belongs to you,
                then you should add it to your profile.""")
439
440

            # ensure the user email is verified
441
            if not email_addr.verified:
442
443
444
445
                messages.error(self.request,
                        "Webapp %r belongs to %r but this address is still not verified"
                        % (docker_name, email_addr.email))
                return redirect("main:user_need_validation")
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474

        # We can import the webapp !

        webapp = Webapp(user=current_user, imported=True,
                docker_os=DockerOs.objects.first())
        # TODO: import logo+readme (but they are not yet implemented in django)
        for field_name in ("id", "docker_name", "name", "description",
                "contact", "default_quota", "entrypoint", "private",
                "memory_limit"):
            setattr(webapp, field_name, js[field_name])

        # try to use job queue with same name or fallback to the default queue
        webapp.job_queue = JobQueue.objects.filter(name=js["default_job_queue"]
                ).first() or JobQueue.objects.filter(is_default=True).first()

        webapp.save()

        # import the tags and parameters
        webapp.tags.add(*js["tags"])
        for param in js["parameters"]:
            if (param["value"], param["name"], param["detail"]) != (
                    None, None, None):
                WebappParameter.objects.create(webapp=webapp,
                        name=param["name"], value=param["value"],
                        detail=param["detail"])

        self.object = webapp
        return super().form_valid(form)

475
class WebappVersionImport(UserAccessMixin, DetailView):
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
    """Import version

    This view is enabled only for webapps created with imported=True

    The GET view lists the current status of remote version along with the
    local version (if any). If the remote version can be imported, it displays
    a checkbox to allow requesting its import.

    The POST view creates the WebappVersion entries with state=IMPORT and
    notifies the controller (which performs the actual import). The import is
    considered done as soon as the entry reaches the COMMITTED state.
    """
    template_name = 'webapp_version_import.html'

    def get_object(self):
        """Returns the object according to its docker name or a 404 error"""
        data = self.kwargs.get('docker_name', None)
        queryset = get_object_or_404(Webapp, docker_name=data, user_id=self.request.user.id)
        return queryset

    def get_context_data(self, **kwargs):
        ctx = super().get_context_data(**kwargs)
        webapp = self.object

        if not webapp.imported:
            raise Http404()

        # url of this webapp on the legacy server
        ctx["import_url"] = "%s/app/%s" % (
                config.env.ALLGO_IMPORT_URL, webapp.docker_name)

        # get the webapp metadata from the legacy server
        remote_versions = get_rails_webapp_metadata(
                docker_name=webapp.docker_name)["versions"]

        # dict of local webapp versions (indexed by the number) 
        # (if multiple entries exist with the same number (this happens if a
        # commit/push/import is in progress), we keep the one with the highest
        # id)
        local_versions = {}
        for v in WebappVersion.objects.filter(webapp=webapp).exclude(
                state__in=(WebappVersion.ERROR,
                    WebappVersion.REPLACED)).order_by("id"):
            local_versions[v.number] = v

        # list of versions to be displayed on the page
        versions = {}
        for remote in remote_versions:
            number = remote["number"]
            assert number not in versions, "rails must not export duplicated versions"
            local_version = local_versions.get(number)
            in_progress = getattr(local_version, "state", None) == WebappVersion.IMPORT
            versions[number] = {
                    "number":    number,
                    "remote_ts": iso8601.parse_date(remote["updated_at"]),
                    "local_ts":         "-" if in_progress else getattr(local_version, "updated_at", ""),
                    "local_imported":   None if in_progress else getattr(local_version, "imported", None),
                    "in_progress":      in_progress,
                    }
        ctx["versions"] = natsort.versorted(versions.values(),
                key=lambda v: v["number"], reverse=True)

        return ctx

    def post(self, request, *, docker_name):
        webapp = self.get_object()
        if not webapp.imported:
            raise Http404()

        remote_versions = get_rails_webapp_metadata(
                docker_name=webapp.docker_name)["versions"]

        for remote in remote_versions:
            number = remote["number"]
            if request.POST.get("version_"+number):
                log.info("import version %s", number)
                version = WebappVersion.objects.update_or_create({
                    "imported": True,
                    "published":         remote["published"],
                    "description":       remote["changelog"],
                    "docker_image_size": remote["docker_image_size"],
                    },
                    webapp=webapp,
                    number=number,
                    state=WebappVersion.IMPORT)[0]
                version.created_at = remote["created_at"]
                version.updated_at = remote["updated_at"]
                version.save()

        transaction.on_commit(lambda: notify_controller(webapp))

        return HttpResponseRedirect(request.path_info)

BERJON Matthieu's avatar
BERJON Matthieu committed
569

570
class WebappJson(UserAccessMixin, DetailView):
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
    """json variant of the application details
    
    (used by the /aio/apps/<DOCKER_NAME>/events endpoint)
    """

    def get_object(self):
        """Returns the object according to its docker name or a 404 error"""
        data = self.kwargs.get('docker_name', None)
        queryset = get_object_or_404(Webapp, docker_name=data)
        return queryset

    def render_to_response(self, context, **kwargs):
        webapp = context["webapp"]
        return JsonResponse({
            "id":               webapp.id,
            "sandbox_state":    webapp.get_sandbox_state_display(),
            })

589
class WebappSandboxPanel(UserAccessMixin, TemplateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
590
591
592
593
594
595
596
597
    """Create a new sandbox for a given application

    Attributes:
        form_class: form object to pass on the template.
        model: model to use in this class
        template_name: template filename

    """
598
    template_name = 'webapp_sandbox_panel.html'
599
600

    def get_object(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
601
        """Returns the object according to its docker name or a 404 error"""
602
        data = self.kwargs.get('docker_name', None)
603
        queryset = get_object_or_404(Webapp, docker_name=data, user_id=self.request.user.id)
604
605
606
        return queryset

    def get_context_data(self, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
607
608
609
610
611
612
613
        """Recover data to pass on to the template context
        
        In order to give the user a feedback regarding the way to push its image
        to the registry, we need to pass both the webapp `docker_name` and the
        `registry` URL.

        """
614
        context = super().get_context_data(**kwargs)
615
        context['webapp'] = self.get_object()
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630

        context["ssh_command"] = "ssh%s %s@%s" % (
                (" -p %s" % config.env.ALLGO_SSH_PORT
                    if config.env.ALLGO_SSH_PORT != "22" else ""),
                (kwargs["docker_name"]),
                (config.env.ALLGO_SSH_HOST))

        # candidate docker os (start from scratch)
        context['docker_os_list'] = DockerOs.objects.all()

        # candidate versions (start from an existing version)
        versions = {}
        for state in (WebappVersion.READY, WebappVersion.COMMITTED):
            versions.update((v.number, v) for v in WebappVersion.objects.filter(
                webapp=context["webapp"], state=state))
631
632
        context['versions'] = natsort.versorted(versions.values(), key=lambda v: v.number)
        context['versions'].reverse()
633
634
        return context

635
636
637
    def post(self, request, *, docker_name):
        log.info("POST %r", request.POST)

638
        webapp = self.get_object()
639
640
        action = request.POST["action"]

BAIRE Anthony's avatar
BAIRE Anthony committed
641
642
643
644
645
        def stop_sandbox():
            webapp.sandbox_state = Webapp.STOPPING
            webapp.sandbox_version_id = None
            webapp.save()

646
647
        log.info("action %r", request.POST["action"])
        if action == "start":
BAIRE Anthony's avatar
BAIRE Anthony committed
648
649
650
651
652
            if webapp.sandbox_state != Webapp.IDLE:
                messages.error(request,
                        "unable to start sandbox %r because it not idle"
                        % webapp.name)
            else:
653
654
655
656
657
658
659
660
661
                if "webapp_version_id" in request.POST:
                    # start from an existing version
                    webapp.sandbox_version_id = int(request.POST["webapp_version_id"])
                else:
                    # start from scratch
                    webapp.docker_os_id = request.POST["docker_os_id"]
                    webapp.sandbox_version = None
                webapp.sandbox_state = Webapp.STARTING
                webapp.save()
BAIRE Anthony's avatar
BAIRE Anthony committed
662
                messages.success(request, "starting sandbox %r" % webapp.name)
663
664

        elif action == "commit":
BAIRE Anthony's avatar
BAIRE Anthony committed
665
666
667
668
669
            if webapp.sandbox_state != Webapp.RUNNING:
                messages.error(request,
                        "unable to commit sandbox %r because it is not running"
                        % webapp.name)
            else:
670
671
672
673
674
                # query previous active versions of this webapp
                previous = WebappVersion.objects.filter(webapp=webapp,
                            state__in = (WebappVersion.READY, WebappVersion.COMMITTED))
                extra = {}

675
676
                if request.POST["version-action"] == "replace-version":
                    number = request.POST["version-select"]
677
678
                    # keep the previous 'created_at' timestamp when replacing an image
                    extra["created_at"] = getattr(previous.filter(number=number).first(), "created_at")
679
680
                else:
                    number = request.POST["version-new"]
681
682
683

                    # ensure that this version number does not already exist
                    if previous.filter(number=number).exists():
684
685
686
                        messages.error(request, "unable to commit because version %r already exists"
                                " (if you want to overwrite this version, then use"
                                "  'replace version' instead)" % number)
BAIRE Anthony's avatar
BAIRE Anthony committed
687
                        return HttpResponseRedirect(request.path_info)
688

689
690
                WebappVersion.objects.create(
                        webapp=webapp,
691
                        number=number,
692
                        state=WebappVersion.SANDBOX,
693
                        published=request.POST["published"],
694
                        description=request.POST["description"],
695
                        **extra)
BAIRE Anthony's avatar
BAIRE Anthony committed
696
                stop_sandbox()
697

BAIRE Anthony's avatar
BAIRE Anthony committed
698
699
                messages.success(request, "committing sandbox %r version %r"
                        % (webapp.name, number))
700

701
702
        elif action == "rollback":
            if webapp.sandbox_state == Webapp.RUNNING:
BAIRE Anthony's avatar
BAIRE Anthony committed
703
                stop_sandbox()
BAIRE Anthony's avatar
BAIRE Anthony committed
704
705
706
707
                messages.success(request, "rolling back sandbox %r" % webapp.name)
            else:
                messages.error(request, "unable to roll back, sandbox %r is not running"
                        % webapp.name)
708
709
710

        elif action == "abort":
            if webapp.sandbox_state == Webapp.START_ERROR:
BAIRE Anthony's avatar
BAIRE Anthony committed
711
                stop_sandbox()
BAIRE Anthony's avatar
BAIRE Anthony committed
712
                messages.success(request, "reset sandbox %r" % webapp.name)
713
714
715
716
717

        elif action == "retry":
            if webapp.sandbox_state == Webapp.START_ERROR:
                webapp.sandbox_state = Webapp.STARTING
                webapp.save()
BAIRE Anthony's avatar
BAIRE Anthony committed
718
                messages.success(request, "starting sandbox %r" % webapp.name)
719
            elif webapp.sandbox_state == Webapp.STOP_ERROR:
BAIRE Anthony's avatar
BAIRE Anthony committed
720
                stop_sandbox()
BAIRE Anthony's avatar
BAIRE Anthony committed
721
                messages.success(request, "stopping sandbox %r" % webapp.name)
722

BAIRE Anthony's avatar
BAIRE Anthony committed
723
724
        log.debug("new sandbox state: %r -> %r",
                webapp.docker_name, webapp.sandbox_state)
725

BAIRE Anthony's avatar
BAIRE Anthony committed
726
727
728
729
730
        # NOTE: we return a 302 redirect to the same page (instead of rendering
        # it directly) to force the browser to make a separate GET request.
        # This prevent reexecuting the POST request if the user refreshes the
        # page.
        return HttpResponseRedirect(request.path_info)
731

732
733
734
# TAGS
# -----------------------------------------------------------------------------

BAIRE Anthony's avatar
BAIRE Anthony committed
735
class TagList(AllAccessMixin, ListView):
736
737
738
739
740
741
742
743
    """List all available tag along with their number of occurences

    Attributes:
        model: database model
        context_object_name: variable name used in the template to display the
                            data.
        template_name: template filename.
    """
BERJON Matthieu's avatar
BERJON Matthieu committed
744
    model = Tag
745
746
747
748
749
    context_object_name = 'tags'
    template_name = 'tag_list.html'

    def get_queryset(self):
        """Return all available tags
BERJON Matthieu's avatar
BERJON Matthieu committed
750

751
752
        Each tag return as well the number of webapps attached to it
        """
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778

        
        # Compute the list of tags with the count of webapps visible by this user
        #
        # We need a raw request because filtering on Count() is not supported
        # in django 1.11.
        #
        # In django>=2.0 we should be able to write something like:
        #    tags = Tag.objects.annotate(num_tag=Count('taggit_taggeditem_items',
        #                                              filter = Q(...)))
        #
    
        # list of webapp ids visible by the current user
        webapp_ids = tuple(itertools.chain(
            *query_webapps_for_user(self.request.user).values_list("id")))
        # webapp content id (to select onl the tags on Webapp objects)
        webapp_content_id = ContentType.objects.get(app_label="main", model="Webapp").id
        # compute the list of tags with the webapp count (in the webapp_ids subset)
        tags = Tag.objects.raw("""
            SELECT taggit_tag.*, count(*) as num_tag
                FROM taggit_tag JOIN taggit_taggeditem
                ON taggit_tag.id=taggit_taggeditem.tag_id
                WHERE content_type_id=%s AND object_id in %s
                GROUP BY tag_id
                """, (webapp_content_id, webapp_ids))

779
780
781
        return tags


BAIRE Anthony's avatar
BAIRE Anthony committed
782
class TagWebappList(AllAccessMixin, ListView):
783
784
785
786
787
788
789
790
791
    """List all available webapps for a given tag

    Attributes:
        model: database model
        context_object_name: variable name used in the template to display the
                            data.
        paginated_by: number of occurences per page.
        template_name: template filename.
    """
BERJON Matthieu's avatar
BERJON Matthieu committed
792
    model = Webapp
793
794
795
796
797
    context_object_name = 'webapps'
    paginated_by = 10
    template_name = 'tag_webapp_list.html'

    def get_queryset(self):
798
799
        return query_webapps_for_user(self.request.user
                ).filter(tags__slug=self.kwargs['slug'])
800

801
802
803
    def get_context_data(self, **kwargs):
        return super().get_context_data(tag=self.kwargs["slug"], **kwargs)

804

805
806
# PROFILE
# -----------------------------------------------------------------------------
807
class UserUpdate(LoginRequiredMixin, SuccessMessageMixin, UpdateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
808
809
810
811
812
813
814
    """Update the user profile

    Attributes:
        form_class: form object to pass on the template.
        template_name: template filename
        success_message: successfull message sent to the template
    """
815
    form_class = UserForm
816
    template_name = "user_update.html"
817
818
819
    success_message = 'Profile updated successfully.'

    def get_success_url(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
820
        """If successful redirect to the user page"""
821
822
823
        return reverse('main:user_detail')

    def get_object(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
824
        """Only get the User record for the user making the request"""
825
826
827
        return User.objects.get(username=self.request.user.username)

    def get_context_data(self, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
828
829
830
831
832
833
834
        """Recover data to pass on to the template

        In order to display specific data, I process the SSH key to get its
        fingerprint and comment. Both the SSH key, fingerprint, comment and
        token to context template.

        """
835
836
837
838
839
        queryset = AllgoUser.objects.get(user_id=self.request.user.id)
        key = queryset.sshkey
        token = queryset.token
        if key:
            fingerprint, comment = get_ssh_data(key)
BERJON Matthieu's avatar
BERJON Matthieu committed
840
            kwargs['sshkey'] = True
841
842
843
844
            kwargs['ssh_comment'] = comment
            kwargs['ssh_fingerprint'] = fingerprint
        if token:
            kwargs['token'] = token
845
846
847
848

        kwargs['agreements'] = UserAgreement.objects.filter(
                user=self.request.user).order_by("-created_at")
        
849
850
851
852
        return super(UserUpdate, self).get_context_data(**kwargs)


class UserToken(LoginRequiredMixin, RedirectView):
BERJON Matthieu's avatar
BERJON Matthieu committed
853
    """Regenerate the user token"""
854

855
856
    success_message = 'Token generated successfully.'

857
    def dispatch(self, request, *args, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
858
        """Generate the token and save it into the database"""
859
860
861
862
863
864
        queryset = AllgoUser.objects.get(user_id=self.request.user.id)
        queryset.token = get_random_string(length=32)
        queryset.save()
        return super(UserToken, self).dispatch(request, *args, **kwargs)

    def get_redirect_url(self, *args, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
865
        """Redirect the user to the user page and display a successful message"""
866
        messages.success(self.request, self.success_message)
867
868
        return reverse('main:user_detail')

BERJON Matthieu's avatar
BERJON Matthieu committed
869

870
class UserSSHAdd(LoginRequiredMixin, SuccessMessageMixin, UpdateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
871
872
873
874
875
876
877
    """Save a SSH key to the database.
    
    Attributes:
        form_class: form object to pass on the template.
        template_name: template filename
        success_message: successfull message sent to the template
    """
BERJON Matthieu's avatar
BERJON Matthieu committed
878
    form_class = SSHForm
879
    template_name = 'user_ssh_add.html'
BERJON Matthieu's avatar
BERJON Matthieu committed
880
881
882
    success_message = 'SSH key added successfully.'

    def get_success_url(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
883
        """If successful redirect to the user page"""
BERJON Matthieu's avatar
BERJON Matthieu committed
884
885
886
        return reverse('main:user_detail')

    def get_object(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
887
        """Only get the User record for the user making the request"""
BERJON Matthieu's avatar
BERJON Matthieu committed
888
        return AllgoUser.objects.get(user_id=self.request.user.id)
889
890
891


class UserSSHDelete(LoginRequiredMixin, RedirectView):
BERJON Matthieu's avatar
BERJON Matthieu committed
892
    """Delete the user SSH key"""
893

894
895
    success_message = 'The SSH key has been successfully deleted.'

896
    def dispatch(self, request, *args, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
897
        """Generate an empty SSH key and save it into the database"""
898
899
900
901
902
903
        queryset = AllgoUser.objects.get(user_id=request.user.id)
        queryset.sshkey = ''
        queryset.save()
        return super(UserSSHDelete, self).dispatch(request, *args, **kwargs)

    def get_redirect_url(self, *args, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
904
        """If successful redirect to the user page"""
905
        messages.success(self.request, self.success_message)
906
907
908
        return reverse('main:user_detail')


909
class UserPasswordUpdate(LoginRequiredMixin, SuccessMessageMixin, UpdateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
910
    """Update the user's password.
911
912
913

    We reuse the Django password form system in order to keep something robust
    even if it dedicates a specific view for it.
BERJON Matthieu's avatar
BERJON Matthieu committed
914
915
916
917
918
919

    Attributes:
        success_url: URL or handle where the user will be redirected.
        form_class: form object to pass on the template.
        template_name: template filename
        success_message: successfull message sent to the template
920
921
922
    """
    success_url = reverse_lazy('main:user_detail')
    form_class = PasswordChangeForm
923
    template_name = "user_password_update.html"
924
925
926
    success_message = 'Password updated successfully.'

    def get_object(self, queryset=None):
BERJON Matthieu's avatar
BERJON Matthieu committed
927
928
929
930
931
        """Return the user data
        
        Todo:
            - Not sure the relevance of getting this information to the template
        """
932
933
934
        return self.request.user

    def get_form_kwargs(self):
BERJON Matthieu's avatar
BERJON Matthieu committed
935
        """Return the arguments related to the user"""
936
937
938
939
940
        kwargs = super(UserPasswordUpdate, self).get_form_kwargs()
        kwargs['user'] = kwargs.pop('instance')
        return kwargs

    def dispatch(self, request, *args, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
941
942
943
944
945
946
        """
        Todo:
            - I'm not sure why I wrote that and why it is useful in the present
              case. It needs to be investigated.

        """
947
948
        return super(UserPasswordUpdate, self) \
            .dispatch(request, *args, **kwargs)
BERJON Matthieu's avatar
BERJON Matthieu committed
949

950
951
952
953
954
955
956
957
958
959
960
class UserNeedValidation(LoginRequiredMixin, DetailView):
    """This page is displayed when the user has not completed the registration process

    Causes:
    - email address needs verification
    """
    template_name = "user_need_validation.html"

    def get_object(self):
        return None

961
962
963
964
    def get_context_data(self, **kwargs):

        # last ToS agreement by the user
        agreement = UserAgreement.objects.filter(user=self.request.user
965
                ).order_by("-created_at").first()
966
967
968
969
970
971
972
973
974
975
976

        # next ToS to be signed
        next_tos = Tos.get_latest()

        if agreement is not None and agreement.tos == next_tos:
            # latest agreement already signed
            next_tos = None

        return super().get_context_data(
                agreement=agreement, next_tos=next_tos, **kwargs)

977
    def get(self, request):
978
979
        if all(addr.verified for addr in request.user.email_addresses
                ) and request.user.has_agreed_tos:
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
            # redirect to the main page if validation is complete
            messages.success(request, "Your account is fully validated")
            return redirect("main:home")
        else:
            return super().get(request)

    def post(self, request):
        # re-send a confirmation e-mail if 'confirm_address_id' is provided
        try:
            email_addr = request.user.email_addresses.get(
                    id=request.POST["confirm_address_id"])
        except (KeyError, ValueError, ObjectDoesNotExist):
            pass
        else:
            if not email_addr.verified:
                email_addr.send_confirmation(request)
                messages.info(self.request, 
                        "Confirmation e-mail sent to %s" % email_addr.email)

999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
        # store user agreement
        if "yes_i_agree" in request.POST:
            try:
                tos = Tos.objects.get(id=int(request.POST["agree_tos_id"]))
            except (KeyError, ValueError, ObjectDoesNotExist):
                pass
            else:
                if UserAgreement.objects.get_or_create(
                        tos=tos, user=request.user)[1]:
                    messages.success(self.request,
                            "Terms of Service version %s agreed" % tos.version)

1011
1012
        return redirect(request.path_info)

BERJON Matthieu's avatar
BERJON Matthieu committed
1013
1014
1015
# JOBS
# -----------------------------------------------------------------------------

1016
class JobList(UserAccessMixin, ListView):
BERJON Matthieu's avatar
BERJON Matthieu committed
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
    """Display the list of jobs for a given identified user

    Attributes:
        model:  model used in the view.
        context_object_name:    the name used in the template to display each
                                variable.
        paginate_by: the number of occurences per page
        template_name: name of the template loaded with this view.
        redirect_field_name: None

    Todo:
        - Check the relevance of `redirect_field_name` and delete it if necessary
BERJON Matthieu's avatar
BERJON Matthieu committed
1029
1030
1031
1032
1033
1034
1035
1036
1037
    """
    model = Job
    context_object_name = 'job_list'
    template_name = 'job_list.html'
    paginate_by = 10
    redirect_field_name = 'redirect_to'

    def get_queryset(self):
        """Filter jobs for a given user"""
1038
1039
        queryset = Job.objects.filter(user_id=self.request.user.id
                ).exclude(state__in=(Job.DELETED, Job.ARCHIVED)).order_by('-id')
BERJON Matthieu's avatar
BERJON Matthieu committed
1040
        return queryset
BERJON Matthieu's avatar
BERJON Matthieu committed
1041

1042

1043
class JobDetail(JobAuthMixin, DetailView):
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
    """Get a job detail for a specific user

    Attributes:
        model:  model used in the view.
        context_object_name:    the name used in the template to display each
                                variable.
        template_name: name of the template loaded with this view.

    """
    model = Job
    template_name = 'job_detail.html'
    context_object_name = 'job'

    def get_context_data(self, **kwargs):
        """Recover the logs and files related to this job"""
BERJON Matthieu's avatar
BERJON Matthieu committed
1059
1060
        job = Job.objects.get(pk=self.object.pk)

1061
1062
1063
        if job.state == Job.DONE:
            # job is done
            # -> read the `allgo.log` file
1064
            log_file = os.path.join(job.data_dir, 'allgo.log')
1065
            try:
1066
                with open(log_file, 'r', errors="replace") as log_data:
BERJON Matthieu's avatar
BERJON Matthieu committed
1067
                    logs = log_data.read()
1068
1069
1070
1071
1072
1073
1074
            except OSError as e:
                logs = '(logs not available)'
                log.error("Log file not available for job #%d (%s)", job.id, e)
        else:
            # job is pending
            # -> logs will be streamed (ajax request)
            logs = ""
BERJON Matthieu's avatar
BERJON Matthieu committed
1075
1076
        kwargs['logs'] = logs

1077
1078
1079
        # Hide the logs panel if the job is not yet started
        kwargs["logs_hidden"] = "hidden" if job.state in (Job.NEW, Job.WAITING) else ""

BERJON Matthieu's avatar
BERJON Matthieu committed
1080
1081
        # Get the files and some metadata such as the webapp version
        webapp = Webapp.objects.get(docker_name=self.object.webapp.docker_name)
1082
1083
1084
1085
1086
1087

        # List all job files
        # NOTE: calling lookup_job_file is a security feature
        kwargs['files'] = [x for x in os.listdir(job.data_dir)
                if lookup_job_file(job.id, x)]

BERJON Matthieu's avatar
BERJON Matthieu committed
1088
        return super().get_context_data(**kwargs)
1089

1090
1091
    def render_to_response(self, context, **kwargs):
        if self.request.META.get("HTTP_ACCEPT") == "application/json":
1092
1093
            # json variant of the job details
            # (used by the /aio/jobs/<ID>/events endpoint)
1094
1095
1096
1097
            job = context["job"]
            return JsonResponse({
                "id":           job.id,
                "state":        job.get_state_display(),
1098
                "result":       job.get_result_display(),
1099
1100
1101
1102
1103
                "rendered_status": status_icon(job),
                "exec_time":    job.exec_time,
                })
        else:
            return super().render_to_response(context, **kwargs)
1104

1105

BAIRE Anthony's avatar
BAIRE Anthony committed
1106
class JobCreate(AllAccessMixin, SuccessMessageMixin, CreateView):
BERJON Matthieu's avatar
BERJON Matthieu committed
1107
1108
    """ Display the data related a specific web and create a job instance
        into the database
BERJON Matthieu's avatar
BERJON Matthieu committed
1109
1110
1111
1112
1113
1114
1115
1116
1117

    Attributes:
        model:  model used in the view.
        form_class: form object to pass on the template.
        success_url: URL or handle where the user will be redirected.
        success_message: successfull message sent to the template
        template_name: name of the template loaded with this view.

    """
1118
1119
1120
    model = Job
    form_class = JobForm
    success_message = 'Job created successfully.'
BERJON Matthieu's avatar
BERJON Matthieu committed
1121
    template_name = 'webapp_detail.html'
1122

1123
1124
1125
    def get_success_url(self):
        return reverse('main:job_detail', args=(self.job_id,))

1126
    def form_valid(self, form):
BERJON Matthieu's avatar
BERJON Matthieu committed
1127
        """Save data coming from the form in the database """
1128
1129
        webapp = Webapp.objects.get(docker_name=self.kwargs['docker_name'])

BERJON Matthieu's avatar
BERJON Matthieu committed
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
        # If the user isn't identified, we send back an error message and
        # and redirect the user.
        if self.request.user.is_anonymous():
            messages.add_message(self.request, messages.ERROR, 'You must be identified to create a job.')
            log.warning("Someone tried to run a job without being identified.")
            return redirect('main:webapp_detail', webapp.docker_name)
        else:
            obj = form.save(commit=False)
            obj.queue_id = form.cleaned_data.get('queue_id').id
            obj.state = Job.NEW
            obj.result = 0
            obj.user_id = self.request.user.id
            obj.webapp_id = webapp.id
            obj.version = form.cleaned_data.get('version')
            obj.save()
1145

BERJON Matthieu's avatar
BERJON Matthieu committed
1146
            # Upload files if there are any
1147
            upload_data(self.request.FILES.getlist('files'), obj)
BERJON Matthieu's avatar
BERJON Matthieu committed
1148

BERJON Matthieu's avatar
BERJON Matthieu committed
1149
1150
1151
            # start the job
            obj.state = Job.WAITING
            obj.save()
1152
            self.job_id = obj.id
1153

BERJON Matthieu's avatar
BERJON Matthieu committed
1154
            return super().form_valid(form)
1155
1156

    def get_context_data(self, **kwargs):
BERJON Matthieu's avatar
BERJON Matthieu committed
1157
        """Pass on the docker name to the template"""
1158
        webapp = Webapp.objects.get(docker_name=self.kwargs['docker_name'])
BERJON Matthieu's avatar
BERJON Matthieu committed
1159
1160
        kwargs['webapp'] = webapp

1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
        # Private apps should not be indexed by search engines
        #
        # -> return 404 if we detect a robot
        #    (but we let authenticated user through, so that the app is still
        #     usable if robot_detection gets broken)
        if (webapp.private and self.request.user.is_anonymous() and
                robot_detection.is_robot(
                    self.request.META.get("HTTP_USER_AGENT") or " ")):
            raise Http404

BERJON Matthieu's avatar
BERJON Matthieu committed
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
        # Check if a readme is declared in the database
        if webapp.readme:
            readme_file = os.path.join(
                settings.MEDIA_ROOT,
                self.object.docker_name,
                'Readme')
            if os.path.exists(readme_file):
                with open(readme_file, 'r') as md_data:
                    kwargs['readme'] = md_data.read()
            else:
                log.warning("No README available for app %s", self.model.name)
        else:
            readme_file = None
1184

1185
1186
1187
1188
1189
        # select the versions published or all if the app belongs to the user
        #   and in one of the 3 states SANDBOX,COMMITTED or READY
        o_versions = WebappVersion.objects \
                .filter(Q(published=True)|Q(webapp__user=self.request.user.id),
                        webapp=webapp, state__in=(  WebappVersion.SANDBOX,
1190
                                                    WebappVersion.COMMITTED,
1191
1192
1193
1194
1195
                                                    WebappVersion.READY),) \
                        .values_list("number")

        # the list of versions to be displayed is sorted (clever mix string+number)
        versions = natsort.versorted(set(v for v, in o_versions))
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205

        # also list 'sandbox' if the sandbox is running and if the current user
        # is allowed to use the sandbox
        if webapp.sandbox_state == Webapp.RUNNING and (
            webapp.is_pushable_by(self.request.user)):
            versions.append("sandbox")
        
        versions.reverse()
        kwargs['versions'] = versions

1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
        # build the sample command lines for using the REST API
        base_url = get_base_url(self.request)
        user = self.request.user
        auth = "Authorization: Token token=" + (
                user.allgouser.token if user.is_authenticated else "<your private_token>")

        kwargs["job_create_cmd"] = ["curl", "-H", auth,
                "-X", "POST", base_url + reverse("api:jobs"),
                None, "-F", "job[webapp_id]=" + str(webapp.id),
                None, "-F", "job[param]=",
1216
                None, "-F", "job[queue]=" + webapp.job_queue.name,
1217
1218
1219
1220
1221
1222
1223
                None, "-F", "files[0]=@test.txt",
                None, "-F", "files[1]=@test2.csv",
                None, "-F", "job[file_url]=<my_file_url>",
                None, "-F", "job[dataset]=<my_dataset_name>",
                ]

        kwargs["job_result_cmd"] = ["curl", "-H", auth,
1224
                base_url + reverse("api:job", args=(42,)).replace("42", "<job_id>")]
1225

BERJON Matthieu's avatar
BERJON Matthieu committed
1226
        return super().get_context_data(**kwargs)
1227

1228
1229
    def get_form_kwargs(self):
        """Return webapp data"""
BERJON Matthieu's avatar
BERJON Matthieu committed
1230
        kwargs = super().get_form_kwargs()