Commit 638c90a4 authored by BERJON Matthieu's avatar BERJON Matthieu
Browse files

Updating the job view



I rewrote the job view in the CBV paradigm using the generic `View`
view. By doing this, I use the `JobAuthorizationMixin` to restrict the
visibility of a job to its creator. I updated as well the `urls.py` file
to call this new class.
Signed-off-by: BERJON Matthieu's avatarMatthieu Berjon <matthieu.berjon@inria.fr>
parent b939dd08
......@@ -6,7 +6,7 @@ app_name = 'api'
urlpatterns = [
url(r'^jobs$', views.jobs, name='jobs'),
url(r'^jobs/(\d+)', views.job, name='job'),
url(r'^jobs/(\d+)', views.APIJobView.as_view(), name='job'),
url(r'^datastore/(\d+)/(.*)/(.*)', views.download, name='download'),
]
......@@ -8,8 +8,11 @@ from django.core.validators import ValidationError
from django.http import HttpResponse, JsonResponse, FileResponse
from django.shortcuts import redirect
from django.views.decorators.csrf import csrf_exempt
from main.models import Job, AllgoUser, Webapp, JobQueue
from django.views.generic import View
from main.models import Job, Webapp, JobQueue
from main.helpers import upload_data, get_base_url, lookup_job_file, get_user
from .mixins import JobAuthorizationMixin
log = logging.getLogger('allgo')
......@@ -50,20 +53,22 @@ def job_response(job, request):
}
@csrf_exempt
def job(request, jobid):
user = get_user(request)
if not user:
log.info("API request without http authorisation %s %s %s", request.META['HTTP_USER_AGENT'],
request.META['REMOTE_ADDR'], request.META['QUERY_STRING'])
return HttpResponse(status=401)
class APIJobView(JobAuthorizationMixin, View):
job = Job.objects.get(id=int(jobid), user=user.user)
if not job:
log.error("Job %s does not exist", jobid)
return HttpResponse(status=404)
else:
return JsonResponse(job_response(job, request))
def get(self, request, *args, **kwargs):
user = get_user(request)
if not user:
log.info("API request without http authorisation %s %s %s", request.META['HTTP_USER_AGENT'],
request.META['REMOTE_ADDR'], request.META['QUERY_STRING'])
return HttpResponse(status=401)
job = Job.objects.get(id=int(args[0]), user=user.user)
if not job:
log.error("Job %s does not exist", jobid)
return HttpResponse(status=404)
else:
return JsonResponse(job_response(job, request))
@csrf_exempt
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment