1. 08 Jan, 2019 1 commit
  2. 12 Dec, 2018 1 commit
  3. 06 Dec, 2018 9 commits
  4. 04 Dec, 2018 3 commits
  5. 23 Oct, 2018 1 commit
    • BAIRE Anthony's avatar
      fix privacy issues in TagList and TagWebappList · aedd3283
      BAIRE Anthony authored
      webapp lists should never display apps not visible by the request.user
      TagWebappList did not implement such a filter. I added the
      query_webapps_for_user() helper and use it for TagWebappList, TagList
      and WebappList (the list returned by this function is the superset of
      webapps that these views are allowed to display).
  6. 22 Oct, 2018 1 commit
  7. 18 Oct, 2018 2 commits
  8. 16 Oct, 2018 2 commits
  9. 27 Sep, 2018 3 commits
  10. 26 Sep, 2018 1 commit
    • BAIRE Anthony's avatar
      Allow importing a webapp from a legacy allgo instance · 51f51d9c
      BAIRE Anthony authored
      This adds two views:
      - WebappImport for importing the webapp (but without the versions).
        The import is allowed if the requesting user has the same email
        as the owner of the imported app. The webapp is created with
        imported=True, which enables the WebappVersionImport view
      - WebappVersionImport for requisting the import of webapp version.
        This only creates the WebappVersion entry with state=IMPORT
        (the actual import is performed by the controller)
      A version may be imported multiple times. In that case, the newly
      imported version overwrite the local version with the same number.
      This features requires:
      - that the rails server implements !138
      - that the docker daemon hosting the sandboxes is configured with
        credentials for pulling from the legacy registry
  11. 20 Sep, 2018 2 commits
  12. 19 Sep, 2018 3 commits
  13. 18 Sep, 2018 4 commits
  14. 17 Sep, 2018 4 commits
    • BAIRE Anthony's avatar
      remove WebappVersion.url · ade74d2d
      BAIRE Anthony authored
      (was not used at all)
    • BAIRE Anthony's avatar
      fix integrity issue · 914e9efc
      BAIRE Anthony authored
      because django sets a foreign key constraint on sandbox_version_id
      we may have issues if it refers to a version we want to delete
    • BAIRE Anthony's avatar
      derive docker tags names from WebappVersion.id · b7b30d3e
      BAIRE Anthony authored
      With this change docker images are no longer
      named as: <Webapp.docker_name>:<WebappVersion.number>
      but       <Webapp.docker_name>:id</WebappVersion.id>
      This is only for storage, for the user we still present the image as
      There are multiple reasons to do that:
      - this simplifies the controller design, because docker images are no
        longer replaced (once an image is committed with tag, 'id<SOMETHING>'
        it won't be modified anymore) -> thus it is no longer necessary to
        track the image state carefully (when pushing/pulling from/to the
      - this prevent reusing dangling images from a removed webapp (because we
        now have a strong guarantee that the image tags are unique)
      - this will avoid nasty race conditions when we implement direct 'push'
        to the registry (because we then assign the new image id before the
        manifest is actually pushed, if a push and commit are done in the same
        time we will keep the latest one, i.e. with the highest id)
      - this will make easy to implement image recovery: we can keep removed
        images in the registry for some time (eg: 1 month) before they are
        really deleted
      Note: the REPLACED state is no longer transient (since we now keep the
      replaced images in the db and since we may still have remaining
      job/sandboxes using them). Maybe we can rename it as DELETED when we
      implement #265.
    • BERJON Matthieu's avatar
      Creating a JobAuthorization mixin · 2f6ffa5f
      BERJON Matthieu authored
      I created a `JobAuthorizationMixin` that overrides the `dispatch` method
      to check of a user can access a given job. It sends a 403 error if he
      Signed-off-by: BERJON Matthieu's avatarMatthieu Berjon <matthieu.berjon@inria.fr>
  15. 12 Sep, 2018 3 commits