Commit 3bea32f7 authored by Mikaël Salson's avatar Mikaël Salson

Merge branch 'feature-s/more_robust_id_checks' into 'dev'

Server: add some parameter checks

See merge request !350
parents 9e578b34 fbb930de
Pipeline #48655 passed with stages
in 7 minutes and 22 seconds
......@@ -214,7 +214,7 @@ def get_data():
if "run" in request.vars :
request.vars["sample_set_id"] = db.run[request.vars["run"]].sample_set_id
if not "sample_set_id" in request.vars :
if not "sample_set_id" in request.vars or request.vars['sample_set_id'] is None:
error += "id sampleset file needed, "
else :
if not auth.can_view_sample_set(request.vars["sample_set_id"]):
......@@ -441,7 +441,7 @@ def get_analysis():
if "run" in request.vars :
request.vars["sample_set_id"] = db.run[request.vars["run"]].sample_set_id
if not "sample_set_id" in request.vars :
if not "sample_set_id" in request.vars or request.vars['sample_set_id'] is None:
error += "id sample_set file needed, "
if not auth.can_view_sample_set(request.vars["sample_set_id"]):
error += "you do not have permission to consult this sample_set ("+str(request.vars["sample_set_id"])+")"
......
......@@ -159,7 +159,7 @@ def form():
'table_name': "sample_set"})
# edit file
elif 'file_id' in request.vars:
elif 'file_id' in request.vars and request.vars['file_id'] is not None:
if not auth.can_modify_file(request.vars['file_id']):
return error_message("you need admin permission to edit files")
......@@ -492,7 +492,7 @@ def producer_list():
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
def restart_pre_process():
if "sequence_file_id" not in request.vars:
if "sequence_file_id" not in request.vars or request.vars['sequence_file_id'] is None:
return error_message("missing parameter")
sequence_file = db.sequence_file[request.vars["sequence_file_id"]]
if sequence_file is None or not auth.can_modify_file(sequence_file.id):
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment