Commit fbb930de authored by Ryan Herbert's avatar Ryan Herbert Committed by Mikaël Salson

default.py file.py add some parameter checks

check that id parameters are not None before performing permission
checks, to avoid KeyError exceptions
parent 9e578b34
Pipeline #48652 passed with stages
in 5 minutes and 35 seconds
......@@ -214,7 +214,7 @@ def get_data():
if "run" in request.vars :
request.vars["sample_set_id"] = db.run[request.vars["run"]].sample_set_id
if not "sample_set_id" in request.vars :
if not "sample_set_id" in request.vars or request.vars['sample_set_id'] is None:
error += "id sampleset file needed, "
else :
if not auth.can_view_sample_set(request.vars["sample_set_id"]):
......@@ -441,7 +441,7 @@ def get_analysis():
if "run" in request.vars :
request.vars["sample_set_id"] = db.run[request.vars["run"]].sample_set_id
if not "sample_set_id" in request.vars :
if not "sample_set_id" in request.vars or request.vars['sample_set_id'] is None:
error += "id sample_set file needed, "
if not auth.can_view_sample_set(request.vars["sample_set_id"]):
error += "you do not have permission to consult this sample_set ("+str(request.vars["sample_set_id"])+")"
......
......@@ -159,7 +159,7 @@ def form():
'table_name': "sample_set"})
# edit file
elif 'file_id' in request.vars:
elif 'file_id' in request.vars and request.vars['file_id'] is not None:
if not auth.can_modify_file(request.vars['file_id']):
return error_message("you need admin permission to edit files")
......@@ -492,7 +492,7 @@ def producer_list():
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
def restart_pre_process():
if "sequence_file_id" not in request.vars:
if "sequence_file_id" not in request.vars or request.vars['sequence_file_id'] is None:
return error_message("missing parameter")
sequence_file = db.sequence_file[request.vars["sequence_file_id"]]
if sequence_file is None or not auth.can_modify_file(sequence_file.id):
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment