sporada/nopaque
1
0
Fork 0
mirror of https://gitlab.ub.uni-bielefeld.de/sfb1288inf/nopaque.git synced 2025-06-12 00:50:40 +00:00
Code Issues Projects Releases Wiki Activity

Fix some privacy issues

Browse Source
This commit is contained in:
Patrick Jentsch
2023-04-11 11:46:33 +02:00
parent 77fc8a42f1
commit 3a2295487c
27 changed files with 102 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
app/jobs/__init__.py
View File

@ -1,5 +1,18 @@
from flask import Blueprint
from flask_login import login_required
bp = Blueprint('jobs', __name__)
@bp.before_request
@login_required
def before_request():
'''
Ensures that the routes in this package can only be visited by users that
are logged in.
'''
pass
from . import routes, json_routes

5
app/jobs/json_routes.py
View File

@ -1,5 +1,5 @@
from flask import abort, current_app
from flask_login import current_user, login_required
from flask_login import current_user
from threading import Thread
import os
from app import db
@ -9,7 +9,6 @@ from . import bp
@bp.route('/<hashid:job_id>', methods=['DELETE'])
@login_required
@content_negotiation(produces='application/json')
def delete_job(job_id):
def _delete_job(app, job_id):
@ -33,7 +32,6 @@ def delete_job(job_id):
@bp.route('/<hashid:job_id>/log')
@login_required
@admin_required
@content_negotiation(produces='application/json')
def job_log(job_id):
@ -51,7 +49,6 @@ def job_log(job_id):
@bp.route('/<hashid:job_id>/restart', methods=['POST'])
@login_required
@content_negotiation(produces='application/json')
def restart_job(job_id):
def _restart_job(app, job_id):

14
app/jobs/routes.py
View File

@ -6,7 +6,7 @@ from flask import (
url_for
)
from flask_breadcrumbs import register_breadcrumb
from flask_login import current_user, login_required
from flask_login import current_user
import os
from app.models import Job, JobInput, JobResult
from . import bp
@ -15,14 +15,12 @@ from .utils import job_dynamic_list_constructor as job_dlc
@bp.route('')
@register_breadcrumb(bp, '.', '<i class="nopaque-icons left">J</i>My Jobs')
@login_required
def corpora():
return redirect(url_for('main.dashboard', _anchor='jobs'))
@bp.route('/<hashid:job_id>')
@register_breadcrumb(bp, '.entity', '', dynamic_list_constructor=job_dlc)
@login_required
def job(job_id):
job = Job.query.get_or_404(job_id)
if not (job.user == current_user or current_user.is_administrator()):
@ -35,11 +33,8 @@ def job(job_id):
@bp.route('/<hashid:job_id>/inputs/<hashid:job_input_id>/download')
@login_required
def download_job_input(job_id, job_input_id):
job_input = JobInput.query.get_or_404(job_input_id)
if job_input.job.id != job_id:
abort(404)
job_input = JobInput.query.filter_by(job_id=job_id, id=job_input_id).first_or_404()
if not (job_input.job.user == current_user or current_user.is_administrator()):
abort(403)
return send_from_directory(
@ -52,11 +47,8 @@ def download_job_input(job_id, job_input_id):
@bp.route('/<hashid:job_id>/results/<hashid:job_result_id>/download')
@login_required
def download_job_result(job_id, job_result_id):
job_result = JobResult.query.get_or_404(job_result_id)
if job_result.job.id != job_id:
abort(404)
job_result = JobResult.query.filter_by(job_id=job_id, id=job_result_id).first_or_404()
if not (job_result.job.user == current_user or current_user.is_administrator()):
abort(403)
return send_from_directory(