def delete(self, result_id):
curr_user = self.get_secure_cookie(auth_const.OPENID)
curr_user_role = self.get_secure_cookie(auth_const.ROLE)
if curr_user is not None:
query = {'_id': objectid.ObjectId(result_id)}
test_data = yield dbapi.db_find_one(self.table, query)
if not test_data:
raises.NotFound(message.not_found(self.table, query))
if curr_user == test_data['owner'] or \
curr_user_role.find('administrator') != -1:
self._delete(query=query)
else:
raises.Forbidden(message.no_auth())
else:
raises.Unauthorized(message.no_auth())
def _post(self):
query = {'openid': self.json_args['reviewer_openid']}
user = yield dbapi.db_find_one('users', query)
if not user:
raises.Forbidden(message.unauthorized())
role = self.get_secure_cookie(auth_const.ROLE)
if 'reviewer' not in role.split(','):
raises.Unauthorized(message.no_auth())
test = yield dbapi.db_find_one('tests',
{'id': self.json_args['test_id']})
if test['owner'] == self.json_args['reviewer_openid']:
self.finish_request({
'code': 403,
'msg': 'No permision to review own results'
})
return
query = {
'reviewer_openid': self.json_args['reviewer_openid'],
'test_id': self.json_args['test_id']
}
review = yield dbapi.db_find_one(self.table, query)
if review:
if review['outcome'] != self.json_args['outcome']:
yield dbapi.db_update(
self.table, query, {
'$set': {
'outcome': self.json_args['outcome'],
'creation_date': datetime.now()
}
})
self.finish_request()
else:
self.json_args['reviewer_name'] = user['fullname']
self.json_args['reviewer_email'] = user['email']
self._create(miss_fields=[], carriers=[])
def check_auth(self, item, value):
logging.debug('check_auth')
user = self.get_secure_cookie(auth_const.OPENID)
query = {}
if item == "status":
if value == "private" or value == "review":
logging.debug('check review')
query['user_id'] = user
data = yield dbapi.db_find_one('applications', query)
if data:
logging.debug('results are bound to an application')
raise gen.Return((False, message.no_auth()))
if value == "verified":
logging.debug('check verify')
query['role'] = {"$regex": ".*administrator.*"}
query['openid'] = user
data = yield dbapi.db_find_one('users', query)
if not data:
logging.debug('not found')
raise gen.Return((False, message.no_auth()))
raise gen.Return((True, {}))
def put(self):
db_keys = []
openid = self.get_secure_cookie(auth_const.OPENID)
if openid:
query = {'openid': openid}
user = yield dbapi.db_find_one(self.table, query)
if not user:
raises.NotFound(message.not_found(self.table, query))
self._update(query=query, db_keys=db_keys)
else:
raises.Unauthorized(message.no_auth())
def get(self):
"""
@description: Retrieve result(s) for a test project
on a specific pod.
@notes: Retrieve result(s) for a test project on a specific pod.
Available filters for this request are :
- id : Test id
- period : x last days, incompatible with from/to
- from : starting time in 2016-01-01 or 2016-01-01 00:01:23
- to : ending time in 2016-01-01 or 2016-01-01 00:01:23
- signed : get logined user result
GET /results/project=functest&case=vPing&version=Arno-R1 \
&pod=pod_name&period=15&signed
@return 200: all test results consist with query,
empty list if no result is found
@rtype: L{Tests}
"""
def descend_limit():
descend = self.get_query_argument('descend', 'true')
return -1 if descend.lower() == 'true' else 1
def last_limit():
return self.get_int('last', self.get_query_argument('last', 0))
def page_limit():
return self.get_int('page', self.get_query_argument('page', 0))
limitations = {
'sort': {
'_id': descend_limit()
},
'last': last_limit(),
'page': page_limit(),
'per_page': CONF.api_results_per_page
}
curr_user = self.get_secure_cookie(auth_const.OPENID)
if curr_user is None:
raises.Unauthorized(message.no_auth())
review = self.request.query_arguments.pop('review', None)
query = yield self.set_query()
if review:
yield self._list(query=query,
res_op=self.check_review,
**limitations)
else:
yield self._list(query=query, **limitations)
logging.debug('list end')
def _del(self):
query = {'openid': self.json_args['reviewer_openid']}
user = yield dbapi.db_find_one('users', query)
if not user:
raises.Forbidden(message.unauthorized())
role = self.get_secure_cookie(auth_const.ROLE)
if 'reviewer' not in role.split(','):
raises.Unauthorized(message.no_auth())
test = yield dbapi.db_find_one(
'tests', {'id': self.json_args['test_id']})
if test['owner'] == self.json_args['reviewer_openid']:
self.finish_request({'code': 403,
'msg': 'No permision to review own results'})
return
query = {
'reviewer_openid': self.json_args['reviewer_openid'],
'test_id': self.json_args['test_id']
}
yield dbapi.db_delete(self.table, query)
self.finish_request()