예제 #1
0
파일: tests.py 프로젝트: guoqinga/hue
  def test_acls_job(self):
    job = MockMr1Job()

    assert_true(can_view_job('test', job))
    assert_true(can_modify_job('test', job))

    assert_false(can_view_job('test2', job))
    assert_false(can_modify_job('test2', job))
예제 #2
0
파일: tests.py 프로젝트: ronwxy/hue
    def test_acls_job(self):
        job = MockMr1Job()

        assert_true(can_view_job('test', job))
        assert_true(can_modify_job('test', job))

        assert_false(can_view_job('test2', job))
        assert_false(can_modify_job('test2', job))
예제 #3
0
파일: tests.py 프로젝트: guoqinga/hue
  def test_acls_job(self):
    response = self.c.get('/jobbrowser/jobs/job_1356251510842_0054') # Check in perm decorator
    assert_true(can_view_job('test', response.context['job']))
    assert_true(can_modify_job('test', response.context['job']))

    response2 = self.c2.get('/jobbrowser/jobs/job_1356251510842_0054')
    assert_true('don't have permission to access job' in response2.content, response2.content)

    assert_false(can_view_job('test2', response.context['job']))
    assert_false(can_modify_job('test2', response.context['job']))
예제 #4
0
파일: tests.py 프로젝트: GorillaTester/hue
    def test_acls_job(self):
        response = self.c.get("/jobbrowser/jobs/job_1356251510842_0054")  # Check in perm decorator
        assert_true(can_view_job("test", response.context["job"]))
        assert_true(can_modify_job("test", response.context["job"]))

        response2 = self.c2.get("/jobbrowser/jobs/job_1356251510842_0054")
        assert_true("don't have permission to access job" in response2.content, response2.content)

        assert_false(can_view_job("test2", response.context["job"]))
        assert_false(can_modify_job("test2", response.context["job"]))
예제 #5
0
파일: tests.py 프로젝트: cyc821211/hue
  def test_acls_job(self):
    response = self.c.get('/jobbrowser/jobs/job_1356251510842_0054') # Check in perm decorator
    assert_true(can_view_job('test', response.context['job']))
    assert_true(can_modify_job('test', response.context['job']))

    response2 = self.c2.get('/jobbrowser/jobs/job_1356251510842_0054')
    assert_true('don't have permission to access job' in response2.content, response2.content)

    assert_false(can_view_job('test2', response.context['job']))
    assert_false(can_modify_job('test2', response.context['job']))
예제 #6
0
    def decorate(request, *args, **kwargs):
        jobid = kwargs['job']
        job = get_job(request, job_id=jobid)

        if not SHARE_JOBS.get() and not request.user.is_superuser \
            and job.user != request.user.username and not can_view_job(request.user.username, job):
            raise PopupException(
                _("You don't have permission to access job %(id)s.") %
                {'id': jobid})
        kwargs['job'] = job
        return view_func(request, *args, **kwargs)
예제 #7
0
파일: views.py 프로젝트: soongxin/hhue
    def decorate(request, *args, **kwargs):
        jobid = kwargs['job']
        try:
            job = get_job(request, job_id=jobid)
        except ApplicationNotRunning as e:
            LOG.warn(
                'Job %s has not yet been accepted by the RM, will poll for status.'
                % jobid)
            return job_not_assigned(request, jobid, request.path)

        if not SHARE_JOBS.get() and not is_admin(request.user) \
            and job.user != request.user.username and not can_view_job(request.user.username, job):
            raise PopupException(
                _("You don't have permission to access job %(id)s.") %
                {'id': jobid})
        kwargs['job'] = job
        return view_func(request, *args, **kwargs)
예제 #8
0
def check_job_permission(view_func):
  """
  Ensure that the user has access to the job.
  Assumes that the wrapped function takes a 'jobid' param named 'job'.
  """
  def decorate(request, *args, **kwargs):
    jobid = kwargs['job']
    try:
      job = get_job(request, job_id=jobid)
    except ApplicationNotRunning, e:
      LOG.warn('Job %s has not yet been accepted by the RM, will poll for status.' % jobid)
      return job_not_assigned(request, jobid, request.path)

    if not SHARE_JOBS.get() and not request.user.is_superuser \
        and job.user != request.user.username and not can_view_job(request.user.username, job):
      raise PopupException(_("You don't have permission to access job %(id)s.") % {'id': jobid})
    kwargs['job'] = job
    return view_func(request, *args, **kwargs)
예제 #9
0
def check_job_permission(view_func):
  """
  Ensure that the user has access to the job.
  Assumes that the wrapped function takes a 'jobid' param named 'job'.
  """
  def decorate(request, *args, **kwargs):
    jobid = kwargs['job']
    try:
      job = get_job(request, job_id=jobid)
    except ApplicationNotRunning, e:
      LOG.warn('Job %s has not yet been accepted by the RM, will poll for status.' % jobid)
      return job_not_assigned(request, jobid, request.path)

    if not SHARE_JOBS.get() and not request.user.is_superuser \
        and job.user != request.user.username and not can_view_job(request.user.username, job):
      raise PopupException(_("You don't have permission to access job %(id)s.") % {'id': jobid})
    kwargs['job'] = job
    return view_func(request, *args, **kwargs)
예제 #10
0
            if e.job.get('state',
                         '').lower() == 'accepted' and 'kill' in request.path:
                rm_api = resource_manager_api.get_resource_manager()
                job = Application(e.job, rm_api)
            else:
                # reverse() seems broken, using request.path but beware, it discards GET and POST info
                return job_not_assigned(request, jobid, request.path)
        except JobExpired, e:
            raise PopupException(
                _('Job %s has expired.') % jobid,
                detail=_('Cannot be found on the History Server.'))
        except Exception, e:
            raise PopupException(_('Could not find job %s.') % jobid, detail=e)

        if not SHARE_JOBS.get() and not request.user.is_superuser \
            and job.user != request.user.username and not can_view_job(request.user.username, job):
            raise PopupException(
                _("You don't have permission to access job %(id)s.") %
                {'id': jobid})
        kwargs['job'] = job
        return view_func(request, *args, **kwargs)

    return wraps(view_func)(decorate)


def job_not_assigned(request, jobid, path):
    if request.GET.get('format') == 'json':
        result = {'status': -1, 'message': ''}

        try:
            get_api(request.user, request.jt).get_job(jobid=jobid)
예제 #11
0
파일: views.py 프로젝트: ronwxy/hue
    try:
      job = get_api(request.user, request.jt).get_job(jobid=jobid)
    except ApplicationNotRunning, e:
      if e.job.get('state', '').lower() == 'accepted' and 'kill' in request.path:
        rm_api = resource_manager_api.get_resource_manager(request.user)
        job = Application(e.job, rm_api)
      else:
        # reverse() seems broken, using request.path but beware, it discards GET and POST info
        return job_not_assigned(request, jobid, request.path)
    except JobExpired, e:
      raise PopupException(_('Job %s has expired.') % jobid, detail=_('Cannot be found on the History Server.'))
    except Exception, e:
      raise PopupException(_('Could not find job %s.') % jobid, detail=e)

    if not SHARE_JOBS.get() and not request.user.is_superuser \
        and job.user != request.user.username and not can_view_job(request.user.username, job):
      raise PopupException(_("You don't have permission to access job %(id)s.") % {'id': jobid})
    kwargs['job'] = job
    return view_func(request, *args, **kwargs)
  return wraps(view_func)(decorate)


def job_not_assigned(request, jobid, path):
  if request.GET.get('format') == 'json':
    result = {'status': -1, 'message': ''}

    try:
      get_api(request.user, request.jt).get_job(jobid=jobid)
      result['status'] = 0
    except ApplicationNotRunning, e:
      result['status'] = 1
예제 #12
0
파일: views.py 프로젝트: cquptEthan/hue
                job = Application(e.job, rm_api)
            else:
                # reverse() seems broken, using request.path but beware, it discards GET and POST info
                return job_not_assigned(request, jobid, request.path)
        except JobExpired, e:
            raise PopupException(_("Job %s has expired.") % jobid, detail=_("Cannot be found on the History Server."))
        except Exception, e:
            msg = "Could not find job %s."
            LOGGER.exception(msg % jobid)
            raise PopupException(_(msg) % jobid, detail=e)

        if (
            not SHARE_JOBS.get()
            and not request.user.is_superuser
            and job.user != request.user.username
            and not can_view_job(request.user.username, job)
        ):
            raise PopupException(_("You don't have permission to access job %(id)s.") % {"id": jobid})
        kwargs["job"] = job
        return view_func(request, *args, **kwargs)

    return wraps(view_func)(decorate)


def job_not_assigned(request, jobid, path):
    if request.GET.get("format") == "json":
        result = {"status": -1, "message": ""}

        try:
            get_api(request.user, request.jt).get_job(jobid=jobid)
            result["status"] = 0