def get_job_by_id(user, job_id):
job = v1_utils.verify_existence_and_get(job_id, _TABLE)
job_dict = dict(job)
job_dict['issues'] = json.loads(
issues.get_all_issues(job_id, _TABLE).response[0]
)['issues']
return base.get_resource_by_id(user, job_dict, _TABLE, _EMBED_MANY)
def get_component_by_id(user, c_id):
component = v1_utils.verify_existence_and_get(c_id, _TABLE)
topic = v1_utils.verify_existence_and_get(component['topic_id'],
models.TOPICS)
export_control.verify_access_to_topic(user, topic)
return base.get_resource_by_id(user, component, _TABLE, _EMBED_MANY)
def user_by_id(user, user_id):
user_res = v1_utils.verify_existence_and_get(user_id, _TABLE)
return base.get_resource_by_id(user,
user_res,
_TABLE,
_EMBED_MANY,
ignore_columns=['password'])
def get_remoteci_by_id(user, r_id):
remoteci = v1_utils.verify_existence_and_get(r_id, _TABLE)
if user.is_not_in_team(remoteci['team_id']) and user.is_not_epm():
raise dci_exc.DCINotFound('RemoteCI', remoteci['id'])
return base.get_resource_by_id(user,
remoteci,
_TABLE,
_EMBED_MANY,
ignore_columns=["keys", "cert_fp"])
def user_by_id(user, user_id):
if user.id != user_id and user.is_not_super_admin() and user.is_not_epm():
raise dci_exc.Unauthorized()
user_res = v1_utils.verify_existence_and_get(user_id, _TABLE)
return base.get_resource_by_id(user,
user_res,
_TABLE,
_EMBED_MANY,
ignore_columns=['password'])
def get_role_by_id(user, role_id):
role = v1_utils.verify_existence_and_get(role_id, _TABLE)
if user.role_id != role_id and user.is_regular_user():
raise auth.UNAUTHORIZED
if not user.is_super_admin() and \
auth.get_role_id('SUPER_ADMIN') == role_id:
raise auth.UNAUTHORIZED
return base.get_resource_by_id(user, role, _TABLE, _EMBED_MANY)
def get_topic_by_id(user, topic_id):
args = schemas.args(flask.request.args.to_dict())
topic = v1_utils.verify_existence_and_get(topic_id, _TABLE)
v1_utils.verify_team_in_topic(user, topic_id)
if not auth.is_admin(user):
if 'teams' in args['embed']:
raise dci_exc.DCIException('embed=teams not authorized.',
status_code=401)
return base.get_resource_by_id(user, topic, _TABLE, _EMBED_MANY)
def get_role_by_id(user, role_id):
role = v1_utils.verify_existence_and_get(role_id, _TABLE)
if user['role_id'] != role_id and \
user['role_id'] not in [auth.get_role_id('ADMIN'),
auth.get_role_id('SUPER_ADMIN')]:
raise auth.UNAUTHORIZED
if not auth.is_admin(user) and auth.get_role_id('SUPER_ADMIN') == role_id:
raise auth.UNAUTHORIZED
return base.get_resource_by_id(user, role, _TABLE, _EMBED_MANY)
def get_topic_by_id(user, topic_id):
args = check_and_get_args(flask.request.args.to_dict())
topic = v1_utils.verify_existence_and_get(topic_id, _TABLE)
if user.is_not_super_admin() and user.is_not_epm() and user.is_not_feeder(
): # noqa
if not user.is_read_only_user():
v1_utils.verify_team_in_topic(user, topic_id)
if 'teams' in args['embed']:
raise dci_exc.Unauthorized()
return base.get_resource_by_id(user, topic, _TABLE, _EMBED_MANY)
def get_topic_by_id(user, topic_id):
args = schemas.args(flask.request.args.to_dict())
topic = v1_utils.verify_existence_and_get(topic_id, _TABLE)
if not user.is_super_admin() and not user.is_product_owner():
v1_utils.verify_team_in_topic(user, topic_id)
if 'teams' in args['embed']:
raise dci_exc.DCIException('embed=teams not authorized.',
status_code=401)
if not user.is_super_admin() and user.product_id != topic['product_id']:
raise auth.UNAUTHORIZED
return base.get_resource_by_id(user, topic, _TABLE, _EMBED_MANY)
def create_jobstates(user):
values = flask.request.json
check_json_is_valid(jobstate_schema, values)
# if one create a 'failed' jobstates and the current state is either
# 'run' or 'pre-run' then set the job to 'error' state
job_id = values.get('job_id')
job = v1_utils.verify_existence_and_get(job_id, models.JOBS)
job = dict(job)
if values.get('status') in ['failure', 'error']:
if job['status'] in ['new', 'pre-run']:
values['status'] = 'error'
insert_jobstate(user, values)
# Update job status
job_duration = datetime.datetime.utcnow() - job['created_at']
query_update_job = (models.JOBS.update().where(
sql.and_(models.JOBS.c.id == job_id,
models.JOBS.c.status != values.get('status'))).values(
status=values.get('status'),
duration=job_duration.seconds))
result = flask.g.db_conn.execute(query_update_job)
# send notification in case of final jobstate status
if result.rowcount and values.get('status') in models.FINAL_STATUSES:
embeds = ['components', 'topic', 'remoteci', 'results']
embeds_many = {
'components': True,
'topic': False,
'remoteci': False,
'results': True
}
job = base.get_resource_by_id(user,
job,
models.JOBS,
embed_many=embeds_many,
embeds=embeds,
jsonify=False)
job = dict(job)
jobs_events.create_event(job['id'], values['status'], job['topic_id'])
if values.get('status') in models.FINAL_FAILURE_STATUSES:
notifications.dispatcher(job)
result = json.dumps({'jobstate': values})
return flask.Response(result, 201, content_type='application/json')
def get_permission_by_id(user, permission_id):
permission = v1_utils.verify_existence_and_get(permission_id, _TABLE)
return base.get_resource_by_id(user, permission, _TABLE, _EMBED_MANY)
def get_product_by_id(user, product_id):
product = v1_utils.verify_existence_and_get(product_id, _TABLE)
return base.get_resource_by_id(user, product, _TABLE, _EMBED_MANY)
def get_feeder_by_id(user, f_id):
feeder = v1_utils.verify_existence_and_get(f_id, _TABLE)
if not user.is_in_team(feeder['team_id']):
raise auth.UNAUTHORIZED
return base.get_resource_by_id(user, feeder, _TABLE, _EMBED_MANY)
def get_file_by_id(user, file_id):
file = v1_utils.verify_existence_and_get(file_id, _TABLE)
return base.get_resource_by_id(user, file, _TABLE, _EMBED_MANY)
def get_component_by_id(user, c_id):
component = v1_utils.verify_existence_and_get(c_id, _TABLE)
v1_utils.verify_team_in_topic(user, component['topic_id'])
auth.check_export_control(user, component)
return base.get_resource_by_id(user, component, _TABLE, _EMBED_MANY)
def get_jobstate_by_id(user, js_id):
jobstate = v1_utils.verify_existence_and_get(js_id, _TABLE)
return base.get_resource_by_id(user, jobstate, _TABLE, _EMBED_MANY)
def get_feeder_by_id(user, f_id):
feeder = v1_utils.verify_existence_and_get(f_id, _TABLE)
if not user.is_in_team(feeder['team_id']):
raise dci_exc.Unauthorized()
return base.get_resource_by_id(user, feeder, _TABLE, _EMBED_MANY)
def get_jobdefinition_by_id(user, jd_id):
jobdefinition = v1_utils.verify_existence_and_get(jd_id, _TABLE)
return base.get_resource_by_id(user, jobdefinition, _TABLE, _EMBED_MANY)
def get_remoteci_by_id(user, r_id):
remoteci = v1_utils.verify_existence_and_get(r_id, _TABLE)
return base.get_resource_by_id(user, remoteci, _TABLE, _EMBED_MANY)
def get_configuration_by_id(user, r_id, c_id):
v1_utils.verify_existence_and_get(r_id, _TABLE)
configuration = v1_utils.verify_existence_and_get(c_id, _RCONFIGURATIONS)
return base.get_resource_by_id(user, configuration, _RCONFIGURATIONS, None,
resource_name='rconfiguration')
def get_team_by_id(user, t_id):
team = v1_utils.verify_existence_and_get(t_id, _TABLE)
if user.is_not_in_team(t_id) and user.is_not_epm():
raise dci_exc.Unauthorized()
return base.get_resource_by_id(user, team, _TABLE, _EMBED_MANY)
def get_team_by_id(user, t_id):
team = v1_utils.verify_existence_and_get(t_id, _TABLE)
if not (auth.is_admin(user) or auth.is_in_team(user, team['id'])):
raise auth.UNAUTHORIZED
return base.get_resource_by_id(user, team, _TABLE, _EMBED_MANY)
