Exemplo n.º 1
0
  def filter_jobs(self, user, jobs, **kwargs):
    check_permission = not SHARE_JOBS.get() and not user.is_superuser

    return filter(lambda job:
                  not check_permission or
                  user.is_superuser or
                  job.user == user.username, jobs)
Exemplo n.º 2
0
  def filter_jobs(self, user, jobs, **kwargs):
    check_permission = not SHARE_JOBS.get() and not user.is_superuser

    return filter(lambda job:
                  not check_permission or
                  user.is_superuser or
                  job.user == user.username, jobs)
Exemplo n.º 3
0
Arquivo: api.py Projeto: cloudera/hue
  def filter_jobs(self, user, jobs, **kwargs):
    check_permission = not SHARE_JOBS.get() and not is_admin(user)

    return filter(lambda job:
                  not check_permission or
                  is_admin(user) or
                  job.user == user.username, jobs)
Exemplo n.º 4
0
  def filter_jobs(self, user, jobs, **kwargs):
    check_permission = not SHARE_JOBS.get() and not is_admin(user)

    return filter(lambda job:
                  not check_permission or
                  is_admin(user) or
                  job.user == user.username, jobs)
Exemplo n.º 5
0
  def filter_jobs(self, user, jobs, **kwargs):
    check_permission = not SHARE_JOBS.get() and not user.is_superuser

    limit = kwargs.pop('limit', 10000)

    return [Job.from_thriftjob(self.jt, j)
            for j in self._filter_jobs(jobs, **kwargs)
            if not check_permission or user.is_superuser or j.profile.user == user.username][:limit]
Exemplo n.º 6
0
    def filter_jobs(self, user, jobs, **kwargs):
        check_permission = not SHARE_JOBS.get() and not user.is_superuser

        return [
            Job.from_thriftjob(self.jt, j)
            for j in self._filter_jobs(jobs, **kwargs) if not check_permission
            or user.is_superuser or j.profile.user == user.username
        ]
Exemplo n.º 7
0
    def decorate(request, *args, **kwargs):
        jobid = kwargs['job']
        job = get_job(request, job_id=jobid)

        if not SHARE_JOBS.get() and not request.user.is_superuser \
            and job.user != request.user.username and not can_view_job(request.user.username, job):
            raise PopupException(
                _("You don't have permission to access job %(id)s.") %
                {'id': jobid})
        kwargs['job'] = job
        return view_func(request, *args, **kwargs)
Exemplo n.º 8
0
    def decorate(request, *args, **kwargs):
        jobid = kwargs['job']
        try:
            job = get_job(request, job_id=jobid)
        except ApplicationNotRunning as e:
            LOG.warn(
                'Job %s has not yet been accepted by the RM, will poll for status.'
                % jobid)
            return job_not_assigned(request, jobid, request.path)

        if not SHARE_JOBS.get() and not is_admin(request.user) \
            and job.user != request.user.username and not can_view_job(request.user.username, job):
            raise PopupException(
                _("You don't have permission to access job %(id)s.") %
                {'id': jobid})
        kwargs['job'] = job
        return view_func(request, *args, **kwargs)
Exemplo n.º 9
0
def check_job_permission(view_func):
  """
  Ensure that the user has access to the job.
  Assumes that the wrapped function takes a 'jobid' param named 'job'.
  """
  def decorate(request, *args, **kwargs):
    jobid = kwargs['job']
    try:
      job = get_job(request, job_id=jobid)
    except ApplicationNotRunning, e:
      LOG.warn('Job %s has not yet been accepted by the RM, will poll for status.' % jobid)
      return job_not_assigned(request, jobid, request.path)

    if not SHARE_JOBS.get() and not request.user.is_superuser \
        and job.user != request.user.username and not can_view_job(request.user.username, job):
      raise PopupException(_("You don't have permission to access job %(id)s.") % {'id': jobid})
    kwargs['job'] = job
    return view_func(request, *args, **kwargs)
Exemplo n.º 10
0
def check_job_permission(view_func):
  """
  Ensure that the user has access to the job.
  Assumes that the wrapped function takes a 'jobid' param named 'job'.
  """
  def decorate(request, *args, **kwargs):
    jobid = kwargs['job']
    try:
      job = get_job(request, job_id=jobid)
    except ApplicationNotRunning, e:
      LOG.warn('Job %s has not yet been accepted by the RM, will poll for status.' % jobid)
      return job_not_assigned(request, jobid, request.path)

    if not SHARE_JOBS.get() and not request.user.is_superuser \
        and job.user != request.user.username and not can_view_job(request.user.username, job):
      raise PopupException(_("You don't have permission to access job %(id)s.") % {'id': jobid})
    kwargs['job'] = job
    return view_func(request, *args, **kwargs)
Exemplo n.º 11
0
        except ApplicationNotRunning, e:
            if e.job.get('state',
                         '').lower() == 'accepted' and 'kill' in request.path:
                rm_api = resource_manager_api.get_resource_manager()
                job = Application(e.job, rm_api)
            else:
                # reverse() seems broken, using request.path but beware, it discards GET and POST info
                return job_not_assigned(request, jobid, request.path)
        except JobExpired, e:
            raise PopupException(
                _('Job %s has expired.') % jobid,
                detail=_('Cannot be found on the History Server.'))
        except Exception, e:
            raise PopupException(_('Could not find job %s.') % jobid, detail=e)

        if not SHARE_JOBS.get() and not request.user.is_superuser \
            and job.user != request.user.username and not can_view_job(request.user.username, job):
            raise PopupException(
                _("You don't have permission to access job %(id)s.") %
                {'id': jobid})
        kwargs['job'] = job
        return view_func(request, *args, **kwargs)

    return wraps(view_func)(decorate)


def job_not_assigned(request, jobid, path):
    if request.GET.get('format') == 'json':
        result = {'status': -1, 'message': ''}

        try:
Exemplo n.º 12
0
Arquivo: views.py Projeto: ronwxy/hue
    jobid = kwargs['job']
    try:
      job = get_api(request.user, request.jt).get_job(jobid=jobid)
    except ApplicationNotRunning, e:
      if e.job.get('state', '').lower() == 'accepted' and 'kill' in request.path:
        rm_api = resource_manager_api.get_resource_manager(request.user)
        job = Application(e.job, rm_api)
      else:
        # reverse() seems broken, using request.path but beware, it discards GET and POST info
        return job_not_assigned(request, jobid, request.path)
    except JobExpired, e:
      raise PopupException(_('Job %s has expired.') % jobid, detail=_('Cannot be found on the History Server.'))
    except Exception, e:
      raise PopupException(_('Could not find job %s.') % jobid, detail=e)

    if not SHARE_JOBS.get() and not request.user.is_superuser \
        and job.user != request.user.username and not can_view_job(request.user.username, job):
      raise PopupException(_("You don't have permission to access job %(id)s.") % {'id': jobid})
    kwargs['job'] = job
    return view_func(request, *args, **kwargs)
  return wraps(view_func)(decorate)


def job_not_assigned(request, jobid, path):
  if request.GET.get('format') == 'json':
    result = {'status': -1, 'message': ''}

    try:
      get_api(request.user, request.jt).get_job(jobid=jobid)
      result['status'] = 0
    except ApplicationNotRunning, e:
Exemplo n.º 13
0
Arquivo: api.py Projeto: ranade1/hue-3
  def filter_jobs(self, user, jobs, **kwargs):
    check_permission = not SHARE_JOBS.get() and not is_admin(user)

    return [job for job in jobs if not check_permission or
                  is_admin(user) or
                  job.user == user.username]
Exemplo n.º 14
0
        except ApplicationNotRunning, e:
            if e.job.get("state", "").lower() == "accepted" and "kill" in request.path:
                rm_api = resource_manager_api.get_resource_manager(request.user)
                job = Application(e.job, rm_api)
            else:
                # reverse() seems broken, using request.path but beware, it discards GET and POST info
                return job_not_assigned(request, jobid, request.path)
        except JobExpired, e:
            raise PopupException(_("Job %s has expired.") % jobid, detail=_("Cannot be found on the History Server."))
        except Exception, e:
            msg = "Could not find job %s."
            LOGGER.exception(msg % jobid)
            raise PopupException(_(msg) % jobid, detail=e)

        if (
            not SHARE_JOBS.get()
            and not request.user.is_superuser
            and job.user != request.user.username
            and not can_view_job(request.user.username, job)
        ):
            raise PopupException(_("You don't have permission to access job %(id)s.") % {"id": jobid})
        kwargs["job"] = job
        return view_func(request, *args, **kwargs)

    return wraps(view_func)(decorate)


def job_not_assigned(request, jobid, path):
    if request.GET.get("format") == "json":
        result = {"status": -1, "message": ""}