def filter_jobs(self, user, jobs, **kwargs):
check_permission = not SHARE_JOBS.get() and not user.is_superuser
return filter(lambda job:
not check_permission or
user.is_superuser or
job.user == user.username, jobs)
def filter_jobs(self, user, jobs, **kwargs):
check_permission = not SHARE_JOBS.get() and not user.is_superuser
return filter(lambda job:
not check_permission or
user.is_superuser or
job.user == user.username, jobs)
def filter_jobs(self, user, jobs, **kwargs):
check_permission = not SHARE_JOBS.get() and not is_admin(user)
return filter(lambda job:
not check_permission or
is_admin(user) or
job.user == user.username, jobs)
def filter_jobs(self, user, jobs, **kwargs):
check_permission = not SHARE_JOBS.get() and not is_admin(user)
return filter(lambda job:
not check_permission or
is_admin(user) or
job.user == user.username, jobs)
def filter_jobs(self, user, jobs, **kwargs):
check_permission = not SHARE_JOBS.get() and not user.is_superuser
limit = kwargs.pop('limit', 10000)
return [Job.from_thriftjob(self.jt, j)
for j in self._filter_jobs(jobs, **kwargs)
if not check_permission or user.is_superuser or j.profile.user == user.username][:limit]
def filter_jobs(self, user, jobs, **kwargs):
check_permission = not SHARE_JOBS.get() and not user.is_superuser
return [
Job.from_thriftjob(self.jt, j)
for j in self._filter_jobs(jobs, **kwargs) if not check_permission
or user.is_superuser or j.profile.user == user.username
]
def decorate(request, *args, **kwargs):
jobid = kwargs['job']
job = get_job(request, job_id=jobid)
if not SHARE_JOBS.get() and not request.user.is_superuser \
and job.user != request.user.username and not can_view_job(request.user.username, job):
raise PopupException(
_("You don't have permission to access job %(id)s.") %
{'id': jobid})
kwargs['job'] = job
return view_func(request, *args, **kwargs)
def decorate(request, *args, **kwargs):
jobid = kwargs['job']
try:
job = get_job(request, job_id=jobid)
except ApplicationNotRunning as e:
LOG.warn(
'Job %s has not yet been accepted by the RM, will poll for status.'
% jobid)
return job_not_assigned(request, jobid, request.path)
if not SHARE_JOBS.get() and not is_admin(request.user) \
and job.user != request.user.username and not can_view_job(request.user.username, job):
raise PopupException(
_("You don't have permission to access job %(id)s.") %
{'id': jobid})
kwargs['job'] = job
return view_func(request, *args, **kwargs)
def check_job_permission(view_func):
"""
Ensure that the user has access to the job.
Assumes that the wrapped function takes a 'jobid' param named 'job'.
"""
def decorate(request, *args, **kwargs):
jobid = kwargs['job']
try:
job = get_job(request, job_id=jobid)
except ApplicationNotRunning, e:
LOG.warn('Job %s has not yet been accepted by the RM, will poll for status.' % jobid)
return job_not_assigned(request, jobid, request.path)
if not SHARE_JOBS.get() and not request.user.is_superuser \
and job.user != request.user.username and not can_view_job(request.user.username, job):
raise PopupException(_("You don't have permission to access job %(id)s.") % {'id': jobid})
kwargs['job'] = job
return view_func(request, *args, **kwargs)
def check_job_permission(view_func):
"""
Ensure that the user has access to the job.
Assumes that the wrapped function takes a 'jobid' param named 'job'.
"""
def decorate(request, *args, **kwargs):
jobid = kwargs['job']
try:
job = get_job(request, job_id=jobid)
except ApplicationNotRunning, e:
LOG.warn('Job %s has not yet been accepted by the RM, will poll for status.' % jobid)
return job_not_assigned(request, jobid, request.path)
if not SHARE_JOBS.get() and not request.user.is_superuser \
and job.user != request.user.username and not can_view_job(request.user.username, job):
raise PopupException(_("You don't have permission to access job %(id)s.") % {'id': jobid})
kwargs['job'] = job
return view_func(request, *args, **kwargs)
except ApplicationNotRunning, e:
if e.job.get('state',
'').lower() == 'accepted' and 'kill' in request.path:
rm_api = resource_manager_api.get_resource_manager()
job = Application(e.job, rm_api)
else:
# reverse() seems broken, using request.path but beware, it discards GET and POST info
return job_not_assigned(request, jobid, request.path)
except JobExpired, e:
raise PopupException(
_('Job %s has expired.') % jobid,
detail=_('Cannot be found on the History Server.'))
except Exception, e:
raise PopupException(_('Could not find job %s.') % jobid, detail=e)
if not SHARE_JOBS.get() and not request.user.is_superuser \
and job.user != request.user.username and not can_view_job(request.user.username, job):
raise PopupException(
_("You don't have permission to access job %(id)s.") %
{'id': jobid})
kwargs['job'] = job
return view_func(request, *args, **kwargs)
return wraps(view_func)(decorate)
def job_not_assigned(request, jobid, path):
if request.GET.get('format') == 'json':
result = {'status': -1, 'message': ''}
try:
jobid = kwargs['job']
try:
job = get_api(request.user, request.jt).get_job(jobid=jobid)
except ApplicationNotRunning, e:
if e.job.get('state', '').lower() == 'accepted' and 'kill' in request.path:
rm_api = resource_manager_api.get_resource_manager(request.user)
job = Application(e.job, rm_api)
else:
# reverse() seems broken, using request.path but beware, it discards GET and POST info
return job_not_assigned(request, jobid, request.path)
except JobExpired, e:
raise PopupException(_('Job %s has expired.') % jobid, detail=_('Cannot be found on the History Server.'))
except Exception, e:
raise PopupException(_('Could not find job %s.') % jobid, detail=e)
if not SHARE_JOBS.get() and not request.user.is_superuser \
and job.user != request.user.username and not can_view_job(request.user.username, job):
raise PopupException(_("You don't have permission to access job %(id)s.") % {'id': jobid})
kwargs['job'] = job
return view_func(request, *args, **kwargs)
return wraps(view_func)(decorate)
def job_not_assigned(request, jobid, path):
if request.GET.get('format') == 'json':
result = {'status': -1, 'message': ''}
try:
get_api(request.user, request.jt).get_job(jobid=jobid)
result['status'] = 0
except ApplicationNotRunning, e:
def filter_jobs(self, user, jobs, **kwargs):
check_permission = not SHARE_JOBS.get() and not is_admin(user)
return [job for job in jobs if not check_permission or
is_admin(user) or
job.user == user.username]
except ApplicationNotRunning, e:
if e.job.get("state", "").lower() == "accepted" and "kill" in request.path:
rm_api = resource_manager_api.get_resource_manager(request.user)
job = Application(e.job, rm_api)
else:
# reverse() seems broken, using request.path but beware, it discards GET and POST info
return job_not_assigned(request, jobid, request.path)
except JobExpired, e:
raise PopupException(_("Job %s has expired.") % jobid, detail=_("Cannot be found on the History Server."))
except Exception, e:
msg = "Could not find job %s."
LOGGER.exception(msg % jobid)
raise PopupException(_(msg) % jobid, detail=e)
if (
not SHARE_JOBS.get()
and not request.user.is_superuser
and job.user != request.user.username
and not can_view_job(request.user.username, job)
):
raise PopupException(_("You don't have permission to access job %(id)s.") % {"id": jobid})
kwargs["job"] = job
return view_func(request, *args, **kwargs)
return wraps(view_func)(decorate)
def job_not_assigned(request, jobid, path):
if request.GET.get("format") == "json":
result = {"status": -1, "message": ""}
