def has_permission(self, request, view): """ Return true if user can access the api. """ user = get_user(request) # get permission if you come from hhnb if request.META['REQUEST_URI'] == '/jobs/pizdaint/hhnb_daint_cscs/': r = requests.get('https://hbp-bsp-hhnb.cineca.it/hh-neuron-builder/status', stream=True) if r.status_code == 200: hhnb_ip, _ = r.raw._connection.sock.getpeername() if request.META['REMOTE_ADDR'] == hhnb_ip: return True if user: user_groups = user.groups.split(',') print(user_groups) if user_groups == '': return False group = request.path.split('/')[2:-1] if len(group) < 2: return True elif len(group) >= 2: try: project = Project.objects.get(hpc=group[0].upper(), name=group[1]) if str(project.id) in user_groups: return True except Project.DoesNotExist: return Response('Project not found!', status=status.HTTP_404_NOT_FOUND) return False
def has_permission(self, request, view): """ Return true if user is admin. """ # if user is 'admin' get permission user = get_user(request) if user.is_admin: return True return False
def has_permission(self, request, view): """ Return true if user can access the api. """ user = get_user(request) user_groups = user.groups.split(',') if user_groups == '': return False group = request.path.split('/')[2:-1] if len(group) < 2: return True elif len(group) >= 2: try: project = Project.objects.get(hpc=group[0].upper(), name=group[1]) if str(project.id) in user_groups: return True except Project.DoesNotExist: return Response('Project not found!', status=status.HTTP_404_NOT_FOUND) return False
def has_permission(self, request, view): """ Return false if user is banned. """ user = get_user(request) if user.banned_from: return False return True
def unicore_pizdaint(request, project_name=None): # check if user exists user = get_user(request) if not isinstance(user, User): return HttpResponseForbidden(user) # check if project exists if not project_name: project_name = PROJECT['PIZDAINT'] try: project = Project.objects.get(name=project_name, hpc='PIZDAINT') except Project.DoesNotExist: return HttpResponseNotFound('Project not found!') # check if user has permission if not user_has_permission(user, project): return HttpResponseForbidden( 'User has not access or is banned from this project.') URL = request.path.split('advanced/pizdaint')[1] headers = {} if 'HTTP_CONTENT_TYPE' in request.META: headers.update({'content-type': request.META['HTTP_CONTENT_TYPE']}) if 'HTTP_ACCEPT' in request.META: headers.update({'accept': request.META['HTTP_ACCEPT']}) if URL == '/rest/core/jobs' and request.method == 'POST': r = submit_job(user, project, request, headers) else: json_data = None str_data = None if request.method == 'GET': json_data = request.GET if json_data: URL += '?' for k in json_data: URL += k + '=' + str(json_data[k]) # Add user tag in GET request s = URL.split('?tags=') try: URL = s[0] + '?tags=' + s[1] + ',userid' + user.id except IndexError: URL = s[0] + '?tags=userid' + user.id elif request.method == 'POST': json_data = request.POST if not json_data: try: json_data = json.loads(request.body) except ValueError: str_data = request.body r = pizdaint(method=request.method, append_url=URL, headers=headers, data=str_data, json=json_data) #print(request.method, r.status_code, r.content, sep='\n') if r.status_code == 200: if request.method == 'GET' and '/rest/core/jobs/' in URL: # update job record if user request job's info job_id = URL.split('/rest/core/jobs/')[1].upper() try: job = Job.objects.get(job_id=job_id, project=project.id) data = extract_job_data(job, r) serializer = JobSerializer(instance=job, data=data, partial=True) if serializer.is_valid(): job = serializer.save() # restore unused quota if job.end_date: delta_time = job.end_date - job.init_date delta_seconds = delta_time.days * 24 * 60 * 60 + delta_time.seconds quota = Quota.objects.get(user=user, project=job.project) quota.add(time=delta_seconds) else: print( 'Serializer error on Adavanced Job record update') print(serializer.errors) print('Data:') pprint.pprint(job) except Job.DoesNotExist: print('Job ' + str(job_id) + ' not exists') access_control_expose_headers = [] response = HttpResponse() response.status_code = r.status_code try: new_content = str(r.content.decode('utf-8')).replace( ORIGINAL_URL, NEW_URL) except UnicodeDecodeError: new_content = r.content response.content = new_content for k in r.headers.keys(): if k == 'Content-Length': response[k] = len(response.content) continue elif k == 'Location' or k == 'Content-Type' or k == 'Cache-Control' or k == 'Content-Language' or k == 'Expires' or k == 'Last-Modified' or k == 'Pragma': access_control_expose_headers.append(k) response[k] = str(r.headers[k]).replace(ORIGINAL_URL, NEW_URL) response['Access-Control-Expose-Headers'] = ', '.join( access_control_expose_headers) return response