unimore/pds-2021-g2-nest
unimore/pds-2021-g2-nest
1
Fork 0
mirror of https://github.com/pds-nest/nest.git synced 2024-11-22 04:54:18 +00:00
Code Activity

Fixes

Browse source
This commit is contained in:
Lorenzo Balugani 2021-05-28 12:57:11 +02:00
parent 000e688a09
commit 163c82082b
4 changed files with 7 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
nest_backend/routes/repository/conditions/repository_conditions.py
View file

@ -78,15 +78,15 @@ def page_repository_conditions(rid):
return json_error("Could not find repository", REPOSITORY_NOT_FOUND), 404 return json_error("Could not find repository", REPOSITORY_NOT_FOUND), 404
user = find_user(get_jwt_identity()) user = find_user(get_jwt_identity())
if user.email != repository.owner_id:
return json_error("You are not authorized.", REPOSITORY_NOT_OWNER), 403
if request.method == "GET": if request.method == "GET":
try: try:
return json_success([u.to_json() for u in repository.conditions]) return json_success([u.to_json() for u in repository.conditions])
except Exception as e: except Exception as e:
return json_error("Unknown error:" + str(e), GENERIC_UFO), 400 return json_error("Unknown error:" + str(e), GENERIC_UFO), 400
if user.email != repository.owner_id:
return json_error("You are not authorized.", REPOSITORY_NOT_OWNER), 403
if request.method == "POST": if request.method == "POST":
if request.json is None: if request.json is None:
return json_error("Missing json content.", GENERIC_NO_JSON), 400 return json_error("Missing json content.", GENERIC_NO_JSON), 400

6
nest_backend/routes/repository/repository.py
View file

@ -159,9 +159,9 @@ def page_repository(rid):
return json_error("Could not find repository.", REPOSITORY_NOT_FOUND), 404 return json_error("Could not find repository.", REPOSITORY_NOT_FOUND), 404
if request.method == "GET": if request.method == "GET":
return json_success(repository.to_json()), 200 return json_success(repository.to_json()), 200
elif request.method == "PATCH": if user.email != repository.owner_id:
if repository.owner_id != user.email:
return json_error("You are not the owner of this repository.", REPOSITORY_NOT_OWNER), 403 return json_error("You are not the owner of this repository.", REPOSITORY_NOT_OWNER), 403
elif request.method == "PATCH":
if 'name' in request.json: if 'name' in request.json:
repository.name = request.json['name'] repository.name = request.json['name']
if 'close' in request.json and not repository.end and repository.is_active: if 'close' in request.json and not repository.end and repository.is_active:
@ -178,8 +178,6 @@ def page_repository(rid):
ext.session.commit() ext.session.commit()
return json_success(repository.to_json()), 204 return json_success(repository.to_json()), 204
elif request.method == "DELETE": elif request.method == "DELETE":
if repository.owner_id != user.email and not user.isAdmin:
return json_error("You are not the owner of this repository.", REPOSITORY_NOT_OWNER), 403
try: try:
repository.is_deleted = True repository.is_deleted = True
ext.session.commit() ext.session.commit()

2
nest_crawler/__main__.py
View file

@ -1,6 +1,6 @@
from nest_backend.database import * from nest_backend.database import *
from nest_backend.app import app, extension_sqlalchemy from nest_backend.app import app, extension_sqlalchemy
from repo_search import search_repo_conditions from nest_crawler.repo_search import search_repo_conditions
from alert_trigger import is_repo_alert_triggered from alert_trigger import is_repo_alert_triggered
ext.init_app(app=app) ext.init_app(app=app)

2
nest_crawler/repo_search.py
View file

@ -1,5 +1,5 @@
from nest_backend.database import * from nest_backend.database import *
from .authentication import authenticate from nest_crawler.authentication import authenticate
from datetime import datetime, timedelta from datetime import datetime, timedelta
import tweepy as tw import tweepy as tw