Skip to content
Snippets Groups Projects
Unverified Commit f8820588 authored by Peter Stanko's avatar Peter Stanko
Browse files

Forbidden refactor and permissions for the upload result - evaluate_submission

parent 1c150f8b
No related branches found
No related tags found
No related merge requests found
Pipeline #
......@@ -53,4 +53,5 @@ def update_project_test_files(course_id: str, project_id: str):
}
updated_entity: UploadedEntity = storage.test_files.update(entity_id=project.id, **params)
project.config.test_files_commit_hash = updated_entity.version
write_entity(project)
log.debug(f"Updated project config: {project.config}")
write_entity(project.config)
......@@ -61,7 +61,7 @@ class CourseResource(Resource):
filtered_course = filter_course_dump(course, dump.data, client)
return filtered_course
raise ForbiddenError(uid=client.id)
raise ForbiddenError(client=client)
@jwt_required
@courses_namespace.response(204, 'Course deleted')
......
......@@ -221,4 +221,4 @@ def get_config_schema_based_on_permissions(course):
elif perm_service.check.client(['view_course_limited']):
return config_schema_reduced
else:
raise ForbiddenError(uid=perm_service.client.id)
raise ForbiddenError(perm_service.client)
......@@ -166,7 +166,8 @@ class SubmissionResultFiles(Resource):
def post(self, sid: str):
submission = general.find_submission(sid)
# authorization
permissions.PermissionsService().require.sysadmin()
course = submission.project.course
permissions.PermissionsService(course=course).require.client(['evaluate_submissions'])
# todo: authorize worker
service = SubmissionsService(submission=submission)
task = service.upload_results_to_storage()
......
......@@ -295,7 +295,7 @@ def get_submissions_based_on_permissions(client, user, course_id, project_ids):
if find_client_owner(client) == user:
return user.submissions
else:
raise errors.ForbiddenError(uid=client.id)
raise errors.ForbiddenError(client)
def get_submissions_based_on_permissions_for_course(client, course_id, project_ids, user):
......
......@@ -107,12 +107,10 @@ class UnauthorizedError(PortalAPIError):
class ForbiddenError(PortalAPIError):
# could use a resource identification (like 404)
def __init__(self, uid=None, note=None):
user_message = f"Forbidden for user: {uid}!" if uid else "Forbidden action."
message = dict(
uid=uid,
message=user_message,
)
def __init__(self, client=None, note=None):
user_message = f"Forbidden for {client.type}: {client.id}!" if client else \
'Forbidden action.'
message = dict(uid=client.id, message=user_message)
if note:
message['note'] = note
......
......@@ -192,7 +192,7 @@ class GroupService:
return course.groups
elif perm_service.check.client(['view_course_limited']):
return filters.filter_groups_from_course(course=course, user=perm_service.client)
raise ForbiddenError(uid=perm_service.client.id)
raise ForbiddenError(perm_service.client)
def remove_project(self, project: Project) -> Group:
"""Removes projects from the group
......
......@@ -70,7 +70,7 @@ class PermissionServiceRequire:
def any_check(self, *checks):
if not self.service.check.any_check(*checks):
raise ForbiddenError(self.service.client.id)
raise ForbiddenError(self.service.client)
def update_course(self):
self.client(['update_course'])
......
......@@ -155,7 +155,7 @@ class ProjectService:
return course.projects
elif perm_service.check.client(['view_course_limited']):
return filters.filter_projects_from_course(course=course, user=perm_service.client)
raise ForbiddenError(uid=perm_service.client.id)
raise ForbiddenError(perm_service.client)
def update_project_test_files(self):
""" Sends a request to Storage to update the project's test_files to the newest version.
......
......@@ -185,4 +185,4 @@ class RoleService:
return course.roles
elif perm_service.check.client(['view_course_limited']):
return filter_roles_from_course(course=course, client=perm_service.client)
raise ForbiddenError(uid=perm_service.client.id)
raise ForbiddenError(perm_service.client)
......@@ -139,7 +139,7 @@ class SubmissionsService(object):
"""
new_state = data['state']
if isinstance(client, User) and new_state != SubmissionState.CANCELLED:
raise errors.ForbiddenError(uid=client.id,
raise errors.ForbiddenError(client,
note=f"User {client.id} cannot update "
f"state to other than CANCELLED.")
self.submission.change_state(new_state)
......
......@@ -31,6 +31,7 @@ class WorkerClient:
def execute_submission(self, submission):
log.info(f"[WC] Executing: {submission}")
parameters = submission.parameters
parameters['test_files_hash'] = submission.project.config.test_files_commit_hash
parameters['id'] = submission.id
result = self.api.submissions.create(parameters, sid=submission.id)
log.debug(f"[WC] Exec call result: {result}")
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment