From 3f13a38d102725afb0a981fe1506f22bfbf37a12 Mon Sep 17 00:00:00 2001
From: Nathaniel Kofalt <nathaniel@kofalt.com>
Date: Fri, 15 Jan 2016 16:22:53 -0600
Subject: [PATCH] Require superuser for jobs.reap_stale

---
 api/jobs.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/api/jobs.py b/api/jobs.py
index 0274fd10..4533fd38 100644
--- a/api/jobs.py
+++ b/api/jobs.py
@@ -259,6 +259,9 @@ class Jobs(base.RequestHandler):
         return result
 
     def reap_stale(self):
+        if not self.superuser_request:
+            self.abort(403, 'Request requires superuser')
+
         while True:
             j = config.db.jobs.find_one_and_update(
                 {
-- 
GitLab