Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
C
core
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Requirements
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Test cases
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to JiHu GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Chenhao Ma
core
Commits
744b877d
Commit
744b877d
authored
10 years ago
by
Gunnar Schaefer
Browse files
Options
Downloads
Patches
Plain Diff
add drone auth code
- essential lines in core.Core.put() are still commented
parent
0bf1b0b4
No related branches found
No related tags found
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
base.py
+13
-7
13 additions, 7 deletions
base.py
core.py
+2
-0
2 additions, 0 deletions
core.py
with
15 additions
and
7 deletions
base.py
+
13
−
7
View file @
744b877d
...
...
@@ -23,6 +23,7 @@ class RequestHandler(webapp2.RequestHandler):
# set uid, source_site, public_request, and superuser
self
.
uid
=
None
self
.
source_site
=
None
self
.
drone_request
=
False
access_token
=
self
.
request
.
headers
.
get
(
'
Authorization
'
,
None
)
if
access_token
and
self
.
app
.
config
[
'
oauth2_id_endpoint
'
]:
token_request_time
=
datetime
.
datetime
.
now
()
...
...
@@ -42,14 +43,19 @@ class RequestHandler(webapp2.RequestHandler):
self
.
abort
(
401
,
'
invalid oauth2 token
'
,
headers
=
headers
)
elif
self
.
debug
and
self
.
request
.
get
(
'
user
'
):
self
.
uid
=
self
.
request
.
get
(
'
user
'
)
elif
self
.
request
.
user_agent
.
startswith
(
'
NIMS Instance
'
):
self
.
uid
=
self
.
request
.
headers
.
get
(
'
X-User
'
)
self
.
source_site
=
self
.
request
.
headers
.
get
(
'
X-Site
'
)
elif
self
.
request
.
user_agent
.
startswith
(
'
SciTran
'
):
if
self
.
request
.
environ
[
'
SSL_CLIENT_VERIFY
'
]
!=
'
SUCCESS
'
:
self
.
abort
(
401
,
'
no valid SSL client certificate
'
)
remote_instance
=
self
.
request
.
user_agent
.
replace
(
'
NIMS Instance
'
,
''
).
strip
()
if
not
self
.
app
.
db
.
sites
.
find_one
({
'
_id
'
:
remote_instance
}):
self
.
abort
(
402
,
remote_instance
+
'
is not authorized
'
)
if
self
.
request
.
user_agent
.
startswith
(
'
SciTran Instance
'
):
self
.
uid
=
self
.
request
.
headers
.
get
(
'
X-User
'
)
self
.
source_site
=
self
.
request
.
headers
.
get
(
'
X-Site
'
)
remote_instance
=
self
.
request
.
user_agent
.
replace
(
'
SciTran Instance
'
,
''
).
strip
()
if
not
self
.
app
.
db
.
sites
.
find_one
({
'
_id
'
:
remote_instance
}):
self
.
abort
(
402
,
remote_instance
+
'
is not an authorized remote instance
'
)
else
:
if
not
self
.
app
.
db
.
drones
.
find_one
({
'
_id
'
:
remote_instance
}):
self
.
abort
(
402
,
remote_instance
+
'
is not an authorized drone
'
)
self
.
drone_request
=
True
self
.
public_request
=
not
bool
(
self
.
uid
)
if
self
.
public_request
or
self
.
source_site
:
self
.
superuser_request
=
False
...
...
@@ -87,7 +93,7 @@ class RequestHandler(webapp2.RequestHandler):
self
.
abort
(
402
,
'
remote host
'
+
target_site
+
'
is not an authorized remote
'
)
# adjust headers
self
.
headers
=
self
.
request
.
headers
self
.
headers
[
'
User-Agent
'
]
=
'
NIMS
Instance
'
+
self
.
app
.
config
[
'
site_id
'
]
self
.
headers
[
'
User-Agent
'
]
=
'
SciTran
Instance
'
+
self
.
app
.
config
[
'
site_id
'
]
self
.
headers
[
'
X-User
'
]
=
self
.
uid
self
.
headers
[
'
X-Site
'
]
=
self
.
app
.
config
[
'
site_id
'
]
self
.
headers
[
'
Content-Length
'
]
=
len
(
self
.
request
.
body
)
...
...
This diff is collapsed.
Click to expand it.
core.py
+
2
−
0
View file @
744b877d
...
...
@@ -138,6 +138,8 @@ class Core(base.RequestHandler):
def
put
(
self
):
"""
Receive a sortable reaper or user upload.
"""
#if not self.uid and not self.drone_request:
# self.abort(402, 'uploads must be from an authorized user or drone')
if
'
Content-MD5
'
not
in
self
.
request
.
headers
:
self
.
abort
(
400
,
'
Request must contain a valid
"
Content-MD5
"
header.
'
)
filename
=
self
.
request
.
get
(
'
filename
'
,
'
upload
'
)
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment