Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(4)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: appengine/swarming/server/task_request.py

Issue 2984843002: swarming: switch to a 'capability focused' ACL system (Closed)
Patch Set: Tuned permissions, added tests Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « appengine/swarming/server/acl_test.py ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # coding: utf-8 1 # coding: utf-8
2 # Copyright 2014 The LUCI Authors. All rights reserved. 2 # Copyright 2014 The LUCI Authors. All rights reserved.
3 # Use of this source code is governed under the Apache License, Version 2.0 3 # Use of this source code is governed under the Apache License, Version 2.0
4 # that can be found in the LICENSE file. 4 # that can be found in the LICENSE file.
5 5
6 """Tasks definition. 6 """Tasks definition.
7 7
8 Each user request creates a new TaskRequest. The TaskRequest instance saves the 8 Each user request creates a new TaskRequest. The TaskRequest instance saves the
9 metadata of the request, e.g. who requested it, when why, etc. It links to the 9 metadata of the request, e.g. who requested it, when why, etc. It links to the
10 actual data of the request in a TaskProperties. The TaskProperties represents 10 actual data of the request in a TaskProperties. The TaskProperties represents
(...skipping 697 matching lines...) Expand 10 before | Expand all | Expand 10 after
708 def task_id(self): 708 def task_id(self):
709 """Returns the TaskResultSummary packed id, not the task request key.""" 709 """Returns the TaskResultSummary packed id, not the task request key."""
710 return task_pack.pack_result_summary_key( 710 return task_pack.pack_result_summary_key(
711 task_pack.request_key_to_result_summary_key(self.key)) 711 task_pack.request_key_to_result_summary_key(self.key))
712 712
713 @property 713 @property
714 def expiration_secs(self): 714 def expiration_secs(self):
715 """Reconstructs this value from expiration_ts and created_ts. Integer.""" 715 """Reconstructs this value from expiration_ts and created_ts. Integer."""
716 return int((self.expiration_ts - self.created_ts).total_seconds()) 716 return int((self.expiration_ts - self.created_ts).total_seconds())
717 717
718 @property
719 def has_access(self):
720 """Returns True if the current user has read-write access to this request.
721
722 This is used for:
723 * Read access: ability to read the task info and logs.
724 * Write access: ability to cancel the task.
725
726 Warning: This function looks at the current Authentication context.
727 """
728 return (
729 acl.is_privileged_user() or
730 self.authenticated == auth.get_current_identity())
731
732 def to_dict(self): 718 def to_dict(self):
733 """Converts properties_hash to hex so it is json serializable.""" 719 """Converts properties_hash to hex so it is json serializable."""
734 # to_dict() doesn't recurse correctly into ndb.LocalStructuredProperty! 720 # to_dict() doesn't recurse correctly into ndb.LocalStructuredProperty!
735 out = super(TaskRequest, self).to_dict( 721 out = super(TaskRequest, self).to_dict(
736 exclude=['pubsub_auth_token', 'properties', 'service_account_token']) 722 exclude=['pubsub_auth_token', 'properties', 'service_account_token'])
737 out['properties'] = self.properties.to_dict() 723 out['properties'] = self.properties.to_dict()
738 properties_hash = out['properties_hash'] 724 properties_hash = out['properties_hash']
739 out['properties_hash'] = ( 725 out['properties_hash'] = (
740 properties_hash.encode('hex') if properties_hash else None) 726 properties_hash.encode('hex') if properties_hash else None)
741 return out 727 return out
(...skipping 274 matching lines...) Expand 10 before | Expand all | Expand 10 after
1016 init_new_request(request, allow_high_priority, original_secret_bytes) 1002 init_new_request(request, allow_high_priority, original_secret_bytes)
1017 return request 1003 return request
1018 1004
1019 1005
1020 def validate_priority(priority): 1006 def validate_priority(priority):
1021 """Throws ValueError if priority is not a valid value.""" 1007 """Throws ValueError if priority is not a valid value."""
1022 if 0 > priority or MAXIMUM_PRIORITY < priority: 1008 if 0 > priority or MAXIMUM_PRIORITY < priority:
1023 raise datastore_errors.BadValueError( 1009 raise datastore_errors.BadValueError(
1024 'priority (%d) must be between 0 and %d (inclusive)' % 1010 'priority (%d) must be between 0 and %d (inclusive)' %
1025 (priority, MAXIMUM_PRIORITY)) 1011 (priority, MAXIMUM_PRIORITY))
OLDNEW
« no previous file with comments | « appengine/swarming/server/acl_test.py ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698