scheduler/appengine/ui/invocation.go - Issue 2986033003: [scheduler]: ACLs phase 1 - per Job ACL specification and enforcement.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: scheduler/appengine/ui/invocation.go

Issue 2986033003: [scheduler]: ACLs phase 1 - per Job ACL specification and enforcement. (Closed)

Patch Set: Review. Created 3 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: scheduler/appengine/ui/invocation.go

diff --git a/scheduler/appengine/ui/invocation.go b/scheduler/appengine/ui/invocation.go

index ab2ea7a78a6ef86afb75aa6a2c9adcccc1fe86b3..227a3df0470509eea5fd41970e0a579c7b8fce75 100644

--- a/scheduler/appengine/ui/invocation.go

+++ b/scheduler/appengine/ui/invocation.go

@@ -20,11 +20,9 @@ import (

"strconv"

"sync"

- "github.com/luci/luci-go/server/auth"

"github.com/luci/luci-go/server/router"

"github.com/luci/luci-go/server/templates"

- "github.com/luci/luci-go/scheduler/appengine/acl"

"github.com/luci/luci-go/scheduler/appengine/engine"

)

@@ -47,12 +45,12 @@ func invocationPage(c *router.Context) {

wg.Add(1)

go func() {

defer wg.Done()

- inv, err1 = eng.GetInvocation(c.Context, projectID+"/"+jobName, invID)

+ inv, err1 = eng.GetVisibleInvocation(c.Context, projectID+"/"+jobName, invID)

}()

wg.Add(1)

go func() {

defer wg.Done()

- job, err2 = eng.GetJob(c.Context, projectID+"/"+jobName)

+ job, err2 = eng.GetVisibleJob(c.Context, projectID+"/"+jobName)

}()

wg.Wait()

@@ -82,8 +80,7 @@ func invocationPage(c *router.Context) {

func abortInvocationAction(c *router.Context) {

handleInvAction(c, func(jobID string, invID int64) error {

- who := auth.CurrentIdentity(c.Context)

- return config(c.Context).Engine.AbortInvocation(c.Context, jobID, invID, who)

+ return config(c.Context).Engine.AbortInvocation(c.Context, jobID, invID)

})

}

@@ -91,17 +88,18 @@ func handleInvAction(c *router.Context, cb func(string, int64) error) {

projectID := c.Params.ByName("ProjectID")

jobName := c.Params.ByName("JobName")

invID := c.Params.ByName("InvID")

- if !acl.IsJobOwner(c.Context, projectID, jobName) {

- http.Error(c.Writer, "Forbidden", 403)

- return

- }

invIDAsInt, err := strconv.ParseInt(invID, 10, 64)

if err != nil {

http.Error(c.Writer, "Bad invocation ID", 400)

return

}

- if err := cb(projectID+"/"+jobName, invIDAsInt); err != nil {

+ switch err := cb(projectID+"/"+jobName, invIDAsInt); {

+ case err == engine.ErrNoOwnerPermission:

+ http.Error(c.Writer, "Forbidden", 403)

+ return

+ case err != nil:

panic(err)

+ default:

+ http.Redirect(c.Writer, c.Request, fmt.Sprintf("/jobs/%s/%s/%s", projectID, jobName, invID), http.StatusFound)

}

- http.Redirect(c.Writer, c.Request, fmt.Sprintf("/jobs/%s/%s/%s", projectID, jobName, invID), http.StatusFound)

}

« no previous file with comments | « scheduler/appengine/ui/index.go ('k') | scheduler/appengine/ui/job.go » ('j') | no next file with comments »