aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--app/handlers/common.py19
-rw-r--r--app/models/__init__.py1
2 files changed, 20 insertions, 0 deletions
diff --git a/app/handlers/common.py b/app/handlers/common.py
index 9f77c38..691ce27 100644
--- a/app/handlers/common.py
+++ b/app/handlers/common.py
@@ -195,6 +195,7 @@ TOKEN_VALID_KEYS = {
models.ADMIN_KEY,
models.DELETE_KEY,
models.EMAIL_KEY,
+ models.EXPIRED_KEY,
models.EXPIRES_KEY,
models.GET_KEY,
models.IP_ADDRESS_KEY,
@@ -203,6 +204,7 @@ TOKEN_VALID_KEYS = {
models.NAME_KEY,
models.POST_KEY,
models.SUPERUSER_KEY,
+ models.UPLOAD_KEY,
models.USERNAME_KEY
],
'GET': [
@@ -903,6 +905,23 @@ def valid_token_th(token, method):
return valid_token
+def valid_token_upload(token, method):
+ """Make sure a token is enabled to upload files.
+
+ :param token: The token object to validate.
+ :param method: The HTTP method this token is being validated for.
+ :return True or False.
+ """
+ valid_token = False
+
+ if any([token.is_admin, token.is_superuser]):
+ valid_token = True
+ if all([(method == "PUT" or method == "POST"), token.is_upload_token]):
+ valid_token = True
+
+ return valid_token
+
+
def validate_token(token_obj, method, remote_ip, validate_func):
"""Make sure the passed token is valid.
diff --git a/app/models/__init__.py b/app/models/__init__.py
index eee8699..3e19fdb 100644
--- a/app/models/__init__.py
+++ b/app/models/__init__.py
@@ -135,6 +135,7 @@ POST_KEY = "post"
SUPERUSER_KEY = "superuser"
LAB_KEY = "lab"
PUT_KEY = "put"
+UPLOAD_KEY = "upload"
# Job and/or build status.
BUILD_STATUS = "BUILD"
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-24 06:18:06 +0000