diff options
-rw-r--r-- | app/handlers/common.py | 19 | ||||
-rw-r--r-- | app/models/__init__.py | 1 |
2 files changed, 20 insertions, 0 deletions
diff --git a/app/handlers/common.py b/app/handlers/common.py index 9f77c38..691ce27 100644 --- a/app/handlers/common.py +++ b/app/handlers/common.py @@ -195,6 +195,7 @@ TOKEN_VALID_KEYS = { models.ADMIN_KEY, models.DELETE_KEY, models.EMAIL_KEY, + models.EXPIRED_KEY, models.EXPIRES_KEY, models.GET_KEY, models.IP_ADDRESS_KEY, @@ -203,6 +204,7 @@ TOKEN_VALID_KEYS = { models.NAME_KEY, models.POST_KEY, models.SUPERUSER_KEY, + models.UPLOAD_KEY, models.USERNAME_KEY ], 'GET': [ @@ -903,6 +905,23 @@ def valid_token_th(token, method): return valid_token +def valid_token_upload(token, method): + """Make sure a token is enabled to upload files. + + :param token: The token object to validate. + :param method: The HTTP method this token is being validated for. + :return True or False. + """ + valid_token = False + + if any([token.is_admin, token.is_superuser]): + valid_token = True + if all([(method == "PUT" or method == "POST"), token.is_upload_token]): + valid_token = True + + return valid_token + + def validate_token(token_obj, method, remote_ip, validate_func): """Make sure the passed token is valid. diff --git a/app/models/__init__.py b/app/models/__init__.py index eee8699..3e19fdb 100644 --- a/app/models/__init__.py +++ b/app/models/__init__.py @@ -135,6 +135,7 @@ POST_KEY = "post" SUPERUSER_KEY = "superuser" LAB_KEY = "lab" PUT_KEY = "put" +UPLOAD_KEY = "upload" # Job and/or build status. BUILD_STATUS = "BUILD" |