[Patchew-devel] [PATCH] PUT for result

[Paolo Bonzini]

On 25/07/2018 02:55, Shubham Jain wrote:
> I'm still stuck. I don't know how to do this part. Could you give some
> hints?

Ok.  First of all you should study the permission system in Django
(has_permission, has_object_permission) and understand how
PatchewPermission implements it.

In particular has_group_permission, has_project_permission and
has_message_permission are only used for write operations.  Read-only
requests (those that use permissions.SAFE_METHODS) are allowed before
you reach those methods.

Then, the first step is to add an initial version of
has_result_permission that calls has_object_permission recursively on
result.obj.

If that check fails, you might still have write access to the result, if
you are in a particular group.  The group depends on the result that you
are trying to modify.  To do, has_result_permission has to retrieve
result.renderer.allowed_groups, and apply the same algorithm that is in
has_group_permission.

Have you had any progress in replacing the *-report API calls with PUT
in patchew-cli?

Thanks,

Paolo

> 
> On Wed, Jul 25, 2018 at 6:25 AM Shubham Jain <shubhamjain7495 at gmail.com
> <mailto:shubhamjain7495 at gmail.com>> wrote:
> 
>     Add put for result and add authorization to git plugin
>     ---
>      api/rest.py | 2 +-
>      mods/git.py | 6 +++---
>      patchew-cli | 3 +++
>      3 files changed, 7 insertions(+), 4 deletions(-)
> 
>     diff --git a/api/rest.py b/api/rest.py
>     index a9b6be3..9c0c6ea 100644
>     --- a/api/rest.py
>     +++ b/api/rest.py
>     @@ -478,7 +478,7 @@ class ResultSerializerFull(ResultSerializer):
>          log = CharField(required=False)
> 
>      class ResultsViewSet(mixins.ListModelMixin, mixins.RetrieveModelMixin,
>     -                         viewsets.GenericViewSet):
>     +                     mixins.UpdateModelMixin, viewsets.GenericViewSet):
>          lookup_field = 'name'
>          lookup_value_regex = '[^/]+'
>          filter_backends = (filters.OrderingFilter,)
>     diff --git a/mods/git.py b/mods/git.py
>     index 924547a..4438c6c 100644
>     --- a/mods/git.py
>     +++ b/mods/git.py
>     @@ -19,7 +19,7 @@ from django.utils.html import format_html
>      from mod import PatchewModule
>      from event import declare_event, register_handler, emit_event
>      from api.models import Message, MessageProperty, Project, Result
>     -from api.rest import PluginMethodField
>     +from api.rest import PluginMethodField, PatchewPermission
>      from api.views import APILoginRequiredView, prepare_series
>      from patchew.logviewer import LogView
>      from schema import *
>     @@ -43,10 +43,10 @@ class GitLogViewer(LogView):
>              return obj.git_result
> 
> 
>     -class GitModule(PatchewModule):
>     +class GitModule(PatchewModule, PatchewPermission):
>          """Git module"""
>          name = "git"
>     -
>     +    allowed_groups = ('importers', )
>          project_property_schema = \
>              ArraySchema("git", desc="Configuration for git module",
>                          members=[
>     diff --git a/patchew-cli b/patchew-cli
>     index cdedbb6..29fc033 100755
>     --- a/patchew-cli
>     +++ b/patchew-cli
>     @@ -551,8 +551,11 @@ class TesterCommand(SubCommand):
>              return ret
> 
>          def test_one(self, name, project, no_clean_up, capabilities):
>     +        url = "projects/" + "1" + "/results/" + name
>     +        print(url)
>              r = self.api_do("testing-get", project=project, tester=name,
>                              capabilities=capabilities)
>     +        r = self.rest_api_do(url)
>              if not r:
>                  return False
>              print("Running test '%s'" % r["test"]["name"])
>     -- 
>     2.15.1 (Apple Git-101)
>