From cfcd636cc035109d445c8c0b2882ed2efdfa9841 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Wed, 22 Apr 2015 14:30:06 -0400 Subject: [PATCH] only send build config to admins --- endpoints/api/build.py | 11 +++++------ endpoints/api/trigger.py | 10 +++++----- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/endpoints/api/build.py b/endpoints/api/build.py index 8c3c2c8f0..d00b092dc 100644 --- a/endpoints/api/build.py +++ b/endpoints/api/build.py @@ -43,14 +43,13 @@ def user_view(user): 'is_robot': user.robot, } -def trigger_view(trigger): - +def trigger_view(trigger, can_admin=False): if trigger and trigger.uuid: config_dict = get_trigger_config(trigger) build_trigger = BuildTrigger.get_trigger_for_service(trigger.service.name) return { 'service': trigger.service.name, - 'config': config_dict, + 'config': config_dict if can_admin else {}, 'id': trigger.uuid, 'connected_user': trigger.connected_user.username, 'is_active': build_trigger.is_active(config_dict), @@ -60,7 +59,7 @@ def trigger_view(trigger): return None -def build_status_view(build_obj, can_write=False): +def build_status_view(build_obj, can_write=False, can_admin=False): phase = build_obj.phase try: status = build_logs.get_status(build_obj.uuid) @@ -92,7 +91,7 @@ def build_status_view(build_obj, can_write=False): 'status': status or {}, 'job_config': get_job_config(build_obj) if can_write else None, 'is_writer': can_write, - 'trigger': trigger_view(build_obj.trigger), + 'trigger': trigger_view(build_obj.trigger, can_admin), 'resource_key': build_obj.resource_key, 'pull_robot': user_view(build_obj.pull_robot) if build_obj.pull_robot else None, 'repository': { @@ -208,7 +207,7 @@ class RepositoryBuildList(RepositoryParamResource): build_request = start_build(repo, dockerfile_id, tags, display_name, subdir, True, pull_robot_name=pull_robot_name) - resp = build_status_view(build_request, True) + resp = build_status_view(build_request, can_write=True) repo_string = '%s/%s' % (namespace, repository) headers = { 'Location': api.url_for(RepositoryBuildStatus, repository=repo_string, diff --git a/endpoints/api/trigger.py b/endpoints/api/trigger.py index 57189be8d..d7d7a1c20 100644 --- a/endpoints/api/trigger.py +++ b/endpoints/api/trigger.py @@ -41,7 +41,7 @@ class BuildTriggerList(RepositoryParamResource): """ List the triggers for the specified repository. """ triggers = model.list_build_triggers(namespace, repository) return { - 'triggers': [trigger_view(trigger) for trigger in triggers] + 'triggers': [trigger_view(trigger, can_admin=True) for trigger in triggers] } @@ -60,7 +60,7 @@ class BuildTrigger(RepositoryParamResource): except model.InvalidBuildTriggerException: raise NotFound() - return trigger_view(trigger) + return trigger_view(trigger, can_admin=True) @require_repo_admin @nickname('deleteBuildTrigger') @@ -236,7 +236,7 @@ class BuildTriggerActivate(RepositoryParamResource): 'pull_robot': trigger.pull_robot.username if trigger.pull_robot else None, 'config': final_config}, repo=repo) - return trigger_view(trigger) + return trigger_view(trigger, can_admin=True) else: raise Unauthorized() @@ -435,7 +435,7 @@ class ActivateBuildTrigger(RepositoryParamResource): except TriggerStartException as tse: raise InvalidRequest(tse.message) - resp = build_status_view(build_request, True) + resp = build_status_view(build_request, can_write=True) repo_string = '%s/%s' % (namespace, repository) headers = { 'Location': api.url_for(RepositoryBuildStatus, repository=repo_string, @@ -459,7 +459,7 @@ class TriggerBuildList(RepositoryParamResource): builds = list(model.list_trigger_builds(namespace, repository, trigger_uuid, limit)) return { - 'builds': [build_status_view(build, True) for build in builds] + 'builds': [build_status_view(build, can_write=True) for build in builds] }