From 710cfc7fc65f4e7dd598bfe12c08b79a9ed4e38c Mon Sep 17 00:00:00 2001
From: Samuel Gaist <samuel.gaist@idiap.ch>
Date: Wed, 22 Apr 2020 09:26:26 +0200
Subject: [PATCH] [api_urls] Remove routes giving access to object without
 beeing fully qualified

These endpoints usually gives access to the "latest" object version
which is not clear.

If this is really something we want to provide it should be using
an explicit route ending for example with "latest" at the end.
---
 beat/web/algorithms/api_urls.py  | 10 ----------
 beat/web/databases/api_urls.py   |  5 -----
 beat/web/dataformats/api_urls.py |  5 -----
 beat/web/experiments/api_urls.py | 30 ------------------------------
 beat/web/libraries/api_urls.py   |  5 -----
 beat/web/toolchains/api_urls.py  |  5 -----
 6 files changed, 60 deletions(-)

diff --git a/beat/web/algorithms/api_urls.py b/beat/web/algorithms/api_urls.py
index 34ec26de3..cbb3a2602 100755
--- a/beat/web/algorithms/api_urls.py
+++ b/beat/web/algorithms/api_urls.py
@@ -53,19 +53,9 @@ urlpatterns = [
         api.RetrieveUpdateDestroyAlgorithmsView.as_view(),
         name="object",
     ),
-    url(
-        r"^(?P<author_name>\w+)/(?P<object_name>[-\w]+)/$",
-        api.RetrieveUpdateDestroyAlgorithmsView.as_view(),
-        name="object",
-    ),
     url(
         r"^(?P<author_name>\w+)/(?P<object_name>[-\w]+)/(?P<version>\d+)/binary/$",
         api.binary,
         name="binary",
     ),
-    url(
-        r"^(?P<author_name>\w+)/(?P<object_name>[-\w]+)/binary/$",
-        api.binary,
-        name="binary",
-    ),
 ]
diff --git a/beat/web/databases/api_urls.py b/beat/web/databases/api_urls.py
index 3c3c9a1c1..b84db394a 100644
--- a/beat/web/databases/api_urls.py
+++ b/beat/web/databases/api_urls.py
@@ -38,9 +38,4 @@ urlpatterns = [
         api.RetrieveDatabaseView.as_view(),
         name="object",
     ),
-    url(
-        r"^(?P<database_name>[-\w]+)/$",
-        api.RetrieveDatabaseView.as_view(),
-        name="object",
-    ),
 ]
diff --git a/beat/web/dataformats/api_urls.py b/beat/web/dataformats/api_urls.py
index c3af3c942..6673f46aa 100644
--- a/beat/web/dataformats/api_urls.py
+++ b/beat/web/dataformats/api_urls.py
@@ -53,9 +53,4 @@ urlpatterns = [
         api.RetrieveUpdateDestroyDataFormatsView.as_view(),
         name="object",
     ),
-    url(
-        r"^(?P<author_name>\w+)/(?P<object_name>[a-zA-Z0-9_\-]+)/$",
-        api.RetrieveUpdateDestroyDataFormatsView.as_view(),
-        name="object",
-    ),
 ]
diff --git a/beat/web/experiments/api_urls.py b/beat/web/experiments/api_urls.py
index 219a0bb31..fcd876f0d 100644
--- a/beat/web/experiments/api_urls.py
+++ b/beat/web/experiments/api_urls.py
@@ -38,48 +38,24 @@ urlpatterns = [
         api.ShareExperimentView.as_view(),
         name="share",
     ),
-    url(
-        r"^(?P<author_name>\w+)/(?P<toolchain_name>[-\w]+)/(?P<version>\d+)/(?P<name>[-\w]+)/share/$",
-        api.ShareExperimentView.as_view(),
-        {"toolchain_author_name": None},
-        name="share",
-    ),
     # Start
     url(
         r"^(?P<author_name>\w+)/(?P<toolchain_author_name>\w+)/(?P<toolchain_name>[-\w]+)/(?P<version>\d+)/(?P<name>[-\w]+)/start/$",
         api.StartExperimentView.as_view(),
         name="start",
     ),
-    url(
-        r"^(?P<author_name>\w+)/(?P<toolchain_name>[-\w]+)/(?P<version>\d+)/(?P<name>[-\w]+)/start/$",
-        api.StartExperimentView.as_view(),
-        {"toolchain_author_name": None},
-        name="start",
-    ),
     # Cancelling
     url(
         r"^(?P<author_name>\w+)/(?P<toolchain_author_name>\w+)/(?P<toolchain_name>[-\w]+)/(?P<version>\d+)/(?P<name>[-\w]+)/cancel/$",
         api.CancelExperimentView.as_view(),
         name="cancel",
     ),
-    url(
-        r"^(?P<author_name>\w+)/(?P<toolchain_name>[-\w]+)/(?P<version>\d+)/(?P<name>[-\w]+)/cancel/$",
-        api.CancelExperimentView.as_view(),
-        {"toolchain_author_name": None},
-        name="cancel",
-    ),
     # Reseting
     url(
         r"^(?P<author_name>\w+)/(?P<toolchain_author_name>\w+)/(?P<toolchain_name>[-\w]+)/(?P<version>\d+)/(?P<name>[-\w]+)/reset/$",
         api.ResetExperimentView.as_view(),
         name="reset",
     ),
-    url(
-        r"^(?P<author_name>\w+)/(?P<toolchain_name>[-\w]+)/(?P<version>\d+)/(?P<name>[-\w]+)/reset/$",
-        api.ResetExperimentView.as_view(),
-        {"toolchain_author_name": None},
-        name="reset",
-    ),
     # Attestations
     url(
         r"^(?P<attestation_number>\d+)/",
@@ -97,10 +73,4 @@ urlpatterns = [
         api.RetrieveUpdateDestroyExperimentView.as_view(),
         name="object",
     ),
-    url(
-        r"^(?P<author_name>\w+)/(?P<toolchain_name>[-\w]+)/(?P<version>\d+)/(?P<name>[-\w]+)/$",
-        api.RetrieveUpdateDestroyExperimentView.as_view(),
-        {"toolchain_author_name": None},
-        name="object",
-    ),
 ]
diff --git a/beat/web/libraries/api_urls.py b/beat/web/libraries/api_urls.py
index 236cd6c11..8b1248fc1 100644
--- a/beat/web/libraries/api_urls.py
+++ b/beat/web/libraries/api_urls.py
@@ -53,9 +53,4 @@ urlpatterns = [
         api.RetrieveUpdateDestroyLibrariesView.as_view(),
         name="object",
     ),
-    url(
-        r"^(?P<author_name>\w+)/(?P<object_name>[-\w]+)/$",
-        api.RetrieveUpdateDestroyLibrariesView.as_view(),
-        name="object",
-    ),
 ]
diff --git a/beat/web/toolchains/api_urls.py b/beat/web/toolchains/api_urls.py
index b85538c45..1182d977c 100644
--- a/beat/web/toolchains/api_urls.py
+++ b/beat/web/toolchains/api_urls.py
@@ -48,9 +48,4 @@ urlpatterns = [
         api.RetrieveUpdateDestroyToolchainsView.as_view(),
         name="object",
     ),
-    url(
-        r"^(?P<author_name>\w+)/(?P<object_name>[-\w]+)/$",
-        api.RetrieveUpdateDestroyToolchainsView.as_view(),
-        name="object",
-    ),
 ]
-- 
GitLab