Skip to content
Snippets Groups Projects
Commit 7b4da722 authored by Samuel GAIST's avatar Samuel GAIST
Browse files

[web][databases] Anonymize the paths to the db data

parent 15d1f41d
No related branches found
No related tags found
2 merge requests!2551.4.x,!251Database improvements
Hide whitespace changes
Inline Side-by-side
beat/web/databases/api.py
+ 19
1
View file @ 7b4da722
...@@ -25,6 +25,9 @@ ...@@ -25,6 +25,9 @@
# # # #
############################################################################### ###############################################################################
import os
import json
from django.http import HttpResponse from django.http import HttpResponse
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
...@@ -93,6 +96,20 @@ def database_to_json(database, request_user, fields_to_return, ...@@ -93,6 +96,20 @@ def database_to_json(database, request_user, fields_to_return,
return result return result
def clean_paths(declaration):
pseudo_path = '/path_to_db_folder'
json_data = json.loads(declaration)
root_folder = json_data['root_folder']
cleaned_folder = os.path.basename(os.path.normpath(root_folder))
json_data['root_folder'] = os.path.join(pseudo_path, cleaned_folder)
for protocol in json_data['protocols']:
for set_ in protocol['sets']:
if 'parameters' in set_ and 'annotations' in set_['parameters']:
annotations_folder = set_['parameters']['annotations']
cleaned_folder = annotations_folder.split('/')[-2:]
set_['parameters']['annotations'] = os.path.join(pseudo_path, *cleaned_folder)
return json.dumps(json_data)
#---------------------------------------------------------- #----------------------------------------------------------
...@@ -227,11 +244,12 @@ class RetrieveDatabaseView(views.APIView): ...@@ -227,11 +244,12 @@ class RetrieveDatabaseView(views.APIView):
# Retrieve the code # Retrieve the code
if 'declaration' in fields_to_return: if 'declaration' in fields_to_return:
try: try:
result['declaration'] = database.declaration_file.read() declaration = database.declaration_file.read()
except: except:
logger.error(traceback.format_exc()) logger.error(traceback.format_exc())
return HttpResponse(status=500) return HttpResponse(status=500)
result['declaration'] = clean_paths(declaration)
# Retrieve the source code # Retrieve the source code
if 'code' in fields_to_return: if 'code' in fields_to_return:
......
beat/web/databases/tests.py
+ 32
7
View file @ 7b4da722
...@@ -69,14 +69,15 @@ class DatabaseAPIBase(BaseTestCase): ...@@ -69,14 +69,15 @@ class DatabaseAPIBase(BaseTestCase):
user = User.objects.create_user('jackdoe', 'jackdoe@test.org', '1234') user = User.objects.create_user('jackdoe', 'jackdoe@test.org', '1234')
User.objects.create_user('johndoe', 'johndoe@test.org', '1234') User.objects.create_user('johndoe', 'johndoe@test.org', '1234')
self.db_name = 'test_db'
def tearDown(self): def tearDown(self):
pass pass
class AttestationCreationAPI(DatabaseAPIBase): class DatabaseCreationAPI(DatabaseAPIBase):
def setUp(self): def setUp(self):
super(AttestationCreationAPI, self).setUp() super(DatabaseCreationAPI, self).setUp()
self.url = reverse('api_databases:all') self.url = reverse('api_databases:all')
...@@ -93,10 +94,9 @@ class AttestationCreationAPI(DatabaseAPIBase): ...@@ -93,10 +94,9 @@ class AttestationCreationAPI(DatabaseAPIBase):
def test_create_database_failure(self): def test_create_database_failure(self):
self.client.login(username=settings.SYSTEM_ACCOUNT, password='1234') self.client.login(username=settings.SYSTEM_ACCOUNT, password='1234')
db_name = 'test_db'
response = self.client.post(self.url, response = self.client.post(self.url,
json.dumps({ json.dumps({
'name': db_name, 'name': self.db_name,
'declaration': self.DATABASE 'declaration': self.DATABASE
}), content_type='application/json') }), content_type='application/json')
...@@ -110,16 +110,41 @@ class AttestationCreationAPI(DatabaseAPIBase): ...@@ -110,16 +110,41 @@ class AttestationCreationAPI(DatabaseAPIBase):
dataformat.share() dataformat.share()
self.client.login(username=settings.SYSTEM_ACCOUNT, password='1234') self.client.login(username=settings.SYSTEM_ACCOUNT, password='1234')
db_name = 'test_db'
response = self.client.post(self.url, response = self.client.post(self.url,
json.dumps({ json.dumps({
'name': db_name, 'name': self.db_name,
'declaration': self.DATABASE 'declaration': self.DATABASE
}), content_type='application/json') }), content_type='application/json')
data = self.checkResponse(response, 201, content_type='application/json') data = self.checkResponse(response, 201, content_type='application/json')
self.assertTrue(data['name'] == db_name) self.assertTrue(data['name'] == self.db_name)
databases = Database.objects.all() databases = Database.objects.all()
self.assertEqual(databases.count(), 1) self.assertEqual(databases.count(), 1)
databases.delete()
class DatabaseRetrievalAPI(DatabaseAPIBase):
def test_retrieve_database(self):
(dataformat, errors) = DataFormat.objects.create_dataformat(self.system_user, 'float', '')
assert dataformat, errors
dataformat.share()
(database, errors) = Database.objects.create_database(self.db_name, declaration=self.DATABASE)
assert database, errors
database.share()
self.client.login(username=settings.SYSTEM_ACCOUNT, password='1234')
url = reverse('api_databases:object', kwargs={'database_name': self.db_name, 'version': 1})
response = self.client.get(url, format='json')
data = self.checkResponse(response, 200, content_type='application/json')
declaration = json.loads(data['declaration'])
self.assertTrue(declaration['root_folder'].startswith('/path_to_db_folder'))
database.delete()
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment