subject:"\[MediaWiki\-commits\] \[Gerrit\] Slightly stronger user authentication check \- change \(analytics...web\)"

[MediaWiki-commits] [Gerrit] Slightly stronger user authentication check - change (analytics...web)

2016-07-01 Thread Yuvipanda (Code Review)

Yuvipanda has submitted this change and it was merged.

Change subject: Slightly stronger user authentication check
..


Slightly stronger user authentication check

Bug: T134699
Change-Id: I41f2c1af7ca3066f4efcac37cef08784aec65919
---
M quarry/web/app.py
1 file changed, 3 insertions(+), 0 deletions(-)

Approvals:
  Yuvipanda: Verified; Looks good to me, approved



diff --git a/quarry/web/app.py b/quarry/web/app.py
index 75a5179..fdde34c 100644
--- a/quarry/web/app.py
+++ b/quarry/web/app.py
@@ -212,6 +212,9 @@
 text = request.form['text']
 query = g.conn.session.query(Query).filter(Query.id == 
request.form['query_id']).one()
 
+if query.user_id != get_user().id:
+return "Authorization denied", 403
+
 if query.latest_rev and query.latest_rev.latest_run:
 result = 
worker.run_query.AsyncResult(query.latest_rev.latest_run.task_id)
 if not result.ready():

-- 
To view, visit https://gerrit.wikimedia.org/r/296952
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I41f2c1af7ca3066f4efcac37cef08784aec65919
Gerrit-PatchSet: 2
Gerrit-Project: analytics/quarry/web
Gerrit-Branch: master
Gerrit-Owner: Yuvipanda 
Gerrit-Reviewer: Yuvipanda 

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Slightly stronger user authentication check - change (analytics...web)

2016-07-01 Thread Yuvipanda (Code Review)

Yuvipanda has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/296952

Change subject: Slightly stronger user authentication check
..

Slightly stronger user authentication check

Bug: T134699
Change-Id: I41f2c1af7ca3066f4efcac37cef08784aec65919
---
M quarry/web/app.py
1 file changed, 3 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/analytics/quarry/web 
refs/changes/52/296952/1

diff --git a/quarry/web/app.py b/quarry/web/app.py
index 75a5179..fdde34c 100644
--- a/quarry/web/app.py
+++ b/quarry/web/app.py
@@ -212,6 +212,9 @@
 text = request.form['text']
 query = g.conn.session.query(Query).filter(Query.id == 
request.form['query_id']).one()
 
+if query.user_id != get_user().id:
+return "Authorization denied", 403
+
 if query.latest_rev and query.latest_rev.latest_run:
 result = 
worker.run_query.AsyncResult(query.latest_rev.latest_run.task_id)
 if not result.ready():

-- 
To view, visit https://gerrit.wikimedia.org/r/296952
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I41f2c1af7ca3066f4efcac37cef08784aec65919
Gerrit-PatchSet: 1
Gerrit-Project: analytics/quarry/web
Gerrit-Branch: master
Gerrit-Owner: Yuvipanda 

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Slightly stronger user authentication check - change (analytics...web)

[MediaWiki-commits] [Gerrit] Slightly stronger user authentication check - change (analytics...web)

2 matches

Site Navigation

Mail list logo

Footer information