Commit 5e0fb2ca authored by Markus Scheidgen's avatar Markus Scheidgen
Browse files

Implemented upload limit #163.

parent 1e390ab5
......@@ -189,6 +189,7 @@ class UploadListResource(Resource):
@api.doc('upload')
@api.expect(upload_metadata_parser)
@api.response(400, 'To many uploads')
@marshal_with(upload_model, skip_none=True, code=200, description='Upload received')
@login_really_required
@with_logger
......@@ -207,12 +208,21 @@ class UploadListResource(Resource):
curl -X put ".../nomad/api/uploads/" -F file=@local_file
curl ".../nomad/api/uploads/" --upload-file local_file
There is a general limit on how many unpublished uploads a user can have. Will
return 400 if this limit is exceeded.
"""
# check existence of local_path if local_path is used
local_path = request.args.get('local_path')
if local_path:
if not os.path.exists(local_path):
abort(404, message='The given local_path was not found.')
# check the upload limit
if not g.user.is_admin:
if Upload.user_uploads(g.user, published=False).count() >= config.services.upload_limit:
abort(400, 'Limit of unpublished uploads exceeded for user.')
upload_name = request.args.get('name')
upload_id = utils.create_uuid()
......
......@@ -123,7 +123,8 @@ services = NomadConfig(
disable_reset=True,
not_processed_value='not processed',
unavailable_value='unavailable',
https=False
https=False,
upload_limit=20
)
tests = NomadConfig(
......
......@@ -27,6 +27,7 @@ data:
admin_password: "{{ .Values.api.adminPassword }}"
disable_reset: {{ .Values.api.disableReset }}
https: {{ .Values.api.https }}
upload_limit: {{ .Values.api.uploadLimit }}
rabbitmq:
host: "{{ .Release.Name }}-rabbitmq"
elastic:
......
......@@ -39,6 +39,8 @@ api:
adminPassword: "password"
## Disable the dangerous reset (delete all data) function
disableReset: "true"
## Limit of unpublished uploads per user, except admin user
uploadLimit: 20
## Everthing concerning the nomad worker
worker:
......
......@@ -154,7 +154,8 @@ def worker(mongo, celery_session_worker, celery_inspect):
@pytest.fixture(scope='session')
def mongo_infra():
def mongo_infra(monkeysession):
monkeysession.setattr('nomad.config.mongo.db_name', 'test_db')
return infrastructure.setup_mongo()
......
......@@ -338,6 +338,14 @@ class TestUploads:
self.assert_processing(client, test_user_auth, upload['upload_id'])
def test_upload_limit(self, client, mongo, test_user, test_user_auth, proc_infra):
for _ in range(0, config.services.upload_limit):
Upload.create(user=test_user)
file = example_file
rv = client.put('/uploads/?local_path=%s' % file, headers=test_user_auth)
assert rv.status_code == 400
assert Upload.user_uploads(test_user).count() == config.services.upload_limit
def test_delete_not_existing(self, client, test_user_auth, no_warn):
rv = client.delete('/uploads/123456789012123456789012', headers=test_user_auth)
assert rv.status_code == 404
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment