// GET: /work/{id} // get a workunit by id, read-only func (cr *WorkController) Read(id string, cx *goweb.Context) { LogRequest(cx.Request) // Gather query params query := &Query{Li: cx.Request.URL.Query()} if (query.Has("datatoken") || query.Has("privateenv")) && query.Has("client") { cg, err := request.AuthenticateClientGroup(cx.Request) if err != nil { if err.Error() == e.NoAuth || err.Error() == e.UnAuth || err.Error() == e.InvalidAuth { if conf.CLIENT_AUTH_REQ == true { cx.RespondWithError(http.StatusUnauthorized) return } } else { logger.Error("Err@AuthenticateClientGroup: " + err.Error()) cx.RespondWithError(http.StatusInternalServerError) return } } // check that clientgroup auth token matches group of client clientid := query.Value("client") client, ok := core.QMgr.GetClient(clientid) if !ok { cx.RespondWithErrorMessage(e.ClientNotFound, http.StatusBadRequest) return } if cg != nil && client.Group != cg.Name { cx.RespondWithErrorMessage("Clientgroup name in token does not match that in the client configuration.", http.StatusBadRequest) return } if query.Has("datatoken") { //a client is requesting data token for this job token, err := core.QMgr.FetchDataToken(id, clientid) if err != nil { cx.RespondWithErrorMessage("error in getting token for job "+id, http.StatusBadRequest) return } //cx.RespondWithData(token) RespondTokenInHeader(cx, token) return } if query.Has("privateenv") { //a client is requesting data token for this job envs, err := core.QMgr.FetchPrivateEnv(id, clientid) if err != nil { cx.RespondWithErrorMessage("error in getting token for job "+id, http.StatusBadRequest) return } //cx.RespondWithData(token) RespondPrivateEnvInHeader(cx, envs) return } } // Try to authenticate user. u, err := request.Authenticate(cx.Request) if err != nil && err.Error() != e.NoAuth { cx.RespondWithErrorMessage(err.Error(), http.StatusUnauthorized) return } // If no auth was provided, and anonymous read is allowed, use the public user if u == nil { if conf.ANON_READ == true { u = &user.User{Uuid: "public"} } else { cx.RespondWithErrorMessage(e.NoAuth, http.StatusUnauthorized) return } } jobid, err := core.GetJobIdByWorkId(id) if err != nil { cx.RespondWithErrorMessage(err.Error(), http.StatusBadRequest) return } job, err := core.LoadJob(jobid) if err != nil { cx.RespondWithErrorMessage(err.Error(), http.StatusBadRequest) return } // User must have read permissions on job or be job owner or be an admin rights := job.Acl.Check(u.Uuid) if job.Acl.Owner != u.Uuid && rights["read"] == false && u.Admin == false { cx.RespondWithErrorMessage(e.UnAuth, http.StatusUnauthorized) return } if query.Has("report") { //retrieve report: stdout or stderr or worknotes reportmsg, err := core.QMgr.GetReportMsg(id, query.Value("report")) if err != nil { cx.RespondWithErrorMessage(err.Error(), http.StatusBadRequest) return } cx.RespondWithData(reportmsg) return } if err != nil { if err.Error() != e.QueueEmpty { logger.Error("Err@work_Read:core.QMgr.GetWorkById(): " + err.Error()) } cx.RespondWithErrorMessage(err.Error(), http.StatusBadRequest) return } // Base case respond with workunit in json workunit, err := core.QMgr.GetWorkById(id) if err != nil { cx.RespondWithErrorMessage(err.Error(), http.StatusBadRequest) return } cx.RespondWithData(workunit) return }
// GET: /queue // get status from queue manager func (cr *QueueController) ReadMany(cx *goweb.Context) { LogRequest(cx.Request) // Gather query params query := &Query{Li: cx.Request.URL.Query()} // unathenticated queue status, numbers only if query.Empty() { statusText := core.QMgr.GetTextStatus() cx.RespondWithData(statusText) return } if query.Has("json") { statusJson := core.QMgr.GetJsonStatus() cx.RespondWithData(statusJson) return } // Try to authenticate user. u, err := request.Authenticate(cx.Request) if err != nil && err.Error() != e.NoAuth { cx.RespondWithErrorMessage(err.Error(), http.StatusUnauthorized) return } // must be admin user if u == nil || u.Admin == false { cx.RespondWithErrorMessage(e.NoAuth, http.StatusUnauthorized) return } // check if valid queue type requested for _, q := range queueTypes { if query.Has(q) { queueData := core.QMgr.GetQueue(q) cx.RespondWithData(queueData) return } } // build set of running jobs based on clientgroup if query.Has("clientgroup") { if query.Value("clientgroup") == "" { cx.RespondWithErrorMessage("missing required clientgroup name", http.StatusBadRequest) return } cg, err := core.LoadClientGroupByName(query.Value("clientgroup")) if err != nil { cx.RespondWithErrorMessage("unable to retrieve clientgroup '"+query.Value("clientgroup")+"': "+err.Error(), http.StatusBadRequest) return } if cg == nil { cx.RespondWithErrorMessage("clientgroup '"+query.Value("clientgroup")+"' does not exist", http.StatusBadRequest) return } // User must have read permissions on clientgroup or be clientgroup owner or be an admin or the clientgroup is publicly readable. // The other possibility is that public read of clientgroups is enabled and the clientgroup is publicly readable. rights := cg.Acl.Check(u.Uuid) public_rights := cg.Acl.Check("public") if (u.Uuid != "public" && (cg.Acl.Owner == u.Uuid || rights["read"] == true || u.Admin == true || public_rights["read"] == true)) || (u.Uuid == "public" && conf.ANON_CG_READ == true && public_rights["read"] == true) { // get running jobs for clients for clientgroup jobs := []*core.Job{} for _, client := range core.QMgr.GetAllClients() { if client.Group == cg.Name { client.Current_work_lock.RLock() for wid, _ := range client.Current_work { jid, _ := core.GetJobIdByWorkId(wid) if job, err := core.LoadJob(jid); err == nil { jobs = append(jobs, job) } } client.Current_work_lock.RUnlock() } } cx.RespondWithData(jobs) return } cx.RespondWithErrorMessage(e.UnAuth, http.StatusUnauthorized) return } cx.RespondWithErrorMessage("requested queue operation not supported", http.StatusBadRequest) return }