// GET: /work/{id}
// get a workunit by id, read-only
func (cr *WorkController) Read(id string, cx *goweb.Context) {
LogRequest(cx.Request)
// Gather query params
query := &Query{Li: cx.Request.URL.Query()}
if (query.Has("datatoken") || query.Has("privateenv")) && query.Has("client") {
cg, err := request.AuthenticateClientGroup(cx.Request)
if err != nil {
if err.Error() == e.NoAuth || err.Error() == e.UnAuth || err.Error() == e.InvalidAuth {
if conf.CLIENT_AUTH_REQ == true {
cx.RespondWithError(http.StatusUnauthorized)
return
}
} else {
logger.Error("Err@AuthenticateClientGroup: " + err.Error())
cx.RespondWithError(http.StatusInternalServerError)
return
}
}
// check that clientgroup auth token matches group of client
clientid := query.Value("client")
client, ok := core.QMgr.GetClient(clientid)
if !ok {
cx.RespondWithErrorMessage(e.ClientNotFound, http.StatusBadRequest)
return
}
if cg != nil && client.Group != cg.Name {
cx.RespondWithErrorMessage("Clientgroup name in token does not match that in the client configuration.", http.StatusBadRequest)
return
}
if query.Has("datatoken") { //a client is requesting data token for this job
token, err := core.QMgr.FetchDataToken(id, clientid)
if err != nil {
cx.RespondWithErrorMessage("error in getting token for job "+id, http.StatusBadRequest)
return
}
//cx.RespondWithData(token)
RespondTokenInHeader(cx, token)
return
}
if query.Has("privateenv") { //a client is requesting data token for this job
envs, err := core.QMgr.FetchPrivateEnv(id, clientid)
if err != nil {
cx.RespondWithErrorMessage("error in getting token for job "+id, http.StatusBadRequest)
return
}
//cx.RespondWithData(token)
RespondPrivateEnvInHeader(cx, envs)
return
}
}
// Try to authenticate user.
u, err := request.Authenticate(cx.Request)
if err != nil && err.Error() != e.NoAuth {
cx.RespondWithErrorMessage(err.Error(), http.StatusUnauthorized)
return
}
// If no auth was provided, and anonymous read is allowed, use the public user
if u == nil {
if conf.ANON_READ == true {
u = &user.User{Uuid: "public"}
} else {
cx.RespondWithErrorMessage(e.NoAuth, http.StatusUnauthorized)
return
}
}
jobid, err := core.GetJobIdByWorkId(id)
if err != nil {
cx.RespondWithErrorMessage(err.Error(), http.StatusBadRequest)
return
}
job, err := core.LoadJob(jobid)
if err != nil {
cx.RespondWithErrorMessage(err.Error(), http.StatusBadRequest)
return
}
// User must have read permissions on job or be job owner or be an admin
rights := job.Acl.Check(u.Uuid)
if job.Acl.Owner != u.Uuid && rights["read"] == false && u.Admin == false {
cx.RespondWithErrorMessage(e.UnAuth, http.StatusUnauthorized)
return
}
if query.Has("report") { //retrieve report: stdout or stderr or worknotes
reportmsg, err := core.QMgr.GetReportMsg(id, query.Value("report"))
if err != nil {
cx.RespondWithErrorMessage(err.Error(), http.StatusBadRequest)
return
}
cx.RespondWithData(reportmsg)
return
}
if err != nil {
if err.Error() != e.QueueEmpty {
logger.Error("Err@work_Read:core.QMgr.GetWorkById(): " + err.Error())
}
cx.RespondWithErrorMessage(err.Error(), http.StatusBadRequest)
return
}
// Base case respond with workunit in json
workunit, err := core.QMgr.GetWorkById(id)
if err != nil {
cx.RespondWithErrorMessage(err.Error(), http.StatusBadRequest)
return
}
cx.RespondWithData(workunit)
return
}
// GET: /queue
// get status from queue manager
func (cr *QueueController) ReadMany(cx *goweb.Context) {
LogRequest(cx.Request)
// Gather query params
query := &Query{Li: cx.Request.URL.Query()}
// unathenticated queue status, numbers only
if query.Empty() {
statusText := core.QMgr.GetTextStatus()
cx.RespondWithData(statusText)
return
}
if query.Has("json") {
statusJson := core.QMgr.GetJsonStatus()
cx.RespondWithData(statusJson)
return
}
// Try to authenticate user.
u, err := request.Authenticate(cx.Request)
if err != nil && err.Error() != e.NoAuth {
cx.RespondWithErrorMessage(err.Error(), http.StatusUnauthorized)
return
}
// must be admin user
if u == nil || u.Admin == false {
cx.RespondWithErrorMessage(e.NoAuth, http.StatusUnauthorized)
return
}
// check if valid queue type requested
for _, q := range queueTypes {
if query.Has(q) {
queueData := core.QMgr.GetQueue(q)
cx.RespondWithData(queueData)
return
}
}
// build set of running jobs based on clientgroup
if query.Has("clientgroup") {
if query.Value("clientgroup") == "" {
cx.RespondWithErrorMessage("missing required clientgroup name", http.StatusBadRequest)
return
}
cg, err := core.LoadClientGroupByName(query.Value("clientgroup"))
if err != nil {
cx.RespondWithErrorMessage("unable to retrieve clientgroup '"+query.Value("clientgroup")+"': "+err.Error(), http.StatusBadRequest)
return
}
if cg == nil {
cx.RespondWithErrorMessage("clientgroup '"+query.Value("clientgroup")+"' does not exist", http.StatusBadRequest)
return
}
// User must have read permissions on clientgroup or be clientgroup owner or be an admin or the clientgroup is publicly readable.
// The other possibility is that public read of clientgroups is enabled and the clientgroup is publicly readable.
rights := cg.Acl.Check(u.Uuid)
public_rights := cg.Acl.Check("public")
if (u.Uuid != "public" && (cg.Acl.Owner == u.Uuid || rights["read"] == true || u.Admin == true || public_rights["read"] == true)) ||
(u.Uuid == "public" && conf.ANON_CG_READ == true && public_rights["read"] == true) {
// get running jobs for clients for clientgroup
jobs := []*core.Job{}
for _, client := range core.QMgr.GetAllClients() {
if client.Group == cg.Name {
client.Current_work_lock.RLock()
for wid, _ := range client.Current_work {
jid, _ := core.GetJobIdByWorkId(wid)
if job, err := core.LoadJob(jid); err == nil {
jobs = append(jobs, job)
}
}
client.Current_work_lock.RUnlock()
}
}
cx.RespondWithData(jobs)
return
}
cx.RespondWithErrorMessage(e.UnAuth, http.StatusUnauthorized)
return
}
cx.RespondWithErrorMessage("requested queue operation not supported", http.StatusBadRequest)
return
}