Skip to content

Commit

Permalink
Add new endpoints for honeypot management
Browse files Browse the repository at this point in the history
  • Loading branch information
@zhiltsov-max
zhiltsov-max committed Sep 26, 2024
1 parent ace52d4 commit c37a18f
Show file tree
Hide file tree
Showing 6 changed files with 517 additions and 186 deletions.
10 changes: 6 additions & 4 deletions cvat/apps/engine/permissions.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -498,6 +498,8 @@ def get_scopes(request, view, obj) -> List[Scopes]:
('export_backup', 'GET'): Scopes.EXPORT_BACKUP,
('export_backup_v2', 'POST'): Scopes.EXPORT_BACKUP,
('preview', 'GET'): Scopes.VIEW,
('validation_layout', 'GET'): Scopes.VIEW,
('validation_layout', 'PATCH'): Scopes.UPDATE,
}[(view.action, request.method)]

scopes = []
Expand Down Expand Up @@ -629,8 +631,8 @@ class Scopes(StrEnum):
VIEW_DATA = 'view:data'
VIEW_METADATA = 'view:metadata'
UPDATE_METADATA = 'update:metadata'
VIEW_HONEYPOTS = 'view:honeypots'
UPDATE_HONEYPOTS = 'update:honeypots'
VIEW_VALIDATION_LAYOUT = 'view:validation_layout'
UPDATE_VALIDATION_LAYOUT = 'update:validation_layout'

@classmethod
def create(cls, request, view, obj, iam_context):
Expand Down Expand Up @@ -726,8 +728,8 @@ def get_scopes(request, view, obj):
('dataset_export', 'GET'): Scopes.EXPORT_DATASET,
('export_dataset_v2', 'POST'): Scopes.EXPORT_DATASET if is_dataset_export(request) else Scopes.EXPORT_ANNOTATIONS,
('preview', 'GET'): Scopes.VIEW,
('honeypot', 'GET'): Scopes.VIEW_HONEYPOTS,
('honeypot', 'PATCH'): Scopes.UPDATE_HONEYPOTS,
('validation_layout', 'GET'): Scopes.VIEW_VALIDATION_LAYOUT,
('validation_layout', 'PATCH'): Scopes.UPDATE_VALIDATION_LAYOUT,
}[(view.action, request.method)]

scopes = []
Expand Down
4 changes: 2 additions & 2 deletions cvat/apps/engine/rules/jobs.rego
View file
Original file line number Diff line number Diff line change
Expand Up @@ -255,14 +255,14 @@ allow if {
}

allow if {
input.scope in {utils.VIEW_HONEYPOTS, utils.UPDATE_HONEYPOTS}
input.scope in {utils.VIEW_VALIDATION_LAYOUT, utils.UPDATE_VALIDATION_LAYOUT}
utils.has_perm(utils.USER)
utils.is_sandbox
is_task_staff
}

allow if {
input.scope in {utils.VIEW_HONEYPOTS, utils.UPDATE_HONEYPOTS}
input.scope in {utils.VIEW_VALIDATION_LAYOUT, utils.UPDATE_VALIDATION_LAYOUT}
input.auth.organization.id == input.resource.organization.id
organizations.has_perm(organizations.SUPERVISOR)
utils.has_perm(utils.USER)
Expand Down
Loading

0 comments on commit c37a18f

Please sign in to comment.