Skip to content

Commit 19c34a9

Browse files
committed
PR 3: System Routes and Run Execution Endpoints
1 parent 90f415e commit 19c34a9

21 files changed

Lines changed: 3072 additions & 127 deletions

mod_api/__init__.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,3 +35,5 @@
3535

3636
# Route modules
3737
from mod_api.routes import auth as auth_routes # noqa: E402, F401
38+
from mod_api.routes import runs as runs_routes # noqa: E402, F401
39+
from mod_api.routes import system as system_routes # noqa: E402, F401

mod_api/middleware/error_handler.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -150,19 +150,19 @@ def handle_value_error(error):
150150
def convert_api_errors_to_json(response):
151151
"""Catch routing errors that were handled by global app handlers and convert them to JSON."""
152152
if request.path.startswith(_API_PREFIX):
153-
if response.status_code >= 500:
153+
if response.status_code >= 500 and not response.is_json:
154154
new_resp = make_error_response(
155155
'internal_error', 'An unexpected error occurred.', http_status=response.status_code
156156
)
157157
response.data = new_resp.data
158158
response.mimetype = new_resp.mimetype
159159
return response
160-
if response.status_code == 404:
160+
if response.status_code == 404 and not response.is_json:
161161
new_resp = make_error_response('not_found', 'Resource not found.', http_status=404)
162162
response.data = new_resp.data
163163
response.mimetype = new_resp.mimetype
164164
return response
165-
if response.status_code == 405:
165+
if response.status_code == 405 and not response.is_json:
166166
new_resp = make_error_response('method_not_allowed', 'Method not allowed.', http_status=405)
167167
response.data = new_resp.data
168168
response.mimetype = new_resp.mimetype

mod_api/routes/auth.py

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -70,9 +70,8 @@ def create_token(validated_data=None):
7070
'runs:read', 'runs:write', 'results:read',
7171
'system:read'
7272
}
73-
if user.role.value in ('admin', 'contributor', 'tester'):
74-
allowed_scopes.add('tokens:manage')
7573
if user.role.value == 'admin':
74+
allowed_scopes.add('tokens:manage')
7675
allowed_scopes.add('baselines:write')
7776

7877
invalid_scopes = set(scopes) - allowed_scopes
@@ -129,7 +128,11 @@ def create_token(validated_data=None):
129128

130129
@mod_api.route('/auth/tokens/current', methods=['DELETE'])
131130
def revoke_current_token():
132-
"""Revoke whatever token is in the Authorization header right now."""
131+
"""Revoke whatever token is in the Authorization header right now.
132+
133+
Note: This endpoint is intentionally scope-free. Any valid token
134+
is allowed to revoke itself regardless of its scopes.
135+
"""
133136
token = getattr(g, 'api_token', None)
134137
if token is None:
135138
return make_error_response(

0 commit comments

Comments
 (0)