api/job_by_id_manifest_GET: require oauth
This commit is contained in:
parent
16a96a308c
commit
468badf423
|
@ -125,11 +125,12 @@ def artifacts_by_job_id_GET(job_id):
|
|||
return paginated_response(Artifact.id, artifacts)
|
||||
|
||||
@api.route("/api/jobs/<int:job_id>/manifest")
|
||||
@oauth("jobs:read")
|
||||
def jobs_by_id_manifest_GET(job_id):
|
||||
job = Job.query.filter(Job.id == job_id).first()
|
||||
if not job:
|
||||
abort(404)
|
||||
if job.visibility == Visibility.PRIVATE and ((current_token is None) or (job.owner_id != current_token.user_id)):
|
||||
if job.visibility == Visibility.PRIVATE and job.owner_id != current_token.user_id:
|
||||
abort(404) # TODO: ACLs
|
||||
return Response(job.manifest, content_type="text/plain")
|
||||
|
||||
|
|
Loading…
Reference in New Issue