Revision 40777cc8 api/images.py

b/api/images.py
4 4

  
5 5
from synnefo.api.common import method_not_allowed
6 6
from synnefo.api.faults import BadRequest, Unauthorized
7
from synnefo.api.util import (isoformat, isoparse, get_user, get_vm, get_image, get_image_meta,
7
from synnefo.api.util import (isoformat, isoparse, get_vm, get_image, get_image_meta,
8 8
                                get_request_dict, render_metadata, render_meta, api_method)
9 9
from synnefo.db.models import Image, ImageMetadata
10 10

  
......
93 93
    since = isoparse(request.GET.get('changes-since'))
94 94
    
95 95
    if since:
96
        avail_images = Image.objects.filter(updated__gte=since)
96
        avail_images = Image.objects.filter(owner=request.user, updated__gte=since)
97 97
        if not avail_images:
98 98
            return HttpResponse(status=304)
99 99
    else:
100
        avail_images = Image.objects.all()
100
        avail_images = Image.objects.filter(owner=request.user)
101 101
    
102 102
    images = [image_to_dict(image, detail) for image in avail_images]
103 103
    
......
132 132
    except (KeyError, ValueError):
133 133
        raise BadRequest('Malformed request.')
134 134
    
135
    owner = get_user()
136
    vm = get_vm(server_id)
135
    owner = request.user
136
    vm = get_vm(server_id, owner)
137 137
    image = Image.objects.create(name=name, owner=owner, sourcevm=vm)
138 138
    
139 139
    imagedict = image_to_dict(image)
......
154 154
    #                       itemNotFound (404),
155 155
    #                       overLimit (413)
156 156
    
157
    image = get_image(image_id)
157
    image = get_image(image_id, request.user)
158 158
    imagedict = image_to_dict(image)
159 159
    
160 160
    if request.serialization == 'xml':
......
173 173
    #                       itemNotFound (404),
174 174
    #                       overLimit (413)
175 175
    
176
    image = get_image(image_id)
177
    if image.owner != get_user():
178
        raise Unauthorized('Image does not belong to user.')
176
    image = get_image(image_id, request.user)
179 177
    image.delete()
180 178
    return HttpResponse(status=204)
181 179

  
......
188 186
    #                       badRequest (400),
189 187
    #                       overLimit (413)
190 188

  
191
    image = get_image(image_id)
189
    image = get_image(image_id, request.user)
192 190
    metadata = metadata_to_dict(image)
193 191
    return render_metadata(request, metadata, use_values=True, status=200)
194 192

  
......
203 201
    #                       badMediaType(415),
204 202
    #                       overLimit (413)
205 203

  
206
    image = get_image(image_id)
204
    image = get_image(image_id, request.user)
207 205
    req = get_request_dict(request)
208 206
    try:
209 207
        metadata = req['metadata']
......
233 231
    #                       itemNotFound (404),
234 232
    #                       badRequest (400),
235 233
    #                       overLimit (413)
236

  
237
    meta = get_image_meta(image_id, key)
234
    
235
    image = get_image(image_id, request.user)
236
    meta = get_image_meta(image, key)
238 237
    return render_meta(request, meta, status=200)
239 238

  
240 239
@api_method('PUT')
......
249 248
    #                       badMediaType(415),
250 249
    #                       overLimit (413)
251 250

  
252
    image = get_image(image_id)
251
    image = get_image(image_id, request.user)
253 252
    req = get_request_dict(request)
254 253
    try:
255 254
        metadict = req['meta']
......
275 274
    #                       buildInProgress (409),
276 275
    #                       badMediaType(415),
277 276
    #                       overLimit (413),
278

  
279
    meta = get_image_meta(image_id, key)
277
    
278
    image = get_image(image_id, request.user)
279
    meta = get_image_meta(image, key)
280 280
    meta.delete()
281 281
    return HttpResponse(status=204)

Also available in: Unified diff