implementation of hash3 for snapshots
This commit is contained in:
parent
6d4212f314
commit
06c5137b32
|
@ -3,10 +3,12 @@
|
|||
import os
|
||||
import json
|
||||
import shutil
|
||||
import hashlib
|
||||
from datetime import datetime
|
||||
|
||||
from flask import current_app as app, g
|
||||
from sqlalchemy.util import OrderedSet
|
||||
from teal.marshmallow import ValidationError
|
||||
|
||||
from ereuse_devicehub.db import db
|
||||
from ereuse_devicehub.resources.action.models import RateComputer, Snapshot
|
||||
|
@ -59,6 +61,14 @@ def move_json(tmp_snapshots, path_name, user, live=False):
|
|||
os.remove(path_name)
|
||||
|
||||
|
||||
def check_hash_snapshot(snapshot_json):
|
||||
debug = snapshot_json.pop('debug')
|
||||
data = json.dumps(snapshot_json).encode('utf-8')
|
||||
hash3 = hashlib.sha3_256(data).hexdigest()
|
||||
if not hash3 in debug['hwinfo']:
|
||||
txt = "This Snapshot is not valid"
|
||||
raise ValidationError(txt)
|
||||
|
||||
|
||||
class SnapshotView():
|
||||
"""Performs a Snapshot.
|
||||
|
@ -75,7 +85,7 @@ class SnapshotView():
|
|||
self.resource_def = resource_def
|
||||
self.tmp_snapshots = app.config['TMP_SNAPSHOTS']
|
||||
self.path_snapshot = save_json(snapshot_json, self.tmp_snapshots, g.user.email)
|
||||
snapshot_json.pop('debug', None)
|
||||
check_hash_snapshot(snapshot_json)
|
||||
self.snapshot_json = resource_def.schema.load(snapshot_json)
|
||||
self.response = self.build()
|
||||
move_json(self.tmp_snapshots, self.path_snapshot, g.user.email)
|
||||
|
|
|
@ -4,7 +4,6 @@ from datetime import timedelta
|
|||
from distutils.version import StrictVersion
|
||||
from uuid import UUID
|
||||
|
||||
import jwt
|
||||
from flask import current_app as app, request, g
|
||||
from teal.db import ResourceNotFound
|
||||
from teal.marshmallow import ValidationError
|
||||
|
@ -172,12 +171,8 @@ class ActionView(View):
|
|||
def post(self):
|
||||
"""Posts an action."""
|
||||
json = request.get_json(validate=False)
|
||||
if not json:
|
||||
if not json or 'type' not in json:
|
||||
raise ValidationError('Post request needs a json.')
|
||||
elif 'type' not in json:
|
||||
# JN TODO Use the user's key instead an empty string
|
||||
key = ''
|
||||
json = jwt.decode(json, key, algorithms="HS256")
|
||||
# todo there should be a way to better get subclassess resource
|
||||
# defs
|
||||
resource_def = app.resources[json['type']]
|
||||
|
|
Reference in a new issue