implementation of hash3 for snapshots
This commit is contained in:
parent
6d4212f314
commit
06c5137b32
|
@ -3,10 +3,12 @@
|
||||||
import os
|
import os
|
||||||
import json
|
import json
|
||||||
import shutil
|
import shutil
|
||||||
|
import hashlib
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
|
|
||||||
from flask import current_app as app, g
|
from flask import current_app as app, g
|
||||||
from sqlalchemy.util import OrderedSet
|
from sqlalchemy.util import OrderedSet
|
||||||
|
from teal.marshmallow import ValidationError
|
||||||
|
|
||||||
from ereuse_devicehub.db import db
|
from ereuse_devicehub.db import db
|
||||||
from ereuse_devicehub.resources.action.models import RateComputer, Snapshot
|
from ereuse_devicehub.resources.action.models import RateComputer, Snapshot
|
||||||
|
@ -59,6 +61,14 @@ def move_json(tmp_snapshots, path_name, user, live=False):
|
||||||
os.remove(path_name)
|
os.remove(path_name)
|
||||||
|
|
||||||
|
|
||||||
|
def check_hash_snapshot(snapshot_json):
|
||||||
|
debug = snapshot_json.pop('debug')
|
||||||
|
data = json.dumps(snapshot_json).encode('utf-8')
|
||||||
|
hash3 = hashlib.sha3_256(data).hexdigest()
|
||||||
|
if not hash3 in debug['hwinfo']:
|
||||||
|
txt = "This Snapshot is not valid"
|
||||||
|
raise ValidationError(txt)
|
||||||
|
|
||||||
|
|
||||||
class SnapshotView():
|
class SnapshotView():
|
||||||
"""Performs a Snapshot.
|
"""Performs a Snapshot.
|
||||||
|
@ -75,7 +85,7 @@ class SnapshotView():
|
||||||
self.resource_def = resource_def
|
self.resource_def = resource_def
|
||||||
self.tmp_snapshots = app.config['TMP_SNAPSHOTS']
|
self.tmp_snapshots = app.config['TMP_SNAPSHOTS']
|
||||||
self.path_snapshot = save_json(snapshot_json, self.tmp_snapshots, g.user.email)
|
self.path_snapshot = save_json(snapshot_json, self.tmp_snapshots, g.user.email)
|
||||||
snapshot_json.pop('debug', None)
|
check_hash_snapshot(snapshot_json)
|
||||||
self.snapshot_json = resource_def.schema.load(snapshot_json)
|
self.snapshot_json = resource_def.schema.load(snapshot_json)
|
||||||
self.response = self.build()
|
self.response = self.build()
|
||||||
move_json(self.tmp_snapshots, self.path_snapshot, g.user.email)
|
move_json(self.tmp_snapshots, self.path_snapshot, g.user.email)
|
||||||
|
|
|
@ -4,7 +4,6 @@ from datetime import timedelta
|
||||||
from distutils.version import StrictVersion
|
from distutils.version import StrictVersion
|
||||||
from uuid import UUID
|
from uuid import UUID
|
||||||
|
|
||||||
import jwt
|
|
||||||
from flask import current_app as app, request, g
|
from flask import current_app as app, request, g
|
||||||
from teal.db import ResourceNotFound
|
from teal.db import ResourceNotFound
|
||||||
from teal.marshmallow import ValidationError
|
from teal.marshmallow import ValidationError
|
||||||
|
@ -172,12 +171,8 @@ class ActionView(View):
|
||||||
def post(self):
|
def post(self):
|
||||||
"""Posts an action."""
|
"""Posts an action."""
|
||||||
json = request.get_json(validate=False)
|
json = request.get_json(validate=False)
|
||||||
if not json:
|
if not json or 'type' not in json:
|
||||||
raise ValidationError('Post request needs a json.')
|
raise ValidationError('Post request needs a json.')
|
||||||
elif 'type' not in json:
|
|
||||||
# JN TODO Use the user's key instead an empty string
|
|
||||||
key = ''
|
|
||||||
json = jwt.decode(json, key, algorithms="HS256")
|
|
||||||
# todo there should be a way to better get subclassess resource
|
# todo there should be a way to better get subclassess resource
|
||||||
# defs
|
# defs
|
||||||
resource_def = app.resources[json['type']]
|
resource_def = app.resources[json['type']]
|
||||||
|
|
Reference in a new issue