growing security

This commit is contained in:
Cayo Puigdefabregas 2021-07-05 15:57:09 +02:00
parent 45950997f8
commit e63b2a50ec

View file

@ -181,7 +181,6 @@ class ActionView(View):
def post(self):
"""Posts an action."""
# import pdb; pdb.set_trace()
json = request.get_json(validate=False)
if not json or 'type' not in json:
@ -190,6 +189,10 @@ class ActionView(View):
# defs
resource_def = app.resources[json['type']]
if json['type'] == Snapshot.t:
if json.get('software') == 'Web' and json['device'] == 'Computer':
txt = 'Invalid snapshot'
raise ValidationError(txt)
if json.get('software') == 'Web':
snapshot = SnapshotView(json, resource_def, self.schema)
return snapshot.post()