[Dachs-support] UWS and user access control
Markus Demleitner
msdemlei at ari.uni-heidelberg.de
Mon May 2 20:34:05 CEST 2016
Hi Ivan,
On Mon, May 02, 2016 at 07:39:28PM +0200, Ivan Zolotukhin wrote:
> I'm sitting on DaCHS revision 5026. Here's the first bug I came across
> when trying to fetch XML document of the job through the incorrect URL
> belonging to another service:
>
> $ curl -I http://example.com/res/service1/r/uws.xml/VWmNgD
> HTTP/1.1 303 OK
> Date: Mon, 02 May 2016 17:30:23 GMT
> Content-Type: text/plain
> Location: http://example.com/res/service1/r/uws.xml/http://example.com/res/service2/r/uws.xml/VWmNgD
> Server: TwistedWeb/15.2.1
>
> Note the incorrectly constructed redirect URL.
Whoops -- this is odd, as it would indicate that DaCHS for some
reason took the entire URL as jobId -- in which case it shouldn't
find it in the first place.
To get to the base of this (which at first glance is a "this can't
happen"), can I ask you to put in something like
print ">>>>>>>>>>>>>>>", jobId
above the line
if res[0]["jobClass"]!=self.service.getFullId():
around line 137 in gavo/protocols/useruws.py
and tell me what this prints (use gavo serve debug) when you do your
request?
Thanks,
Markus
More information about the Dachs-support
mailing list