[ARVADOS] updated: 1.2.0-256-g028d247fd

Git user git at public.curoverse.com
Wed Oct 24 14:47:49 EDT 2018 

Summary of changes:
 lib/controller/fed_containers.go | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

       via  028d247fdfa44a607c5e302ab60a7f62a469b6b8 (commit)
      from  fc40fe8a7706701d50f05d27b7e58032537fad50 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 028d247fdfa44a607c5e302ab60a7f62a469b6b8
Author: Peter Amstutz <pamstutz at veritasgenetics.com>
Date:   Wed Oct 24 14:44:25 2018 -0400

    14198: Fix error responses in container POST
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <pamstutz at veritasgenetics.com>

diff --git a/lib/controller/fed_containers.go b/lib/controller/fed_containers.go
index e8cc739b0..ccb2401bb 100644
--- a/lib/controller/fed_containers.go
+++ b/lib/controller/fed_containers.go
@@ -30,11 +30,18 @@ func remoteContainerRequestCreate(
 		return false
 	}
 
-	defer req.Body.Close()
+	if req.Header.Get("Content-Type") != "application/json" {
+		httpserver.Error(w, "Expected Content-Type: application/json, got "+req.Header.Get("Content-Type"), http.StatusBadRequest)
+		return true
+	}
+
+	originalBody := req.Body
+	defer originalBody.Close()
 	var request map[string]interface{}
 	err := json.NewDecoder(req.Body).Decode(&request)
 	if err != nil {
-		return false
+		httpserver.Error(w, err.Error(), http.StatusBadRequest)
+		return true
 	}
 
 	crString, ok := request["container_request"].(string)
@@ -42,7 +49,8 @@ func remoteContainerRequestCreate(
 		var crJson map[string]interface{}
 		err := json.Unmarshal([]byte(crString), &crJson)
 		if err != nil {
-			return false
+			httpserver.Error(w, err.Error(), http.StatusBadRequest)
+			return true
 		}
 
 		request["container_request"] = crJson
@@ -50,7 +58,8 @@ func remoteContainerRequestCreate(
 
 	containerRequest, ok := request["container_request"].(map[string]interface{})
 	if !ok {
-		return false
+		// Use toplevel object as the container_request object
+		containerRequest = request
 	}
 
 	// If runtime_token is not set, create a new token
@@ -68,7 +77,8 @@ func remoteContainerRequestCreate(
 		}
 
 		if len(currentUser.Authorization.Scopes) != 1 || currentUser.Authorization.Scopes[0] != "all" {
-			return false
+			httpserver.Error(w, "Token scope is not [all]", http.StatusForbidden)
+			return true
 		}
 
 		newtok, err := h.handler.createAPItoken(req, currentUser.UUID, nil)

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list