PapaTutuWawa/openec2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Check image actions against the owning user

Browse Source
This commit is contained in:
PapaTutuWawa 2025-03-31 00:15:24 +02:00
parent 1128d73bee
commit 3744c343d4
3 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/openec2/actions/deregister_image.py
View File

@ -13,13 +13,17 @@ def deregister_image(
params: QueryParams, params: QueryParams,
config: OpenEC2Config, config: OpenEC2Config,
db: DatabaseDep, db: DatabaseDep,
_: User, user: User,
): ):
image_id = params["ImageId"] image_id = params["ImageId"]
ami = db.exec(select(AMI).where(AMI.id == image_id)).one() ami = db.exec(select(AMI).where(AMI.id == image_id)).one()
if ami is None: if ami is None:
raise HTTPException(status_code=404, detail="Unknown AMI") raise HTTPException(status_code=404, detail="Unknown AMI")
# Check if the requester can deregister the image.
if ami.owner_id != user.id:
raise HTTPException(status_code=403)
# Mark the image as deregistered # Mark the image as deregistered
ami.deregistered = True ami.deregistered = True
db.add(ami) db.add(ami)

13
src/openec2/actions/import_image.py
View File

@ -4,10 +4,11 @@ from urllib.parse import urlparse
import uuid import uuid
import shutil import shutil
from fastapi import HTTPException
from fastapi.datastructures import QueryParams from fastapi.datastructures import QueryParams
import requests import requests
from openec2.config import OpenEC2Config from openec2.config import OpenEC2Config, ConfigSingleton
from openec2.db import DatabaseDep from openec2.db import DatabaseDep
from openec2.db.user import User from openec2.db.user import User
from openec2.db.image import AMI from openec2.db.image import AMI
@ -17,7 +18,7 @@ def import_image(
params: QueryParams, params: QueryParams,
config: OpenEC2Config, config: OpenEC2Config,
db: DatabaseDep, db: DatabaseDep,
_: User, user: User,
): ):
first_disk_image_url = params["DiskContainer.1.Url"] first_disk_image_url = params["DiskContainer.1.Url"]
url = urlparse(first_disk_image_url) url = urlparse(first_disk_image_url)
@ -35,6 +36,11 @@ def import_image(
for chunk in r.iter_content(8196): for chunk in r.iter_content(8196):
f.write(chunk) f.write(chunk)
case "file": case "file":
if not ConfigSingleton.of().config.debug:
raise HTTPException(
status_code=400,
detail="Unsupported scheme",
)
shutil.copy( shutil.copy(
url.path, url.path,
str(dst), str(dst),
@ -47,7 +53,8 @@ def import_image(
id=ami_id, id=ami_id,
description=None, description=None,
originalFilename=filename, originalFilename=filename,
) owner_id=user.id,
),
) )
db.commit() db.commit()
return ami_id return ami_id

3
src/openec2/db/image.py
View File

@ -13,3 +13,6 @@ class AMI(SQLModel, table=True):
# Was the image registered # Was the image registered
deregistered: bool = Field(default=False) deregistered: bool = Field(default=False)
# Owner of the image who created it
owner_id: int = Field(foreign_key="user.id")