# Uploads
- def _get_upload(self, uuid):
- upload = self.backend.uploads.get_by_uuid(uuid)
+ async def _get_upload(self, uuid):
+ # Fetch the current user
+ current_user = await self.get_current_user()
+
+ # Fetch the upload
+ upload = await self.backend.uploads.get_by_uuid(uuid)
# Check permissions
- if upload and not upload.has_perm(self.current_user):
- raise tornado.web.HTTPError(403, "%s has no permissions for upload %s" % (self.current_user, upload))
+ if upload and not upload.has_perm(current_user):
+ raise tornado.web.HTTPError(403, "%s has no permissions for upload %s" % (current_user, upload))
return upload
- def get_argument_upload(self, *args, **kwargs):
+ async def get_argument_upload(self, *args, **kwargs):
"""
Returns an upload
"""
uuid = self.get_argument(*args, **kwargs)
if uuid:
- return self._get_upload(uuid)
+ return await self._get_upload(uuid)
def get_argument_uploads(self, *args, **kwargs):
"""
@base.negotiate
async def post(self):
+ # Fetch the current user
+ current_user = await self.get_current_user()
+
# Fetch the upload
- upload = self.get_argument_upload("upload")
+ upload = await self.get_argument_upload("upload")
if not upload:
raise tornado.web.HTTPError(404, "Could not find upload")
# Check permissions of the upload
- if not upload.has_perm(self.current_user):
+ if not upload.has_perm(current_user):
raise base.APIError(errno.ENOPERM, "No permission for using upload %s" % upload)
# Fetch the repository
# If anything goes wrong, we will try to delete the package again
except Exception as e:
- await package.delete(user=self.current_user)
+ await package.delete(current_user)
raise e
projects / pbs.git / commitdiff
