()
| 8 | methods = ['POST']) |
| 9 | @General_permissions.grant_permission_for(['normal_user']) |
| 10 | def report_run_api(): |
| 11 | |
| 12 | spec_list = [ |
| 13 | {"report_template_id": { |
| 14 | 'kind': int, |
| 15 | 'required': False |
| 16 | } |
| 17 | }, |
| 18 | {"report_template_data": { |
| 19 | 'kind': dict, |
| 20 | 'required': False |
| 21 | } |
| 22 | }, |
| 23 | {"project_string_id": { |
| 24 | 'kind': str, |
| 25 | 'default': None, |
| 26 | 'required': False |
| 27 | } |
| 28 | } |
| 29 | ] |
| 30 | |
| 31 | log, input, untrusted_input = regular_input.master( |
| 32 | request = request, |
| 33 | spec_list = spec_list) |
| 34 | |
| 35 | if len(log["error"].keys()) >= 1: |
| 36 | return jsonify(log = log), 400 |
| 37 | if input.get('report_template_id') is None and input.get('report_template_data') is None: |
| 38 | log['error']['report_template'] = 'Provide report_template_id or report_template_data' |
| 39 | return jsonify(log = log), 400 |
| 40 | |
| 41 | with sessionMaker.session_scope() as session: |
| 42 | |
| 43 | report_runner = Report_Runner( |
| 44 | session = session, |
| 45 | member = None, |
| 46 | report_template_id = input['report_template_id'], |
| 47 | report_template_data = input['report_template_data'], |
| 48 | project_string_id = input['project_string_id'] |
| 49 | ) |
| 50 | |
| 51 | if len(report_runner.log["error"].keys()) >= 1: |
| 52 | return jsonify(log = report_runner.log), 400 |
| 53 | |
| 54 | report_runner.get_existing_report_template(input['report_template_id']) |
| 55 | |
| 56 | """ |
| 57 | For Diffgram wide reports, they only need to validate the project string id |
| 58 | BUT if it's not, then the project_string_id should match too. |
| 59 | """ |
| 60 | if report_runner.report_template is not None: |
| 61 | if report_runner.report_template.diffgram_wide_default is True: |
| 62 | report_runner.validate_existing_report_id_permissions( |
| 63 | project_string_id = input['project_string_id']) |
| 64 | else: |
| 65 | # This assume project based... |
| 66 | # this should be part of that other permission scope validation. |
| 67 | if report_runner.report_template.project.project_string_id != input['project_string_id']: |
nothing calls this directly
no test coverage detected