Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Not allow GET requests for URL handlers that change state on the server side #183

Merged
merged 4 commits into from
Sep 25, 2024
Merged

Not allow GET requests for URL handlers that change state on the server side #183

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a79fbb0
Big Query search API change get to post
Jeyaprakash-NK Sep 23, 2024
0d0126a
downloadOutput changed from get to post
Jeyaprakash-NK Sep 23, 2024
f9a668b
test file changes for GET to POST changes
Jeyaprakash-NK Sep 23, 2024
23d0d08
test file review comment changes
Jeyaprakash-NK Sep 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion dataproc_jupyter_plugin/controllers/bigquery.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,7 @@ async def get(self):

class SearchController(APIHandler):
@tornado.web.authenticated
async def get(self):
async def post(self):
try:
search_string = self.get_argument("search_string")
type = self.get_argument("type")
Expand Down
2 changes: 1 addition & 1 deletion dataproc_jupyter_plugin/controllers/executor.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ async def post(self):

class DownloadOutputController(APIHandler):
@tornado.web.authenticated
async def get(self):
async def post(self):
try:
composer_name = self.get_argument("composer")
bucket_name = self.get_argument("bucket_name")
Expand Down
2 changes: 2 additions & 0 deletions dataproc_jupyter_plugin/tests/test_bigquery.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,8 @@ async def mock_config(config_field):
"system": mock_system,
"type": mock_type,
},
method="POST",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You need to add allow_nonstandard_methods=True, here in order to get the test to pass.

allow_nonstandard_methods=True,
)
assert response.code == 200
payload = json.loads(response.body)["results"][0]
Expand Down
10 changes: 10 additions & 0 deletions dataproc_jupyter_plugin/tests/test_executor.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,8 @@ async def mock_list_dag_run_task(*args, **kwargs):
"dag_id": mock_dag_id,
"dag_run_id": mock_dag_run_id,
},
method="POST",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You need to add allow_nonstandard_methods=True, here, and in all the similar lines below, in order to get the test to pass.

allow_nonstandard_methods=True,
)
assert response.code == 200
payload = json.loads(response.body)
Expand All @@ -149,6 +151,8 @@ async def test_invalid_composer_name(monkeypatch, jp_fetch):
"dag_id": mock_dag_id,
"dag_run_id": mock_dag_run_id,
},
method="POST",
allow_nonstandard_methods=True,
)
assert response.code == 200
payload = json.loads(response.body)
Expand All @@ -171,6 +175,8 @@ async def test_invalid_bucket_name(monkeypatch, jp_fetch):
"dag_id": mock_dag_id,
"dag_run_id": mock_dag_run_id,
},
method="POST",
allow_nonstandard_methods=True,
)
assert response.code == 200
payload = json.loads(response.body)
Expand All @@ -193,6 +199,8 @@ async def test_invalid_dag_id(monkeypatch, jp_fetch):
"dag_id": mock_dag_id,
"dag_run_id": mock_dag_run_id,
},
method="POST",
allow_nonstandard_methods=True,
)
assert response.code == 200
payload = json.loads(response.body)
Expand All @@ -215,6 +223,8 @@ async def test_invalid_dag_run_id(monkeypatch, jp_fetch):
"dag_id": mock_dag_id,
"dag_run_id": mock_dag_run_id,
},
method="POST",
allow_nonstandard_methods=True,
)
assert response.code == 200
payload = json.loads(response.body)
Expand Down
5 changes: 4 additions & 1 deletion src/bigQuery/bigQueryService.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -407,7 +407,10 @@ export class BigQueryService {
setSearchLoading(true);
try {
const data: any = await requestAPI(
`bigQuerySearch?search_string=${searchTerm}&type=(table|dataset)&system=bigquery`
`bigQuerySearch?search_string=${searchTerm}&type=(table|dataset)&system=bigquery`,
{
method: 'POST'
}
);
setSearchResponse(data);
} catch (reason) {
Expand Down
4 changes: 3 additions & 1 deletion src/scheduler/schedulerServices.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -702,7 +702,9 @@ export class SchedulerService {
try {
dagRunId = encodeURIComponent(dagRunId);
const serviceURL = `downloadOutput?composer=${composerName}&bucket_name=${bucketName}&dag_id=${dagId}&dag_run_id=${dagRunId}`;
const formattedResponse: any = await requestAPI(serviceURL);
const formattedResponse: any = await requestAPI(serviceURL, {
method: 'POST'
});
dagRunId = decodeURIComponent(dagRunId);
if (formattedResponse.status === 0) {
toast.success(
Expand Down
Loading