f81e839ba2
- validate instance names at the host lib and web boundary against
[a-z0-9][a-z0-9_-]{0,63} to prevent path traversal via Server.name
- fail-closed on SECRET_KEY: load_config returns None when env unset,
create_app raises if missing or "dev" outside TESTING
- close login timing oracle by hashing a dummy digest when the user
is not found, equalizing response time
- set SESSION_COOKIE_SECURE outside TESTING
- delete_instance tolerates stop_service and fusermount3 failures so
partially-initialized instances clean up without contract breaks;
drops the is_mount() preflight that violated AGENTS.md
- document claim_next_job's single-process assumption
- clarify emit_step contract via docstring
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
109 lines
3.4 KiB
Python
109 lines
3.4 KiB
Python
from flask import Blueprint, Response, jsonify, redirect, request
|
|
from sqlalchemy import select
|
|
from sqlalchemy.exc import IntegrityError
|
|
|
|
from l4d2web.auth import current_user, require_login
|
|
from l4d2web.db import session_scope
|
|
from l4d2web.models import Blueprint as BlueprintModel
|
|
from l4d2web.models import Job, Server
|
|
from l4d2web.services.security import validate_instance_name
|
|
|
|
|
|
bp = Blueprint("server", __name__)
|
|
|
|
|
|
@bp.post("/servers")
|
|
@require_login
|
|
def create_server() -> Response:
|
|
user = current_user()
|
|
assert user is not None
|
|
json_response = request.is_json
|
|
payload = request.get_json(silent=True) if json_response else request.form
|
|
|
|
try:
|
|
name = validate_instance_name(str(payload["name"]))
|
|
except (KeyError, TypeError, ValueError):
|
|
return Response("invalid server name", status=400)
|
|
|
|
with session_scope() as db:
|
|
blueprint = db.scalar(
|
|
select(BlueprintModel).where(
|
|
BlueprintModel.id == int(payload["blueprint_id"]),
|
|
BlueprintModel.user_id == user.id,
|
|
)
|
|
)
|
|
if blueprint is None:
|
|
return Response("blueprint not found", status=404)
|
|
|
|
server = Server(
|
|
user_id=user.id,
|
|
blueprint_id=blueprint.id,
|
|
name=name,
|
|
port=int(payload["port"]),
|
|
desired_state="stopped",
|
|
actual_state="unknown",
|
|
last_error="",
|
|
)
|
|
db.add(server)
|
|
|
|
try:
|
|
db.flush()
|
|
except IntegrityError:
|
|
db.rollback()
|
|
return Response("port already in use", status=409)
|
|
|
|
server_id = server.id
|
|
|
|
if json_response:
|
|
return jsonify({"id": server_id}), 201
|
|
return redirect(f"/servers/{server_id}")
|
|
|
|
|
|
@bp.patch("/servers/<int:server_id>")
|
|
@require_login
|
|
def update_server(server_id: int) -> Response:
|
|
user = current_user()
|
|
assert user is not None
|
|
payload = request.get_json(silent=True) or {}
|
|
|
|
with session_scope() as db:
|
|
server = db.scalar(select(Server).where(Server.id == server_id, Server.user_id == user.id))
|
|
if server is None:
|
|
return Response(status=404)
|
|
|
|
blueprint = db.scalar(
|
|
select(BlueprintModel).where(
|
|
BlueprintModel.id == int(payload["blueprint_id"]),
|
|
BlueprintModel.user_id == user.id,
|
|
)
|
|
)
|
|
if blueprint is None:
|
|
return Response("blueprint not found", status=404)
|
|
|
|
server.blueprint_id = blueprint.id
|
|
|
|
return jsonify({"id": server_id}), 200
|
|
|
|
|
|
LIFECYCLE_OPERATIONS = {"initialize", "start", "stop", "delete"}
|
|
|
|
|
|
@bp.post("/servers/<int:server_id>/<operation>")
|
|
@require_login
|
|
def enqueue_server_operation(server_id: int, operation: str) -> Response:
|
|
user = current_user()
|
|
assert user is not None
|
|
if operation not in LIFECYCLE_OPERATIONS:
|
|
return Response(status=404)
|
|
|
|
with session_scope() as db:
|
|
server = db.scalar(select(Server).where(Server.id == server_id, Server.user_id == user.id))
|
|
if server is None:
|
|
return Response(status=404)
|
|
db.add(Job(user_id=user.id, server_id=server.id, operation=operation, state="queued"))
|
|
if operation == "start":
|
|
server.desired_state = "running"
|
|
if operation in {"stop", "delete"}:
|
|
server.desired_state = "stopped"
|
|
|
|
return redirect(f"/servers/{server_id}")
|