diff --git a/routers/repo/cloudbrain.go b/routers/repo/cloudbrain.go index 3c60396b6b..382d61f61b 100755 --- a/routers/repo/cloudbrain.go +++ b/routers/repo/cloudbrain.go @@ -277,6 +277,13 @@ func CloudBrainRestart(ctx *context.Context) { break } + if !ctx.IsSigned || (ctx.User.ID != task.UserID && !ctx.IsUserSiteAdmin()){ + log.Error("the user has no right ro restart the job", task.JobName, ctx.Data["MsgID"]) + resultCode = "-1" + errorMsg = "you have no right to restart the job" + break + } + count, err := models.GetCloudbrainCountByUserID(ctx.User.ID) if err != nil { log.Error("GetCloudbrainCountByUserID failed:%v", err, ctx.Data["MsgID"]) diff --git a/routers/repo/modelarts.go b/routers/repo/modelarts.go index f916fc157a..d2ade7c179 100755 --- a/routers/repo/modelarts.go +++ b/routers/repo/modelarts.go @@ -248,6 +248,13 @@ func NotebookManage(ctx *context.Context) { errorMsg = "the job is not running" break } + + if !ctx.IsSigned || (ctx.User.ID != task.UserID && !ctx.IsUserSiteAdmin() && !ctx.IsUserRepoOwner()){ + log.Error("the user has no right ro stop the job", task.JobName, ctx.Data["MsgID"]) + resultCode = "-1" + errorMsg = "you have no right to stop the job" + break + } } else if action == models.ActionRestart { if task.Status != string(models.ModelArtsStopped) && task.Status != string(models.ModelArtsStartFailed) && task.Status != string(models.ModelArtsCreateFailed) { log.Error("the job(%s) is not stopped", task.JobName, ctx.Data["MsgID"]) @@ -256,6 +263,13 @@ func NotebookManage(ctx *context.Context) { break } + if !ctx.IsSigned || (ctx.User.ID != task.UserID && !ctx.IsUserSiteAdmin()){ + log.Error("the user has no right ro restart the job", task.JobName, ctx.Data["MsgID"]) + resultCode = "-1" + errorMsg = "you have no right to restart the job" + break + } + count, err := models.GetCloudbrainNotebookCountByUserID(ctx.User.ID) if err != nil { log.Error("GetCloudbrainNotebookCountByUserID failed:%v", err, ctx.Data["MsgID"]) diff --git a/routers/routes/routes.go b/routers/routes/routes.go index b7bb1cd01c..ad1ce4f338 100755 --- a/routers/routes/routes.go +++ b/routers/routes/routes.go @@ -964,11 +964,11 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/cloudbrain", func() { m.Group("/:jobid", func() { m.Get("", reqRepoCloudBrainReader, repo.CloudBrainShow) - m.Get("/debug", reqRepoCloudBrainWriter, repo.CloudBrainDebug) + m.Get("/debug", cloudbrain.AdminOrJobCreaterRight, repo.CloudBrainDebug) m.Post("/commit_image", cloudbrain.AdminOrOwnerOrJobCreaterRight, bindIgnErr(auth.CommitImageCloudBrainForm{}), repo.CloudBrainCommitImage) m.Post("/stop", cloudbrain.AdminOrOwnerOrJobCreaterRight, repo.CloudBrainStop) m.Post("/del", cloudbrain.AdminOrOwnerOrJobCreaterRight, repo.CloudBrainDel) - m.Post("/restart", cloudbrain.AdminOrOwnerOrJobCreaterRight, repo.CloudBrainRestart) + m.Post("/restart", reqRepoCloudBrainWriter, repo.CloudBrainRestart) m.Get("/rate", reqRepoCloudBrainReader, repo.GetRate) m.Get("/models", reqRepoCloudBrainReader, repo.CloudBrainShowModels) m.Get("/download_model", cloudbrain.AdminOrOwnerOrJobCreaterRight, repo.CloudBrainDownloadModel) @@ -1003,8 +1003,8 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/notebook", func() { m.Group("/:jobid", func() { m.Get("", reqRepoCloudBrainReader, repo.NotebookShow) - m.Get("/debug", reqRepoCloudBrainWriter, repo.NotebookDebug) - m.Post("/:action", cloudbrain.AdminOrOwnerOrJobCreaterRight, repo.NotebookManage) + m.Get("/debug", cloudbrain.AdminOrJobCreaterRight, repo.NotebookDebug) + m.Post("/:action", reqRepoCloudBrainWriter, repo.NotebookManage) m.Post("/del", cloudbrain.AdminOrOwnerOrJobCreaterRight, repo.NotebookDel) }) m.Get("/create", reqRepoCloudBrainWriter, repo.NotebookNew)