Skip to content

Commit

Permalink
fix: always validate job_id before using it
Browse files Browse the repository at this point in the history
kikkomep committed Nov 28, 2023

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
1 parent d61bda4 commit 92c5c78
Showing 2 changed files with 12 additions and 0 deletions.
2 changes: 2 additions & 0 deletions lifemonitor/tasks/controller.py
Original file line number Diff line number Diff line change
@@ -40,6 +40,8 @@
@authorized
@blueprint.route("/status/<job_id>", methods=("GET",))
def get_job_status(job_id: str):
if not utils.validate_job_id(job_id):
raise ValueError(f"Invalid job id: {job_id}")
serialized_job_data = cache.get(utils.get_job_key(job_id=job_id))
if not serialized_job_data:
return f"job ${job_id} not found", 404
10 changes: 10 additions & 0 deletions lifemonitor/tasks/utils.py
Original file line number Diff line number Diff line change
@@ -15,6 +15,16 @@ def make_job_id() -> str:
return str(uuid4())


def validate_job_id(job_id: str) -> bool:
'''Validate the job id defined as uuid4'''
from uuid import UUID
try:
UUID(job_id, version=4)
return True
except ValueError:
return False


def get_job_key(job_id: str):
return f"job-{job_id}"

0 comments on commit 92c5c78

Please sign in to comment.