mirrored from https://chromium.googlesource.com/infra/luci/luci-go
/
appengine.go
67 lines (61 loc) · 2.34 KB
/
appengine.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
// Copyright 2015 The LUCI Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package gaemiddleware
import (
"net/http"
"go.chromium.org/luci/common/logging"
"go.chromium.org/luci/gae/service/info"
"go.chromium.org/luci/server/router"
)
var devAppserverBypassFn = info.IsDevAppServer
// RequireCron ensures that the request is from the appengine 'cron' service.
//
// It checks the presence of a magical header that can be set only by GAE.
// If the header is not there, it aborts the request with StatusForbidden.
//
// This middleware has no effect when using 'BaseTest' or when running under
// dev_appserver.py
func RequireCron(c *router.Context, next router.Handler) {
if !devAppserverBypassFn(c.Context) {
if c.Request.Header.Get("X-Appengine-Cron") != "true" {
logging.Errorf(c.Context, "request not made from cron")
http.Error(c.Writer, "error: must be run from cron", http.StatusForbidden)
return
}
}
next(c)
}
// RequireTaskQueue ensures that the request is from the specified task queue.
//
// It checks the presence of a magical header that can be set only by GAE.
// If the header is not there, it aborts the request with StatusForbidden.
//
// if 'queue' is the empty string, than this simply checks that this handler was
// run from ANY appengine taskqueue.
//
// This middleware has no effect when using 'BaseTest' or when running under
// dev_appserver.py
func RequireTaskQueue(queue string) router.Middleware {
return func(c *router.Context, next router.Handler) {
if !devAppserverBypassFn(c.Context) {
qName := c.Request.Header.Get("X-AppEngine-QueueName")
if qName == "" || (queue != "" && queue != qName) {
logging.Errorf(c.Context, "request made from wrong taskqueue: %q v %q", qName, queue)
http.Error(c.Writer, "error: must be run from the correct taskqueue", http.StatusForbidden)
return
}
}
next(c)
}
}