summaryrefslogtreecommitdiffstats
path: root/python
diff options
context:
space:
mode:
authorBryan Newbold <bnewbold@robocracy.org>2020-09-17 20:00:51 -0700
committerBryan Newbold <bnewbold@robocracy.org>2020-09-17 20:00:55 -0700
commit6e1c91d5e66f8cd54fa22fc17a688f25839ca3ce (patch)
treec1f919efceb36b11372ee7efbb361b93795578a8 /python
parent257f5b55e6d35893dfdf8c5306842db5bb076f3e (diff)
downloadfatcat-6e1c91d5e66f8cd54fa22fc17a688f25839ca3ce.tar.gz
fatcat-6e1c91d5e66f8cd54fa22fc17a688f25839ca3ce.zip
web: route constraints on fcids and UUIDs
Instead of accepting any string for these parameters and throwing a 400 error if not the correct type, implement better route matching at the framework level and return more 404s. This resolves several outstanding sentry exceptions. The "flask-uuid" was imported and seems to have been configured for this purpose previously, but I guess I never finished configuring it.
Diffstat (limited to 'python')
-rw-r--r--python/fatcat_web/routes.py194
-rw-r--r--python/tests/web_entity_views.py10
2 files changed, 103 insertions, 101 deletions
diff --git a/python/fatcat_web/routes.py b/python/fatcat_web/routes.py
index 4dfbc29c..4c37dc09 100644
--- a/python/fatcat_web/routes.py
+++ b/python/fatcat_web/routes.py
@@ -22,7 +22,7 @@ from fatcat_web.forms import SavePaperNowForm
### Generic Entity Views ####################################################
-@app.route('/container/<ident>/history', methods=['GET'])
+@app.route('/container/<string(length=26):ident>/history', methods=['GET'])
def container_history(ident):
try:
entity = api.get_container(ident)
@@ -35,7 +35,7 @@ def container_history(ident):
entity=entity,
history=history)
-@app.route('/creator/<ident>/history', methods=['GET'])
+@app.route('/creator/<string(length=26):ident>/history', methods=['GET'])
def creator_history(ident):
try:
entity = api.get_creator(ident)
@@ -47,7 +47,7 @@ def creator_history(ident):
entity=entity,
history=history)
-@app.route('/file/<ident>/history', methods=['GET'])
+@app.route('/file/<string(length=26):ident>/history', methods=['GET'])
def file_history(ident):
try:
entity = api.get_file(ident)
@@ -59,7 +59,7 @@ def file_history(ident):
entity=entity,
history=history)
-@app.route('/fileset/<ident>/history', methods=['GET'])
+@app.route('/fileset/<string(length=26):ident>/history', methods=['GET'])
def fileset_history(ident):
try:
entity = api.get_fileset(ident)
@@ -71,7 +71,7 @@ def fileset_history(ident):
entity=entity,
history=history)
-@app.route('/webcapture/<ident>/history', methods=['GET'])
+@app.route('/webcapture/<string(length=26):ident>/history', methods=['GET'])
def webcapture_history(ident):
try:
entity = api.get_webcapture(ident)
@@ -83,7 +83,7 @@ def webcapture_history(ident):
entity=entity,
history=history)
-@app.route('/release/<ident>/history', methods=['GET'])
+@app.route('/release/<string(length=26):ident>/history', methods=['GET'])
def release_history(ident):
try:
entity = api.get_release(ident)
@@ -95,7 +95,7 @@ def release_history(ident):
entity=entity,
history=history)
-@app.route('/work/<ident>/history', methods=['GET'])
+@app.route('/work/<string(length=26):ident>/history', methods=['GET'])
def work_history(ident):
try:
entity = api.get_work(ident)
@@ -238,241 +238,241 @@ def generic_editgroup_entity_view(editgroup_id, entity_type, ident, view_templat
return render_template(view_template, entity_type=entity_type, entity=entity, editgroup=editgroup)
-@app.route('/container/<ident>', methods=['GET'])
+@app.route('/container/<string(length=26):ident>', methods=['GET'])
def container_view(ident):
return generic_entity_view('container', ident, 'container_view.html')
-@app.route('/container_<ident>', methods=['GET'])
+@app.route('/container_<string(length=26):ident>', methods=['GET'])
def container_underscore_view(ident):
return redirect('/container/{}'.format(ident))
-@app.route('/container/<ident>/coverage', methods=['GET'])
+@app.route('/container/<string(length=26):ident>/coverage', methods=['GET'])
def container_view_coverage(ident):
# note: there is a special hack to add entity._type_preservation for this endpoint
return generic_entity_view('container', ident, 'container_view_coverage.html')
-@app.route('/container/<ident>/metadata', methods=['GET'])
+@app.route('/container/<string(length=26):ident>/metadata', methods=['GET'])
def container_view_metadata(ident):
return generic_entity_view('container', ident, 'entity_view_metadata.html')
-@app.route('/container/rev/<revision_id>', methods=['GET'])
+@app.route('/container/rev/<uuid:revision_id>', methods=['GET'])
def container_revision_view(revision_id):
- return generic_entity_revision_view('container', revision_id, 'container_view.html')
+ return generic_entity_revision_view('container', str(revision_id), 'container_view.html')
-@app.route('/container/rev/<revision_id>/metadata', methods=['GET'])
+@app.route('/container/rev/<uuid:revision_id>/metadata', methods=['GET'])
def container_revision_view_metadata(revision_id):
- return generic_entity_revision_view('container', revision_id, 'entity_view_metadata.html')
+ return generic_entity_revision_view('container', str(revision_id), 'entity_view_metadata.html')
-@app.route('/editgroup/<editgroup_id>/container/<ident>', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/container/<string(length=26):ident>', methods=['GET'])
def container_editgroup_view(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'container', ident, 'container_view.html')
-@app.route('/editgroup/<editgroup_id>/container/<ident>/metadata', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/container/<string(length=26):ident>/metadata', methods=['GET'])
def container_editgroup_view_metadata(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'container', ident, 'entity_view_metadata.html')
-@app.route('/creator/<ident>', methods=['GET'])
+@app.route('/creator/<string(length=26):ident>', methods=['GET'])
def creator_view(ident):
return generic_entity_view('creator', ident, 'creator_view.html')
-@app.route('/creator_<ident>', methods=['GET'])
+@app.route('/creator_<string(length=26):ident>', methods=['GET'])
def creator_underscore_view(ident):
return redirect('/creator/{}'.format(ident))
-@app.route('/creator/<ident>/metadata', methods=['GET'])
+@app.route('/creator/<string(length=26):ident>/metadata', methods=['GET'])
def creator_view_metadata(ident):
return generic_entity_view('creator', ident, 'entity_view_metadata.html')
-@app.route('/creator/rev/<revision_id>', methods=['GET'])
+@app.route('/creator/rev/<uuid:revision_id>', methods=['GET'])
def creator_revision_view(revision_id):
- return generic_entity_revision_view('creator', revision_id, 'creator_view.html')
+ return generic_entity_revision_view('creator', str(revision_id), 'creator_view.html')
-@app.route('/creator/rev/<revision_id>/metadata', methods=['GET'])
+@app.route('/creator/rev/<uuid:revision_id>/metadata', methods=['GET'])
def creator_revision_view_metadata(revision_id):
- return generic_entity_revision_view('creator', revision_id, 'entity_view_metadata.html')
+ return generic_entity_revision_view('creator', str(revision_id), 'entity_view_metadata.html')
-@app.route('/editgroup/<editgroup_id>/creator/<ident>', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/creator/<string(length=26):ident>', methods=['GET'])
def creator_editgroup_view(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'creator', ident, 'creator_view.html')
-@app.route('/editgroup/<editgroup_id>/creator/<ident>/metadata', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/creator/<string(length=26):ident>/metadata', methods=['GET'])
def creator_editgroup_view_metadata(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'creator', ident, 'entity_view_metadata.html')
-@app.route('/file/<ident>', methods=['GET'])
+@app.route('/file/<string(length=26):ident>', methods=['GET'])
def file_view(ident):
return generic_entity_view('file', ident, 'file_view.html')
-@app.route('/file_<ident>', methods=['GET'])
+@app.route('/file_<string(length=26):ident>', methods=['GET'])
def file_underscore_view(ident):
return redirect('/file/{}'.format(ident))
-@app.route('/file/<ident>/metadata', methods=['GET'])
+@app.route('/file/<string(length=26):ident>/metadata', methods=['GET'])
def file_view_metadata(ident):
return generic_entity_view('file', ident, 'entity_view_metadata.html')
-@app.route('/file/rev/<revision_id>', methods=['GET'])
+@app.route('/file/rev/<uuid:revision_id>', methods=['GET'])
def file_revision_view(revision_id):
- return generic_entity_revision_view('file', revision_id, 'file_view.html')
+ return generic_entity_revision_view('file', str(revision_id), 'file_view.html')
-@app.route('/file/rev/<revision_id>/metadata', methods=['GET'])
+@app.route('/file/rev/<uuid:revision_id>/metadata', methods=['GET'])
def file_revision_view_metadata(revision_id):
- return generic_entity_revision_view('file', revision_id, 'entity_view_metadata.html')
+ return generic_entity_revision_view('file', str(revision_id), 'entity_view_metadata.html')
-@app.route('/editgroup/<editgroup_id>/file/<ident>', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/file/<string(length=26):ident>', methods=['GET'])
def file_editgroup_view(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'file', ident, 'file_view.html')
-@app.route('/editgroup/<editgroup_id>/file/<ident>/metadata', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/file/<string(length=26):ident>/metadata', methods=['GET'])
def file_editgroup_view_metadata(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'file', ident, 'entity_view_metadata.html')
-@app.route('/fileset/<ident>', methods=['GET'])
+@app.route('/fileset/<string(length=26):ident>', methods=['GET'])
def fileset_view(ident):
return generic_entity_view('fileset', ident, 'fileset_view.html')
-@app.route('/fileset_<ident>', methods=['GET'])
+@app.route('/fileset_<string(length=26):ident>', methods=['GET'])
def fileset_underscore_view(ident):
return redirect('/fileset/{}'.format(ident))
-@app.route('/fileset/<ident>/metadata', methods=['GET'])
+@app.route('/fileset/<string(length=26):ident>/metadata', methods=['GET'])
def fileset_view_metadata(ident):
return generic_entity_view('fileset', ident, 'entity_view_metadata.html')
-@app.route('/fileset/rev/<revision_id>', methods=['GET'])
+@app.route('/fileset/rev/<uuid:revision_id>', methods=['GET'])
def fileset_revision_view(revision_id):
- return generic_entity_revision_view('fileset', revision_id, 'fileset_view.html')
+ return generic_entity_revision_view('fileset', str(revision_id), 'fileset_view.html')
-@app.route('/fileset/rev/<revision_id>/metadata', methods=['GET'])
+@app.route('/fileset/rev/<uuid:revision_id>/metadata', methods=['GET'])
def fileset_revision_view_metadata(revision_id):
- return generic_entity_revision_view('fileset', revision_id, 'entity_view_metadata.html')
+ return generic_entity_revision_view('fileset', str(revision_id), 'entity_view_metadata.html')
-@app.route('/editgroup/<editgroup_id>/fileset/<ident>', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/fileset/<string(length=26):ident>', methods=['GET'])
def fileset_editgroup_view(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'fileset', ident, 'fileset_view.html')
-@app.route('/editgroup/<editgroup_id>/fileset/<ident>/metadata', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/fileset/<string(length=26):ident>/metadata', methods=['GET'])
def fileset_editgroup_view_metadata(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'fileset', ident, 'entity_view_metadata.html')
-@app.route('/webcapture/<ident>', methods=['GET'])
+@app.route('/webcapture/<string(length=26):ident>', methods=['GET'])
def webcapture_view(ident):
return generic_entity_view('webcapture', ident, 'webcapture_view.html')
-@app.route('/webcapture_<ident>', methods=['GET'])
+@app.route('/webcapture_<string(length=26):ident>', methods=['GET'])
def webcapture_underscore_view(ident):
return redirect('/webcapture/{}'.format(ident))
-@app.route('/webcapture/<ident>/metadata', methods=['GET'])
+@app.route('/webcapture/<string(length=26):ident>/metadata', methods=['GET'])
def webcapture_view_metadata(ident):
return generic_entity_view('webcapture', ident, 'entity_view_metadata.html')
-@app.route('/webcapture/rev/<revision_id>', methods=['GET'])
+@app.route('/webcapture/rev/<uuid:revision_id>', methods=['GET'])
def webcapture_revision_view(revision_id):
- return generic_entity_revision_view('webcapture', revision_id, 'webcapture_view.html')
+ return generic_entity_revision_view('webcapture', str(revision_id), 'webcapture_view.html')
-@app.route('/webcapture/rev/<revision_id>/metadata', methods=['GET'])
+@app.route('/webcapture/rev/<uuid:revision_id>/metadata', methods=['GET'])
def webcapture_revision_view_metadata(revision_id):
- return generic_entity_revision_view('webcapture', revision_id, 'entity_view_metadata.html')
+ return generic_entity_revision_view('webcapture', str(revision_id), 'entity_view_metadata.html')
-@app.route('/editgroup/<editgroup_id>/webcapture/<ident>', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/webcapture/<string(length=26):ident>', methods=['GET'])
def webcapture_editgroup_view(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'webcapture', ident, 'webcapture_view.html')
-@app.route('/editgroup/<editgroup_id>/webcapture/<ident>/metadata', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/webcapture/<string(length=26):ident>/metadata', methods=['GET'])
def webcapture_editgroup_view_metadata(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'webcapture', ident, 'entity_view_metadata.html')
-@app.route('/release/<ident>', methods=['GET'])
+@app.route('/release/<string(length=26):ident>', methods=['GET'])
def release_view(ident):
return generic_entity_view('release', ident, 'release_view.html')
-@app.route('/release_<ident>', methods=['GET'])
+@app.route('/release_<string(length=26):ident>', methods=['GET'])
def release_underscore_view(ident):
return redirect('/release/{}'.format(ident))
-@app.route('/release/<ident>/contribs', methods=['GET'])
+@app.route('/release/<string(length=26):ident>/contribs', methods=['GET'])
def release_view_contribs(ident):
return generic_entity_view('release', ident, 'release_view_contribs.html')
-@app.route('/release/<ident>/references', methods=['GET'])
+@app.route('/release/<string(length=26):ident>/references', methods=['GET'])
def release_view_references(ident):
return generic_entity_view('release', ident, 'release_view_references.html')
-@app.route('/release/<ident>/metadata', methods=['GET'])
+@app.route('/release/<string(length=26):ident>/metadata', methods=['GET'])
def release_view_metadata(ident):
return generic_entity_view('release', ident, 'entity_view_metadata.html')
-@app.route('/release/rev/<revision_id>', methods=['GET'])
+@app.route('/release/rev/<uuid:revision_id>', methods=['GET'])
def release_revision_view(revision_id):
- return generic_entity_revision_view('release', revision_id, 'release_view.html')
+ return generic_entity_revision_view('release', str(revision_id), 'release_view.html')
-@app.route('/release/rev/<revision_id>/contribs', methods=['GET'])
+@app.route('/release/rev/<uuid:revision_id>/contribs', methods=['GET'])
def release_revision_view_contribs(revision_id):
- return generic_entity_revision_view('release', revision_id, 'release_view_contribs.html')
+ return generic_entity_revision_view('release', str(revision_id), 'release_view_contribs.html')
-@app.route('/release/rev/<revision_id>/references', methods=['GET'])
+@app.route('/release/rev/<uuid:revision_id>/references', methods=['GET'])
def release_revision_view_references(revision_id):
- return generic_entity_revision_view('release', revision_id, 'release_view_references.html')
+ return generic_entity_revision_view('release', str(revision_id), 'release_view_references.html')
-@app.route('/release/rev/<revision_id>/metadata', methods=['GET'])
+@app.route('/release/rev/<uuid:revision_id>/metadata', methods=['GET'])
def release_revision_view_metadata(revision_id):
- return generic_entity_revision_view('release', revision_id, 'entity_view_metadata.html')
+ return generic_entity_revision_view('release', str(revision_id), 'entity_view_metadata.html')
-@app.route('/editgroup/<editgroup_id>/release/<ident>', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/release/<string(length=26):ident>', methods=['GET'])
def release_editgroup_view(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'release', ident, 'release_view.html')
-@app.route('/editgroup/<editgroup_id>/release/<ident>/contribs', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/release/<string(length=26):ident>/contribs', methods=['GET'])
def release_editgroup_view_contribs(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'release', ident, 'release_view_contribs.html')
-@app.route('/editgroup/<editgroup_id>/release/<ident>/references', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/release/<string(length=26):ident>/references', methods=['GET'])
def release_editgroup_view_references(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'release', ident, 'release_view_references.html')
-@app.route('/editgroup/<editgroup_id>/release/<ident>/metadata', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/release/<string(length=26):ident>/metadata', methods=['GET'])
def release_editgroup_view_metadata(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'release', ident, 'entity_view_metadata.html')
-@app.route('/work/<ident>', methods=['GET'])
+@app.route('/work/<string(length=26):ident>', methods=['GET'])
def work_view(ident):
return generic_entity_view('work', ident, 'work_view.html')
-@app.route('/work_<ident>', methods=['GET'])
+@app.route('/work_<string(length=26):ident>', methods=['GET'])
def work_underscore_view(ident):
return redirect('/work/{}'.format(ident))
-@app.route('/work/<ident>/metadata', methods=['GET'])
+@app.route('/work/<string(length=26):ident>/metadata', methods=['GET'])
def work_view_metadata(ident):
return generic_entity_view('work', ident, 'entity_view_metadata.html')
-@app.route('/work/rev/<revision_id>', methods=['GET'])
+@app.route('/work/rev/<uuid:revision_id>', methods=['GET'])
def work_revision_view(revision_id):
- return generic_entity_revision_view('work', revision_id, 'work_view.html')
+ return generic_entity_revision_view('work', str(revision_id), 'work_view.html')
-@app.route('/work/rev/<revision_id>/metadata', methods=['GET'])
+@app.route('/work/rev/<uuid:revision_id>/metadata', methods=['GET'])
def work_revision_view_metadata(revision_id):
- return generic_entity_revision_view('work', revision_id, 'entity_view_metadata.html')
+ return generic_entity_revision_view('work', str(revision_id), 'entity_view_metadata.html')
-@app.route('/editgroup/<editgroup_id>/work/<ident>', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/work/<string(length=26):ident>', methods=['GET'])
def work_editgroup_view(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'work', ident, 'work_view.html')
-@app.route('/editgroup/<editgroup_id>/work/<ident>/metadata', methods=['GET'])
+@app.route('/editgroup/<editgroup_id>/work/<string(length=26):ident>/metadata', methods=['GET'])
def work_editgroup_view_metadata(editgroup_id, ident):
return generic_editgroup_entity_view(editgroup_id, 'work', ident, 'entity_view_metadata.html')
### Views ###################################################################
-@app.route('/editgroup/<ident>', methods=['GET'])
+@app.route('/editgroup/<string(length=26):ident>', methods=['GET'])
def editgroup_view(ident):
try:
eg = api.get_editgroup(str(ident))
@@ -498,7 +498,7 @@ def editgroup_view(ident):
return render_template('editgroup_view.html', editgroup=eg,
auth_to=auth_to)
-@app.route('/editgroup/<ident>/annotation', methods=['POST'])
+@app.route('/editgroup/<string(length=26):ident>/annotation', methods=['POST'])
@login_required
def editgroup_create_annotation(ident):
if not app.testing:
@@ -523,7 +523,7 @@ def editgroup_create_annotation(ident):
raise ae
return redirect('/editgroup/{}'.format(ident))
-@app.route('/editgroup/<ident>/accept', methods=['POST'])
+@app.route('/editgroup/<string(length=26):ident>/accept', methods=['POST'])
@login_required
def editgroup_accept(ident):
if not app.testing:
@@ -540,7 +540,7 @@ def editgroup_accept(ident):
abort(ae.status)
return redirect('/editgroup/{}'.format(ident))
-@app.route('/editgroup/<ident>/unsubmit', methods=['POST'])
+@app.route('/editgroup/<string(length=26):ident>/unsubmit', methods=['POST'])
@login_required
def editgroup_unsubmit(ident):
if not app.testing:
@@ -557,7 +557,7 @@ def editgroup_unsubmit(ident):
abort(ae.status)
return redirect('/editgroup/{}'.format(ident))
-@app.route('/editgroup/<ident>/submit', methods=['POST'])
+@app.route('/editgroup/<string(length=26):ident>/submit', methods=['POST'])
@login_required
def editgroup_submit(ident):
if not app.testing:
@@ -574,7 +574,7 @@ def editgroup_submit(ident):
abort(ae.status)
return redirect('/editgroup/{}'.format(ident))
-@app.route('/editor/<ident>', methods=['GET'])
+@app.route('/editor/<string(length=26):ident>', methods=['GET'])
def editor_view(ident):
try:
entity = api.get_editor(ident)
@@ -582,7 +582,7 @@ def editor_view(ident):
abort(ae.status)
return render_template('editor_view.html', editor=entity)
-@app.route('/editor/<ident>/editgroups', methods=['GET'])
+@app.route('/editor/<string(length=26):ident>/editgroups', methods=['GET'])
def editor_editgroups(ident):
try:
editor = api.get_editor(ident)
@@ -595,7 +595,7 @@ def editor_editgroups(ident):
return render_template('editor_editgroups.html', editor=editor,
editgroups=editgroups)
-@app.route('/editor/<ident>/annotations', methods=['GET'])
+@app.route('/editor/<string(length=26):ident>/annotations', methods=['GET'])
def editor_annotations(ident):
try:
editor = api.get_editor(ident)
@@ -634,7 +634,7 @@ def reviewable_view():
abort(ae.status)
return render_template('editgroup_reviewable.html', entries=entries)
-@app.route('/release/<ident>/save', methods=['GET', 'POST'])
+@app.route('/release/<string(length=26):ident>/save', methods=['GET', 'POST'])
def release_save(ident):
form = SavePaperNowForm()
@@ -831,7 +831,7 @@ def container_issnl_stats(issnl):
abort(503)
return jsonify(stats)
-@app.route('/container/<ident>/stats.json', methods=['GET', 'OPTIONS'])
+@app.route('/container/<string(length=26):ident>/stats.json', methods=['GET', 'OPTIONS'])
@crossdomain(origin='*',headers=['access-control-allow-origin','Content-Type'])
def container_ident_stats(ident):
try:
@@ -845,7 +845,7 @@ def container_ident_stats(ident):
abort(503)
return jsonify(stats)
-@app.route('/container/<ident>/ia_coverage_years.json', methods=['GET', 'OPTIONS'])
+@app.route('/container/<string(length=26):ident>/ia_coverage_years.json', methods=['GET', 'OPTIONS'])
@crossdomain(origin='*',headers=['access-control-allow-origin','Content-Type'])
def container_ident_ia_coverage_years_json(ident):
try:
@@ -860,7 +860,7 @@ def container_ident_ia_coverage_years_json(ident):
histogram = [dict(year=h[0], in_ia=h[1], count=h[2]) for h in histogram]
return jsonify({'container_id': ident, "histogram": histogram})
-@app.route('/container/<ident>/ia_coverage_years.svg', methods=['GET', 'OPTIONS'])
+@app.route('/container/<string(length=26):ident>/ia_coverage_years.svg', methods=['GET', 'OPTIONS'])
@crossdomain(origin='*',headers=['access-control-allow-origin','Content-Type'])
def container_ident_ia_coverage_years_svg(ident):
try:
@@ -874,7 +874,7 @@ def container_ident_ia_coverage_years_svg(ident):
abort(503)
return ia_coverage_histogram(histogram).render_response()
-@app.route('/container/<ident>/preservation_by_year.json', methods=['GET', 'OPTIONS'])
+@app.route('/container/<string(length=26):ident>/preservation_by_year.json', methods=['GET', 'OPTIONS'])
@crossdomain(origin='*',headers=['access-control-allow-origin','Content-Type'])
def container_ident_preservation_by_year_json(ident):
try:
@@ -889,7 +889,7 @@ def container_ident_preservation_by_year_json(ident):
abort(503)
return jsonify({'container_id': ident, "histogram": histogram})
-@app.route('/container/<ident>/preservation_by_year.svg', methods=['GET', 'OPTIONS'])
+@app.route('/container/<string(length=26):ident>/preservation_by_year.svg', methods=['GET', 'OPTIONS'])
@crossdomain(origin='*',headers=['access-control-allow-origin','Content-Type'])
def container_ident_preservation_by_year_svg(ident):
try:
@@ -907,7 +907,7 @@ def container_ident_preservation_by_year_svg(ident):
merge_shadows=Config.FATCAT_MERGE_SHADOW_PRESERVATION,
).render_response()
-@app.route('/container/<ident>/preservation_by_volume.json', methods=['GET', 'OPTIONS'])
+@app.route('/container/<string(length=26):ident>/preservation_by_volume.json', methods=['GET', 'OPTIONS'])
@crossdomain(origin='*',headers=['access-control-allow-origin','Content-Type'])
def container_ident_preservation_by_volume_json(ident):
try:
@@ -921,7 +921,7 @@ def container_ident_preservation_by_volume_json(ident):
abort(503)
return jsonify({'container_id': ident, "histogram": histogram})
-@app.route('/container/<ident>/preservation_by_volume.svg', methods=['GET', 'OPTIONS'])
+@app.route('/container/<string(length=26):ident>/preservation_by_volume.svg', methods=['GET', 'OPTIONS'])
@crossdomain(origin='*',headers=['access-control-allow-origin','Content-Type'])
def container_ident_preservation_by_volume_svg(ident):
try:
@@ -938,7 +938,7 @@ def container_ident_preservation_by_volume_svg(ident):
merge_shadows=Config.FATCAT_MERGE_SHADOW_PRESERVATION,
).render_response()
-@app.route('/release/<ident>.bib', methods=['GET'])
+@app.route('/release/<string(length=26):ident>.bib', methods=['GET'])
def release_bibtex(ident):
try:
entity = api.get_release(ident)
@@ -948,7 +948,7 @@ def release_bibtex(ident):
bibtex = citeproc_csl(csl, 'bibtex')
return Response(bibtex, mimetype="text/plain")
-@app.route('/release/<ident>/citeproc', methods=['GET'])
+@app.route('/release/<string(length=26):ident>/citeproc', methods=['GET'])
def release_citeproc(ident):
style = request.args.get('style', 'harvard1')
is_html = request.args.get('html', False)
diff --git a/python/tests/web_entity_views.py b/python/tests/web_entity_views.py
index 7b973ef2..4068a0c7 100644
--- a/python/tests/web_entity_views.py
+++ b/python/tests/web_entity_views.py
@@ -48,7 +48,7 @@ def test_entity_basics(app, mocker):
rv = app.get('/{}/rev/{}'.format(entity_type, revision))
assert rv.status_code == 200
rv = app.get('/{}/rev/{}_something'.format(entity_type, revision))
- assert rv.status_code == 400
+ assert rv.status_code == 404
rv = app.get('/{}/rev/{}/metadata'.format(entity_type, revision))
assert rv.status_code == 200
print('/editgroup/aaaaaaaaaaaabo53aaaaaaaaaq/{}/{}'.format(entity_type, ident))
@@ -59,11 +59,13 @@ def test_entity_basics(app, mocker):
# bad requests
rv = app.get('/{}/9999999999'.format(entity_type))
- assert rv.status_code == 400
+ assert rv.status_code == 404
rv = app.get('/{}/9999999999/history'.format(entity_type))
- assert rv.status_code == 400
+ assert rv.status_code == 404
rv = app.get('/{}/f1f046a3-45c9-ffff-ffff-ffffffffffff'.format(entity_type))
- assert rv.status_code == 400
+ assert rv.status_code == 404
+ rv = app.get('/{}/rev/f1f046a3-45c9-ffff-ffff-fffffffff'.format(entity_type))
+ assert rv.status_code == 404
rv = app.get('/{}/ccccccccccccccccccccccccca'.format(entity_type))
assert rv.status_code == 404