fix: apply code review security and robustness fixes
- Add require_engineer_or_admin to POST/PUT/DELETE in target_lists.py (blocks viewers from write ops) - Add require_engineer_or_admin to POST/PATCH in maintenance_schedules.py (blocks viewers from write ops) - Add team ownership guard in batch_launch_sessions after active/published checks (Fix 2) - Wrap scheduler.remove_job in try/except for SchedulerNotRunningError and JobLookupError (Fix 3) - Recompute next_run_at when is_active flips to True, capturing was_active before update (Fix 4) - Add optional batch_id and target_label fields to Session type; remove unsafe cast in MaintenanceFlowDetailPage.tsx (Fix 5) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
chihlasm
@@ -4,6 +4,8 @@ import uuid
|
||||
from datetime import datetime, timezone
|
||||
|
||||
from apscheduler.schedulers.asyncio import AsyncIOScheduler
|
||||
from apscheduler.schedulers.base import SchedulerNotRunningError
|
||||
from apscheduler.jobstores.base import JobLookupError
|
||||
from apscheduler.triggers.cron import CronTrigger
|
||||
import pytz
|
||||
from sqlalchemy import select
|
||||
@@ -135,5 +137,8 @@ def unregister_schedule(schedule_id: str) -> None:
|
||||
"""Remove a schedule from APScheduler."""
|
||||
job_id = f"maintenance_{schedule_id}"
|
||||
if scheduler.get_job(job_id):
|
||||
scheduler.remove_job(job_id)
|
||||
logger.info(f"Unregistered schedule {schedule_id}")
|
||||
try:
|
||||
scheduler.remove_job(job_id)
|
||||
logger.info(f"Unregistered schedule {schedule_id}")
|
||||
except (SchedulerNotRunningError, JobLookupError):
|
||||
logger.warning(f"Could not remove job {job_id}: scheduler not running or job already removed")
|
||||
|
||||
Reference in New Issue
Block a user