hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-15 14:03:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

raise 404 on admin attempt to spawn nonexistent user

Browse Source
This commit is contained in:
Min RK
2021-10-15 14:40:47 +02:00
parent 61b0e8bef5
commit b0c7df04ac
2 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
jupyterhub/apihandlers/users.py
View File

@@ -484,6 +484,11 @@ class UserServerAPIHandler(APIHandler):
@needs_scope('servers')
async def post(self, user_name, server_name=''):
user = self.find_user(user_name)
if user is None:
# this can be reached if a token has `servers`
# permission on *all* users
raise web.HTTPError(404)
if server_name:
if not self.allow_named_servers:
raise web.HTTPError(400, "Named servers are not enabled.")

5
jupyterhub/tests/test_api.py
View File

@@ -972,6 +972,11 @@ async def test_bad_spawn(app, bad_spawn):
assert app.users.count_active_users()['pending'] == 0
async def test_spawn_nosuch_user(app):
r = await api_request(app, 'users', "nosuchuser", 'server', method='post')
assert r.status_code == 404
async def test_slow_bad_spawn(app, no_patience, slow_bad_spawn):
db = app.db
name = 'zaphod'