From 3a58f869bb8282e85a89bb269d6f3d4d1ad9ee7a Mon Sep 17 00:00:00 2001
From: Topvennie <vincent@vallaeys.com>
Date: Tue, 14 May 2024 10:59:16 +0200
Subject: [PATCH 1/5] fix: docker image owner

---
 backend/api/serializers/docker_serializer.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/backend/api/serializers/docker_serializer.py b/backend/api/serializers/docker_serializer.py
index eb009eb3..ee7b2c1f 100644
--- a/backend/api/serializers/docker_serializer.py
+++ b/backend/api/serializers/docker_serializer.py
@@ -13,7 +13,8 @@ class Meta:
     def validate(self, attrs):
         data = super().validate(attrs=attrs)
 
-        data["owner"] = self.context["request"].user
+        if not self.partial:
+            data["owner"] = self.context["request"].user
 
         if "public" in data and data["public"] and not data["owner"].is_staff:
             raise ValidationError(_("docker.errors.custom"))

From f94c42180ad4680d532c9bae397650d292ba1129 Mon Sep 17 00:00:00 2001
From: Topvennie <vincent@vallaeys.com>
Date: Wed, 15 May 2024 18:19:39 +0200
Subject: [PATCH 2/5] fix: crash from partial update

---
 backend/api/serializers/docker_serializer.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/backend/api/serializers/docker_serializer.py b/backend/api/serializers/docker_serializer.py
index ee7b2c1f..115da192 100644
--- a/backend/api/serializers/docker_serializer.py
+++ b/backend/api/serializers/docker_serializer.py
@@ -15,6 +15,8 @@ def validate(self, attrs):
 
         if not self.partial:
             data["owner"] = self.context["request"].user
+        else:
+            data["owner"] = self.instance.owner
 
         if "public" in data and data["public"] and not data["owner"].is_staff:
             raise ValidationError(_("docker.errors.custom"))

From 087a8f45dde5b5c647ccf52aecc55df02e9bfeb6 Mon Sep 17 00:00:00 2001
From: Topvennie <vincent@vallaeys.com>
Date: Wed, 15 May 2024 18:34:24 +0200
Subject: [PATCH 3/5] chore: allow owner updates

---
 backend/api/serializers/docker_serializer.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/api/serializers/docker_serializer.py b/backend/api/serializers/docker_serializer.py
index 115da192..3dfdce99 100644
--- a/backend/api/serializers/docker_serializer.py
+++ b/backend/api/serializers/docker_serializer.py
@@ -16,7 +16,7 @@ def validate(self, attrs):
         if not self.partial:
             data["owner"] = self.context["request"].user
         else:
-            data["owner"] = self.instance.owner
+            data["owner"] = data["owner"] if "owner" in data else self.instance.owner
 
         if "public" in data and data["public"] and not data["owner"].is_staff:
             raise ValidationError(_("docker.errors.custom"))

From cac233ac1f211555ef6155f3b2e00a398a1702a4 Mon Sep 17 00:00:00 2001
From: Topvennie <vincent@vallaeys.com>
Date: Wed, 15 May 2024 18:35:52 +0200
Subject: [PATCH 4/5] chore: cleanup my booboo

---
 backend/api/serializers/docker_serializer.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/api/serializers/docker_serializer.py b/backend/api/serializers/docker_serializer.py
index 3dfdce99..dc1f2a66 100644
--- a/backend/api/serializers/docker_serializer.py
+++ b/backend/api/serializers/docker_serializer.py
@@ -15,8 +15,8 @@ def validate(self, attrs):
 
         if not self.partial:
             data["owner"] = self.context["request"].user
-        else:
-            data["owner"] = data["owner"] if "owner" in data else self.instance.owner
+        elif "owner" not in data:
+            data["owner"] = self.instance.owner
 
         if "public" in data and data["public"] and not data["owner"].is_staff:
             raise ValidationError(_("docker.errors.custom"))

From 8a4f1e32615aef698e749fbbba3ded74481ed406 Mon Sep 17 00:00:00 2001
From: Topvennie <vincent@vallaeys.com>
Date: Wed, 15 May 2024 19:50:38 +0200
Subject: [PATCH 5/5] chore: docker images permissions

---
 backend/api/locale/en/LC_MESSAGES/django.po  | 68 ++++++++++----------
 backend/api/locale/nl/LC_MESSAGES/django.po  | 68 ++++++++++----------
 backend/api/serializers/docker_serializer.py | 17 +++--
 3 files changed, 81 insertions(+), 72 deletions(-)

diff --git a/backend/api/locale/en/LC_MESSAGES/django.po b/backend/api/locale/en/LC_MESSAGES/django.po
index dbe86326..5eda2f33 100755
--- a/backend/api/locale/en/LC_MESSAGES/django.po
+++ b/backend/api/locale/en/LC_MESSAGES/django.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-05-11 18:26+0200\n"
+"POT-Creation-Date: 2024-05-15 19:49+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -92,11 +92,11 @@ msgstr "Unkown error."
 msgid "submission.error.failedstructurecheck"
 msgstr "The zip file doesn't have the right structure."
 
-#: serializers/checks_serializer.py:49 tests/test_project.py:494
+#: serializers/checks_serializer.py:49 tests/test_project.py:495
 msgid "project.error.structure_checks.already_existing"
 msgstr "The structure check is already present in the project."
 
-#: serializers/checks_serializer.py:65 tests/test_project.py:528
+#: serializers/checks_serializer.py:65 tests/test_project.py:529
 msgid "project.error.structure_checks.extension_blocked_and_obligated"
 msgstr "An extension can't be blocked and obligated at the same time."
 
@@ -112,71 +112,71 @@ msgstr "The field 'time_limit' has to be between 10 and 1000."
 msgid "extra_check.error.memory_limit"
 msgstr "The field 'memory_limit' has to be between 100 and 1024."
 
-#: serializers/course_serializer.py:136
-msgid "courses.error.invitation_link"
-msgstr "The invitation link is not unique, please try again."
-
-#: serializers/course_serializer.py:143 serializers/course_serializer.py:158
-#: serializers/course_serializer.py:177 serializers/course_serializer.py:196
-#: serializers/course_serializer.py:215
+#: serializers/course_serializer.py:136 serializers/course_serializer.py:151
+#: serializers/course_serializer.py:170 serializers/course_serializer.py:189
+#: serializers/course_serializer.py:208
 msgid "courses.error.context"
 msgstr "The course is not supplied in the context."
 
-#: serializers/course_serializer.py:164 tests/test_locale.py:28
+#: serializers/course_serializer.py:157 tests/test_locale.py:28
 #: tests/test_locale.py:38
 msgid "courses.error.students.already_present"
 msgstr "The student is already present in the course."
 
-#: serializers/course_serializer.py:168 serializers/course_serializer.py:187
-#: serializers/course_serializer.py:206 serializers/course_serializer.py:225
+#: serializers/course_serializer.py:161 serializers/course_serializer.py:180
+#: serializers/course_serializer.py:199 serializers/course_serializer.py:218
 msgid "courses.error.past_course"
 msgstr "The course is from a past year, thus cannot be manipulated."
 
-#: serializers/course_serializer.py:183
+#: serializers/course_serializer.py:176
 msgid "courses.error.students.not_present"
 msgstr "The student is not present in the course."
 
-#: serializers/course_serializer.py:202
+#: serializers/course_serializer.py:195
 msgid "courses.error.teachers.already_present"
 msgstr "The teacher is already present in the course."
 
-#: serializers/course_serializer.py:221
+#: serializers/course_serializer.py:214
 msgid "courses.error.teachers.not_present"
 msgstr "The teacher is not present in the course."
 
-#: serializers/course_serializer.py:229
+#: serializers/course_serializer.py:222
 msgid "courses.error.teachers.last_teacher"
 msgstr "The course must have at least one teacher."
 
-#: serializers/docker_serializer.py:19
+#: serializers/docker_serializer.py:18
+msgid "docker.errors.no_staff"
+msgstr "User is not allowed to assign othher owners than himself to the image."
+
+#: serializers/docker_serializer.py:31
 msgid "docker.errors.custom"
 msgstr "User is not allowed to create public images"
 
-#: serializers/group_serializer.py:49
+#: serializers/group_serializer.py:56
 msgid "group.errors.score_exceeds_max"
 msgstr "The score exceeds the group's max score."
 
-#: serializers/group_serializer.py:59 serializers/group_serializer.py:89
+#: serializers/group_serializer.py:66 serializers/group_serializer.py:96
 msgid "group.error.context"
 msgstr "The group is not supplied in the context."
 
-#: serializers/group_serializer.py:67 serializers/group_serializer.py:101
+#: serializers/group_serializer.py:74 serializers/group_serializer.py:108
 msgid "group.errors.locked"
 msgstr "The group is currently locked."
 
-#: serializers/group_serializer.py:71
+#: serializers/group_serializer.py:78
 msgid "group.errors.full"
 msgstr "The group is already full."
 
-#: serializers/group_serializer.py:75
+#: serializers/group_serializer.py:82
 msgid "group.errors.not_in_course"
 msgstr "The student is not present in the related course."
 
-#: serializers/group_serializer.py:79
+#: serializers/group_serializer.py:86
 msgid "group.errors.already_in_group"
 msgstr "The student is already in the group."
 
-#: serializers/group_serializer.py:97
+#: serializers/group_serializer.py:104
 msgid "group.errors.not_present"
 msgstr "The student is currently not in the group."
 
@@ -188,31 +188,31 @@ msgstr "Error while parsing the provided zip."
 msgid "project.errors.context"
 msgstr "The project is not supplied in the context."
 
-#: serializers/project_serializer.py:85
+#: serializers/project_serializer.py:86
 msgid "project.errors.start_date_in_past"
 msgstr "The start date of the project lies in the past."
 
-#: serializers/project_serializer.py:99
+#: serializers/project_serializer.py:100
 msgid "project.errors.deadline_before_start_date"
 msgstr "The deadline of the project lies before the start date of the project."
 
-#: serializers/project_serializer.py:132
+#: serializers/project_serializer.py:142
 msgid "project.errors.zip_structure"
 msgstr "Error while parsing the provided zip."
 
-#: serializers/submission_serializer.py:67 tests/test_submission.py:330
+#: serializers/submission_serializer.py:96 tests/test_submission.py:275
 msgid "project.error.submissions.past_project"
 msgstr "The deadline of the project has already passed."
 
-#: serializers/submission_serializer.py:70 tests/test_submission.py:401
+#: serializers/submission_serializer.py:99 tests/test_submission.py:346
 msgid "project.error.submissions.non_visible_project"
 msgstr "The project is currently in a non-visible state."
 
-#: serializers/submission_serializer.py:73 tests/test_submission.py:431
+#: serializers/submission_serializer.py:102 tests/test_submission.py:376
 msgid "project.error.submissions.archived_project"
 msgstr "The project is archived."
 
-#: serializers/submission_serializer.py:76
+#: serializers/submission_serializer.py:105
 msgid "project.error.submissions.no_files"
 msgstr "The submission is empty."
 
@@ -280,10 +280,10 @@ msgstr "The student was successfully added."
 msgid "students.success.destroy"
 msgstr "The student was successfully destroyed."
 
-#: views/submission_view.py:28
+#: views/submission_view.py:29
 msgid "submission.download.zip"
 msgstr "No zip file available."
 
-#: views/submission_view.py:49
+#: views/submission_view.py:50
 msgid "extra_check_result.download.log"
 msgstr "No log file available."
diff --git a/backend/api/locale/nl/LC_MESSAGES/django.po b/backend/api/locale/nl/LC_MESSAGES/django.po
index b89c1041..648e58f9 100755
--- a/backend/api/locale/nl/LC_MESSAGES/django.po
+++ b/backend/api/locale/nl/LC_MESSAGES/django.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-05-11 18:26+0200\n"
+"POT-Creation-Date: 2024-05-15 19:49+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -92,11 +92,11 @@ msgstr "Onbekende fout."
 msgid "submission.error.failedstructurecheck"
 msgstr "De ingediende zip file heeft niet de juiste structuur."
 
-#: serializers/checks_serializer.py:49 tests/test_project.py:494
+#: serializers/checks_serializer.py:49 tests/test_project.py:495
 msgid "project.error.structure_checks.already_existing"
 msgstr "De structuur check was al aanwezig."
 
-#: serializers/checks_serializer.py:65 tests/test_project.py:528
+#: serializers/checks_serializer.py:65 tests/test_project.py:529
 msgid "project.error.structure_checks.extension_blocked_and_obligated"
 msgstr "Een extensie kan niet geblokkeerd en vereist zijn tegelijkertijd."
 
@@ -112,72 +112,72 @@ msgstr "Het veld 'time_limit' moet tussen 10 en 1000 liggen."
 msgid "extra_check.error.memory_limit"
 msgstr "Het veld 'memory_limit' moet tussen 100 en 1024 liggen."
 
-#: serializers/course_serializer.py:136
-msgid "courses.error.invitation_link"
-msgstr "De uitnodigingslink is niet uniek, probeer het opnieuw."
-
-#: serializers/course_serializer.py:143 serializers/course_serializer.py:158
-#: serializers/course_serializer.py:177 serializers/course_serializer.py:196
-#: serializers/course_serializer.py:215
+#: serializers/course_serializer.py:136 serializers/course_serializer.py:151
+#: serializers/course_serializer.py:170 serializers/course_serializer.py:189
+#: serializers/course_serializer.py:208
 msgid "courses.error.context"
 msgstr "De opleiding is niet meegeleverd als context."
 
-#: serializers/course_serializer.py:164 tests/test_locale.py:28
+#: serializers/course_serializer.py:157 tests/test_locale.py:28
 #: tests/test_locale.py:38
 msgid "courses.error.students.already_present"
 msgstr "De student bevindt zich al in de opleiding."
 
-#: serializers/course_serializer.py:168 serializers/course_serializer.py:187
-#: serializers/course_serializer.py:206 serializers/course_serializer.py:225
+#: serializers/course_serializer.py:161 serializers/course_serializer.py:180
+#: serializers/course_serializer.py:199 serializers/course_serializer.py:218
 msgid "courses.error.past_course"
 msgstr "De opleiding die men probeert te manipuleren is van een vorig jaar."
 
-#: serializers/course_serializer.py:183
+#: serializers/course_serializer.py:176
 msgid "courses.error.students.not_present"
 msgstr "De student bevindt zich niet in de opleiding."
 
-#: serializers/course_serializer.py:202
+#: serializers/course_serializer.py:195
 msgid "courses.error.teachers.already_present"
 msgstr "De lesgever bevindt zich al in de opleiding."
 
-#: serializers/course_serializer.py:221
+#: serializers/course_serializer.py:214
 msgid "courses.error.teachers.not_present"
 msgstr "De lesgever bevindt zich niet in de opleiding."
 
-#: serializers/course_serializer.py:229
+#: serializers/course_serializer.py:222
 msgid "courses.error.teachers.last_teacher"
 msgstr "De opleiding moet minstens één lesgever hebben."
 
-#: serializers/docker_serializer.py:19
+#: serializers/docker_serializer.py:18
+msgid "docker.errors.no_staff"
+msgstr "Gebruiker is alleen toegelaten om zichzelf als eigenaar op te geven"
+
+#: serializers/docker_serializer.py:31
 msgid "docker.errors.custom"
 msgstr "Gebruiker is niet toegelaten om publieke afbeeldingen te maken"
 
-#: serializers/group_serializer.py:49
+#: serializers/group_serializer.py:56
 msgid "group.errors.score_exceeds_max"
 msgstr "De score van de groep is groter dan de maximum score."
 
-#: serializers/group_serializer.py:59 serializers/group_serializer.py:89
+#: serializers/group_serializer.py:66 serializers/group_serializer.py:96
 msgid "group.error.context"
 msgstr "De groep is niet meegegeven als context waar dat nodig is."
 
-#: serializers/group_serializer.py:67 serializers/group_serializer.py:101
+#: serializers/group_serializer.py:74 serializers/group_serializer.py:108
 msgid "group.errors.locked"
 msgstr "De groep is momenteel vergrendeld."
 
-#: serializers/group_serializer.py:71
+#: serializers/group_serializer.py:78
 msgid "group.errors.full"
 msgstr "De groep is al vol."
 
-#: serializers/group_serializer.py:75
+#: serializers/group_serializer.py:82
 msgid "group.errors.not_in_course"
 msgstr ""
 "De student bevindt zich niet in de opleiding waartoe het project hoort."
 
-#: serializers/group_serializer.py:79
+#: serializers/group_serializer.py:86
 msgid "group.errors.already_in_group"
 msgstr "De student bevindt zich al in de groep."
 
-#: serializers/group_serializer.py:97
+#: serializers/group_serializer.py:104
 msgid "group.errors.not_present"
 msgstr "De student bevindt zich niet in de groep."
 
@@ -189,31 +189,31 @@ msgstr "Error tijdens de zip te overlopen."
 msgid "project.errors.context"
 msgstr "Het project is niet meegegeven als context waar dat nodig is."
 
-#: serializers/project_serializer.py:85
+#: serializers/project_serializer.py:86
 msgid "project.errors.start_date_in_past"
 msgstr "De startdatum van het project ligt in het verleden."
 
-#: serializers/project_serializer.py:99
+#: serializers/project_serializer.py:100
 msgid "project.errors.deadline_before_start_date"
 msgstr "De uiterste inleverdatum voor het project ligt voor de startdatum."
 
-#: serializers/project_serializer.py:132
+#: serializers/project_serializer.py:142
 msgid "project.errors.zip_structure"
 msgstr "Error tijdens de zip te overlopen."
 
-#: serializers/submission_serializer.py:67 tests/test_submission.py:330
+#: serializers/submission_serializer.py:96 tests/test_submission.py:275
 msgid "project.error.submissions.past_project"
 msgstr "De uiterste inleverdatum voor het project is gepasseerd."
 
-#: serializers/submission_serializer.py:70 tests/test_submission.py:401
+#: serializers/submission_serializer.py:99 tests/test_submission.py:346
 msgid "project.error.submissions.non_visible_project"
 msgstr "Het project is niet zichtbaar."
 
-#: serializers/submission_serializer.py:73 tests/test_submission.py:431
+#: serializers/submission_serializer.py:102 tests/test_submission.py:376
 msgid "project.error.submissions.archived_project"
 msgstr "Het project is gearchiveerd."
 
-#: serializers/submission_serializer.py:76
+#: serializers/submission_serializer.py:105
 msgid "project.error.submissions.no_files"
 msgstr "De indiening is leeg"
 
@@ -281,10 +281,10 @@ msgstr "De student is successvol toegevoegd."
 msgid "students.success.destroy"
 msgstr "De student is successvol verwijderd."
 
-#: views/submission_view.py:28
+#: views/submission_view.py:29
 msgid "submission.download.zip"
 msgstr "Geen zip bestand beschikbaar."
 
-#: views/submission_view.py:49
+#: views/submission_view.py:50
 msgid "extra_check_result.download.log"
 msgstr "Geen log bestand beschikbaar."
diff --git a/backend/api/serializers/docker_serializer.py b/backend/api/serializers/docker_serializer.py
index dc1f2a66..6eafef00 100644
--- a/backend/api/serializers/docker_serializer.py
+++ b/backend/api/serializers/docker_serializer.py
@@ -13,12 +13,21 @@ class Meta:
     def validate(self, attrs):
         data = super().validate(attrs=attrs)
 
-        if not self.partial:
-            data["owner"] = self.context["request"].user
-        elif "owner" not in data:
-            data["owner"] = self.instance.owner
+        if "owner" in data and data["owner"] != self.context["request"].user and not self.context["request"].user.is_staff:
+            # Only allow staff to set the owner of an image to someone else
+            raise ValidationError(_("docker.errors.no_staff"))
+
+        if "owner" not in data:
+            # Add the owner data if not present
+            if not self.partial:
+                # If it's created assign the user who made the request
+                data["owner"] = self.context["request"].user
+            else:
+                # Else use the pre exisiting owner
+                data["owner"] = self.instance.owner
 
         if "public" in data and data["public"] and not data["owner"].is_staff:
+            # Only allow staff to have public images
             raise ValidationError(_("docker.errors.custom"))
 
         return data