fix: 🐛 prevent taking over container from admin

backend/pilotwings.py

@@ -72,6 +72,7 @@ def create_or_update_container(
     request_body: ContainerRequest,
     credentials: Annotated[HTTPBasicCredentials, Depends(security)],
 ) -> SerializedContainer:
+    owner = None
     networks = client.networks.list(names=["pilotwings"])
 
     if not networks:
@@ -80,25 +81,25 @@ def create_or_update_container(
     client.images.pull(request_body.image)
 
     try:
+        container = select_container(container_name, credentials)
+        owner = container.labels.get("owner")
         delete_container(container_name, credentials)
     except HTTPException:
         pass
 
-    container = serialize_container(
+    container = client.containers.run(
-        client.containers.run(
+        request_body.image,
-            request_body.image,
+        detach=True,
-            detach=True,
+        environment=request_body.environment,
-            environment=request_body.environment,
+        labels={"engine": "pilotwings", "owner": owner or credentials.username},
-            labels={"engine": "pilotwings", "owner": credentials.username},
+        name=container_name,
-            name=container_name,
+        network="pilotwings",
-            network="pilotwings",
+        restart_policy={"Name": "always"},
-            restart_policy={"Name": "always"},
-        )
     )
 
     client.images.prune({"dangling": True})
 
-    return container
+    return serialize_container(container)
 
 
 @app.post("/api/container/{container_name}/pull")