2013-09-23 16:37:40 +00:00
|
|
|
import logging
|
|
|
|
|
|
|
|
from flask import request, make_response, jsonify, abort
|
|
|
|
from flask.ext.login import login_required, current_user
|
|
|
|
from functools import wraps
|
|
|
|
|
2013-09-25 16:45:12 +00:00
|
|
|
from data import model
|
2013-09-23 16:37:40 +00:00
|
|
|
from app import app
|
2013-09-25 20:46:28 +00:00
|
|
|
from util.names import parse_repository_name
|
2013-09-26 21:59:20 +00:00
|
|
|
from auth.permissions import (ReadRepositoryPermission,
|
2013-09-27 17:24:07 +00:00
|
|
|
ModifyRepositoryPermission,
|
|
|
|
AdministerRepositoryPermission)
|
2013-09-23 16:37:40 +00:00
|
|
|
|
|
|
|
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
|
|
|
|
|
|
@app.route('/api/')
|
|
|
|
def welcome():
|
|
|
|
return make_response('welcome', 200)
|
|
|
|
|
|
|
|
|
2013-09-26 23:59:58 +00:00
|
|
|
@app.route('/api/user/')
|
|
|
|
@login_required
|
|
|
|
def get_logged_in_user():
|
|
|
|
user = current_user.db_user
|
|
|
|
return jsonify({
|
|
|
|
'verified': user.verified,
|
|
|
|
'anonymous': False,
|
|
|
|
'username': user.username,
|
|
|
|
'email': user.email,
|
|
|
|
})
|
|
|
|
|
|
|
|
|
2013-09-23 16:37:40 +00:00
|
|
|
@app.route('/api/repository/', methods=['POST'])
|
|
|
|
@login_required
|
|
|
|
def create_repo_api():
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
2013-09-26 21:59:20 +00:00
|
|
|
|
2013-09-23 16:37:40 +00:00
|
|
|
@app.route('/api/repository/', methods=['GET'])
|
|
|
|
@login_required
|
|
|
|
def list_repos_api():
|
|
|
|
def repo_view(repo_perm):
|
|
|
|
return {
|
|
|
|
'namespace': repo_perm.repository.namespace,
|
|
|
|
'name': repo_perm.repository.name,
|
|
|
|
'role': repo_perm.role.name,
|
|
|
|
}
|
|
|
|
|
2013-09-25 20:46:28 +00:00
|
|
|
repos = [repo_view(repo)
|
2013-09-24 22:38:58 +00:00
|
|
|
for repo in model.get_user_repositories(current_user.db_user)]
|
2013-09-23 16:37:40 +00:00
|
|
|
response = {
|
|
|
|
'repositories': repos
|
|
|
|
}
|
|
|
|
|
|
|
|
return jsonify(response)
|
|
|
|
|
|
|
|
|
|
|
|
@app.route('/api/repository/<path:repository>', methods=['PUT'])
|
|
|
|
@login_required
|
|
|
|
@parse_repository_name
|
|
|
|
def update_repo_api(namespace, repository):
|
2013-09-26 21:59:20 +00:00
|
|
|
permission = ModifyRepositoryPermission(namespace, repository)
|
|
|
|
if permission.can():
|
|
|
|
repo = model.get_repository(namespace, repository)
|
|
|
|
if repo:
|
|
|
|
values = request.get_json()
|
|
|
|
repo.description = values['description']
|
|
|
|
repo.save()
|
|
|
|
return jsonify({
|
|
|
|
'success': True
|
|
|
|
})
|
|
|
|
|
|
|
|
abort(404)
|
2013-09-23 16:37:40 +00:00
|
|
|
|
|
|
|
|
|
|
|
@app.route('/api/repository/<path:repository>', methods=['GET'])
|
|
|
|
@login_required
|
|
|
|
@parse_repository_name
|
|
|
|
def get_repo_api(namespace, repository):
|
2013-09-27 18:56:14 +00:00
|
|
|
logger.debug('Get repo: %s/%s' % (namespace, repository))
|
2013-09-26 21:59:20 +00:00
|
|
|
def image_view(image):
|
|
|
|
return {
|
|
|
|
'id': image.image_id,
|
|
|
|
'created': image.created,
|
2013-09-27 17:24:07 +00:00
|
|
|
'comment': image.comment,
|
2013-09-26 21:59:20 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
def tag_view(tag):
|
|
|
|
image = model.get_tag_image(namespace, repository, tag.name)
|
|
|
|
if not image:
|
|
|
|
return {}
|
|
|
|
|
|
|
|
return {
|
|
|
|
'name': tag.name,
|
2013-09-27 17:24:07 +00:00
|
|
|
'image': image_view(image),
|
2013-09-26 21:59:20 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
permission = ReadRepositoryPermission(namespace, repository)
|
|
|
|
if permission.can():
|
|
|
|
repo = model.get_repository(namespace, repository)
|
|
|
|
if repo:
|
|
|
|
tags = model.list_repository_tags(namespace, repository)
|
2013-09-27 17:24:07 +00:00
|
|
|
tag_dict = {tag.name: tag_view(tag) for tag in tags}
|
|
|
|
can_write = ModifyRepositoryPermission(namespace, repository).can()
|
2013-09-27 18:56:14 +00:00
|
|
|
can_admin = AdministerRepositoryPermission(namespace, repository).can()
|
2013-09-27 17:24:07 +00:00
|
|
|
return jsonify({
|
|
|
|
'namespace': namespace,
|
|
|
|
'name': repository,
|
|
|
|
'description': repo.description,
|
|
|
|
'tags': tag_dict,
|
|
|
|
'can_write': can_write,
|
2013-09-27 18:56:14 +00:00
|
|
|
'can_admin': can_admin,
|
2013-09-27 17:24:07 +00:00
|
|
|
})
|
2013-09-26 21:59:20 +00:00
|
|
|
|
2013-09-27 17:24:07 +00:00
|
|
|
abort(404) # Not fount
|
|
|
|
abort(403) # Permission denied
|
|
|
|
|
|
|
|
|
2013-09-27 18:56:14 +00:00
|
|
|
def role_view(repo_perm_obj):
|
|
|
|
return {
|
|
|
|
'role': repo_perm_obj.role.name
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2013-09-27 17:24:07 +00:00
|
|
|
@app.route('/api/repository/<path:repository>/permissions/', methods=['GET'])
|
|
|
|
@login_required
|
|
|
|
@parse_repository_name
|
|
|
|
def list_repo_permissions(namespace, repository):
|
|
|
|
permission = AdministerRepositoryPermission(namespace, repository)
|
|
|
|
if permission.can():
|
|
|
|
repo_perms = model.get_all_repo_users(namespace, repository)
|
|
|
|
|
|
|
|
return jsonify({
|
2013-09-27 18:56:14 +00:00
|
|
|
'permissions': {repo_perm.user.username: role_view(repo_perm)
|
2013-09-27 17:24:07 +00:00
|
|
|
for repo_perm in repo_perms}
|
|
|
|
})
|
|
|
|
|
|
|
|
abort(403) # Permission denied
|
|
|
|
|
2013-09-27 18:56:14 +00:00
|
|
|
|
|
|
|
@app.route('/api/repository/<path:repository>/permissions/<username>',
|
|
|
|
methods=['GET'])
|
|
|
|
@login_required
|
|
|
|
@parse_repository_name
|
|
|
|
def get_permissions(namespace, repository, username):
|
|
|
|
logger.debug('Get repo: %s/%s permissions for user %s' %
|
|
|
|
(namespace, repository, username))
|
|
|
|
permission = AdministerRepositoryPermission(namespace, repository)
|
|
|
|
if permission.can():
|
|
|
|
user = current_user.db_user
|
|
|
|
perm = model.get_user_reponame_permission(user, namespace, repository)
|
|
|
|
return jsonify(role_view(perm))
|
|
|
|
|
|
|
|
abort(403) # Permission denied
|
|
|
|
|
|
|
|
|
2013-09-27 17:24:07 +00:00
|
|
|
@app.route('/api/repository/<path:repository>/permissions/<username>',
|
2013-09-27 18:56:14 +00:00
|
|
|
methods=['PUT', 'POST'])
|
2013-09-27 17:24:07 +00:00
|
|
|
@login_required
|
|
|
|
@parse_repository_name
|
|
|
|
def change_permissions(namespace, repository, username):
|
|
|
|
permission = AdministerRepositoryPermission(namespace, repository)
|
|
|
|
if permission.can():
|
|
|
|
new_permission = request.get_json()
|
|
|
|
|
2013-09-27 18:56:14 +00:00
|
|
|
user = current_user.db_user
|
|
|
|
logger.debug('Setting permission to: %s for user %s' %
|
|
|
|
(new_permission['role'], username))
|
|
|
|
perm = model.set_user_repo_permission(user, namespace, repository,
|
|
|
|
new_permission['role'])
|
|
|
|
|
|
|
|
resp = jsonify(role_view(perm))
|
|
|
|
if request.method == 'POST':
|
|
|
|
resp.status_code = 201
|
|
|
|
return resp
|
|
|
|
|
|
|
|
abort(403) # Permission denied
|
|
|
|
|
|
|
|
@app.route('/api/repository/<path:repository>/permissions/<username>',
|
|
|
|
methods=['DELETE'])
|
|
|
|
@login_required
|
|
|
|
@parse_repository_name
|
|
|
|
def delete_permissions(namespace, repository, username):
|
|
|
|
permission = AdministerRepositoryPermission(namespace, repository)
|
|
|
|
if permission.can():
|
|
|
|
model.delete_user_permission(current_user.db_user, namespace, repository)
|
|
|
|
return make_response('Deleted', 204)
|
2013-09-27 17:24:07 +00:00
|
|
|
|
2013-09-27 18:56:14 +00:00
|
|
|
abort(403) # Permission denied
|