2015-05-19 21:52:44 +00:00
|
|
|
""" Various decorators for endpoint and API handlers. """
|
|
|
|
|
2018-12-05 20:19:37 +00:00
|
|
|
import os
|
2018-01-29 19:52:50 +00:00
|
|
|
import logging
|
|
|
|
|
2017-03-23 03:41:31 +00:00
|
|
|
from functools import wraps
|
2017-07-20 15:41:19 +00:00
|
|
|
from flask import abort, request, make_response
|
2017-03-23 03:41:31 +00:00
|
|
|
|
|
|
|
import features
|
2017-07-20 15:31:22 +00:00
|
|
|
|
2018-12-05 20:19:37 +00:00
|
|
|
from app import app, ip_resolver, model_cache
|
2018-01-05 21:27:03 +00:00
|
|
|
from auth.auth_context import get_authenticated_context
|
2018-12-05 20:19:37 +00:00
|
|
|
from data.registry_model import registry_model
|
2018-05-01 10:26:24 +00:00
|
|
|
from util.names import parse_namespace_repository, ImplicitLibraryNamespaceNotAllowed
|
2018-01-29 19:52:50 +00:00
|
|
|
from util.http import abort
|
|
|
|
|
|
|
|
logger = logging.getLogger(__name__)
|
2017-07-20 15:31:22 +00:00
|
|
|
|
|
|
|
|
|
|
|
def parse_repository_name(include_tag=False,
|
|
|
|
ns_kwarg_name='namespace_name',
|
|
|
|
repo_kwarg_name='repo_name',
|
|
|
|
tag_kwarg_name='tag_name',
|
|
|
|
incoming_repo_kwarg='repository'):
|
|
|
|
""" Decorator which parses the repository name found in the incoming_repo_kwarg argument,
|
|
|
|
and applies its pieces to the decorated function.
|
|
|
|
"""
|
|
|
|
def inner(func):
|
|
|
|
@wraps(func)
|
|
|
|
def wrapper(*args, **kwargs):
|
2018-05-01 10:26:24 +00:00
|
|
|
try:
|
|
|
|
repo_name_components = parse_namespace_repository(kwargs[incoming_repo_kwarg],
|
|
|
|
app.config['LIBRARY_NAMESPACE'],
|
|
|
|
include_tag=include_tag,
|
|
|
|
allow_library=features.LIBRARY_SUPPORT)
|
|
|
|
except ImplicitLibraryNamespaceNotAllowed:
|
2018-07-08 08:45:33 +00:00
|
|
|
abort(400, message='A namespace must be specified explicitly')
|
2018-05-01 10:26:24 +00:00
|
|
|
|
2017-07-20 15:31:22 +00:00
|
|
|
del kwargs[incoming_repo_kwarg]
|
|
|
|
kwargs[ns_kwarg_name] = repo_name_components[0]
|
|
|
|
kwargs[repo_kwarg_name] = repo_name_components[1]
|
|
|
|
if include_tag:
|
|
|
|
kwargs[tag_kwarg_name] = repo_name_components[2]
|
|
|
|
return func(*args, **kwargs)
|
|
|
|
return wrapper
|
|
|
|
return inner
|
2017-03-23 03:41:31 +00:00
|
|
|
|
|
|
|
|
2017-07-20 15:41:19 +00:00
|
|
|
def param_required(param_name, allow_body=False):
|
|
|
|
""" Marks a route as requiring a parameter with the given name to exist in the request's arguments
|
|
|
|
or (if allow_body=True) in its body values. If the parameter is not present, the request will
|
|
|
|
fail with a 400.
|
|
|
|
"""
|
|
|
|
def wrapper(wrapped):
|
|
|
|
@wraps(wrapped)
|
|
|
|
def decorated(*args, **kwargs):
|
|
|
|
if param_name not in request.args:
|
|
|
|
if not allow_body or param_name not in request.values:
|
2018-07-08 08:45:33 +00:00
|
|
|
abort(400, message='Required param: %s' % param_name)
|
2017-07-20 15:41:19 +00:00
|
|
|
return wrapped(*args, **kwargs)
|
|
|
|
return decorated
|
|
|
|
return wrapper
|
|
|
|
|
|
|
|
|
2015-05-19 21:52:44 +00:00
|
|
|
def anon_allowed(func):
|
|
|
|
""" Marks a method to allow anonymous access where it would otherwise be disallowed. """
|
|
|
|
func.__anon_allowed = True
|
|
|
|
return func
|
|
|
|
|
|
|
|
|
|
|
|
def anon_protect(func):
|
|
|
|
""" Marks a method as requiring some form of valid user auth before it can be executed. """
|
2015-06-02 19:56:44 +00:00
|
|
|
func.__anon_protected = True
|
|
|
|
return check_anon_protection(func)
|
|
|
|
|
|
|
|
|
|
|
|
def check_anon_protection(func):
|
|
|
|
""" Validates a method as requiring some form of valid user auth before it can be executed. """
|
2017-07-20 15:08:24 +00:00
|
|
|
|
2015-05-19 21:52:44 +00:00
|
|
|
@wraps(func)
|
|
|
|
def wrapper(*args, **kwargs):
|
|
|
|
# Skip if anonymous access is allowed.
|
|
|
|
if features.ANONYMOUS_ACCESS or '__anon_allowed' in dir(func):
|
|
|
|
return func(*args, **kwargs)
|
|
|
|
|
|
|
|
# Check for validated context. If none exists, fail with a 401.
|
2018-01-05 21:27:03 +00:00
|
|
|
if get_authenticated_context() and not get_authenticated_context().is_anonymous:
|
2015-05-19 21:52:44 +00:00
|
|
|
return func(*args, **kwargs)
|
|
|
|
|
2018-07-08 08:45:33 +00:00
|
|
|
abort(401, message='Anonymous access is not allowed')
|
2017-07-20 15:08:24 +00:00
|
|
|
|
2015-05-26 20:48:59 +00:00
|
|
|
return wrapper
|
2017-07-20 15:07:31 +00:00
|
|
|
|
|
|
|
|
|
|
|
def route_show_if(value):
|
|
|
|
""" Adds/shows the decorated route if the given value is True. """
|
2017-07-20 15:08:24 +00:00
|
|
|
|
2017-07-20 15:07:31 +00:00
|
|
|
def decorator(f):
|
|
|
|
@wraps(f)
|
|
|
|
def decorated_function(*args, **kwargs):
|
|
|
|
if not value:
|
|
|
|
abort(404)
|
|
|
|
|
|
|
|
return f(*args, **kwargs)
|
|
|
|
return decorated_function
|
|
|
|
return decorator
|
2018-01-29 19:52:50 +00:00
|
|
|
|
|
|
|
|
|
|
|
def require_xhr_from_browser(func):
|
|
|
|
""" Requires that API GET calls made from browsers are made via XHR, in order to prevent
|
|
|
|
reflected text attacks.
|
|
|
|
"""
|
|
|
|
|
|
|
|
@wraps(func)
|
|
|
|
def wrapper(*args, **kwargs):
|
|
|
|
if app.config.get('BROWSER_API_CALLS_XHR_ONLY', False):
|
|
|
|
if request.method == 'GET' and request.user_agent.browser:
|
|
|
|
has_xhr_header = request.headers.get('X-Requested-With') == 'XMLHttpRequest'
|
2018-05-18 16:54:38 +00:00
|
|
|
if not has_xhr_header and not app.config.get('DEBUGGING') == True:
|
2018-01-29 19:52:50 +00:00
|
|
|
logger.warning('Disallowed possible RTA to URL %s with user agent %s',
|
2018-05-18 16:54:38 +00:00
|
|
|
request.path, request.user_agent)
|
2018-07-08 08:45:33 +00:00
|
|
|
abort(400, message='API calls must be invoked with an X-Requested-With header ' +
|
|
|
|
'if called from a browser')
|
2018-01-29 19:52:50 +00:00
|
|
|
|
|
|
|
return func(*args, **kwargs)
|
|
|
|
return wrapper
|
2018-12-05 20:19:37 +00:00
|
|
|
|
|
|
|
|
|
|
|
def check_region_blacklisted(error_class=None, namespace_name_kwarg=None):
|
|
|
|
""" Decorator which checks if the incoming request is from a region geo IP blocked
|
|
|
|
for the current namespace. The first argument to the wrapped function must be
|
|
|
|
the namespace name.
|
|
|
|
"""
|
|
|
|
def wrapper(wrapped):
|
|
|
|
@wraps(wrapped)
|
|
|
|
def decorated(*args, **kwargs):
|
|
|
|
if namespace_name_kwarg:
|
|
|
|
namespace_name = kwargs[namespace_name_kwarg]
|
|
|
|
else:
|
|
|
|
namespace_name = args[0]
|
|
|
|
|
|
|
|
region_blacklist = registry_model.get_cached_namespace_region_blacklist(model_cache,
|
|
|
|
namespace_name)
|
|
|
|
if region_blacklist:
|
|
|
|
# Resolve the IP information and block if on the namespace's blacklist.
|
|
|
|
remote_addr = request.remote_addr
|
|
|
|
if os.getenv('TEST', 'false').lower() == 'true':
|
|
|
|
remote_addr = request.headers.get('X-Override-Remote-Addr-For-Testing', remote_addr)
|
|
|
|
|
|
|
|
resolved_ip_info = ip_resolver.resolve_ip(remote_addr)
|
|
|
|
logger.debug('Resolved IP information for IP %s: %s', remote_addr, resolved_ip_info)
|
|
|
|
|
|
|
|
if (resolved_ip_info and
|
|
|
|
resolved_ip_info.country_iso_code and
|
|
|
|
resolved_ip_info.country_iso_code in region_blacklist):
|
|
|
|
if error_class:
|
|
|
|
raise error_class()
|
|
|
|
|
|
|
|
abort(403, 'Pulls of this data have been restricted geographically')
|
|
|
|
|
|
|
|
return wrapped(*args, **kwargs)
|
|
|
|
return decorated
|
|
|
|
return wrapper
|