quay/endpoints/api.py

import logging

from flask import request, make_response, jsonify, abort
from flask.ext.login import login_required, current_user
from functools import wraps

from data import model
from app import app
from util.email import send_confirmation_email
from util.names import parse_repository_name
from util.gravatar import compute_hash
from auth.permissions import (ReadRepositoryPermission,
                              ModifyRepositoryPermission,
                              AdministerRepositoryPermission)
from endpoints import registry


logger = logging.getLogger(__name__)


def api_login_required(f):
  @wraps(f)
  def decorated_view(*args, **kwargs):
    if not current_user.is_authenticated():
      abort(401)
    return f(*args, **kwargs)
  return decorated_view


@app.errorhandler(model.DataModelException)
def handle_dme(ex):
  return make_response(ex.message, 400)


@app.route('/api/')
def welcome():
  return make_response('welcome', 200)


@app.route('/api/user/', methods=['GET'])
def get_logged_in_user():
  if current_user.is_anonymous():
    return jsonify({'anonymous': True})

  user = current_user.db_user
  return jsonify({
    'verified': user.verified,
    'anonymous': False,
    'username': user.username,
    'email': user.email,
    'gravatar': compute_hash(user.email),
  })


@app.route('/api/user/', methods=['POST'])
def create_user_api():
  user_data = request.get_json()
  try:
    new_user = model.create_user(user_data['username'], user_data['password'],
                                 user_data['email'])
    code = model.create_confirm_email_code(new_user)
    send_confirmation_email(new_user.username, new_user.email, code.code)
    return make_response('Created', 201)
  except model.DataModelException as ex:
    error_resp = jsonify({
      'message': ex.message,
    })
    error_resp.status_code = 400
    return error_resp


@app.route('/api/users/<prefix>', methods=['GET'])
@api_login_required
def get_matching_users(prefix):
  users = model.get_matching_users(prefix)

  return jsonify({
    'users': [user.username for user in users]
  })


@app.route('/api/repository/', methods=['POST'])
@api_login_required
def create_repo_api():
  pass


@app.route('/api/find/repository', methods=['GET'])
def match_repos_api():
  prefix = request.args.get('query', '')
  def repo_view(repo):
    return {
      'namespace': repo.namespace,
      'name': repo.name,
      'description': repo.description
    }

  username = current_user.db_user.username if current_user.is_authenticated() else None
  matching = model.get_matching_repositories(prefix, username)
  response = {
    'repositories': [repo_view(repo) for repo in matching]
  }

  return jsonify(response)


@app.route('/api/repository/', methods=['GET'])
def list_repos_api():
  def repo_view(repo_obj):
    return {
      'namespace': repo_obj.namespace,
      'name': repo_obj.name,
      'description': repo_obj.description,
    }

  username = current_user.db_user.username if current_user.is_authenticated() else None
  repos = [repo_view(repo)
           for repo in model.get_visible_repositories(username)]
  response = {
    'repositories': repos
  }

  return jsonify(response)


@app.route('/api/repository/<path:repository>', methods=['PUT'])
@api_login_required
@parse_repository_name
def update_repo_api(namespace, repository):
  permission = ModifyRepositoryPermission(namespace, repository)
  if permission.can():
    repo = model.get_repository(namespace, repository)
    if repo:
      values = request.get_json()
      repo.description = values['description']
      repo.save()
      return jsonify({
          'success': True
      })

  abort(404)


@app.route('/api/repository/<path:repository>/changevisibility', methods=['POST'])
@api_login_required
@parse_repository_name
def change_repo_visibility_api(namespace, repository):
  permission = AdministerRepositoryPermission(namespace, repository)
  if permission.can():
    repo = model.get_repository(namespace, repository)
    if repo:
      values = request.get_json()
      model.set_repository_visibility(repo, values['visibility'])
      return jsonify({
          'success': True
      })

  abort(404)


@app.route('/api/repository/<path:repository>', methods=['DELETE'])
@api_login_required
@parse_repository_name
def delete_repository(namespace, repository):
  permission = AdministerRepositoryPermission(namespace, repository)
  if permission.can():
    model.purge_repository(namespace, repository)
    registry.delete_repository_storage(namespace, repository)
    return make_response('Deleted', 204)

  abort(404)


def image_view(image):
  return {
    'id': image.docker_image_id,
    'created': image.created,
    'comment': image.comment,
  }


@app.route('/api/repository/<path:repository>', methods=['GET'])
@parse_repository_name
def get_repo_api(namespace, repository):
  logger.debug('Get repo: %s/%s' % (namespace, repository))

  def tag_view(tag):
    image = model.get_tag_image(namespace, repository, tag.name)
    if not image:
      return {}

    return {
      'name': tag.name,
      'image': image_view(image),
    }

  permission = ReadRepositoryPermission(namespace, repository)
  is_public = model.repository_is_public(namespace, repository)
  if permission.can() or is_public:
    repo = model.get_repository(namespace, repository)
    if repo:
      tags = model.list_repository_tags(namespace, repository)
      tag_dict = {tag.name: tag_view(tag) for tag in tags}
      can_write = ModifyRepositoryPermission(namespace, repository).can()
      can_admin = AdministerRepositoryPermission(namespace, repository).can()
      return jsonify({
        'namespace': namespace,
        'name': repository,
        'description': repo.description,
        'tags': tag_dict,
        'can_write': can_write,
        'can_admin': can_admin,
        'is_public': is_public
      })

    abort(404)  # Not fount
  abort(403)  # Permission denied


def role_view(repo_perm_obj):
  return {
    'role': repo_perm_obj.role.name
  }


@app.route('/api/repository/<path:repository>/tag/<tag>/images',
           methods=['GET'])
@parse_repository_name
def list_tag_images(namespace, repository, tag):
  permission = ReadRepositoryPermission(namespace, repository)
  if permission.can() or model.repository_is_public(namespace, repository):
    tag_image = model.get_tag_image(namespace, repository, tag)
    parent_images = model.get_parent_images(tag_image)

    parents = list(parent_images)
    parents.reverse()
    all_images = [tag_image] + parents

    return jsonify({
      'images': [image_view(image) for image in all_images]
    })

  abort(403)  # Permission denied


@app.route('/api/repository/<path:repository>/permissions/', methods=['GET'])
@api_login_required
@parse_repository_name
def list_repo_permissions(namespace, repository):
  permission = AdministerRepositoryPermission(namespace, repository)
  if permission.can():
    repo_perms = model.get_all_repo_users(namespace, repository)

    return jsonify({
      'permissions': {repo_perm.user.username: role_view(repo_perm)
                      for repo_perm in repo_perms}
    })

  abort(403)  # Permission denied


@app.route('/api/repository/<path:repository>/permissions/<username>',
           methods=['GET'])
@api_login_required
@parse_repository_name
def get_permissions(namespace, repository, username):
  logger.debug('Get repo: %s/%s permissions for user %s' %
               (namespace, repository, username))
  permission = AdministerRepositoryPermission(namespace, repository)
  if permission.can():
    perm = model.get_user_reponame_permission(username, namespace, repository)
    return jsonify(role_view(perm))

  abort(403)  # Permission denied


@app.route('/api/repository/<path:repository>/permissions/<username>',
           methods=['PUT', 'POST'])
@api_login_required
@parse_repository_name
def change_permissions(namespace, repository, username):
  permission = AdministerRepositoryPermission(namespace, repository)
  if permission.can():
    new_permission = request.get_json()

    logger.debug('Setting permission to: %s for user %s' %
                 (new_permission['role'], username))

    try:
      perm = model.set_user_repo_permission(username, namespace, repository,
                                            new_permission['role'])
    except model.DataModelException:
      logger.warning('User tried to remove themselves as admin.')
      abort(409)

    resp = jsonify(role_view(perm))
    if request.method == 'POST':
      resp.status_code = 201
    return resp

  abort(403)  # Permission denied


@app.route('/api/repository/<path:repository>/permissions/<username>',
           methods=['DELETE'])
@api_login_required
@parse_repository_name
def delete_permissions(namespace, repository, username):
  permission = AdministerRepositoryPermission(namespace, repository)
  if permission.can():
    try:
      model.delete_user_permission(username, namespace, repository)
    except model.DataModelException:
      logger.warning('User tried to remove themselves as admin.')
      abort(409)

    return make_response('Deleted', 204)

  abort(403)  # Permission denied
Add some login machinery. 2013-09-23 16:37:40 +00:00			`import logging`

			`from flask import request, make_response, jsonify, abort`
			`from flask.ext.login import login_required, current_user`
			`from functools import wraps`

Refactor the code into modules, it was getting unweildy. 2013-09-25 16:45:12 +00:00			`from data import model`
Add some login machinery. 2013-09-23 16:37:40 +00:00			`from app import app`
Allow a user to register from the landing page. Fix spacing issues. 2013-10-01 23:37:33 +00:00			`from util.email import send_confirmation_email`
Fix some stuff with logins and permissions, add tags to the mode. 2013-09-25 20:46:28 +00:00			`from util.names import parse_repository_name`
Update landing page to use gravatar. 2013-09-27 22:15:31 +00:00			`from util.gravatar import compute_hash`
Start on UI for Quay 2013-09-26 21:59:20 +00:00			`from auth.permissions import (ReadRepositoryPermission,`
Flesh out some permissions APIs. 2013-09-27 17:24:07 +00:00			`ModifyRepositoryPermission,`
			`AdministerRepositoryPermission)`
Fix s3 delete. 2013-10-01 18:46:44 +00:00			`from endpoints import registry`
Add some login machinery. 2013-09-23 16:37:40 +00:00

			`logger = logging.getLogger(__name__)`


Add a special api_login_required which does not generate the signin redirect. 2013-09-30 21:51:07 +00:00			`def api_login_required(f):`
			`@wraps(f)`
			`def decorated_view(args, *kwargs):`
			`if not current_user.is_authenticated():`
			`abort(401)`
			`return f(args, *kwargs)`
			`return decorated_view`


Make sure usernames and emails are unique and message is sent to user. 2013-09-27 22:16:26 +00:00			`@app.errorhandler(model.DataModelException)`
			`def handle_dme(ex):`
			`return make_response(ex.message, 400)`


Add some login machinery. 2013-09-23 16:37:40 +00:00			`@app.route('/api/')`
			`def welcome():`
			`return make_response('welcome', 200)`


Allow a user to register from the landing page. Fix spacing issues. 2013-10-01 23:37:33 +00:00			`@app.route('/api/user/', methods=['GET'])`
Add a user service and load the user information dynamically from the backend. 2013-09-26 23:59:58 +00:00			`def get_logged_in_user():`
Fix public browsing 2013-09-30 21:32:03 +00:00			`if current_user.is_anonymous():`
			`return jsonify({'anonymous': True})`

Add a user service and load the user information dynamically from the backend. 2013-09-26 23:59:58 +00:00			`user = current_user.db_user`
			`return jsonify({`
			`'verified': user.verified,`
			`'anonymous': False,`
			`'username': user.username,`
			`'email': user.email,`
Update landing page to use gravatar. 2013-09-27 22:15:31 +00:00			`'gravatar': compute_hash(user.email),`
Add a user service and load the user information dynamically from the backend. 2013-09-26 23:59:58 +00:00			`})`


Allow a user to register from the landing page. Fix spacing issues. 2013-10-01 23:37:33 +00:00			`@app.route('/api/user/', methods=['POST'])`
			`def create_user_api():`
			`user_data = request.get_json()`
			`try:`
			`new_user = model.create_user(user_data['username'], user_data['password'],`
			`user_data['email'])`
			`code = model.create_confirm_email_code(new_user)`
			`send_confirmation_email(new_user.username, new_user.email, code.code)`
			`return make_response('Created', 201)`
			`except model.DataModelException as ex:`
			`error_resp = jsonify({`
			`'message': ex.message,`
			`})`
			`error_resp.status_code = 400`
			`return error_resp`


Add repo autocomplete for searching. 2013-09-27 23:21:54 +00:00			`@app.route('/api/users/<prefix>', methods=['GET'])`
Merge branch 'master' of ssh://bitbucket.org/yackob03/quay Conflicts: endpoints/api.py 2013-09-30 21:54:06 +00:00			`@api_login_required`
Add repo autocomplete for searching. 2013-09-27 23:21:54 +00:00			`def get_matching_users(prefix):`
			`users = model.get_matching_users(prefix)`

			`return jsonify({`
			`'users': [user.username for user in users]`
			`})`


Add some login machinery. 2013-09-23 16:37:40 +00:00			`@app.route('/api/repository/', methods=['POST'])`
Add a special api_login_required which does not generate the signin redirect. 2013-09-30 21:51:07 +00:00			`@api_login_required`
Add some login machinery. 2013-09-23 16:37:40 +00:00			`def create_repo_api():`
			`pass`


Add ability to search for repos by their full path 2013-10-01 21:02:49 +00:00			`@app.route('/api/find/repository', methods=['GET'])`
			`def match_repos_api():`
			`prefix = request.args.get('query', '')`
Add repo autocomplete for searching. 2013-09-27 23:21:54 +00:00			`def repo_view(repo):`
			`return {`
			`'namespace': repo.namespace,`
			`'name': repo.name,`
Add ability to change the visibility of a repo, and show whether the repo is private in the repo-view screen 2013-09-28 21:11:10 +00:00			`'description': repo.description`
Add repo autocomplete for searching. 2013-09-27 23:21:54 +00:00			`}`

Fix public browsing 2013-09-30 21:32:03 +00:00			`username = current_user.db_user.username if current_user.is_authenticated() else None`
Switch the search to use SQL query. 2013-09-28 03:25:57 +00:00			`matching = model.get_matching_repositories(prefix, username)`
Add repo autocomplete for searching. 2013-09-27 23:21:54 +00:00			`response = {`
Switch the search to use SQL query. 2013-09-28 03:25:57 +00:00			`'repositories': [repo_view(repo) for repo in matching]`
Add repo autocomplete for searching. 2013-09-27 23:21:54 +00:00			`}`

			`return jsonify(response)`

Start on UI for Quay 2013-09-26 21:59:20 +00:00
Add some login machinery. 2013-09-23 16:37:40 +00:00			`@app.route('/api/repository/', methods=['GET'])`
			`def list_repos_api():`
Full add public repository support. 2013-09-28 04:05:32 +00:00			`def repo_view(repo_obj):`
Add some login machinery. 2013-09-23 16:37:40 +00:00			`return {`
Full add public repository support. 2013-09-28 04:05:32 +00:00			`'namespace': repo_obj.namespace,`
			`'name': repo_obj.name,`
			`'description': repo_obj.description,`
Add some login machinery. 2013-09-23 16:37:40 +00:00			`}`

Fix public browsing 2013-09-30 21:32:03 +00:00			`username = current_user.db_user.username if current_user.is_authenticated() else None`
Fix some stuff with logins and permissions, add tags to the mode. 2013-09-25 20:46:28 +00:00			`repos = [repo_view(repo)`
Full add public repository support. 2013-09-28 04:05:32 +00:00			`for repo in model.get_visible_repositories(username)]`
Add some login machinery. 2013-09-23 16:37:40 +00:00			`response = {`
			`'repositories': repos`
			`}`

			`return jsonify(response)`


			`@app.route('/api/repository/<path:repository>', methods=['PUT'])`
Add a special api_login_required which does not generate the signin redirect. 2013-09-30 21:51:07 +00:00			`@api_login_required`
Add some login machinery. 2013-09-23 16:37:40 +00:00			`@parse_repository_name`
			`def update_repo_api(namespace, repository):`
Start on UI for Quay 2013-09-26 21:59:20 +00:00			`permission = ModifyRepositoryPermission(namespace, repository)`
PEP8 fixes. 2013-09-28 00:03:07 +00:00			`if permission.can():`
Start on UI for Quay 2013-09-26 21:59:20 +00:00			`repo = model.get_repository(namespace, repository)`
			`if repo:`
			`values = request.get_json()`
			`repo.description = values['description']`
			`repo.save()`
			`return jsonify({`
			`'success': True`
			`})`
PEP8 fixes. 2013-09-28 00:03:07 +00:00
Start on UI for Quay 2013-09-26 21:59:20 +00:00			`abort(404)`
Add some login machinery. 2013-09-23 16:37:40 +00:00

Add ability to change the visibility of a repo, and show whether the repo is private in the repo-view screen 2013-09-28 21:11:10 +00:00			`@app.route('/api/repository/<path:repository>/changevisibility', methods=['POST'])`
Add a special api_login_required which does not generate the signin redirect. 2013-09-30 21:51:07 +00:00			`@api_login_required`
Add ability to change the visibility of a repo, and show whether the repo is private in the repo-view screen 2013-09-28 21:11:10 +00:00			`@parse_repository_name`
			`def change_repo_visibility_api(namespace, repository):`
			`permission = AdministerRepositoryPermission(namespace, repository)`
			`if permission.can():`
			`repo = model.get_repository(namespace, repository)`
			`if repo:`
			`values = request.get_json()`
			`model.set_repository_visibility(repo, values['visibility'])`
			`return jsonify({`
			`'success': True`
			`})`

			`abort(404)`


Add api function to fully delete a repository. 2013-10-01 16:13:25 +00:00			`@app.route('/api/repository/<path:repository>', methods=['DELETE'])`
			`@api_login_required`
			`@parse_repository_name`
			`def delete_repository(namespace, repository):`
			`permission = AdministerRepositoryPermission(namespace, repository)`
			`if permission.can():`
			`model.purge_repository(namespace, repository)`
Fix s3 delete. 2013-10-01 18:46:44 +00:00			`registry.delete_repository_storage(namespace, repository)`
Add api function to fully delete a repository. 2013-10-01 16:13:25 +00:00			`return make_response('Deleted', 204)`

			`abort(404)`


Get the tabs working and the UI for the image history. Note that the model changes for the image history are WRONG and need to be fixed 2013-09-27 21:01:45 +00:00			`def image_view(image):`
			`return {`
Rename Image.image_id to Image.docker_image_id to reduce confusion. 2013-10-01 18:14:39 +00:00			`'id': image.docker_image_id,`
Get the tabs working and the UI for the image history. Note that the model changes for the image history are WRONG and need to be fixed 2013-09-27 21:01:45 +00:00			`'created': image.created,`
			`'comment': image.comment,`
			`}`


Add some login machinery. 2013-09-23 16:37:40 +00:00			`@app.route('/api/repository/<path:repository>', methods=['GET'])`
			`@parse_repository_name`
			`def get_repo_api(namespace, repository):`
Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00			`logger.debug('Get repo: %s/%s' % (namespace, repository))`
PEP8 fixes. 2013-09-28 00:03:07 +00:00
Start on UI for Quay 2013-09-26 21:59:20 +00:00			`def tag_view(tag):`
			`image = model.get_tag_image(namespace, repository, tag.name)`
			`if not image:`
			`return {}`

			`return {`
			`'name': tag.name,`
Flesh out some permissions APIs. 2013-09-27 17:24:07 +00:00			`'image': image_view(image),`
Start on UI for Quay 2013-09-26 21:59:20 +00:00			`}`

			`permission = ReadRepositoryPermission(namespace, repository)`
Add ability to change the visibility of a repo, and show whether the repo is private in the repo-view screen 2013-09-28 21:11:10 +00:00			`is_public = model.repository_is_public(namespace, repository)`
			`if permission.can() or is_public:`
Start on UI for Quay 2013-09-26 21:59:20 +00:00			`repo = model.get_repository(namespace, repository)`
			`if repo:`
			`tags = model.list_repository_tags(namespace, repository)`
Flesh out some permissions APIs. 2013-09-27 17:24:07 +00:00			`tag_dict = {tag.name: tag_view(tag) for tag in tags}`
			`can_write = ModifyRepositoryPermission(namespace, repository).can()`
Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00			`can_admin = AdministerRepositoryPermission(namespace, repository).can()`
Flesh out some permissions APIs. 2013-09-27 17:24:07 +00:00			`return jsonify({`
			`'namespace': namespace,`
			`'name': repository,`
			`'description': repo.description,`
			`'tags': tag_dict,`
			`'can_write': can_write,`
Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00			`'can_admin': can_admin,`
Add ability to change the visibility of a repo, and show whether the repo is private in the repo-view screen 2013-09-28 21:11:10 +00:00			`'is_public': is_public`
Flesh out some permissions APIs. 2013-09-27 17:24:07 +00:00			`})`
Start on UI for Quay 2013-09-26 21:59:20 +00:00
Flesh out some permissions APIs. 2013-09-27 17:24:07 +00:00			`abort(404) # Not fount`
			`abort(403) # Permission denied`


Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00			`def role_view(repo_perm_obj):`
			`return {`
			`'role': repo_perm_obj.role.name`
			`}`


PEP8 fixes. 2013-09-28 00:03:07 +00:00			`@app.route('/api/repository/<path:repository>/tag/<tag>/images',`
			`methods=['GET'])`
Get the tabs working and the UI for the image history. Note that the model changes for the image history are WRONG and need to be fixed 2013-09-27 21:01:45 +00:00			`@parse_repository_name`
			`def list_tag_images(namespace, repository, tag):`
			`permission = ReadRepositoryPermission(namespace, repository)`
Full add public repository support. 2013-09-28 04:05:32 +00:00			`if permission.can() or model.repository_is_public(namespace, repository):`
Add image ancestry and update the test db accordingly. 2013-09-30 19:30:00 +00:00			`tag_image = model.get_tag_image(namespace, repository, tag)`
			`parent_images = model.get_parent_images(tag_image)`

			`parents = list(parent_images)`
			`parents.reverse()`
			`all_images = [tag_image] + parents`
PEP8 fixes. 2013-09-28 00:03:07 +00:00
Get the tabs working and the UI for the image history. Note that the model changes for the image history are WRONG and need to be fixed 2013-09-27 21:01:45 +00:00			`return jsonify({`
Add image ancestry and update the test db accordingly. 2013-09-30 19:30:00 +00:00			`'images': [image_view(image) for image in all_images]`
Get the tabs working and the UI for the image history. Note that the model changes for the image history are WRONG and need to be fixed 2013-09-27 21:01:45 +00:00			`})`

			`abort(403) # Permission denied`


Flesh out some permissions APIs. 2013-09-27 17:24:07 +00:00			`@app.route('/api/repository/<path:repository>/permissions/', methods=['GET'])`
Add a special api_login_required which does not generate the signin redirect. 2013-09-30 21:51:07 +00:00			`@api_login_required`
Flesh out some permissions APIs. 2013-09-27 17:24:07 +00:00			`@parse_repository_name`
			`def list_repo_permissions(namespace, repository):`
			`permission = AdministerRepositoryPermission(namespace, repository)`
			`if permission.can():`
			`repo_perms = model.get_all_repo_users(namespace, repository)`

			`return jsonify({`
PEP8 fixes. 2013-09-28 00:03:07 +00:00			`'permissions': {repo_perm.user.username: role_view(repo_perm)`
Flesh out some permissions APIs. 2013-09-27 17:24:07 +00:00			`for repo_perm in repo_perms}`
			`})`

			`abort(403) # Permission denied`

Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00
			`@app.route('/api/repository/<path:repository>/permissions/<username>',`
			`methods=['GET'])`
Add a special api_login_required which does not generate the signin redirect. 2013-09-30 21:51:07 +00:00			`@api_login_required`
Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00			`@parse_repository_name`
			`def get_permissions(namespace, repository, username):`
			`logger.debug('Get repo: %s/%s permissions for user %s' %`
			`(namespace, repository, username))`
			`permission = AdministerRepositoryPermission(namespace, repository)`
			`if permission.can():`
Fix some bugs with the permissions API. Prevent the user from removing themelves as admin. 2013-09-27 19:53:39 +00:00			`perm = model.get_user_reponame_permission(username, namespace, repository)`
Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00			`return jsonify(role_view(perm))`

			`abort(403) # Permission denied`


Flesh out some permissions APIs. 2013-09-27 17:24:07 +00:00			`@app.route('/api/repository/<path:repository>/permissions/<username>',`
Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00			`methods=['PUT', 'POST'])`
Add a special api_login_required which does not generate the signin redirect. 2013-09-30 21:51:07 +00:00			`@api_login_required`
Flesh out some permissions APIs. 2013-09-27 17:24:07 +00:00			`@parse_repository_name`
			`def change_permissions(namespace, repository, username):`
			`permission = AdministerRepositoryPermission(namespace, repository)`
			`if permission.can():`
			`new_permission = request.get_json()`

Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00			`logger.debug('Setting permission to: %s for user %s' %`
			`(new_permission['role'], username))`
Fix some bugs with the permissions API. Prevent the user from removing themelves as admin. 2013-09-27 19:53:39 +00:00
			`try:`
			`perm = model.set_user_repo_permission(username, namespace, repository,`
			`new_permission['role'])`
			`except model.DataModelException:`
			`logger.warning('User tried to remove themselves as admin.')`
			`abort(409)`
Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00
			`resp = jsonify(role_view(perm))`
			`if request.method == 'POST':`
			`resp.status_code = 201`
			`return resp`

			`abort(403) # Permission denied`

PEP8 fixes. 2013-09-28 00:03:07 +00:00
Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00			`@app.route('/api/repository/<path:repository>/permissions/<username>',`
			`methods=['DELETE'])`
Add a special api_login_required which does not generate the signin redirect. 2013-09-30 21:51:07 +00:00			`@api_login_required`
Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00			`@parse_repository_name`
			`def delete_permissions(namespace, repository, username):`
			`permission = AdministerRepositoryPermission(namespace, repository)`
			`if permission.can():`
Fix some bugs with the permissions API. Prevent the user from removing themelves as admin. 2013-09-27 19:53:39 +00:00			`try:`
			`model.delete_user_permission(username, namespace, repository)`
			`except model.DataModelException:`
			`logger.warning('User tried to remove themselves as admin.')`
			`abort(409)`

Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00			`return make_response('Deleted', 204)`
Flesh out some permissions APIs. 2013-09-27 17:24:07 +00:00
Flesh out the API for managing permissions. 2013-09-27 18:56:14 +00:00			`abort(403) # Permission denied`