quay/endpoints/api/__init__.py

import logging
import json

from flask import Blueprint, request
from flask.ext.restful import Resource, abort, Api, reqparse
from flask.ext.restful.utils.cors import crossdomain
from calendar import timegm
from email.utils import formatdate
from functools import partial, wraps
from jsonschema import validate, ValidationError

from data import model
from util.names import parse_namespace_repository
from auth.permissions import (ReadRepositoryPermission,
                              ModifyRepositoryPermission,
                              AdministerRepositoryPermission)
from auth import scopes
from auth.auth_context import get_authenticated_user
from auth.auth import process_oauth


logger = logging.getLogger(__name__)
api_bp = Blueprint('api', __name__)
api = Api()
api.init_app(api_bp)
api.decorators = [process_oauth,
                  crossdomain(origin='*', headers=['Authorization', 'Content-Type'])]


def resource(*urls, **kwargs):
  def wrapper(api_resource):
    api.add_resource(api_resource, *urls, **kwargs)
    return api_resource
  return wrapper


def truthy_bool(param):
  return param not in {False, 'false', 'False', '0', 'FALSE', '', 'null'}


def format_date(date):
  """ Output an RFC822 date format. """
  return formatdate(timegm(date.utctimetuple()))


def add_method_metadata(name, value):
  def modifier(func):
    if '__api_metadata' not in dir(func):
      func.__api_metadata = {}
    func.__api_metadata[name] = value
    return func
  return modifier


def method_metadata(func, name):
  if '__api_metadata' in dir(func):
    return func.__api_metadata.get(name, None)
  return None


nickname = partial(add_method_metadata, 'nickname')
related_user_resource = partial(add_method_metadata, 'related_user_resource')
internal_only = add_method_metadata('internal', True)


def query_param(name, help_str, type=reqparse.text_type, default=None,
                choices=(), required=False):
  def add_param(func):
    if '__api_query_params' not in dir(func):
      func.__api_query_params = []
    func.__api_query_params.append({
      'name': name,
      'type': type,
      'help': help_str,
      'default': default,
      'choices': choices,
      'required': required,
    })
    return func
  return add_param


def parse_args(func):
  @wraps(func)
  def wrapper(self, *args, **kwargs):
    if '__api_query_params' not in dir(func):
      abort(400)

    parser = reqparse.RequestParser()
    for arg_spec in func.__api_query_params:
      parser.add_argument(**arg_spec)
    parsed_args = parser.parse_args()

    return func(self, parsed_args, *args, **kwargs)
  return wrapper


def parse_repository_name(func):
  @wraps(func)
  def wrapper(repository, *args, **kwargs):
    (namespace, repository) = parse_namespace_repository(repository)
    return func(namespace, repository, *args, **kwargs)
  return wrapper


class ApiResource(Resource):
  def options(self):
    return None, 200


class RepositoryParamResource(ApiResource):
  method_decorators = [parse_repository_name]


def require_repo_permission(permission_class, scope, allow_public=False):
  def wrapper(func):
    @add_method_metadata('oauth2_scope', scope)
    @wraps(func)
    def wrapped(self, namespace, repository, *args, **kwargs):
      logger.debug('Checking permission %s for repo: %s/%s', permission_class, namespace,
                   repository)
      permission = permission_class(namespace, repository)
      if (permission.can() or
          (allow_public and
           model.repository_is_public(namespace, repository))):
        return func(self, namespace, repository, *args, **kwargs)
      abort(403)
    return wrapped
  return wrapper


require_repo_read = require_repo_permission(ReadRepositoryPermission, scopes.READ_REPO, True)
require_repo_write = require_repo_permission(ModifyRepositoryPermission, scopes.WRITE_REPO)
require_repo_admin = require_repo_permission(AdministerRepositoryPermission, scopes.ADMIN_REPO)


def require_scope(scope_object):
  def wrapper(func):
    @add_method_metadata('oauth2_scope', scope_object['scope'])
    @wraps(func)
    def wrapped(*args, **kwargs):
      return func(*args, **kwargs)
    return wrapped
  return wrapper


def validate_json_request(schema_name):
  def wrapper(func):
    @add_method_metadata('request_schema', schema_name)
    @wraps(func)
    def wrapped(self, *args, **kwargs):
      schema = self.schemas[schema_name]
      try:
        validate(request.get_json(), schema)
        return func(self, *args, **kwargs)
      except ValidationError as ex:
        abort(400, message=ex.message)
    return wrapped
  return wrapper


def request_error(exception=None, **kwargs):
  data = kwargs.copy()
  if exception:
    data['message'] = exception.message

  return json.dumps(data), 400


def log_action(kind, user_or_orgname, metadata={}, repo=None):
  performer = get_authenticated_user()
  model.log_action(kind, user_or_orgname, performer=performer, ip=request.remote_addr,
                   metadata=metadata, repository=repo)


import endpoints.api.legacy

import endpoints.api.billing
import endpoints.api.build
import endpoints.api.discovery
import endpoints.api.image
import endpoints.api.logs
import endpoints.api.organization
import endpoints.api.permission
import endpoints.api.prototype
import endpoints.api.repository
import endpoints.api.repotoken
import endpoints.api.robot
import endpoints.api.search
import endpoints.api.tag
import endpoints.api.team
import endpoints.api.trigger
import endpoints.api.user
import endpoints.api.webhook
Holy black magic batman, move the query parameters to decorators and expose them through discovery. 2014-03-11 16:57:33 +00:00			`import logging`
Port a few more repository methods to the new API interface. 2014-03-13 00:33:57 +00:00			`import json`
Holy black magic batman, move the query parameters to decorators and expose them through discovery. 2014-03-11 16:57:33 +00:00
Fix bugs, mostly related to date formatting. 2014-03-17 17:10:12 +00:00			`from flask import Blueprint, request`
Holy black magic batman, move the query parameters to decorators and expose them through discovery. 2014-03-11 16:57:33 +00:00			`from flask.ext.restful import Resource, abort, Api, reqparse`
			`from flask.ext.restful.utils.cors import crossdomain`
First attempt at using flask-restful and swagger api documentation. 2014-03-10 22:30:41 +00:00			`from calendar import timegm`
			`from email.utils import formatdate`
More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00			`from functools import partial, wraps`
			`from jsonschema import validate, ValidationError`

			`from data import model`
			`from util.names import parse_namespace_repository`
			`from auth.permissions import (ReadRepositoryPermission,`
			`ModifyRepositoryPermission,`
			`AdministerRepositoryPermission)`
Add some sort of oauth. 2014-03-12 16:37:06 +00:00			`from auth import scopes`
Port a few more repository methods to the new API interface. 2014-03-13 00:33:57 +00:00			`from auth.auth_context import get_authenticated_user`
			`from auth.auth import process_oauth`
More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00
First attempt at using flask-restful and swagger api documentation. 2014-03-10 22:30:41 +00:00
Holy black magic batman, move the query parameters to decorators and expose them through discovery. 2014-03-11 16:57:33 +00:00			`logger = logging.getLogger(__name__)`
			`api_bp = Blueprint('api', __name__)`
Fix url_for for api endpoints. 2014-03-17 19:23:49 +00:00			`api = Api()`
			`api.init_app(api_bp)`
Port a few more repository methods to the new API interface. 2014-03-13 00:33:57 +00:00			`api.decorators = [process_oauth,`
			`crossdomain(origin='*', headers=['Authorization', 'Content-Type'])]`
Holy black magic batman, move the query parameters to decorators and expose them through discovery. 2014-03-11 16:57:33 +00:00
First attempt at using flask-restful and swagger api documentation. 2014-03-10 22:30:41 +00:00
Holy black magic batman, move the query parameters to decorators and expose them through discovery. 2014-03-11 16:57:33 +00:00			`def resource(urls, *kwargs):`
			`def wrapper(api_resource):`
			`api.add_resource(api_resource, urls, *kwargs)`
			`return api_resource`
			`return wrapper`
First attempt at using flask-restful and swagger api documentation. 2014-03-10 22:30:41 +00:00

			`def truthy_bool(param):`
			`return param not in {False, 'false', 'False', '0', 'FALSE', '', 'null'}`


			`def format_date(date):`
			`""" Output an RFC822 date format. """`
			`return formatdate(timegm(date.utctimetuple()))`


			`def add_method_metadata(name, value):`
			`def modifier(func):`
			`if '__api_metadata' not in dir(func):`
More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00			`func.__api_metadata = {}`
			`func.__api_metadata[name] = value`
First attempt at using flask-restful and swagger api documentation. 2014-03-10 22:30:41 +00:00			`return func`
			`return modifier`


			`def method_metadata(func, name):`
			`if '__api_metadata' in dir(func):`
More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00			`return func.__api_metadata.get(name, None)`
First attempt at using flask-restful and swagger api documentation. 2014-03-10 22:30:41 +00:00			`return None`


			`nickname = partial(add_method_metadata, 'nickname')`
Link the org api calls to their related user resources. 2014-03-14 21:35:52 +00:00			`related_user_resource = partial(add_method_metadata, 'related_user_resource')`
Add internal API filtering. 2014-03-14 22:07:03 +00:00			`internal_only = add_method_metadata('internal', True)`
First attempt at using flask-restful and swagger api documentation. 2014-03-10 22:30:41 +00:00

Use doc strings for resource and method docs. Tweak some docs. Switch to 100 length lines. 2014-03-11 19:20:03 +00:00			`def query_param(name, help_str, type=reqparse.text_type, default=None,`
			`choices=(), required=False):`
Holy black magic batman, move the query parameters to decorators and expose them through discovery. 2014-03-11 16:57:33 +00:00			`def add_param(func):`
			`if '__api_query_params' not in dir(func):`
			`func.__api_query_params = []`
			`func.__api_query_params.append({`
			`'name': name,`
			`'type': type,`
			`'help': help_str,`
			`'default': default,`
			`'choices': choices,`
			`'required': required,`
			`})`
			`return func`
			`return add_param`


			`def parse_args(func):`
			`@wraps(func)`
			`def wrapper(self, args, *kwargs):`
			`if '__api_query_params' not in dir(func):`
			`abort(400)`

			`parser = reqparse.RequestParser()`
			`for arg_spec in func.__api_query_params:`
			`parser.add_argument(**arg_spec)`
			`parsed_args = parser.parse_args()`

			`return func(self, parsed_args, args, *kwargs)`
			`return wrapper`


More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00			`def parse_repository_name(func):`
			`@wraps(func)`
			`def wrapper(repository, args, *kwargs):`
			`(namespace, repository) = parse_namespace_repository(repository)`
			`return func(namespace, repository, args, *kwargs)`
			`return wrapper`


Add scope ordinality and translations. Process oauth tokens and limit scopes accordingly. 2014-03-12 20:31:37 +00:00			`class ApiResource(Resource):`
			`def options(self):`
			`return None, 200`


			`class RepositoryParamResource(ApiResource):`
More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00			`method_decorators = [parse_repository_name]`


Add some sort of oauth. 2014-03-12 16:37:06 +00:00			`def require_repo_permission(permission_class, scope, allow_public=False):`
More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00			`def wrapper(func):`
Add some sort of oauth. 2014-03-12 16:37:06 +00:00			`@add_method_metadata('oauth2_scope', scope)`
More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00			`@wraps(func)`
			`def wrapped(self, namespace, repository, args, *kwargs):`
Port a few more repository methods to the new API interface. 2014-03-13 00:33:57 +00:00			`logger.debug('Checking permission %s for repo: %s/%s', permission_class, namespace,`
			`repository)`
More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00			`permission = permission_class(namespace, repository)`
			`if (permission.can() or`
			`(allow_public and`
			`model.repository_is_public(namespace, repository))):`
			`return func(self, namespace, repository, args, *kwargs)`
			`abort(403)`
			`return wrapped`
			`return wrapper`


Add some sort of oauth. 2014-03-12 16:37:06 +00:00			`require_repo_read = require_repo_permission(ReadRepositoryPermission, scopes.READ_REPO, True)`
			`require_repo_write = require_repo_permission(ModifyRepositoryPermission, scopes.WRITE_REPO)`
			`require_repo_admin = require_repo_permission(AdministerRepositoryPermission, scopes.ADMIN_REPO)`
More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00

Port a few more repository methods to the new API interface. 2014-03-13 00:33:57 +00:00			`def require_scope(scope_object):`
			`def wrapper(func):`
			`@add_method_metadata('oauth2_scope', scope_object['scope'])`
			`@wraps(func)`
			`def wrapped(args, *kwargs):`
			`return func(args, *kwargs)`
			`return wrapped`
			`return wrapper`


More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00			`def validate_json_request(schema_name):`
			`def wrapper(func):`
			`@add_method_metadata('request_schema', schema_name)`
			`@wraps(func)`
Port a few more repository methods to the new API interface. 2014-03-13 00:33:57 +00:00			`def wrapped(self, args, *kwargs):`
More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00			`schema = self.schemas[schema_name]`
			`try:`
			`validate(request.get_json(), schema)`
Port a few more repository methods to the new API interface. 2014-03-13 00:33:57 +00:00			`return func(self, args, *kwargs)`
More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00			`except ValidationError as ex:`
			`abort(400, message=ex.message)`
			`return wrapped`
			`return wrapper`


Port a few more repository methods to the new API interface. 2014-03-13 00:33:57 +00:00			`def request_error(exception=None, **kwargs):`
			`data = kwargs.copy()`
			`if exception:`
			`data['message'] = exception.message`

			`return json.dumps(data), 400`


More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00			`def log_action(kind, user_or_orgname, metadata={}, repo=None):`
Port a few more repository methods to the new API interface. 2014-03-13 00:33:57 +00:00			`performer = get_authenticated_user()`
Use doc strings for resource and method docs. Tweak some docs. Switch to 100 length lines. 2014-03-11 19:20:03 +00:00			`model.log_action(kind, user_or_orgname, performer=performer, ip=request.remote_addr,`
			`metadata=metadata, repository=repo)`
More fully replicate the swagger API. 2014-03-11 03:54:55 +00:00

First attempt at using flask-restful and swagger api documentation. 2014-03-10 22:30:41 +00:00			`import endpoints.api.legacy`

Port over the billing apis. 2014-03-14 19:35:20 +00:00			`import endpoints.api.billing`
Port over webhooks, search, and builds. 2014-03-13 20:31:37 +00:00			`import endpoints.api.build`
Port over tokens. 2014-03-14 17:24:01 +00:00			`import endpoints.api.discovery`
Port over images, permissions, and tags. 2014-03-14 17:06:58 +00:00			`import endpoints.api.image`
Port logs and robots. 2014-03-14 20:02:13 +00:00			`import endpoints.api.logs`
Re-organize the imports for the api endpoints. 2014-03-14 20:11:31 +00:00			`import endpoints.api.organization`
Port over tokens. 2014-03-14 17:24:01 +00:00			`import endpoints.api.permission`
Port permission prototypes and org members. 2014-03-14 18:51:18 +00:00			`import endpoints.api.prototype`
Port over tokens. 2014-03-14 17:24:01 +00:00			`import endpoints.api.repository`
			`import endpoints.api.repotoken`
Port logs and robots. 2014-03-14 20:02:13 +00:00			`import endpoints.api.robot`
Port over tokens. 2014-03-14 17:24:01 +00:00			`import endpoints.api.search`
Port over images, permissions, and tags. 2014-03-14 17:06:58 +00:00			`import endpoints.api.tag`
Migrate teams and orgs. 2014-03-14 18:20:51 +00:00			`import endpoints.api.team`
Port over tokens. 2014-03-14 17:24:01 +00:00			`import endpoints.api.trigger`
			`import endpoints.api.user`
			`import endpoints.api.webhook`