2015-05-14 20:47:38 +00:00
|
|
|
""" Manage repository access tokens (DEPRECATED). """
|
|
|
|
|
2014-03-14 17:24:01 +00:00
|
|
|
import logging
|
|
|
|
|
|
|
|
from flask import request
|
|
|
|
|
|
|
|
from endpoints.api import (resource, nickname, require_repo_admin, RepositoryParamResource,
|
2016-04-11 20:20:11 +00:00
|
|
|
log_action, validate_json_request, path_param)
|
2017-07-20 21:07:01 +00:00
|
|
|
from endpoints.api.repotoken_models_pre_oci import pre_oci_model as model
|
2016-04-11 20:20:11 +00:00
|
|
|
from endpoints.exception import NotFound
|
2014-03-14 17:24:01 +00:00
|
|
|
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
2016-01-21 20:40:51 +00:00
|
|
|
@resource('/v1/repository/<apirepopath:repository>/tokens/')
|
2014-08-19 23:05:28 +00:00
|
|
|
@path_param('repository', 'The full path of the repository. e.g. namespace/name')
|
2014-03-14 17:24:01 +00:00
|
|
|
class RepositoryTokenList(RepositoryParamResource):
|
|
|
|
""" Resource for creating and listing repository tokens. """
|
|
|
|
schemas = {
|
|
|
|
'NewToken': {
|
|
|
|
'type': 'object',
|
|
|
|
'description': 'Description of a new token.',
|
2014-03-17 16:25:41 +00:00
|
|
|
'required':[
|
|
|
|
'friendlyName',
|
|
|
|
],
|
2014-03-14 17:24:01 +00:00
|
|
|
'properties': {
|
|
|
|
'friendlyName': {
|
|
|
|
'type': 'string',
|
2014-03-14 18:20:51 +00:00
|
|
|
'description': 'Friendly name to help identify the token',
|
2014-03-14 17:24:01 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
@require_repo_admin
|
|
|
|
@nickname('listRepoTokens')
|
2017-07-20 21:07:01 +00:00
|
|
|
def get(self, namespace_name, repo_name):
|
2014-03-14 17:24:01 +00:00
|
|
|
""" List the tokens for the specified repository. """
|
2017-07-20 21:07:01 +00:00
|
|
|
tokens = model.get_repository_tokens(namespace_name, repo_name)
|
2014-03-14 17:24:01 +00:00
|
|
|
return {
|
2017-07-20 21:07:01 +00:00
|
|
|
'tokens': {token.code: token.to_dict() for token in tokens}
|
2014-03-14 17:24:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
@require_repo_admin
|
|
|
|
@nickname('createToken')
|
|
|
|
@validate_json_request('NewToken')
|
2017-07-20 21:07:01 +00:00
|
|
|
def post(self, namespace_name, repo_name):
|
2014-03-14 17:24:01 +00:00
|
|
|
""" Create a new repository token. """
|
|
|
|
token_params = request.get_json()
|
2017-07-20 21:07:01 +00:00
|
|
|
token = model.create_repository_token(namespace_name, repo_name, token_params['friendlyName'])
|
|
|
|
log_action('add_repo_accesstoken', namespace_name,
|
|
|
|
{'repo': repo_name, 'token': token_params['friendlyName']},
|
|
|
|
repo_name=repo_name)
|
2014-03-14 17:24:01 +00:00
|
|
|
|
2017-07-20 21:07:01 +00:00
|
|
|
return token.to_dict(), 201
|
2014-03-14 17:24:01 +00:00
|
|
|
|
|
|
|
|
2016-01-21 20:40:51 +00:00
|
|
|
@resource('/v1/repository/<apirepopath:repository>/tokens/<code>')
|
2014-08-19 23:05:28 +00:00
|
|
|
@path_param('repository', 'The full path of the repository. e.g. namespace/name')
|
|
|
|
@path_param('code', 'The token code')
|
2014-03-14 17:24:01 +00:00
|
|
|
class RepositoryToken(RepositoryParamResource):
|
|
|
|
""" Resource for managing individual tokens. """
|
|
|
|
schemas = {
|
|
|
|
'TokenPermission': {
|
|
|
|
'type': 'object',
|
2014-03-14 18:20:51 +00:00
|
|
|
'description': 'Description of a token permission',
|
2014-03-17 16:25:41 +00:00
|
|
|
'required': [
|
|
|
|
'role',
|
|
|
|
],
|
2014-03-14 17:24:01 +00:00
|
|
|
'properties': {
|
|
|
|
'role': {
|
|
|
|
'type': 'string',
|
|
|
|
'description': 'Role to use for the token',
|
|
|
|
'enum': [
|
|
|
|
'read',
|
|
|
|
'write',
|
|
|
|
'admin',
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
2017-07-20 21:07:01 +00:00
|
|
|
|
2014-03-14 17:24:01 +00:00
|
|
|
@require_repo_admin
|
|
|
|
@nickname('getTokens')
|
2017-07-20 21:07:01 +00:00
|
|
|
def get(self, namespace_name, repo_name, code):
|
2014-03-14 17:24:55 +00:00
|
|
|
""" Fetch the specified repository token information. """
|
2017-07-20 21:07:01 +00:00
|
|
|
token = model.get_repository_token(namespace_name, repo_name, code)
|
|
|
|
if token is None:
|
2014-03-17 20:57:35 +00:00
|
|
|
raise NotFound()
|
2014-03-14 17:24:01 +00:00
|
|
|
|
2017-07-20 21:07:01 +00:00
|
|
|
return token.to_dict()
|
2014-03-14 17:24:01 +00:00
|
|
|
|
|
|
|
@require_repo_admin
|
|
|
|
@nickname('changeToken')
|
|
|
|
@validate_json_request('TokenPermission')
|
2017-07-20 21:07:01 +00:00
|
|
|
def put(self, namespace_name, repo_name, code):
|
2014-03-14 17:24:55 +00:00
|
|
|
""" Update the permissions for the specified repository token. """
|
2014-03-14 17:24:01 +00:00
|
|
|
new_permission = request.get_json()
|
2017-07-20 21:07:01 +00:00
|
|
|
logger.debug('Setting permission to: %s for code %s', new_permission['role'], code)
|
2014-03-14 17:24:01 +00:00
|
|
|
|
2017-07-20 21:07:01 +00:00
|
|
|
token = model.set_repository_token_role(namespace_name, repo_name, code, new_permission['role'])
|
|
|
|
log_action('change_repo_permission', namespace_name,
|
|
|
|
{'repo': repo_name, 'token': token.friendly_name, 'code': code,
|
2014-03-14 17:24:01 +00:00
|
|
|
'role': new_permission['role']},
|
2017-07-20 21:07:01 +00:00
|
|
|
repo_name=repo_name)
|
2014-03-14 17:24:01 +00:00
|
|
|
|
2017-07-20 21:07:01 +00:00
|
|
|
return token.to_dict()
|
2014-03-14 17:24:01 +00:00
|
|
|
|
|
|
|
@require_repo_admin
|
|
|
|
@nickname('deleteToken')
|
2017-07-20 21:07:01 +00:00
|
|
|
def delete(self, namespace_name, repo_name, code):
|
2014-03-14 17:24:55 +00:00
|
|
|
""" Delete the repository token. """
|
2017-07-20 21:07:01 +00:00
|
|
|
token = model.delete_repository_token(namespace_name, repo_name, code)
|
|
|
|
log_action('delete_repo_accesstoken', namespace_name,
|
|
|
|
{'repo': repo_name, 'token': token.friendly_name,
|
2014-03-14 17:24:01 +00:00
|
|
|
'code': code},
|
2017-07-20 21:07:01 +00:00
|
|
|
repo_name=repo_name)
|
2014-03-14 17:24:01 +00:00
|
|
|
|
2016-12-06 21:26:28 +00:00
|
|
|
return '', 204
|