Break out repo kind checking into its own decorator

We then use that decorator both in the API and in the permissions check decorator
2017-03-23 00:01:37 -04:00 · 2017-03-23 00:01:37 -04:00 · 069208f2f1
commit 069208f2f1
parent 4c34b00b38
2 changed files with 19 additions and 6 deletions
--- a/endpoints/appr/decorators.py
+++ b/endpoints/appr/decorators.py
@ -18,19 +18,28 @@ def _get_reponame_kwargs(*args, **kwargs):
  return [kwargs['namespace_name'], kwargs['repo_name']]


+def disallow_for_image_repository(get_reponame_method=_get_reponame_kwargs):
+  def wrapper(func):
+    @wraps(func)
+    def wrapped(*args, **kwargs):
+      namespace_name, repo_name = get_reponame_method(*args, **kwargs)
+      image_repo = model.repository.get_repository(namespace_name, repo_name, kind_filter='image')
+      if image_repo is not None:
+        logger.debug('Tried to invoked a CNR method on an image repository')
+        abort(501)
+      return func(*args, **kwargs)
+    return wrapped
+  return wrapper
+
+
 def require_repo_permission(permission_class, scopes=None, allow_public=False,
                            raise_method=_raise_unauthorized,
                            get_reponame_method=_get_reponame_kwargs):
  def wrapper(func):
    @wraps(func)
+    @disallow_for_image_repository(get_reponame_method=get_reponame_method)
    def wrapped(*args, **kwargs):
      namespace_name, repo_name = get_reponame_method(*args, **kwargs)
-
-      image_repo = model.repository.get_repository(namespace_name, repo_name, kind_filter='image')
-      if image_repo is not None:
-        logger.debug('Tried to invoked a CNR method on an image repository')
-        abort(501)
-
      logger.debug('Checking permission %s for repo: %s/%s', permission_class,
                   namespace_name, repo_name)
      permission = permission_class(namespace_name, repo_name)