Merge pull request #1685 from coreos-inc/org-wide-read
Change permissions model so that non-admins do not get org-wide read
This commit is contained in:
josephschorr
GitHub
commit
0d1e453566
5 changed files with 225 additions and 102 deletions
|
|
@ -29,10 +29,10 @@ REPO_ROLES = [None, 'read', 'write', 'admin']
|
||||||
TEAM_ROLES = [None, 'member', 'creator', 'admin']
|
TEAM_ROLES = [None, 'member', 'creator', 'admin']
|
||||||
USER_ROLES = [None, 'read', 'admin']
|
USER_ROLES = [None, 'read', 'admin']
|
||||||
|
|
||||||
TEAM_REPO_ROLES = {
|
TEAM_ORGWIDE_REPO_ROLES = {
|
||||||
'admin': 'admin',
|
'admin': 'admin',
|
||||||
'creator': 'read',
|
'creator': None,
|
||||||
'member': 'read',
|
'member': None,
|
||||||
}
|
}
|
||||||
|
|
||||||
SCOPE_MAX_REPO_ROLES = defaultdict(lambda: None)
|
SCOPE_MAX_REPO_ROLES = defaultdict(lambda: None)
|
||||||
|
|
@ -143,7 +143,7 @@ class QuayDeferredPermissionUser(Identity):
|
||||||
logger.debug('Organization team added permission: {0}'.format(team_org_grant))
|
logger.debug('Organization team added permission: {0}'.format(team_org_grant))
|
||||||
self.provides.add(team_org_grant)
|
self.provides.add(team_org_grant)
|
||||||
|
|
||||||
team_repo_role = TEAM_REPO_ROLES[team.role.name]
|
team_repo_role = TEAM_ORGWIDE_REPO_ROLES[team.role.name]
|
||||||
org_repo_grant = _OrganizationRepoNeed(team.organization.username,
|
org_repo_grant = _OrganizationRepoNeed(team.organization.username,
|
||||||
self._repo_role_for_scopes(team_repo_role))
|
self._repo_role_for_scopes(team_repo_role))
|
||||||
logger.debug('Organization team added repo permission: {0}'.format(org_repo_grant))
|
logger.debug('Organization team added repo permission: {0}'.format(org_repo_grant))
|
||||||
|
|
|
||||||
|
|
@ -1012,10 +1012,17 @@ class RegistryTestsMixin(object):
|
||||||
def test_create_repo_creator_user(self):
|
def test_create_repo_creator_user(self):
|
||||||
self.do_push('buynlarge', 'newrepo', 'creator', 'password')
|
self.do_push('buynlarge', 'newrepo', 'creator', 'password')
|
||||||
|
|
||||||
|
# Pull the repository as creator, as they created it.
|
||||||
|
self.do_pull('buynlarge', 'newrepo', 'creator', 'password')
|
||||||
|
|
||||||
# Pull the repository as devtable, which should succeed because the repository is owned by the
|
# Pull the repository as devtable, which should succeed because the repository is owned by the
|
||||||
# org.
|
# org.
|
||||||
self.do_pull('buynlarge', 'newrepo', 'devtable', 'password')
|
self.do_pull('buynlarge', 'newrepo', 'devtable', 'password')
|
||||||
|
|
||||||
|
# Attempt to pull the repository as reader, which should fail.
|
||||||
|
self.do_pull('buynlarge', 'newrepo', 'reader', 'password',
|
||||||
|
expect_failure=FailureCodes.UNAUTHORIZED)
|
||||||
|
|
||||||
|
|
||||||
def test_create_repo_robot_owner(self):
|
def test_create_repo_robot_owner(self):
|
||||||
# Lookup the robot's password.
|
# Lookup the robot's password.
|
||||||
|
|
|
||||||
296
test/specs.py
296
test/specs.py
|
|
@ -4,7 +4,6 @@ import hashlib
|
||||||
from flask import url_for
|
from flask import url_for
|
||||||
from uuid import uuid4
|
from uuid import uuid4
|
||||||
from base64 import b64encode
|
from base64 import b64encode
|
||||||
from util.names import parse_namespace_repository
|
|
||||||
|
|
||||||
|
|
||||||
NO_REPO = None
|
NO_REPO = None
|
||||||
|
|
@ -18,6 +17,9 @@ PRIVATE_REPO = PRIVATE + '/' + PRIVATE_REPO_NAME
|
||||||
|
|
||||||
ORG = 'buynlarge'
|
ORG = 'buynlarge'
|
||||||
ORG_REPO = ORG + '/orgrepo'
|
ORG_REPO = ORG + '/orgrepo'
|
||||||
|
ANOTHER_ORG_REPO = ORG + '/anotherorgrepo'
|
||||||
|
NEW_ORG_REPO = ORG + '/neworgrepo'
|
||||||
|
|
||||||
ORG_REPO_NAME = 'orgrepo'
|
ORG_REPO_NAME = 'orgrepo'
|
||||||
ORG_READERS = 'readers'
|
ORG_READERS = 'readers'
|
||||||
ORG_OWNER = 'devtable'
|
ORG_OWNER = 'devtable'
|
||||||
|
|
@ -85,7 +87,7 @@ UPDATE_REPO_DETAILS = {
|
||||||
|
|
||||||
class IndexV1TestSpec(object):
|
class IndexV1TestSpec(object):
|
||||||
def __init__(self, url, sess_repo=None, anon_code=403, no_access_code=403,
|
def __init__(self, url, sess_repo=None, anon_code=403, no_access_code=403,
|
||||||
read_code=200, admin_code=200):
|
read_code=200, creator_code=200, admin_code=200):
|
||||||
self._url = url
|
self._url = url
|
||||||
self._method = 'GET'
|
self._method = 'GET'
|
||||||
self._data = None
|
self._data = None
|
||||||
|
|
@ -95,6 +97,7 @@ class IndexV1TestSpec(object):
|
||||||
self.anon_code = anon_code
|
self.anon_code = anon_code
|
||||||
self.no_access_code = no_access_code
|
self.no_access_code = no_access_code
|
||||||
self.read_code = read_code
|
self.read_code = read_code
|
||||||
|
self.creator_code = creator_code
|
||||||
self.admin_code = admin_code
|
self.admin_code = admin_code
|
||||||
|
|
||||||
def gen_basic_auth(self, username, password):
|
def gen_basic_auth(self, username, password):
|
||||||
|
|
@ -124,121 +127,158 @@ class IndexV1TestSpec(object):
|
||||||
def build_v1_index_specs():
|
def build_v1_index_specs():
|
||||||
return [
|
return [
|
||||||
IndexV1TestSpec(url_for('v1.get_image_layer', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.get_image_layer', image_id=FAKE_IMAGE_ID),
|
||||||
PUBLIC_REPO, 404, 404, 404, 404),
|
PUBLIC_REPO, 404, 404, 404, 404, 404),
|
||||||
IndexV1TestSpec(url_for('v1.get_image_layer', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.get_image_layer', image_id=FAKE_IMAGE_ID),
|
||||||
PRIVATE_REPO, 403, 403, 404, 404),
|
PRIVATE_REPO, 403, 403, 404, 403, 404),
|
||||||
IndexV1TestSpec(url_for('v1.get_image_layer', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.get_image_layer', image_id=FAKE_IMAGE_ID),
|
||||||
ORG_REPO, 403, 403, 404, 404),
|
ORG_REPO, 403, 403, 404, 403, 404),
|
||||||
|
IndexV1TestSpec(url_for('v1.get_image_layer', image_id=FAKE_IMAGE_ID),
|
||||||
|
ANOTHER_ORG_REPO, 403, 403, 403, 403, 404),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.put_image_layer', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.put_image_layer', image_id=FAKE_IMAGE_ID),
|
||||||
PUBLIC_REPO, 403, 403, 403, 403).set_method('PUT'),
|
PUBLIC_REPO, 403, 403, 403, 403, 403).set_method('PUT'),
|
||||||
IndexV1TestSpec(url_for('v1.put_image_layer', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.put_image_layer', image_id=FAKE_IMAGE_ID),
|
||||||
PRIVATE_REPO, 403, 403, 403, 404).set_method('PUT'),
|
PRIVATE_REPO, 403, 403, 403, 403, 404).set_method('PUT'),
|
||||||
IndexV1TestSpec(url_for('v1.put_image_layer', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.put_image_layer', image_id=FAKE_IMAGE_ID),
|
||||||
ORG_REPO, 403, 403, 403, 404).set_method('PUT'),
|
ORG_REPO, 403, 403, 403, 403, 404).set_method('PUT'),
|
||||||
|
IndexV1TestSpec(url_for('v1.put_image_layer', image_id=FAKE_IMAGE_ID),
|
||||||
|
ANOTHER_ORG_REPO, 403, 403, 403, 403, 404).set_method('PUT'),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.put_image_checksum',
|
IndexV1TestSpec(url_for('v1.put_image_checksum',
|
||||||
image_id=FAKE_IMAGE_ID),
|
image_id=FAKE_IMAGE_ID),
|
||||||
PUBLIC_REPO, 403, 403, 403, 403).set_method('PUT'),
|
PUBLIC_REPO, 403, 403, 403, 403, 403).set_method('PUT'),
|
||||||
IndexV1TestSpec(url_for('v1.put_image_checksum',
|
IndexV1TestSpec(url_for('v1.put_image_checksum',
|
||||||
image_id=FAKE_IMAGE_ID),
|
image_id=FAKE_IMAGE_ID),
|
||||||
PRIVATE_REPO, 403, 403, 403, 400).set_method('PUT'),
|
PRIVATE_REPO, 403, 403, 403, 403, 400).set_method('PUT'),
|
||||||
IndexV1TestSpec(url_for('v1.put_image_checksum',
|
IndexV1TestSpec(url_for('v1.put_image_checksum',
|
||||||
image_id=FAKE_IMAGE_ID),
|
image_id=FAKE_IMAGE_ID),
|
||||||
ORG_REPO, 403, 403, 403, 400).set_method('PUT'),
|
ORG_REPO, 403, 403, 403, 403, 400).set_method('PUT'),
|
||||||
|
IndexV1TestSpec(url_for('v1.put_image_checksum',
|
||||||
|
image_id=FAKE_IMAGE_ID),
|
||||||
|
ANOTHER_ORG_REPO, 403, 403, 403, 403, 400).set_method('PUT'),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.get_image_json', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.get_image_json', image_id=FAKE_IMAGE_ID),
|
||||||
PUBLIC_REPO, 404, 404, 404, 404),
|
PUBLIC_REPO, 404, 404, 404, 404, 404),
|
||||||
IndexV1TestSpec(url_for('v1.get_image_json', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.get_image_json', image_id=FAKE_IMAGE_ID),
|
||||||
PRIVATE_REPO, 403, 403, 404, 404),
|
PRIVATE_REPO, 403, 403, 404, 403, 404),
|
||||||
IndexV1TestSpec(url_for('v1.get_image_json', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.get_image_json', image_id=FAKE_IMAGE_ID),
|
||||||
ORG_REPO, 403, 403, 404, 404),
|
ORG_REPO, 403, 403, 404, 403, 404),
|
||||||
|
IndexV1TestSpec(url_for('v1.get_image_json', image_id=FAKE_IMAGE_ID),
|
||||||
|
ANOTHER_ORG_REPO, 403, 403, 403, 403, 404),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.get_image_ancestry', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.get_image_ancestry', image_id=FAKE_IMAGE_ID),
|
||||||
PUBLIC_REPO, 404, 404, 404, 404),
|
PUBLIC_REPO, 404, 404, 404, 404, 404),
|
||||||
IndexV1TestSpec(url_for('v1.get_image_ancestry', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.get_image_ancestry', image_id=FAKE_IMAGE_ID),
|
||||||
PRIVATE_REPO, 403, 403, 404, 404),
|
PRIVATE_REPO, 403, 403, 404, 403, 404),
|
||||||
IndexV1TestSpec(url_for('v1.get_image_ancestry', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.get_image_ancestry', image_id=FAKE_IMAGE_ID),
|
||||||
ORG_REPO, 403, 403, 404, 404),
|
ORG_REPO, 403, 403, 404, 403, 404),
|
||||||
|
IndexV1TestSpec(url_for('v1.get_image_ancestry', image_id=FAKE_IMAGE_ID),
|
||||||
|
ANOTHER_ORG_REPO, 403, 403, 403, 403, 404),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.put_image_json', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.put_image_json', image_id=FAKE_IMAGE_ID),
|
||||||
PUBLIC_REPO, 403, 403, 403, 403).set_method('PUT'),
|
PUBLIC_REPO, 403, 403, 403, 403, 403).set_method('PUT'),
|
||||||
IndexV1TestSpec(url_for('v1.put_image_json', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.put_image_json', image_id=FAKE_IMAGE_ID),
|
||||||
PRIVATE_REPO, 403, 403, 403, 400).set_method('PUT'),
|
PRIVATE_REPO, 403, 403, 403, 403, 400).set_method('PUT'),
|
||||||
IndexV1TestSpec(url_for('v1.put_image_json', image_id=FAKE_IMAGE_ID),
|
IndexV1TestSpec(url_for('v1.put_image_json', image_id=FAKE_IMAGE_ID),
|
||||||
ORG_REPO, 403, 403, 403, 400).set_method('PUT'),
|
ORG_REPO, 403, 403, 403, 403, 400).set_method('PUT'),
|
||||||
|
IndexV1TestSpec(url_for('v1.put_image_json', image_id=FAKE_IMAGE_ID),
|
||||||
|
ANOTHER_ORG_REPO, 403, 403, 403, 403, 400).set_method('PUT'),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.create_user'), NO_REPO, 400, 400, 400,
|
IndexV1TestSpec(url_for('v1.create_user'), NO_REPO, 400, 400, 400, 400,
|
||||||
400).set_method('POST').set_data_from_obj(NEW_USER_DETAILS),
|
400).set_method('POST').set_data_from_obj(NEW_USER_DETAILS),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.get_user'), NO_REPO, 404, 200, 200, 200),
|
IndexV1TestSpec(url_for('v1.get_user'), NO_REPO, 404, 200, 200, 200, 200),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.update_user', username=FAKE_USERNAME),
|
IndexV1TestSpec(url_for('v1.update_user', username=FAKE_USERNAME),
|
||||||
NO_REPO, 403, 403, 403, 403).set_method('PUT'),
|
NO_REPO, 403, 403, 403, 403, 403).set_method('PUT'),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.create_repository', repository=PUBLIC_REPO),
|
IndexV1TestSpec(url_for('v1.create_repository', repository=PUBLIC_REPO),
|
||||||
NO_REPO, 403, 403, 403, 403).set_method('PUT'),
|
NO_REPO, 403, 403, 403, 403, 403).set_method('PUT'),
|
||||||
IndexV1TestSpec(url_for('v1.create_repository', repository=PRIVATE_REPO),
|
IndexV1TestSpec(url_for('v1.create_repository', repository=PRIVATE_REPO),
|
||||||
NO_REPO, 403, 403, 403, 201).set_method('PUT'),
|
NO_REPO, 403, 403, 403, 403, 201).set_method('PUT'),
|
||||||
IndexV1TestSpec(url_for('v1.create_repository', repository=ORG_REPO),
|
IndexV1TestSpec(url_for('v1.create_repository', repository=ORG_REPO),
|
||||||
NO_REPO, 403, 403, 403, 201).set_method('PUT'),
|
NO_REPO, 403, 403, 403, 403, 201).set_method('PUT'),
|
||||||
|
IndexV1TestSpec(url_for('v1.create_repository', repository=ANOTHER_ORG_REPO),
|
||||||
|
NO_REPO, 403, 403, 403, 403, 201).set_method('PUT'),
|
||||||
|
IndexV1TestSpec(url_for('v1.create_repository', repository=NEW_ORG_REPO),
|
||||||
|
NO_REPO, 401, 403, 403, 201, 201).set_method('PUT'),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.update_images', repository=PUBLIC_REPO),
|
IndexV1TestSpec(url_for('v1.update_images', repository=PUBLIC_REPO),
|
||||||
NO_REPO, 403, 403, 403, 403).set_method('PUT'),
|
NO_REPO, 403, 403, 403, 403, 403).set_method('PUT'),
|
||||||
IndexV1TestSpec(url_for('v1.update_images', repository=PRIVATE_REPO),
|
IndexV1TestSpec(url_for('v1.update_images', repository=PRIVATE_REPO),
|
||||||
NO_REPO, 403, 403, 403, 204).set_method('PUT'),
|
NO_REPO, 403, 403, 403, 403, 204).set_method('PUT'),
|
||||||
IndexV1TestSpec(url_for('v1.update_images', repository=ORG_REPO), NO_REPO,
|
IndexV1TestSpec(url_for('v1.update_images', repository=ORG_REPO), NO_REPO,
|
||||||
403, 403, 403, 204).set_method('PUT'),
|
403, 403, 403, 403, 204).set_method('PUT'),
|
||||||
|
IndexV1TestSpec(url_for('v1.update_images', repository=ANOTHER_ORG_REPO), NO_REPO,
|
||||||
|
403, 403, 403, 403, 204).set_method('PUT'),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.get_repository_images',
|
IndexV1TestSpec(url_for('v1.get_repository_images',
|
||||||
repository=PUBLIC_REPO),
|
repository=PUBLIC_REPO),
|
||||||
NO_REPO, 200, 200, 200, 200),
|
NO_REPO, 200, 200, 200, 200, 200),
|
||||||
IndexV1TestSpec(url_for('v1.get_repository_images',
|
IndexV1TestSpec(url_for('v1.get_repository_images',
|
||||||
repository=PRIVATE_REPO)),
|
repository=PRIVATE_REPO),
|
||||||
IndexV1TestSpec(url_for('v1.get_repository_images', repository=ORG_REPO)),
|
NO_REPO, 403, 403, 200, 403, 200),
|
||||||
|
IndexV1TestSpec(url_for('v1.get_repository_images',
|
||||||
|
repository=ORG_REPO),
|
||||||
|
NO_REPO, 403, 403, 200, 403, 200),
|
||||||
|
IndexV1TestSpec(url_for('v1.get_repository_images',
|
||||||
|
repository=ANOTHER_ORG_REPO),
|
||||||
|
NO_REPO, 403, 403, 403, 403, 200),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.delete_repository_images',
|
IndexV1TestSpec(url_for('v1.delete_repository_images',
|
||||||
repository=PUBLIC_REPO),
|
repository=PUBLIC_REPO),
|
||||||
NO_REPO, 501, 501, 501, 501).set_method('DELETE'),
|
NO_REPO, 501, 501, 501, 501, 501).set_method('DELETE'),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.put_repository_auth', repository=PUBLIC_REPO),
|
IndexV1TestSpec(url_for('v1.put_repository_auth', repository=PUBLIC_REPO),
|
||||||
NO_REPO, 501, 501, 501, 501).set_method('PUT'),
|
NO_REPO, 501, 501, 501, 501, 501).set_method('PUT'),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.get_search'), NO_REPO, 200, 200, 200, 200),
|
IndexV1TestSpec(url_for('v1.get_search'), NO_REPO, 200, 200, 200, 200, 200),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.ping'), NO_REPO, 200, 200, 200, 200),
|
IndexV1TestSpec(url_for('v1.ping'), NO_REPO, 200, 200, 200, 200, 200),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.get_tags', repository=PUBLIC_REPO), NO_REPO,
|
IndexV1TestSpec(url_for('v1.get_tags', repository=PUBLIC_REPO), NO_REPO,
|
||||||
200, 200, 200, 200),
|
200, 200, 200, 200, 200),
|
||||||
IndexV1TestSpec(url_for('v1.get_tags', repository=PRIVATE_REPO)),
|
IndexV1TestSpec(url_for('v1.get_tags', repository=PRIVATE_REPO), NO_REPO,
|
||||||
IndexV1TestSpec(url_for('v1.get_tags', repository=ORG_REPO)),
|
403, 403, 200, 403, 200),
|
||||||
|
IndexV1TestSpec(url_for('v1.get_tags', repository=ORG_REPO), NO_REPO,
|
||||||
|
403, 403, 200, 403, 200),
|
||||||
|
IndexV1TestSpec(url_for('v1.get_tags', repository=ANOTHER_ORG_REPO), NO_REPO,
|
||||||
|
403, 403, 403, 403, 200),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.get_tag', repository=PUBLIC_REPO,
|
IndexV1TestSpec(url_for('v1.get_tag', repository=PUBLIC_REPO,
|
||||||
tag=FAKE_TAG_NAME), NO_REPO, 404, 404, 404, 404),
|
tag=FAKE_TAG_NAME), NO_REPO, 404, 404, 404, 404, 404),
|
||||||
IndexV1TestSpec(url_for('v1.get_tag', repository=PRIVATE_REPO,
|
IndexV1TestSpec(url_for('v1.get_tag', repository=PRIVATE_REPO,
|
||||||
tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 404, 404),
|
tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 404, 403, 404),
|
||||||
IndexV1TestSpec(url_for('v1.get_tag', repository=ORG_REPO,
|
IndexV1TestSpec(url_for('v1.get_tag', repository=ORG_REPO,
|
||||||
tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 404, 404),
|
tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 404, 403, 404),
|
||||||
|
IndexV1TestSpec(url_for('v1.get_tag', repository=ANOTHER_ORG_REPO,
|
||||||
|
tag=FAKE_TAG_NAME), NO_REPO, 403, 403, 403, 403, 404),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.put_tag', repository=PUBLIC_REPO,
|
IndexV1TestSpec(url_for('v1.put_tag', repository=PUBLIC_REPO,
|
||||||
tag=FAKE_TAG_NAME),
|
tag=FAKE_TAG_NAME),
|
||||||
NO_REPO, 403, 403, 403, 403).set_method('PUT'),
|
NO_REPO, 403, 403, 403, 403, 403).set_method('PUT'),
|
||||||
IndexV1TestSpec(url_for('v1.put_tag', repository=PRIVATE_REPO,
|
IndexV1TestSpec(url_for('v1.put_tag', repository=PRIVATE_REPO,
|
||||||
tag=FAKE_TAG_NAME),
|
tag=FAKE_TAG_NAME),
|
||||||
NO_REPO, 403, 403, 403, 400).set_method('PUT'),
|
NO_REPO, 403, 403, 403, 403, 400).set_method('PUT'),
|
||||||
IndexV1TestSpec(url_for('v1.put_tag', repository=ORG_REPO,
|
IndexV1TestSpec(url_for('v1.put_tag', repository=ORG_REPO,
|
||||||
tag=FAKE_TAG_NAME),
|
tag=FAKE_TAG_NAME),
|
||||||
NO_REPO, 403, 403, 403, 400).set_method('PUT'),
|
NO_REPO, 403, 403, 403, 403, 400).set_method('PUT'),
|
||||||
|
IndexV1TestSpec(url_for('v1.put_tag', repository=ANOTHER_ORG_REPO,
|
||||||
|
tag=FAKE_TAG_NAME),
|
||||||
|
NO_REPO, 403, 403, 403, 403, 400).set_method('PUT'),
|
||||||
|
|
||||||
IndexV1TestSpec(url_for('v1.delete_tag', repository=PUBLIC_REPO,
|
IndexV1TestSpec(url_for('v1.delete_tag', repository=PUBLIC_REPO,
|
||||||
tag=FAKE_TAG_NAME),
|
tag=FAKE_TAG_NAME),
|
||||||
NO_REPO, 403, 403, 403, 403).set_method('DELETE'),
|
NO_REPO, 403, 403, 403, 403, 403).set_method('DELETE'),
|
||||||
IndexV1TestSpec(url_for('v1.delete_tag', repository=PRIVATE_REPO,
|
IndexV1TestSpec(url_for('v1.delete_tag', repository=PRIVATE_REPO,
|
||||||
tag=FAKE_TAG_NAME),
|
tag=FAKE_TAG_NAME),
|
||||||
NO_REPO, 403, 403, 403, 400).set_method('DELETE'),
|
NO_REPO, 403, 403, 403, 403, 400).set_method('DELETE'),
|
||||||
IndexV1TestSpec(url_for('v1.delete_tag', repository=ORG_REPO,
|
IndexV1TestSpec(url_for('v1.delete_tag', repository=ORG_REPO,
|
||||||
tag=FAKE_TAG_NAME),
|
tag=FAKE_TAG_NAME),
|
||||||
NO_REPO, 403, 403, 403, 400).set_method('DELETE'),
|
NO_REPO, 403, 403, 403, 403, 400).set_method('DELETE'),
|
||||||
|
IndexV1TestSpec(url_for('v1.delete_tag', repository=ANOTHER_ORG_REPO,
|
||||||
|
tag=FAKE_TAG_NAME),
|
||||||
|
NO_REPO, 403, 403, 403, 403, 400).set_method('DELETE'),
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -257,11 +297,15 @@ class IndexV2TestSpec(object):
|
||||||
self.no_access_code = 403
|
self.no_access_code = 403
|
||||||
self.read_code = 200
|
self.read_code = 200
|
||||||
self.admin_code = 200
|
self.admin_code = 200
|
||||||
|
self.creator_code = 200
|
||||||
|
|
||||||
def request_status(self, anon_code=401, no_access_code=403, read_code=200, admin_code=200):
|
|
||||||
|
def request_status(self, anon_code=401, no_access_code=403, read_code=200, creator_code=200,
|
||||||
|
admin_code=200):
|
||||||
self.anon_code = anon_code
|
self.anon_code = anon_code
|
||||||
self.no_access_code = no_access_code
|
self.no_access_code = no_access_code
|
||||||
self.read_code = read_code
|
self.read_code = read_code
|
||||||
|
self.creator_code = creator_code
|
||||||
self.admin_code = admin_code
|
self.admin_code = admin_code
|
||||||
return self
|
return self
|
||||||
|
|
||||||
|
|
@ -280,131 +324,187 @@ def build_v2_index_specs():
|
||||||
return [
|
return [
|
||||||
# v2.list_all_tags
|
# v2.list_all_tags
|
||||||
IndexV2TestSpec('v2.list_all_tags', 'GET', PUBLIC_REPO).
|
IndexV2TestSpec('v2.list_all_tags', 'GET', PUBLIC_REPO).
|
||||||
request_status(200, 200, 200, 200),
|
request_status(200, 200, 200, 200, 200),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.list_all_tags', 'GET', PRIVATE_REPO).
|
IndexV2TestSpec('v2.list_all_tags', 'GET', PRIVATE_REPO).
|
||||||
request_status(401, 401, 200, 200),
|
request_status(401, 401, 200, 401, 200),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.list_all_tags', 'GET', ORG_REPO).
|
IndexV2TestSpec('v2.list_all_tags', 'GET', ORG_REPO).
|
||||||
request_status(401, 401, 200, 200),
|
request_status(401, 401, 200, 401, 200),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.list_all_tags', 'GET', ANOTHER_ORG_REPO).
|
||||||
|
request_status(401, 401, 401, 401, 200),
|
||||||
|
|
||||||
# v2.fetch_manifest_by_tagname
|
# v2.fetch_manifest_by_tagname
|
||||||
IndexV2TestSpec('v2.fetch_manifest_by_tagname', 'GET', PUBLIC_REPO, manifest_ref=FAKE_MANIFEST).
|
IndexV2TestSpec('v2.fetch_manifest_by_tagname', 'GET', PUBLIC_REPO, manifest_ref=FAKE_MANIFEST).
|
||||||
request_status(404, 404, 404, 404),
|
request_status(404, 404, 404, 404, 404),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.fetch_manifest_by_tagname', 'GET', PRIVATE_REPO, manifest_ref=FAKE_MANIFEST).
|
IndexV2TestSpec('v2.fetch_manifest_by_tagname', 'GET', PRIVATE_REPO,
|
||||||
request_status(401, 401, 404, 404),
|
manifest_ref=FAKE_MANIFEST).
|
||||||
|
request_status(401, 401, 404, 401, 404),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.fetch_manifest_by_tagname', 'GET', ORG_REPO, manifest_ref=FAKE_MANIFEST).
|
IndexV2TestSpec('v2.fetch_manifest_by_tagname', 'GET', ORG_REPO, manifest_ref=FAKE_MANIFEST).
|
||||||
request_status(401, 401, 404, 404),
|
request_status(401, 401, 404, 401, 404),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.fetch_manifest_by_tagname', 'GET', ANOTHER_ORG_REPO,
|
||||||
|
manifest_ref=FAKE_MANIFEST).
|
||||||
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
# v2.fetch_manifest_by_digest
|
# v2.fetch_manifest_by_digest
|
||||||
IndexV2TestSpec('v2.fetch_manifest_by_digest', 'GET', PUBLIC_REPO, manifest_ref=FAKE_DIGEST).
|
IndexV2TestSpec('v2.fetch_manifest_by_digest', 'GET', PUBLIC_REPO, manifest_ref=FAKE_DIGEST).
|
||||||
request_status(404, 404, 404, 404),
|
request_status(404, 404, 404, 404, 404),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.fetch_manifest_by_digest', 'GET', PRIVATE_REPO, manifest_ref=FAKE_DIGEST).
|
IndexV2TestSpec('v2.fetch_manifest_by_digest', 'GET', PRIVATE_REPO, manifest_ref=FAKE_DIGEST).
|
||||||
request_status(401, 401, 404, 404),
|
request_status(401, 401, 404, 401, 404),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.fetch_manifest_by_digest', 'GET', ORG_REPO, manifest_ref=FAKE_DIGEST).
|
IndexV2TestSpec('v2.fetch_manifest_by_digest', 'GET', ORG_REPO, manifest_ref=FAKE_DIGEST).
|
||||||
request_status(401, 401, 404, 404),
|
request_status(401, 401, 404, 401, 404),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.fetch_manifest_by_digest', 'GET', ANOTHER_ORG_REPO,
|
||||||
|
manifest_ref=FAKE_DIGEST).
|
||||||
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
# v2.write_manifest_by_tagname
|
# v2.write_manifest_by_tagname
|
||||||
IndexV2TestSpec('v2.write_manifest_by_tagname', 'PUT', PUBLIC_REPO, manifest_ref=FAKE_MANIFEST).
|
IndexV2TestSpec('v2.write_manifest_by_tagname', 'PUT', PUBLIC_REPO, manifest_ref=FAKE_MANIFEST).
|
||||||
request_status(401, 401, 401, 401),
|
request_status(401, 401, 401, 401, 401),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.write_manifest_by_tagname', 'PUT', PRIVATE_REPO, manifest_ref=FAKE_MANIFEST).
|
IndexV2TestSpec('v2.write_manifest_by_tagname', 'PUT', PRIVATE_REPO,
|
||||||
request_status(401, 401, 401, 400),
|
manifest_ref=FAKE_MANIFEST).
|
||||||
|
request_status(401, 401, 401, 401, 400),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.write_manifest_by_tagname', 'PUT', ORG_REPO, manifest_ref=FAKE_MANIFEST).
|
IndexV2TestSpec('v2.write_manifest_by_tagname', 'PUT', ORG_REPO, manifest_ref=FAKE_MANIFEST).
|
||||||
request_status(401, 401, 401, 400),
|
request_status(401, 401, 401, 401, 400),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.write_manifest_by_tagname', 'PUT', ANOTHER_ORG_REPO,
|
||||||
|
manifest_ref=FAKE_MANIFEST).
|
||||||
|
request_status(401, 401, 401, 401, 400),
|
||||||
|
|
||||||
# v2.write_manifest_by_digest
|
# v2.write_manifest_by_digest
|
||||||
IndexV2TestSpec('v2.write_manifest_by_digest', 'PUT', PUBLIC_REPO, manifest_ref=FAKE_DIGEST).
|
IndexV2TestSpec('v2.write_manifest_by_digest', 'PUT', PUBLIC_REPO, manifest_ref=FAKE_DIGEST).
|
||||||
request_status(401, 401, 401, 401),
|
request_status(401, 401, 401, 401, 401),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.write_manifest_by_digest', 'PUT', PRIVATE_REPO, manifest_ref=FAKE_DIGEST).
|
IndexV2TestSpec('v2.write_manifest_by_digest', 'PUT', PRIVATE_REPO, manifest_ref=FAKE_DIGEST).
|
||||||
request_status(401, 401, 401, 400),
|
request_status(401, 401, 401, 401, 400),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.write_manifest_by_digest', 'PUT', ORG_REPO, manifest_ref=FAKE_DIGEST).
|
IndexV2TestSpec('v2.write_manifest_by_digest', 'PUT', ORG_REPO, manifest_ref=FAKE_DIGEST).
|
||||||
request_status(401, 401, 401, 400),
|
request_status(401, 401, 401, 401, 400),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.write_manifest_by_digest', 'PUT', ANOTHER_ORG_REPO,
|
||||||
|
manifest_ref=FAKE_DIGEST).
|
||||||
|
request_status(401, 401, 401, 401, 400),
|
||||||
|
|
||||||
# v2.delete_manifest_by_digest
|
# v2.delete_manifest_by_digest
|
||||||
IndexV2TestSpec('v2.delete_manifest_by_digest', 'DELETE', PUBLIC_REPO, manifest_ref=FAKE_DIGEST).
|
IndexV2TestSpec('v2.delete_manifest_by_digest', 'DELETE', PUBLIC_REPO,
|
||||||
request_status(401, 401, 401, 401),
|
manifest_ref=FAKE_DIGEST).
|
||||||
|
request_status(401, 401, 401, 401, 401),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.delete_manifest_by_digest', 'DELETE', PRIVATE_REPO, manifest_ref=FAKE_DIGEST).
|
IndexV2TestSpec('v2.delete_manifest_by_digest', 'DELETE', PRIVATE_REPO,
|
||||||
request_status(401, 401, 401, 404),
|
manifest_ref=FAKE_DIGEST).
|
||||||
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.delete_manifest_by_digest', 'DELETE', ORG_REPO, manifest_ref=FAKE_DIGEST).
|
IndexV2TestSpec('v2.delete_manifest_by_digest', 'DELETE', ORG_REPO, manifest_ref=FAKE_DIGEST).
|
||||||
request_status(401, 401, 401, 404),
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.delete_manifest_by_digest', 'DELETE', ANOTHER_ORG_REPO,
|
||||||
|
manifest_ref=FAKE_DIGEST).
|
||||||
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
# v2.check_blob_exists
|
# v2.check_blob_exists
|
||||||
IndexV2TestSpec('v2.check_blob_exists', 'HEAD', PUBLIC_REPO, digest=FAKE_DIGEST).
|
IndexV2TestSpec('v2.check_blob_exists', 'HEAD', PUBLIC_REPO, digest=FAKE_DIGEST).
|
||||||
request_status(404, 404, 404, 404),
|
request_status(404, 404, 404, 404, 404),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.check_blob_exists', 'HEAD', PRIVATE_REPO, digest=FAKE_DIGEST).
|
IndexV2TestSpec('v2.check_blob_exists', 'HEAD', PRIVATE_REPO, digest=FAKE_DIGEST).
|
||||||
request_status(401, 401, 404, 404),
|
request_status(401, 401, 404, 401, 404),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.check_blob_exists', 'HEAD', ORG_REPO, digest=FAKE_DIGEST).
|
IndexV2TestSpec('v2.check_blob_exists', 'HEAD', ORG_REPO, digest=FAKE_DIGEST).
|
||||||
request_status(401, 401, 404, 404),
|
request_status(401, 401, 404, 401, 404),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.check_blob_exists', 'HEAD', ANOTHER_ORG_REPO, digest=FAKE_DIGEST).
|
||||||
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
# v2.download_blob
|
# v2.download_blob
|
||||||
IndexV2TestSpec('v2.download_blob', 'GET', PUBLIC_REPO, digest=FAKE_DIGEST).
|
IndexV2TestSpec('v2.download_blob', 'GET', PUBLIC_REPO, digest=FAKE_DIGEST).
|
||||||
request_status(404, 404, 404, 404),
|
request_status(404, 404, 404, 404, 404),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.download_blob', 'GET', PRIVATE_REPO, digest=FAKE_DIGEST).
|
IndexV2TestSpec('v2.download_blob', 'GET', PRIVATE_REPO, digest=FAKE_DIGEST).
|
||||||
request_status(401, 401, 404, 404),
|
request_status(401, 401, 404, 401, 404),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.download_blob', 'GET', ORG_REPO, digest=FAKE_DIGEST).
|
IndexV2TestSpec('v2.download_blob', 'GET', ORG_REPO, digest=FAKE_DIGEST).
|
||||||
request_status(401, 401, 404, 404),
|
request_status(401, 401, 404, 401, 404),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.download_blob', 'GET', ANOTHER_ORG_REPO, digest=FAKE_DIGEST).
|
||||||
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
# v2.start_blob_upload
|
# v2.start_blob_upload
|
||||||
IndexV2TestSpec('v2.start_blob_upload', 'POST', PUBLIC_REPO).
|
IndexV2TestSpec('v2.start_blob_upload', 'POST', PUBLIC_REPO).
|
||||||
request_status(401, 401, 401, 401),
|
request_status(401, 401, 401, 401, 401),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.start_blob_upload', 'POST', PRIVATE_REPO).
|
IndexV2TestSpec('v2.start_blob_upload', 'POST', PRIVATE_REPO).
|
||||||
request_status(401, 401, 401, 202),
|
request_status(401, 401, 401, 401, 202),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.start_blob_upload', 'POST', ORG_REPO).
|
IndexV2TestSpec('v2.start_blob_upload', 'POST', ORG_REPO).
|
||||||
request_status(401, 401, 401, 202),
|
request_status(401, 401, 401, 401, 202),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.start_blob_upload', 'POST', ANOTHER_ORG_REPO).
|
||||||
|
request_status(401, 401, 401, 401, 202),
|
||||||
|
|
||||||
# v2.fetch_existing_upload
|
# v2.fetch_existing_upload
|
||||||
IndexV2TestSpec('v2.fetch_existing_upload', 'GET', PUBLIC_REPO, 'push,pull', upload_uuid=FAKE_UPLOAD_ID).
|
IndexV2TestSpec('v2.fetch_existing_upload', 'GET', PUBLIC_REPO, 'push,pull',
|
||||||
request_status(401, 401, 401, 401),
|
upload_uuid=FAKE_UPLOAD_ID).
|
||||||
|
request_status(401, 401, 401, 401, 401),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.fetch_existing_upload', 'GET', PRIVATE_REPO, 'push,pull', upload_uuid=FAKE_UPLOAD_ID).
|
IndexV2TestSpec('v2.fetch_existing_upload', 'GET', PRIVATE_REPO, 'push,pull',
|
||||||
request_status(401, 401, 401, 404),
|
upload_uuid=FAKE_UPLOAD_ID).
|
||||||
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.fetch_existing_upload', 'GET', ORG_REPO, 'push,pull', upload_uuid=FAKE_UPLOAD_ID).
|
IndexV2TestSpec('v2.fetch_existing_upload', 'GET', ORG_REPO, 'push,pull',
|
||||||
request_status(401, 401, 401, 404),
|
upload_uuid=FAKE_UPLOAD_ID).
|
||||||
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.fetch_existing_upload', 'GET', ANOTHER_ORG_REPO, 'push,pull',
|
||||||
|
upload_uuid=FAKE_UPLOAD_ID).
|
||||||
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
# v2.upload_chunk
|
# v2.upload_chunk
|
||||||
IndexV2TestSpec('v2.upload_chunk', 'PATCH', PUBLIC_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
IndexV2TestSpec('v2.upload_chunk', 'PATCH', PUBLIC_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
||||||
request_status(401, 401, 401, 401),
|
request_status(401, 401, 401, 401, 401),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.upload_chunk', 'PATCH', PRIVATE_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
IndexV2TestSpec('v2.upload_chunk', 'PATCH', PRIVATE_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
||||||
request_status(401, 401, 401, 404),
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.upload_chunk', 'PATCH', ORG_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
IndexV2TestSpec('v2.upload_chunk', 'PATCH', ORG_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
||||||
request_status(401, 401, 401, 404),
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.upload_chunk', 'PATCH', ANOTHER_ORG_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
||||||
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
# v2.monolithic_upload_or_last_chunk
|
# v2.monolithic_upload_or_last_chunk
|
||||||
IndexV2TestSpec('v2.monolithic_upload_or_last_chunk', 'PUT', PUBLIC_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
IndexV2TestSpec('v2.monolithic_upload_or_last_chunk', 'PUT', PUBLIC_REPO,
|
||||||
request_status(401, 401, 401, 401),
|
upload_uuid=FAKE_UPLOAD_ID).
|
||||||
|
request_status(401, 401, 401, 401, 401),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.monolithic_upload_or_last_chunk', 'PUT', PRIVATE_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
IndexV2TestSpec('v2.monolithic_upload_or_last_chunk', 'PUT', PRIVATE_REPO,
|
||||||
request_status(401, 401, 401, 400),
|
upload_uuid=FAKE_UPLOAD_ID).
|
||||||
|
request_status(401, 401, 401, 401, 400),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.monolithic_upload_or_last_chunk', 'PUT', ORG_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
IndexV2TestSpec('v2.monolithic_upload_or_last_chunk', 'PUT', ORG_REPO,
|
||||||
request_status(401, 401, 401, 400),
|
upload_uuid=FAKE_UPLOAD_ID).
|
||||||
|
request_status(401, 401, 401, 401, 400),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.monolithic_upload_or_last_chunk', 'PUT', ANOTHER_ORG_REPO,
|
||||||
|
upload_uuid=FAKE_UPLOAD_ID).
|
||||||
|
request_status(401, 401, 401, 401, 400),
|
||||||
|
|
||||||
# v2.cancel_upload
|
# v2.cancel_upload
|
||||||
IndexV2TestSpec('v2.cancel_upload', 'DELETE', PUBLIC_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
IndexV2TestSpec('v2.cancel_upload', 'DELETE', PUBLIC_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
||||||
request_status(401, 401, 401, 401),
|
request_status(401, 401, 401, 401, 401),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.cancel_upload', 'DELETE', PRIVATE_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
IndexV2TestSpec('v2.cancel_upload', 'DELETE', PRIVATE_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
||||||
request_status(401, 401, 401, 404),
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
IndexV2TestSpec('v2.cancel_upload', 'DELETE', ORG_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
IndexV2TestSpec('v2.cancel_upload', 'DELETE', ORG_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
||||||
request_status(401, 401, 401, 404),
|
request_status(401, 401, 401, 401, 404),
|
||||||
|
|
||||||
|
IndexV2TestSpec('v2.cancel_upload', 'DELETE', ANOTHER_ORG_REPO, upload_uuid=FAKE_UPLOAD_ID).
|
||||||
|
request_status(401, 401, 401, 401, 404),
|
||||||
]
|
]
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,7 @@ app.register_blueprint(v1_bp, url_prefix='/v1')
|
||||||
|
|
||||||
NO_ACCESS_USER = 'freshuser'
|
NO_ACCESS_USER = 'freshuser'
|
||||||
READ_ACCESS_USER = 'reader'
|
READ_ACCESS_USER = 'reader'
|
||||||
|
CREATOR_ACCESS_USER = 'creator'
|
||||||
ADMIN_ACCESS_USER = 'devtable'
|
ADMIN_ACCESS_USER = 'devtable'
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -102,6 +103,13 @@ class TestReadAccess(EndpointTestCase):
|
||||||
auth_username = READ_ACCESS_USER
|
auth_username = READ_ACCESS_USER
|
||||||
|
|
||||||
|
|
||||||
|
class TestCreatorAccess(EndpointTestCase):
|
||||||
|
__metaclass__ = _SpecTestBuilder
|
||||||
|
spec_func = build_v1_index_specs
|
||||||
|
result_attr = 'creator_code'
|
||||||
|
auth_username = CREATOR_ACCESS_USER
|
||||||
|
|
||||||
|
|
||||||
class TestAdminAccess(EndpointTestCase):
|
class TestAdminAccess(EndpointTestCase):
|
||||||
__metaclass__ = _SpecTestBuilder
|
__metaclass__ = _SpecTestBuilder
|
||||||
spec_func = build_v1_index_specs
|
spec_func = build_v1_index_specs
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,7 @@ app.register_blueprint(v2_bp, url_prefix='/v2')
|
||||||
NO_ACCESS_USER = 'freshuser'
|
NO_ACCESS_USER = 'freshuser'
|
||||||
READ_ACCESS_USER = 'reader'
|
READ_ACCESS_USER = 'reader'
|
||||||
ADMIN_ACCESS_USER = 'devtable'
|
ADMIN_ACCESS_USER = 'devtable'
|
||||||
|
CREATOR_ACCESS_USER = 'creator'
|
||||||
|
|
||||||
|
|
||||||
class EndpointTestCase(unittest.TestCase):
|
class EndpointTestCase(unittest.TestCase):
|
||||||
|
|
@ -97,6 +98,13 @@ class TestReadAccess(EndpointTestCase):
|
||||||
auth_username = READ_ACCESS_USER
|
auth_username = READ_ACCESS_USER
|
||||||
|
|
||||||
|
|
||||||
|
class TestCreatorAccess(EndpointTestCase):
|
||||||
|
__metaclass__ = _SpecTestBuilder
|
||||||
|
spec_func = build_v2_index_specs
|
||||||
|
result_attr = 'creator_code'
|
||||||
|
auth_username = CREATOR_ACCESS_USER
|
||||||
|
|
||||||
|
|
||||||
class TestAdminAccess(EndpointTestCase):
|
class TestAdminAccess(EndpointTestCase):
|
||||||
__metaclass__ = _SpecTestBuilder
|
__metaclass__ = _SpecTestBuilder
|
||||||
spec_func = build_v2_index_specs
|
spec_func = build_v2_index_specs
|
||||||
|
|
|
||||||
Reference in a new issue