Disable web endpoints for app repos

2017-03-22 15:29:44 -04:00 · 2017-03-22 15:29:44 -04:00 · 178373293d
commit 178373293d
parent 54efed62ee
3 changed files with 12 additions and 1 deletions
--- a/endpoints/githubtrigger.py
+++ b/endpoints/githubtrigger.py
@ -31,6 +31,8 @@ def attach_github_build_trigger(namespace_name, repo_name):
    if not repo:
      msg = 'Invalid repository: %s/%s' % (namespace_name, repo_name)
      abort(404, message=msg)
+    elif repo.kind.name != 'image':
+      abort(501)

    trigger = model.build.create_build_trigger(repo, 'github', token, current_user.db_user())
    repo_path = '%s/%s' % (namespace_name, repo_name)
--- a/endpoints/gitlabtrigger.py
+++ b/endpoints/gitlabtrigger.py
@ -44,6 +44,8 @@ def attach_gitlab_build_trigger():
    if not repo:
      msg = 'Invalid repository: %s/%s' % (namespace, repository)
      abort(404, message=msg)
+    elif repo.kind.name != 'image':
+      abort(501)

    trigger = model.build.create_build_trigger(repo, 'gitlab', token, current_user.db_user())
    repo_path = '%s/%s' % (namespace, repository)
--- a/endpoints/web.py
+++ b/endpoints/web.py
@ -426,9 +426,12 @@ def confirm_recovery():
@anon_protect
 def build_status_badge(namespace_name, repo_name):
  token = request.args.get('token', None)
+  repo = model.repository.get_repository(namespace_name, repo_name)
+  if repo and repo.kind.name != 'image':
+    abort(404)
+
  is_public = model.repository.repository_is_public(namespace_name, repo_name)
  if not is_public:
-    repo = model.repository.get_repository(namespace_name, repo_name)
    if not repo or token != repo.badge_token:
      abort(404)

@ -628,6 +631,8 @@ def attach_bitbucket_trigger(namespace_name, repo_name):
    if not repo:
      msg = 'Invalid repository: %s/%s' % (namespace_name, repo_name)
      abort(404, message=msg)
+    elif repo.kind.name != 'image':
+      abort(501)

    trigger = model.build.create_build_trigger(repo, BitbucketBuildTrigger.service_name(), None,
                                               current_user.db_user())
@ -661,6 +666,8 @@ def attach_custom_build_trigger(namespace_name, repo_name):
    if not repo:
      msg = 'Invalid repository: %s/%s' % (namespace_name, repo_name)
      abort(404, message=msg)
+    elif repo.kind.name != 'image':
+      abort(501)

    trigger = model.build.create_build_trigger(repo, CustomBuildTrigger.service_name(),
                                               None, current_user.db_user())