Make images belong to one repository only. Add a description field to the repository. Fix a bug with access tokens. Fix an embarrasing bug with multiple select criteria in peewee. Update the test db.

data/database.py

@@ -31,6 +31,7 @@ class Repository(BaseModel):
   namespace = CharField()
   name = CharField()
   visibility = ForeignKeyField(Visibility)
+  description = CharField(null=True)
 
   class Meta:
     database = db
@@ -66,8 +67,22 @@ class AccessToken(BaseModel):
 
 
 class Image(BaseModel):
-  image_id = CharField(unique=True)
+  # This class is intentionally denormalized. Even though images are supposed
+  # to be globally unique we can't treat them as such for permissions and
+  # security reasons. So rather than Repository <-> Image being many to many
+  # each image now belongs to exactly one repository.
+  image_id = CharField()
   checksum = CharField(null=True)
+  created = DateTimeField(null=True)
+  comment = CharField(null=True)
+  repository = ForeignKeyField(Repository)
+
+  class Meta:
+    database = db
+    indexes = (
+      # we don't really want duplicates
+      (('repository', 'image_id'), True),
+    )
 
 
 class RepositoryTag(BaseModel):
@@ -76,22 +91,9 @@ class RepositoryTag(BaseModel):
   repository = ForeignKeyField(Repository)
 
 
-class RepositoryImage(BaseModel):
-  repository = ForeignKeyField(Repository)
-  image = ForeignKeyField(Image)
-  tag = CharField()
-
-  class Meta:
-    database = db
-    indexes = (
-      # we don't really want duplicates
-      (('repository', 'image', 'tag'), True),
-    )
-
-
 def initialize_db():
-  create_model_tables([User, Repository, Image, RepositoryImage, AccessToken,
-                       Role, RepositoryPermission, Visibility, RepositoryTag])
+  create_model_tables([User, Repository, Image, AccessToken, Role,
+                       RepositoryPermission, Visibility, RepositoryTag])
   Role.create(name='admin')
   Role.create(name='write')
   Role.create(name='read')