Disallow non-apps-supported APIs for application repositories

2017-03-22 14:30:13 -04:00 · 2017-03-22 14:30:13 -04:00 · 30b532254c
commit 30b532254c
parent c3402fff5a
16 changed files with 236 additions and 51 deletions
--- a/endpoints/api/secscan.py
+++ b/endpoints/api/secscan.py
@ -7,7 +7,7 @@ from app import secscan_api
 from data import model
 from endpoints.api import (require_repo_read, path_param,
                           RepositoryParamResource, resource, nickname, show_if, parse_args,
-                           query_param, truthy_bool)
+                           query_param, truthy_bool, disallow_for_app_repositories)
 from endpoints.exception import NotFound, DownstreamIssue
 from endpoints.api.manifest import MANIFEST_DIGEST_ROUTE
 from util.secscan.api import APIRequestFailure
@ -67,6 +67,7 @@ class RepositoryImageSecurity(RepositoryParamResource):

  @require_repo_read
  @nickname('getRepoImageSecurity')
+  @disallow_for_app_repositories
  @parse_args()
  @query_param('vulnerabilities', 'Include vulnerabilities informations', type=truthy_bool,
               default=False)
@ -88,6 +89,7 @@ class RepositoryManifestSecurity(RepositoryParamResource):

  @require_repo_read
  @nickname('getRepoManifestSecurity')
+  @disallow_for_app_repositories
  @parse_args()
  @query_param('vulnerabilities', 'Include vulnerabilities informations', type=truthy_bool,
               default=False)