Add e-mail authorization to the repository notification flow. Also validates the creation of the other notification methods.

2014-07-28 14:58:12 -04:00 · 2014-07-28 14:58:12 -04:00 · 34fc279092
commit 34fc279092
parent 56fec63fcd
15 changed files with 483 additions and 34 deletions
--- a/endpoints/api/init.py
+++ b/endpoints/api/init.py
@ -308,6 +308,7 @@ import endpoints.api.permission
 import endpoints.api.prototype
 import endpoints.api.repository
 import endpoints.api.repositorynotification
+import endpoints.api.repoemail
 import endpoints.api.repotoken
 import endpoints.api.robot
 import endpoints.api.search
--- a/endpoints/api/repoemail.py
+++ b/endpoints/api/repoemail.py
@ -0,0 +1,56 @@
+import logging
+
+from flask import request, abort
+
+from endpoints.api import (resource, nickname, require_repo_admin, RepositoryParamResource,
+                           log_action, validate_json_request, NotFound, internal_only)
+
+from app import tf
+from data import model
+from data.database import db
+from util.useremails import send_repo_authorization_email
+
+import features
+
+
+logger = logging.getLogger(__name__)
+
+def record_view(record):
+  return {
+    'email': record.email,
+    'repository': record.repository.name,
+    'namespace': record.repository.namespace,
+    'confirmed': record.confirmed
+  }
+
+
+@internal_only
+@resource('/v1/repository/<repopath:repository>/authorizedemail/<email>')
+class RepositoryAuthorizedEmail(RepositoryParamResource):
+  """ Resource for checking and authorizing e-mail addresses to receive repo notifications. """
+  @require_repo_admin
+  @nickname('checkRepoEmailAuthorized')
+  def get(self, namespace, repository, email):
+    """ Checks to see if the given e-mail address is authorized on this repository. """
+    record = model.get_email_authorized_for_repo(namespace, repository, email)
+    if not record:
+      abort(404)
+
+    return record_view(record)
+
+
+  @require_repo_admin
+  @nickname('sendAuthorizeRepoEmail')
+  def post(self, namespace, repository, email):
+    """ Starts the authorization process for an e-mail address on a repository. """
+    
+    with tf(db):
+      record = model.get_email_authorized_for_repo(namespace, repository, email)
+      if record and record.confirmed:
+        return record_view(record)
+
+      if not record:
+        record = model.create_email_authorization_for_repo(namespace, repository, email)
+
+      send_repo_authorization_email(namespace, repository, email, record.code)
+      return record_view(record)
--- a/endpoints/api/repositorynotification.py
+++ b/endpoints/api/repositorynotification.py
@ -1,11 +1,13 @@
 import json

-from flask import request
+from flask import request, abort

 from app import notification_queue
 from endpoints.api import (RepositoryParamResource, nickname, resource, require_repo_admin,
-                           log_action, validate_json_request, api, NotFound)
+                           log_action, validate_json_request, api, NotFound, request_error)
 from endpoints.notificationevent import NotificationEvent
+from endpoints.notificationmethod import (NotificationMethod,
+                                          CannotValidateNotificationMethodException)
 from data import model


@ -62,6 +64,15 @@ class RepositoryNotificationList(RepositoryParamResource):
    repo = model.get_repository(namespace, repository)
    json = request.get_json()

+    method_handler = NotificationMethod.get_method(json['method'])
+    if not method_handler:
+      raise request_error(message='Unknown method')
+
+    try:
+      method_handler.validate(repo, json['config'])
+    except CannotValidateNotificationMethodException as ex:
+      raise request_error(message=ex.message)
+
    notification = model.create_repo_notification(repo, json['event'], json['method'],
                                                  json['config'])