Add e-mail authorization to the repository notification flow. Also validates the creation of the other notification methods.

2014-07-28 14:58:12 -04:00 · 2014-07-28 14:58:12 -04:00 · 34fc279092
commit 34fc279092
parent 56fec63fcd
15 changed files with 483 additions and 34 deletions
--- a/endpoints/api/repoemail.py
+++ b/endpoints/api/repoemail.py
@ -0,0 +1,56 @@
+import logging
+
+from flask import request, abort
+
+from endpoints.api import (resource, nickname, require_repo_admin, RepositoryParamResource,
+                           log_action, validate_json_request, NotFound, internal_only)
+
+from app import tf
+from data import model
+from data.database import db
+from util.useremails import send_repo_authorization_email
+
+import features
+
+
+logger = logging.getLogger(__name__)
+
+def record_view(record):
+  return {
+    'email': record.email,
+    'repository': record.repository.name,
+    'namespace': record.repository.namespace,
+    'confirmed': record.confirmed
+  }
+
+
+@internal_only
+@resource('/v1/repository/<repopath:repository>/authorizedemail/<email>')
+class RepositoryAuthorizedEmail(RepositoryParamResource):
+  """ Resource for checking and authorizing e-mail addresses to receive repo notifications. """
+  @require_repo_admin
+  @nickname('checkRepoEmailAuthorized')
+  def get(self, namespace, repository, email):
+    """ Checks to see if the given e-mail address is authorized on this repository. """
+    record = model.get_email_authorized_for_repo(namespace, repository, email)
+    if not record:
+      abort(404)
+
+    return record_view(record)
+
+
+  @require_repo_admin
+  @nickname('sendAuthorizeRepoEmail')
+  def post(self, namespace, repository, email):
+    """ Starts the authorization process for an e-mail address on a repository. """
+    
+    with tf(db):
+      record = model.get_email_authorized_for_repo(namespace, repository, email)
+      if record and record.confirmed:
+        return record_view(record)
+
+      if not record:
+        record = model.create_email_authorization_for_repo(namespace, repository, email)
+
+      send_repo_authorization_email(namespace, repository, email, record.code)
+      return record_view(record)