vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Remove license code in Quay

Browse source 
No longer needed under Red Hat rules \o/

Fixes https://jira.coreos.com/browse/QUAY-883
This commit is contained in:
Joseph Schorr 2018-03-20 17:03:35 -04:00
parent 041a7fcd36
commit 3586955669
23 changed files with 19 additions and 1471 deletions
Download patch file Download diff file Expand all files Collapse all files

52
endpoints/api/suconfig.py
View file

@ -21,7 +21,6 @@ from endpoints.common import common_login
from util.config.configutil import add_enterprise_config_defaults
from util.config.database import sync_database_with_config
from util.config.validator import validate_service_for_config, is_valid_config_upload_filename
from util.license import decode_license, LicenseDecodeError
import features
@ -68,12 +67,6 @@ class SuperUserRegistryStatus(ApiResource):
'status': 'missing-config-dir'
}
# If there is no license file, we need to ask the user to upload it.
if not config_provider.has_license_file():
return {
'status': 'upload-license'
}
# If there is no config file, we need to setup the database.
if not config_provider.config_exists():
return {
@ -265,51 +258,6 @@ class SuperUserConfig(ApiResource):
abort(403)
@resource('/v1/superuser/config/license')
@internal_only
@show_if(features.SUPER_USERS)
class SuperUserSetAndValidateLicense(ApiResource):
""" Resource for setting and validating a license. """
schemas = {
'ValidateLicense': {
'type': 'object',
'description': 'Validates and sets a license',
'required': [
'license',
],
'properties': {
'license': {
'type': 'string'
},
},
},
}
@nickname('suSetAndValidateLicense')
@verify_not_prod
@validate_json_request('ValidateLicense')
def post(self):
""" Validates the given license contents and then saves it to the config volume. """
if config_provider.has_license_file():
abort(403)
license_contents = request.get_json()['license']
try:
decoded_license = decode_license(license_contents)
except LicenseDecodeError as le:
raise InvalidRequest(le.message)
statuses = decoded_license.validate({})
all_met = all(status.is_met() for status in statuses)
if all_met:
config_provider.save_license(license_contents)
return {
'status': [status.as_dict(for_private=True) for status in statuses],
'success': all_met,
}
@resource('/v1/superuser/config/file/<filename>')
@internal_only
@show_if(features.SUPER_USERS)

74
endpoints/api/superuser.py
View file

@ -13,7 +13,7 @@ from flask import request, make_response, jsonify
import features
from app import app, avatar, superusers, authentication, config_provider, license_validator
from app import app, avatar, superusers, authentication, config_provider
from auth import scopes
from auth.auth_context import get_authenticated_user
from auth.permissions import SuperUserPermission
@ -28,7 +28,6 @@ from endpoints.api.superuser_models_pre_oci import (pre_oci_model, ServiceKeyDoe
ServiceKeyAlreadyApproved,
InvalidRepositoryBuildException)
from util.useremails import send_confirmation_email, send_recovery_email
from util.license import decode_license, LicenseDecodeError
from util.security.ssl import load_certificate, CertInvalidException
from util.config.validator import EXTRA_CA_DIRECTORY
from _init import ROOT_DIR
@ -968,77 +967,6 @@ class SuperUserCustomCertificate(ApiResource):
raise Unauthorized()
@resource('/v1/superuser/license')
@internal_only
@show_if(features.SUPER_USERS)
class SuperUserLicense(ApiResource):
""" Resource for getting and setting a license. """
schemas = {
'UpdateLicense': {
'type': 'object',
'description': 'Updates a license',
'required': [
'license',
],
'properties': {
'license': {
'type': 'string'
},
},
},
}
@nickname('getLicense')
@require_fresh_login
@require_scope(scopes.SUPERUSER)
@verify_not_prod
def get(self):
""" Returns the current decoded license. """
if SuperUserPermission().can():
try:
decoded_license = config_provider.get_license()
except LicenseDecodeError as le:
raise InvalidRequest(le.message)
statuses = decoded_license.validate(app.config)
all_met = all(status.is_met() for status in statuses)
return {
'status': [status.as_dict(for_private=True) for status in statuses],
'success': all_met,
}
raise Unauthorized()
@nickname('updateLicense')
@require_fresh_login
@require_scope(scopes.SUPERUSER)
@verify_not_prod
@validate_json_request('UpdateLicense')
def put(self):
""" Validates the given license contents and then saves it to the config volume. """
if SuperUserPermission().can():
license_contents = request.get_json()['license']
try:
decoded_license = decode_license(license_contents)
except LicenseDecodeError as le:
raise InvalidRequest(le.message)
statuses = decoded_license.validate(app.config)
all_met = all(status.is_met() for status in statuses)
if all_met:
# Save the license and update the license check thread.
config_provider.save_license(license_contents)
license_validator.compute_license_sufficiency()
return {
'status': [status.as_dict(for_private=True) for status in statuses],
'success': all_met,
}
raise Unauthorized()
@resource('/v1/superuser/<build_uuid>/logs')
@path_param('build_uuid', 'The UUID of the build')
@show_if(features.SUPER_USERS)

4
endpoints/common.py
View file

@ -9,7 +9,7 @@ from flask_principal import identity_changed
import endpoints.decorated # Register the various exceptions via decorators.
import features
from app import app, oauth_apps, oauth_login, LoginWrappedDBUser, user_analytics, license_validator
from app import app, oauth_apps, oauth_login, LoginWrappedDBUser, user_analytics
from auth import scopes
from auth.permissions import QuayDeferredPermissionUser
from config import frontend_visible_config
@ -143,8 +143,6 @@ def render_page_template(name, route_data=None, **kwargs):
hostname=app.config['SERVER_HOSTNAME'],
preferred_scheme=app.config['PREFERRED_URL_SCHEME'],
version_number=version_number,
license_insufficient=license_validator.insufficient,
license_expiring=license_validator.expiring_soon,
current_year=datetime.datetime.now().year,
**kwargs)

3
endpoints/v1/__init__.py
View file

@ -1,11 +1,10 @@
from flask import Blueprint, make_response
from app import metric_queue, license_validator
from app import metric_queue
from endpoints.decorators import anon_protect, anon_allowed
from util.metrics.metricqueue import time_blueprint
v1_bp = Blueprint('v1', __name__)
license_validator.enforce_license_before_request(v1_bp)
time_blueprint(v1_bp, metric_queue)

3
endpoints/v2/__init__.py
View file

@ -10,7 +10,7 @@ from semantic_version import Spec
import features
from app import app, metric_queue, get_app_url, license_validator
from app import app, metric_queue, get_app_url
from auth.auth_context import get_authenticated_context
from auth.permissions import (
ReadRepositoryPermission, ModifyRepositoryPermission, AdministerRepositoryPermission)
@ -26,7 +26,6 @@ from util.pagination import encrypt_page_token, decrypt_page_token
logger = logging.getLogger(__name__)
v2_bp = Blueprint('v2', __name__)
license_validator.enforce_license_before_request(v2_bp)
time_blueprint(v2_bp, metric_queue)

3
endpoints/verbs/__init__.py
View file

@ -5,7 +5,7 @@ from flask import redirect, Blueprint, abort, send_file, make_response, request
import features
from app import app, signer, storage, metric_queue, license_validator, config_provider, ip_resolver
from app import app, signer, storage, metric_queue, config_provider, ip_resolver
from auth.auth_context import get_authenticated_user
from auth.decorators import process_auth
from auth.permissions import ReadRepositoryPermission
@ -27,7 +27,6 @@ from util.registry.torrent import (
logger = logging.getLogger(__name__)
verbs = Blueprint('verbs', __name__)
license_validator.enforce_license_before_request(verbs)
LAYER_MIMETYPE = 'binary/octet-stream'