endpoints.appr.decorators: isolate appr decorators

2017-03-22 23:53:03 -04:00 · 2017-03-22 23:53:03 -04:00 · 3d0e63d8e5
commit 3d0e63d8e5
parent 6dfd1ef660
3 changed files with 38 additions and 34 deletions
--- a/endpoints/appr/init.py
+++ b/endpoints/appr/init.py
@ -8,7 +8,7 @@ from flask import Blueprint
 from app import metric_queue
 from auth.permissions import (AdministerRepositoryPermission, ReadRepositoryPermission,
                              ModifyRepositoryPermission)
-from endpoints.decorators import require_repo_permission
+from endpoints.appr.decorators import require_repo_permission
 from util.metrics.metricqueue import time_blueprint


--- a/endpoints/appr/decorators.py
+++ b/endpoints/appr/decorators.py
@ -0,0 +1,37 @@
+import logging
+
+from functools import wraps
+
+from data import model
+
+
+logger = logging.getLogger(__name__)
+
+
+def _raise_unauthorized(repository, scopes):
+  raise StandardError("Unauthorized acces to %s", repository)
+
+
+def _get_reponame_kwargs(*args, **kwargs):
+  return [kwargs['namespace_name'], kwargs['repo_name']]
+
+
+def require_repo_permission(permission_class, scopes=None, allow_public=False,
+                            raise_method=_raise_unauthorized,
+                            get_reponame_method=_get_reponame_kwargs):
+  def wrapper(func):
+    @wraps(func)
+    def wrapped(*args, **kwargs):
+      namespace_name, repo_name = get_reponame_method(*args, **kwargs)
+
+      logger.debug('Checking permission %s for repo: %s/%s', permission_class,
+                   namespace_name, repo_name)
+      permission = permission_class(namespace_name, repo_name)
+      if (permission.can() or
+          (allow_public and
+           model.repository.repository_is_public(namespace_name, repo_name))):
+        return func(*args, **kwargs)
+      repository = namespace_name + '/' + repo_name
+      raise_method(repository, scopes)
+    return wrapped
+  return wrapper
--- a/endpoints/decorators.py
+++ b/endpoints/decorators.py
@ -1,7 +1,5 @@
 """ Various decorators for endpoint and API handlers. """

-import logging
-
 from functools import wraps

 from flask import abort
@ -13,9 +11,6 @@ from auth.auth_context import (get_validated_oauth_token, get_authenticated_user
 from data import model # TODO: stop using model directly


-logger = logging.getLogger(__name__)
-
-
 def anon_allowed(func):
  """ Marks a method to allow anonymous access where it would otherwise be disallowed. """
  func.__anon_allowed = True
@ -43,31 +38,3 @@ def check_anon_protection(func):

    abort(401)
  return wrapper
-
-def _raise_unauthorized(repository, scopes):
-  raise StandardError("Unauthorized acces to %s", repository)
-
-
-def _get_reponame_kwargs(*args, **kwargs):
-  return [kwargs['namespace_name'], kwargs['repo_name']]
-
-
-def require_repo_permission(permission_class, scopes=None, allow_public=False,
-                            raise_method=_raise_unauthorized,
-                            get_reponame_method=_get_reponame_kwargs):
-  def wrapper(func):
-    @wraps(func)
-    def wrapped(*args, **kwargs):
-      namespace_name, repo_name = get_reponame_method(*args, **kwargs)
-
-      logger.debug('Checking permission %s for repo: %s/%s', permission_class,
-                   namespace_name, repo_name)
-      permission = permission_class(namespace_name, repo_name)
-      if (permission.can() or
-          (allow_public and
-           model.repository.repository_is_public(namespace_name, repo_name))):
-        return func(*args, **kwargs)
-      repository = namespace_name + '/' + repo_name
-      raise_method(repository, scopes)
-    return wrapped
-  return wrapper