endpoints.appr.decorators: isolate appr decorators

2017-03-22 23:53:03 -04:00 · 2017-03-22 23:53:03 -04:00 · 3d0e63d8e5
commit 3d0e63d8e5
parent 6dfd1ef660
3 changed files with 38 additions and 34 deletions
--- a/endpoints/appr/decorators.py
+++ b/endpoints/appr/decorators.py
@ -0,0 +1,37 @@
+import logging
+
+from functools import wraps
+
+from data import model
+
+
+logger = logging.getLogger(__name__)
+
+
+def _raise_unauthorized(repository, scopes):
+  raise StandardError("Unauthorized acces to %s", repository)
+
+
+def _get_reponame_kwargs(*args, **kwargs):
+  return [kwargs['namespace_name'], kwargs['repo_name']]
+
+
+def require_repo_permission(permission_class, scopes=None, allow_public=False,
+                            raise_method=_raise_unauthorized,
+                            get_reponame_method=_get_reponame_kwargs):
+  def wrapper(func):
+    @wraps(func)
+    def wrapped(*args, **kwargs):
+      namespace_name, repo_name = get_reponame_method(*args, **kwargs)
+
+      logger.debug('Checking permission %s for repo: %s/%s', permission_class,
+                   namespace_name, repo_name)
+      permission = permission_class(namespace_name, repo_name)
+      if (permission.can() or
+          (allow_public and
+           model.repository.repository_is_public(namespace_name, repo_name))):
+        return func(*args, **kwargs)
+      repository = namespace_name + '/' + repo_name
+      raise_method(repository, scopes)
+    return wrapped
+  return wrapper