Fix handling of tokens in the new context block of the JWT
This commit is contained in:
parent
4a84388f15
commit
4e942203cb
2 changed files with 34 additions and 2 deletions
|
@ -95,7 +95,11 @@ def get_granted_entity():
|
||||||
return GrantedEntity(user=user)
|
return GrantedEntity(user=user)
|
||||||
|
|
||||||
if kind == 'token':
|
if kind == 'token':
|
||||||
return GrantedEntity(token=context.get('token'))
|
token = model.token.load_token_data(context.get('token'))
|
||||||
|
if not token:
|
||||||
|
return None
|
||||||
|
|
||||||
|
return GrantedEntity(token=token)
|
||||||
|
|
||||||
if kind == 'oauth':
|
if kind == 'oauth':
|
||||||
user = model.user.get_user(context.get('user', ''))
|
user = model.user.get_user(context.get('user', ''))
|
||||||
|
@ -142,7 +146,7 @@ def build_context_and_subject(user, token, oauthtoken):
|
||||||
if token:
|
if token:
|
||||||
context = {
|
context = {
|
||||||
'kind': 'token',
|
'kind': 'token',
|
||||||
'token': token,
|
'token': token.code,
|
||||||
}
|
}
|
||||||
return (context, None)
|
return (context, None)
|
||||||
|
|
||||||
|
|
|
@ -12,6 +12,7 @@ from flask.ext.testing import LiveServerTestCase
|
||||||
|
|
||||||
from app import app
|
from app import app
|
||||||
from data.database import close_db_filter, configure
|
from data.database import close_db_filter, configure
|
||||||
|
from data import model
|
||||||
from endpoints.v1 import v1_bp
|
from endpoints.v1 import v1_bp
|
||||||
from endpoints.v2 import v2_bp
|
from endpoints.v2 import v2_bp
|
||||||
from endpoints.verbs import verbs
|
from endpoints.verbs import verbs
|
||||||
|
@ -66,6 +67,14 @@ def set_feature(feature_name):
|
||||||
features._FEATURES[feature_name].value = request.get_json()['value']
|
features._FEATURES[feature_name].value = request.get_json()['value']
|
||||||
return jsonify({'old_value': old_value})
|
return jsonify({'old_value': old_value})
|
||||||
|
|
||||||
|
@testbp.route('/addtoken', methods=['POST'])
|
||||||
|
def addtoken():
|
||||||
|
another_token = model.token.create_delegate_token('devtable', 'newrepo', 'my-new-token', 'write')
|
||||||
|
another_token.code = 'somecooltokencode'
|
||||||
|
another_token.save()
|
||||||
|
return 'OK'
|
||||||
|
|
||||||
|
|
||||||
@testbp.route('/reloadapp', methods=['POST'])
|
@testbp.route('/reloadapp', methods=['POST'])
|
||||||
def reload_app():
|
def reload_app():
|
||||||
# Close any existing connection.
|
# Close any existing connection.
|
||||||
|
@ -597,6 +606,25 @@ class RegistryTestsMixin(object):
|
||||||
self.assertEquals('buynlarge+ownerbot', logs[0]['performer']['name'])
|
self.assertEquals('buynlarge+ownerbot', logs[0]['performer']['name'])
|
||||||
|
|
||||||
|
|
||||||
|
def test_push_pull_logging_bytoken(self):
|
||||||
|
# Push the repository.
|
||||||
|
self.do_push('devtable', 'newrepo', 'devtable', 'password')
|
||||||
|
|
||||||
|
# Add a token.
|
||||||
|
self.conduct('POST', '/__test/addtoken')
|
||||||
|
|
||||||
|
# Pull the repository.
|
||||||
|
self.do_pull('devtable', 'newrepo', '$token', 'somecooltokencode')
|
||||||
|
|
||||||
|
# Retrieve the logs and ensure the pull was added.
|
||||||
|
self.conduct_api_login('devtable', 'password')
|
||||||
|
result = self.conduct('GET', '/api/v1/repository/devtable/newrepo/logs')
|
||||||
|
logs = result.json()['logs']
|
||||||
|
|
||||||
|
self.assertEquals('pull_repo', logs[0]['kind'])
|
||||||
|
self.assertEquals('my-new-token', logs[0]['metadata']['token'])
|
||||||
|
|
||||||
|
|
||||||
def test_push_pull_logging_byoauth(self):
|
def test_push_pull_logging_byoauth(self):
|
||||||
# Push the repository.
|
# Push the repository.
|
||||||
self.do_push('devtable', 'newrepo', 'devtable', 'password')
|
self.do_push('devtable', 'newrepo', 'devtable', 'password')
|
||||||
|
|
Reference in a new issue