Add a feature flag for disabling unauthenticated access to the registry in its entirety.

test/test_api_usage.py

@@ -1246,6 +1246,19 @@ class TestListRepos(ApiTestCase):
     self.assertEquals(len(json['repositories']), 2)
 
 
+class TestViewPublicRepository(ApiTestCase):
+  def test_normalview(self):
+    self.getJsonResponse(Repository, params=dict(repository='public/publicrepo'))
+
+  def test_anon_access_disabled(self):
+    import features
+    features.ANONYMOUS_ACCESS = False
+    try:
+      self.getResponse(Repository, params=dict(repository='public/publicrepo'), expected_code=401)
+    finally:
+      features.ANONYMOUS_ACCESS = True
+
+
 class TestUpdateRepo(ApiTestCase):
   SIMPLE_REPO = ADMIN_ACCESS_USER + '/simple'
   def test_updatedescription(self):