Flesh out some permissions APIs.

2013-09-27 13:24:07 -04:00 · 2013-09-27 13:24:07 -04:00 · 6bcb5cfcaa
commit 6bcb5cfcaa
parent f2ee7772f4
3 changed files with 68 additions and 23 deletions
--- a/endpoints/api.py
+++ b/endpoints/api.py
@ -8,7 +8,8 @@ from data import model
 from app import app
 from util.names import parse_repository_name
 from auth.permissions import (ReadRepositoryPermission,
-                              ModifyRepositoryPermission)
+                              ModifyRepositoryPermission,
+                              AdministerRepositoryPermission)


 logger = logging.getLogger(__name__)
@ -83,7 +84,7 @@ def get_repo_api(namespace, repository):
    return {
      'id': image.image_id,
      'created': image.created,
-      'comment': image.comment
+      'comment': image.comment,
    }

  def tag_view(tag):
@ -93,20 +94,7 @@ def get_repo_api(namespace, repository):

    return {
      'name': tag.name,
-      'image': image_view(image)
-    }
-
-  def repo_view(repository, tags = []):
-    tag_dict = {}
-    for tag in tags:
-      tag_dict[tag.name] = tag_view(tag)
-
-    return {
-      'namespace': repository.namespace,
-      'name': repository.name,
-      'description': repository.description,
-      'tags': tag_dict,
-      'can_write': ModifyRepositoryPermission(repository.namespace, repository.name).can()
+      'image': image_view(image),
    }

  permission = ReadRepositoryPermission(namespace, repository)
@ -114,6 +102,46 @@ def get_repo_api(namespace, repository):
    repo = model.get_repository(namespace, repository)
    if repo:
      tags = model.list_repository_tags(namespace, repository)
-      return jsonify(repo_view(repo, tags = tags))
+      tag_dict = {tag.name: tag_view(tag) for tag in tags}
+      can_write = ModifyRepositoryPermission(namespace, repository).can()
+      return jsonify({
+        'namespace': namespace,
+        'name': repository,
+        'description': repo.description,
+        'tags': tag_dict,
+        'can_write': can_write,
+      })

-  abort(404)
+    abort(404)  # Not fount
+  abort(403)  # Permission denied
+
+
+@app.route('/api/repository/<path:repository>/permissions/', methods=['GET'])
+@login_required
+@parse_repository_name
+def list_repo_permissions(namespace, repository):
+  permission = AdministerRepositoryPermission(namespace, repository)
+  if permission.can():
+    repo_perms = model.get_all_repo_users(namespace, repository)
+
+    return jsonify({
+      'permissions': {repo_perm.user.username: repo_perm.role.name 
+                      for repo_perm in repo_perms}
+    })
+
+  abort(403)  # Permission denied
+
+@app.route('/api/repository/<path:repository>/permissions/<username>',
+           methods=['PUT'])
+@login_required
+@parse_repository_name
+def change_permissions(namespace, repository, username):
+  permission = AdministerRepositoryPermission(namespace, repository)
+  if permission.can():
+    new_permission = request.get_json()
+
+    return jsonify({
+      'setting_permission_to': [permission_view(repo_perm) for repo_perm in repo_perms]
+    })
+
+  abort(403)  # Permission denied