vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Fix global messages by removing "extra" method

Browse source 
I think this happened due to a bad merge.
This commit is contained in:
Joseph Schorr 2016-10-20 13:53:51 -04:00
parent 67dde6e154
commit 864c44501e
2 changed files with 1 additions and 104 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

72
endpoints/api/superuser.py
View file

@ -891,75 +891,3 @@ class SuperUserLicense(ApiResource):
}
abort(403)
@resource('/v1/messages')
@show_if(features.SUPER_USERS)
class SuperUserMessages(ApiResource):
""" Resource for getting a list of super user messages """
schemas = {
'GetMessage': {
'id': 'GetMessage',
'type': 'object',
'description': 'Messages that a super user has saved in the past',
'properties': {
'message': {
'type': 'array',
'description': 'A list of messages',
'itemType': {
'type': 'object',
'properties': {
'id': {
'type': 'integer',
'description': 'The message id',
},
'content': {
'type': 'string',
'description': 'The actual message',
},
},
},
},
},
},
'CreateMessage': {
'id': 'CreateMessage',
'type': 'object',
'description': 'Create a new message',
'properties': {
'message': {
'type': 'object',
'description': 'A single message',
'properties': {
'content': {
'type': 'string',
'description': 'The actual message',
},
},
},
},
}
}
@nickname('getMessages')
def get(self):
""" Return a super users messages """
return {
'messages': [message_view(m) for m in model.message.get_messages()],
}
@verify_not_prod
@nickname('createMessages')
@validate_json_request('CreateMessage')
@require_scope(scopes.SUPERUSER)
def post(self):
""" Create a message """
if SuperUserPermission().can():
model.message.create([request.get_json()['message']])
return make_response('', 201)
abort(403)
def message_view(message):
return {'id': message.id, 'content': message.content}

33
test/test_api_security.py
View file

@ -51,7 +51,7 @@ from endpoints.api.superuser import (SuperUserLogs, SuperUserList, SuperUserMana
SuperUserOrganizationManagement, SuperUserOrganizationList,
SuperUserAggregateLogs, SuperUserServiceKeyManagement,
SuperUserServiceKey, SuperUserServiceKeyApproval,
SuperUserTakeOwnership, SuperUserMessages, SuperUserLicense)
SuperUserTakeOwnership, SuperUserLicense)
from endpoints.api.globalmessages import GlobalUserMessage, GlobalUserMessages
from endpoints.api.secscan import RepositoryImageSecurity
from endpoints.api.manifest import RepositoryManifestLabels, ManageRepositoryManifestLabel
@ -4233,37 +4233,6 @@ class TestSuperUserManagement(ApiTestCase):
self._run_test('DELETE', 204, 'devtable', None)
class TestSuperUserMessages(ApiTestCase):
def setUp(self):
ApiTestCase.setUp(self)
self._set_url(GlobalUserMessages, username='freshuser')
def test_get_anonymous(self):
self._run_test('GET', 200, None, None)
def test_get_freshuser(self):
self._run_test('GET', 200, 'freshuser', None)
def test_get_reader(self):
self._run_test('GET', 200, 'reader', None)
def test_get_devtable(self):
self._run_test('GET', 200, 'devtable', None)
def test_post_anonymous(self):
self._run_test('POST', 401, None, dict(message={"content": "new message"}))
def test_post_freshuser(self):
self._run_test('POST', 403, 'freshuser', dict(message={"content": "new message"}))
def test_post_reader(self):
self._run_test('POST', 403, 'reader', dict(message={"content": "new message"}))
def test_post_devtable(self):
self._run_test('POST', 201, 'devtable', dict(message={"content": "new message"}))
class TestSuperUserMessage(ApiTestCase):
def setUp(self):
ApiTestCase.setUp(self)