From 891f992bf2819e4b3f74dcfbc5138c6581a97d5b Mon Sep 17 00:00:00 2001
From: yackob03 <jacob.moshenko@gmail.com>
Date: Tue, 1 Oct 2013 01:18:05 -0400
Subject: [PATCH] Allow for anonymous access tokens for public repositories.

---
 auth/permissions.py | 16 ++++++++++------
 data/database.py    |  6 +-----
 endpoints/index.py  |  4 ++--
 3 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/auth/permissions.py b/auth/permissions.py
index 086d4db58..1baa5d0dc 100644
--- a/auth/permissions.py
+++ b/auth/permissions.py
@@ -67,12 +67,16 @@ def on_identity_loaded(sender, identity):
     logger.debug('Computing permissions for token: %s' % identity.id)
 
     token = model.get_token(identity.id)
-    query = model.get_user_repo_permissions(token.user, token.repository)
-    for permission in query:
-      t_grant = _RepositoryNeed(token.repository.namespace,
-                                token.repository.name, permission.role.name)
-      logger.debug('Token added permission: {0}'.format(t_grant))
-      identity.provides.add(t_grant)
+
+    if token.user:
+      query = model.get_user_repo_permissions(token.user, token.repository)
+      for permission in query:
+        t_grant = _RepositoryNeed(token.repository.namespace,
+                                  token.repository.name, permission.role.name)
+        logger.debug('Token added permission: {0}'.format(t_grant))
+        identity.provides.add(t_grant)
+    else:
+      logger.debug('Token was anonymous.')
 
   else:
     logger.error('Unknown identity auth type: %s' % identity.auth_type)
diff --git a/data/database.py b/data/database.py
index 6607a4751..9400e0aa2 100644
--- a/data/database.py
+++ b/data/database.py
@@ -68,7 +68,7 @@ def random_string_generator(length=16):
 
 class AccessToken(BaseModel):
   code = CharField(default=random_string_generator(), unique=True, index=True)
-  user = ForeignKeyField(User)
+  user = ForeignKeyField(User, null=True)
   repository = ForeignKeyField(Repository)
   created = DateTimeField(default=datetime.now)
 
@@ -124,7 +124,3 @@ def initialize_db():
   Role.create(name='read')
   Visibility.create(name='public')
   Visibility.create(name='private')
-
-
-if __name__ == '__main__':
-  initialize_db()
diff --git a/endpoints/index.py b/endpoints/index.py
index b54d08e80..2c2ca6e0a 100644
--- a/endpoints/index.py
+++ b/endpoints/index.py
@@ -28,11 +28,11 @@ def generate_headers(f):
 
     has_token_request = request.headers.get('X-Docker-Token', '')
 
-    if has_token_request and get_authenticated_user():
+    if has_token_request:
       repo = model.get_repository(namespace, repository)
       token = model.create_access_token(get_authenticated_user(), repo)
       token_str = 'signature=%s,repository="%s/%s"' % (token.code, namespace,
-                                                     repository)
+                                                       repository)
       response.headers['WWW-Authenticate'] = token_str
       response.headers['X-Docker-Token'] = token_str