vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Allow for anonymous access tokens for public repositories.

Browse source
This commit is contained in:
yackob03 2013-10-01 01:18:05 -04:00
parent 0652636693
commit 891f992bf2
3 changed files with 13 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
auth/permissions.py
View file

@ -67,12 +67,16 @@ def on_identity_loaded(sender, identity):
logger.debug('Computing permissions for token: %s' % identity.id) logger.debug('Computing permissions for token: %s' % identity.id)
token = model.get_token(identity.id) token = model.get_token(identity.id)
query = model.get_user_repo_permissions(token.user, token.repository)
for permission in query: if token.user:
t_grant = _RepositoryNeed(token.repository.namespace, query = model.get_user_repo_permissions(token.user, token.repository)
token.repository.name, permission.role.name) for permission in query:
logger.debug('Token added permission: {0}'.format(t_grant)) t_grant = _RepositoryNeed(token.repository.namespace,
identity.provides.add(t_grant) token.repository.name, permission.role.name)
logger.debug('Token added permission: {0}'.format(t_grant))
identity.provides.add(t_grant)
else:
logger.debug('Token was anonymous.')
else: else:
logger.error('Unknown identity auth type: %s' % identity.auth_type) logger.error('Unknown identity auth type: %s' % identity.auth_type)

6
data/database.py
View file

@ -68,7 +68,7 @@ def random_string_generator(length=16):
class AccessToken(BaseModel): class AccessToken(BaseModel):
code = CharField(default=random_string_generator(), unique=True, index=True) code = CharField(default=random_string_generator(), unique=True, index=True)
user = ForeignKeyField(User) user = ForeignKeyField(User, null=True)
repository = ForeignKeyField(Repository) repository = ForeignKeyField(Repository)
created = DateTimeField(default=datetime.now) created = DateTimeField(default=datetime.now)
@ -124,7 +124,3 @@ def initialize_db():
Role.create(name='read') Role.create(name='read')
Visibility.create(name='public') Visibility.create(name='public')
Visibility.create(name='private') Visibility.create(name='private')
if __name__ == '__main__':
initialize_db()

4
endpoints/index.py
View file

@ -28,11 +28,11 @@ def generate_headers(f):
has_token_request = request.headers.get('X-Docker-Token', '') has_token_request = request.headers.get('X-Docker-Token', '')
if has_token_request and get_authenticated_user(): if has_token_request:
repo = model.get_repository(namespace, repository) repo = model.get_repository(namespace, repository)
token = model.create_access_token(get_authenticated_user(), repo) token = model.create_access_token(get_authenticated_user(), repo)
token_str = 'signature=%s,repository="%s/%s"' % (token.code, namespace, token_str = 'signature=%s,repository="%s/%s"' % (token.code, namespace,
repository) repository)
response.headers['WWW-Authenticate'] = token_str response.headers['WWW-Authenticate'] = token_str
response.headers['X-Docker-Token'] = token_str response.headers['X-Docker-Token'] = token_str