vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge branch 'umask' of ssh://bitbucket.org/yackob03/quay into umask

Browse source
This commit is contained in:
yackob03 2014-01-21 17:13:16 -05:00
commit 922dbc502e
13 changed files with 171 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
endpoints/api.py
View file

@ -578,6 +578,26 @@ def get_organization_prototype_permissions(orgname):
abort(403) abort(403)
def log_prototype_action(action_kind, orgname, prototype, **kwargs):
username = current_user.db_user().username
log_params = {
'prototypeid': prototype.uuid,
'username': username,
'activating_username': prototype.activating_user.username,
'role': prototype.role.name
}
for key, value in kwargs.items():
log_params[key] = value
if prototype.delegate_user:
log_params['delegate_user'] = prototype.delegate_user.username
elif prototype.delegate_team:
log_params['delegate_team'] = prototype.delegate_team.name
log_action(action_kind, orgname, log_params)
@app.route('/api/organization/<orgname>/prototypes', methods=['POST']) @app.route('/api/organization/<orgname>/prototypes', methods=['POST'])
@api_login_required @api_login_required
def create_organization_prototype_permission(orgname): def create_organization_prototype_permission(orgname):
@ -609,7 +629,9 @@ def create_organization_prototype_permission(orgname):
abort(400) abort(400)
role_name = details['role'] role_name = details['role']
prototype = model.add_prototype_permission(org, role_name, activating_user, delegate_user, delegate_team) prototype = model.add_prototype_permission(org, role_name, activating_user, delegate_user, delegate_team)
log_prototype_action('create_prototype_permission', orgname, prototype)
return jsonify(prototype_view(prototype)) return jsonify(prototype_view(prototype))
abort(403) abort(403)
@ -629,6 +651,8 @@ def delete_organization_prototype_permission(orgname, prototypeid):
if not prototype: if not prototype:
abort(404) abort(404)
log_prototype_action('delete_prototype_permission', orgname, prototype)
return make_response('Deleted', 204) return make_response('Deleted', 204)
abort(403) abort(403)
@ -644,12 +668,18 @@ def update_organization_prototype_permission(orgname, prototypeid):
except model.InvalidOrganizationException: except model.InvalidOrganizationException:
abort(404) abort(404)
existing = model.get_prototype_permission(org, prototypeid)
if not existing:
abort(404)
details = request.get_json() details = request.get_json()
role_name = details['role'] role_name = details['role']
prototype = model.update_prototype_permission(org, prototypeid, role_name) prototype = model.update_prototype_permission(org, prototypeid, role_name)
if not prototype: if not prototype:
abort(404) abort(404)
log_prototype_action('modify_prototype_permission', orgname, prototype, original_role = existing.role.name)
return jsonify(prototype_view(prototype)) return jsonify(prototype_view(prototype))
abort(403) abort(403)
@ -672,7 +702,8 @@ def get_organization_members(orgname):
members = model.get_organization_members_with_teams(org) members = model.get_organization_members_with_teams(org)
for member in members: for member in members:
if not member.user.username in members_dict: if not member.user.username in members_dict:
members_dict[member.user.username] = {'username': member.user.username, members_dict[member.user.username] = {'name': member.user.username,
'kind': 'user',
'is_robot': member.user.robot, 'is_robot': member.user.robot,
'teams': []} 'teams': []}
@ -697,7 +728,8 @@ def get_organization_member(orgname, membername):
member_teams = model.get_organization_members_with_teams(org, membername=membername) member_teams = model.get_organization_members_with_teams(org, membername=membername)
for member in member_teams: for member in member_teams:
if not member_dict: if not member_dict:
member_dict = {'username': member.user.username, member_dict = {'name': member.user.username,
'kind': 'user',
'is_robot': member.user.robot, 'is_robot': member.user.robot,
'teams': []} 'teams': []}
@ -741,7 +773,8 @@ def get_organization_private_allowed(orgname):
def member_view(member): def member_view(member):
return { return {
'username': member.username, 'name': member.username,
'kind': 'user',
'is_robot': member.robot, 'is_robot': member.robot,
} }
@ -2064,7 +2097,8 @@ def log_view(log):
if log.performer: if log.performer:
view['performer'] = { view['performer'] = {
'username': log.performer.username, 'kind': 'user',
'name': log.performer.username,
'is_robot': log.performer.robot, 'is_robot': log.performer.robot,
} }

6
initdb.py
View file

@ -154,9 +154,9 @@ def initialize_database():
LogEntryKind.create(name='org_set_team_description') LogEntryKind.create(name='org_set_team_description')
LogEntryKind.create(name='org_set_team_role') LogEntryKind.create(name='org_set_team_role')
LogEntryKind.create(name='org_create_prototype_permission') LogEntryKind.create(name='create_prototype_permission')
LogEntryKind.create(name='org_modify_prototype_permission') LogEntryKind.create(name='modify_prototype_permission')
LogEntryKind.create(name='org_delete_prototype_permission') LogEntryKind.create(name='delete_prototype_permission')
def wipe_database(): def wipe_database():

44
static/css/quay.css
View file

@ -77,10 +77,17 @@
position: relative; position: relative;
} }
.entity-search-element .entity-icon { .entity-search-element .entity-reference {
position: absolute; position: absolute !important;
top: 0px; top: 0px;
left: 8px; left: 8px;
right: 36px;
z-index: 0;
pointer-events: none;
}
.entity-search-element .entity-reference .entity-name {
display: none;
} }
.entity-search-element input { .entity-search-element input {
@ -89,6 +96,7 @@
.entity-search-element.persistent input { .entity-search-element.persistent input {
padding-left: 28px; padding-left: 28px;
padding-right: 28px;
} }
.entity-search-element .twitter-typeahead { .entity-search-element .twitter-typeahead {
@ -155,6 +163,26 @@ i.toggle-icon:hover {
color: #aaa; color: #aaa;
} }
.entity-reference.block-reference {
position: relative;
display: block;
}
.entity-reference.block-reference .entity-reference-element {
display: block;
}
.entity-reference.block-reference i.fa-exclamation-triangle {
position: absolute;
right: 10px;
top: 4px;
}
.entity-reference-element i.fa-exclamation-triangle {
color: #c09853;
margin-left: 10px;
}
.entity-reference-element i.fa-user { .entity-reference-element i.fa-user {
margin-left: 2px; margin-left: 2px;
margin-right: 7px; margin-right: 7px;
@ -299,7 +327,15 @@ i.toggle-icon:hover {
height: 12px; height: 12px;
border-radius: 50%; border-radius: 50%;
margin-right: 6px; margin-right: 6px;
margin-top: 6px;
vertical-align: middle; vertical-align: middle;
float: left;
}
.logs-view-element .log .log-description {
margin-left: 20px;
display: block;
line-height: 25px;
} }
.billing-options-element .current-card { .billing-options-element .current-card {
@ -1127,7 +1163,7 @@ form input.ng-valid.ng-dirty,
.entity-mini-listing i.fa-exclamation-triangle { .entity-mini-listing i.fa-exclamation-triangle {
position: absolute; position: absolute;
right: -16px; right: -14px;
top: 4px; top: 4px;
color: #c09853; color: #c09853;
} }

23
static/directives/entity-reference.html
View file

@ -1,8 +1,19 @@
<span class="entity-reference-element"> <span class="entity-reference-element">
<i class="fa fa-user" ng-show="!team && !isrobot" title="User" bs-tooltip="tooltip.title" data-container="body"></i> <span ng-show="entity.kind == 'team'">
<i class="fa fa-wrench" ng-show="!team && isrobot" title="Robot Account" bs-tooltip="tooltip.title" data-container="body"></i> <i class="fa fa-group" title="Team" bs-tooltip="tooltip.title" data-container="body"></i>
<i class="fa fa-group" ng-show="team" title="Team" bs-tooltip="tooltip.title" data-container="body"></i> <span class="entity-name">
<span ng-show="team && getIsAdmin(orgname)"><a href="/organization/{{ orgname }}/teams/{{ team }}">{{team}}</a></span> <span ng-show="!getIsAdmin(namespace)">{{entity.name}}</span>
<span ng-show="team && !getIsAdmin(orgname)">{{team}}</span> <span ng-show="getIsAdmin(namespace)"><a href="/organization/{{ namespace }}/teams/{{ entity.name }}">{{entity.name}}</a></span>
<span ng-show="isrobot" class="prefix">{{getPrefix(name)}}</span><span>{{getShortenedName(name)}}</span> </span>
</span>
<span ng-show="entity.kind != 'team'">
<i class="fa fa-user" ng-show="!entity.is_robot" title="User" bs-tooltip="tooltip.title" data-container="body"></i>
<i class="fa fa-wrench" ng-show="entity.is_robot" title="Robot Account" bs-tooltip="tooltip.title" data-container="body"></i>
<span class="entity-name">
<span ng-show="entity.is_robot" class="prefix">{{getPrefix(entity.name)}}</span><span>{{getShortenedName(entity.name)}}</span>
</span>
</span>
<i class="fa fa-exclamation-triangle" ng-show="entity.is_org_member === false"
title="This user is not a member of the organization" bs-tooltip="tooltip.title" data-container="body">
</i>
</span> </span>

9
static/directives/entity-search.html
View file

@ -1,12 +1,5 @@
<span class="entity-search-element" ng-class="isPersistent ? 'persistent' : ''"><input class="entity-search-control form-control"> <span class="entity-search-element" ng-class="isPersistent ? 'persistent' : ''"><input class="entity-search-control form-control">
<span class="entity-icon" ng-show="isPersistent"> <span class="entity-reference block-reference" ng-show="isPersistent && currentEntity" entity="currentEntity"></span>
<i class="fa fa-user" ng-show="currentEntity.kind == 'user' && !currentEntity.is_robot" title="User"
bs-tooltip="tooltip.title" data-container="body"></i>
<i class="fa fa-wrench" ng-show="currentEntity.kind == 'user' && currentEntity.is_robot" title="Robot Account"
bs-tooltip="tooltip.title" data-container="body"></i>
<i class="fa fa-group" ng-show="currentEntity.kind == 'team'" title="Team"
bs-tooltip="tooltip.title" data-container="body"></i>
</span>
<div class="dropdown"> <div class="dropdown">
<button class="btn btn-default dropdown-toggle" type="button" id="entityDropdownMenu" data-toggle="dropdown" <button class="btn btn-default dropdown-toggle" type="button" id="entityDropdownMenu" data-toggle="dropdown"
ng-click="lazyLoad()"> ng-click="lazyLoad()">

6
static/directives/logs-view.html
View file

@ -41,7 +41,7 @@
<table class="table"> <table class="table">
<thead> <thead>
<th>Description</th> <th>Description</th>
<th>Date/Time</th> <th style="min-width: 226px">Date/Time</th>
<th>User/Token</th> <th>User/Token</th>
</thead> </thead>
@ -49,12 +49,12 @@
<tr class="log" ng-repeat="log in (logs | visibleLogFilter:kindsAllowed | filter:search | limitTo:150)"> <tr class="log" ng-repeat="log in (logs | visibleLogFilter:kindsAllowed | filter:search | limitTo:150)">
<td> <td>
<span class="circle" style="{{ 'background: ' + getColor(log.kind) }}"></span> <span class="circle" style="{{ 'background: ' + getColor(log.kind) }}"></span>
<span ng-bind-html="getDescription(log)"></span> <span class="log-description" ng-bind-html="getDescription(log)"></span>
</td> </td>
<td>{{ log.datetime }}</td> <td>{{ log.datetime }}</td>
<td> <td>
<span ng-show="log.performer"> <span ng-show="log.performer">
<span class="entity-reference" name="log.performer.username" isrobot="log.performer.is_robot"></span> <span class="entity-reference" entity="log.performer" namespace="organization.name"></span>
</span> </span>
<span ng-show="!log.performer && log.metadata.token"> <span ng-show="!log.performer && log.metadata.token">
<i class="fa fa-key"></i> <i class="fa fa-key"></i>

12
static/directives/prototype-manager.html
View file

@ -33,14 +33,10 @@
<tr ng-repeat="prototype in prototypes"> <tr ng-repeat="prototype in prototypes">
<td> <td>
<span class="entity-reference" orgname="organization.name" name="prototype.activating_user.name" <span class="entity-reference block-reference" entity="prototype.activating_user" namespace="organization.name"></span>
isrobot="prototype.activating_user.is_robot"></span>
</td> </td>
<td> <td>
<span class="entity-reference" orgname="organization.name" <span class="entity-reference block-reference" entity="prototype.delegate" namespace="organization.name"></span>
name="prototype.delegate.kind == 'team' ? null :prototype.delegate.name"
team="prototype.delegate.kind == 'team' ? prototype.delegate.name : null"
isrobot="prototype.delegate.is_robot"></span>
</td> </td>
<td> <td>
<span class="role-group" current-role="prototype.role" role-changed="setRole(role, prototype)" roles="roles"></span> <span class="role-group" current-role="prototype.role" role-changed="setRole(role, prototype)" roles="roles"></span>
@ -66,9 +62,9 @@
<div class="modal-body"> <div class="modal-body">
<table> <table>
<tr> <tr>
<td>Activating User/Robot:</td> <td>Creating User/Robot:</td>
<td> <td>
<span class="entity-search" namespace="organization.name" input-title="'Activating User/Robot'" <span class="entity-search" namespace="organization.name" input-title="'Creating User/Robot'"
is-organization="true" include-teams="false" current-entity="activatingForNew" is-persistent="true" is-organization="true" include-teams="false" current-entity="activatingForNew" is-persistent="true"
clear-now="clearCounter"> clear-now="clearCounter">
</span> </span>

52
static/js/app.js
View file

@ -805,14 +805,12 @@ quayApp.directive('entityReference', function () {
transclude: false, transclude: false,
restrict: 'C', restrict: 'C',
scope: { scope: {
'name': '=name', 'entity': '=entity',
'orgname': '=orgname', 'namespace': '=namespace'
'team': '=team',
'isrobot': '=isrobot'
}, },
controller: function($scope, $element, UserService) { controller: function($scope, $element, UserService) {
$scope.getIsAdmin = function(orgname) { $scope.getIsAdmin = function(namespace) {
return UserService.isNamespaceAdmin(orgname); return UserService.isNamespaceAdmin(namespace);
}; };
$scope.getPrefix = function(name) { $scope.getPrefix = function(name) {
@ -1234,6 +1232,7 @@ quayApp.directive('logsView', function () {
return 'Remove permission for token {token} from repository {repo}'; return 'Remove permission for token {token} from repository {repo}';
} }
}, },
'delete_tag': 'Tag {tag} deleted in repository {repo} by user {username}',
'change_repo_visibility': 'Change visibility for repository {repo} to {visibility}', 'change_repo_visibility': 'Change visibility for repository {repo} to {visibility}',
'add_repo_accesstoken': 'Create access token {token} in repository {repo}', 'add_repo_accesstoken': 'Create access token {token} in repository {repo}',
'delete_repo_accesstoken': 'Delete access token {token} in repository {repo}', 'delete_repo_accesstoken': 'Delete access token {token} in repository {repo}',
@ -1246,7 +1245,28 @@ quayApp.directive('logsView', function () {
'org_add_team_member': 'Add member {member} to team {team}', 'org_add_team_member': 'Add member {member} to team {team}',
'org_remove_team_member': 'Remove member {member} from team {team}', 'org_remove_team_member': 'Remove member {member} from team {team}',
'org_set_team_description': 'Change description of team {team}: {description}', 'org_set_team_description': 'Change description of team {team}: {description}',
'org_set_team_role': 'Change permission of team {team} to {role}' 'org_set_team_role': 'Change permission of team {team} to {role}',
'create_prototype_permission': function(metadata) {
if (metadata.delegate_user) {
return 'Create default permission: {role} for {delegate_user}, when creating user is {activating_username}';
} else if (metadata.delegate_team) {
return 'Create default permission: {role} for {delegate_team}, when creating user is {activating_username}';
}
},
'modify_prototype_permission': function(metadata) {
if (metadata.delegate_user) {
return 'Modify default permission: {role} (from {original_role}) for {delegate_user}, when creating user is {activating_username}';
} else if (metadata.delegate_team) {
return 'Modify default permission: {role} (from {original_role}) for {delegate_team}, when creating user is {activating_username}';
}
},
'delete_prototype_permission': function(metadata) {
if (metadata.delegate_user) {
return 'Delete default permission: {role} for {delegate_user}, when creating user is {activating_username}';
} else if (metadata.delegate_team) {
return 'Delete default permission: {role} for {delegate_team}, when creating user is {activating_username}';
}
}
}; };
var logKinds = { var logKinds = {
@ -1269,12 +1289,16 @@ quayApp.directive('logsView', function () {
'delete_repo_webhook': 'Delete webhook', 'delete_repo_webhook': 'Delete webhook',
'set_repo_description': 'Change repository description', 'set_repo_description': 'Change repository description',
'build_dockerfile': 'Build image from Dockerfile', 'build_dockerfile': 'Build image from Dockerfile',
'delete_tag': 'Delete Tag',
'org_create_team': 'Create team', 'org_create_team': 'Create team',
'org_delete_team': 'Delete team', 'org_delete_team': 'Delete team',
'org_add_team_member': 'Add team member', 'org_add_team_member': 'Add team member',
'org_remove_team_member': 'Remove team member', 'org_remove_team_member': 'Remove team member',
'org_set_team_description': 'Change team description', 'org_set_team_description': 'Change team description',
'org_set_team_role': 'Change team permission' 'org_set_team_role': 'Change team permission',
'create_prototype_permission': 'Create default permission',
'modify_prototype_permission': 'Modify default permission',
'delete_prototype_permission': 'Delete default permission'
}; };
var getDateString = function(date) { var getDateString = function(date) {
@ -1352,10 +1376,16 @@ quayApp.directive('logsView', function () {
$scope.getDescription = function(log) { $scope.getDescription = function(log) {
var fieldIcons = { var fieldIcons = {
'username': 'user', 'username': 'user',
'activating_username': 'user',
'delegate_user': 'user',
'delegate_team': 'group',
'team': 'group', 'team': 'group',
'token': 'key', 'token': 'key',
'repo': 'hdd', 'repo': 'hdd-o',
'robot': 'wrench' 'robot': 'wrench',
'tag': 'tag',
'role': 'th-large',
'original_role': 'th-large'
}; };
log.metadata['_ip'] = log.ip ? log.ip : null; log.metadata['_ip'] = log.ip ? log.ip : null;
@ -1379,7 +1409,7 @@ quayApp.directive('logsView', function () {
description = description.replace('{' + key + '}', '<code>' + markedDown + '</code>'); description = description.replace('{' + key + '}', '<code>' + markedDown + '</code>');
} }
} }
return $sce.trustAsHtml(description); return $sce.trustAsHtml(description.replace('\n', '<br>'));
}; };
$scope.$watch('organization', update); $scope.$watch('organization', update);

9
static/js/controllers.js
View file

@ -624,6 +624,15 @@ function RepoAdminCtrl($scope, Restangular, ApiService, $routeParams, $rootScope
$scope.logsShown = 0; $scope.logsShown = 0;
$scope.deleting = false; $scope.deleting = false;
$scope.buildEntityForPermission = function(name, permission, kind) {
return {
'kind': kind,
'name': name,
'is_robot': permission.is_robot,
'is_org_member': permission.is_org_member
};
};
$scope.loadLogs = function() { $scope.loadLogs = function() {
$scope.logsShown++; $scope.logsShown++;
}; };

4
static/js/graphing.js
View file

@ -1463,6 +1463,10 @@ LogUsageChart.prototype.buildData_ = function(logs) {
* Renders the tooltip when hovering over an element in the chart. * Renders the tooltip when hovering over an element in the chart.
*/ */
LogUsageChart.prototype.renderTooltip_ = function(d, e) { LogUsageChart.prototype.renderTooltip_ = function(d, e) {
if (e[0] == '0') {
e = e.substr(1);
}
var key = d + '_' + e; var key = d + '_' + e;
var entry = this.entries_[key]; var entry = this.entries_[key];
if (!entry) { if (!entry) {

7
static/partials/org-admin.html
View file

@ -92,16 +92,15 @@
<tr ng-repeat="memberInfo in (membersFound | filter:search | limitTo:50)"> <tr ng-repeat="memberInfo in (membersFound | filter:search | limitTo:50)">
<td> <td>
<span class="entity-reference" name="memberInfo.username" isrobot="memberInfo.is_robot" isorgadmin="true"></span> <span class="entity-reference" entity="memberInfo" namespace="organization.name"></span>
</td> </td>
<td> <td>
<span class="team-link" ng-repeat="team in memberInfo.teams"> <span class="team-link" ng-repeat="team in memberInfo.teams">
<i class="fa fa-group"></i> <span class="entity-reference" namespace="organization.name" entity="{'kind': 'team', 'name': team}"></span>
<a href="/organization/{{ organization.name }}/teams/{{ team }}">{{ team }}</a>
</span> </span>
</td> </td>
<td> <td>
<a href="/organization/{{ organization.name }}/logs/{{ memberInfo.username }}" title="Member Usage Logs" bs-tooltip="tooltip.title"> <a href="/organization/{{ organization.name }}/logs/{{ memberInfo.name }}" title="Member Usage Logs" bs-tooltip="tooltip.title">
<i class="fa fa-book"></i> <i class="fa fa-book"></i>
</a> </a>
</td> </td>

9
static/partials/repo-admin.html
View file

@ -51,7 +51,9 @@
<!-- Team Permissions --> <!-- Team Permissions -->
<tr ng-repeat="(name, permission) in permissions['team']"> <tr ng-repeat="(name, permission) in permissions['team']">
<td class="team entity"> <td class="team entity">
<span class="entity-reference" orgname="repo.namespace" team="name"></span> <span class="entity-reference" namespace="repo.namespace"
entity="buildEntityForPermission(name, permission, 'team')">
</span>
</td> </td>
<td class="user-permissions"> <td class="user-permissions">
<span class="role-group" current-role="permission.role" role-changed="setRole(role, name, 'team')" roles="roles"></span> <span class="role-group" current-role="permission.role" role-changed="setRole(role, name, 'team')" roles="roles"></span>
@ -67,8 +69,9 @@
<!-- User Permissions --> <!-- User Permissions -->
<tr ng-repeat="(name, permission) in permissions['user']"> <tr ng-repeat="(name, permission) in permissions['user']">
<td class="{{ 'user entity ' + (permission.is_org_member ? '' : 'outside') }}"> <td class="{{ 'user entity ' + (permission.is_org_member ? '' : 'outside') }}">
<span class="entity-reference" name="name" isrobot="permission.is_robot"></span> <span class="entity-reference" namespace="repo.namespace"
<i class="fa fa-exclamation-triangle" ng-show="permission.is_org_member === false" data-trigger="hover" bs-popover="{'content': 'This user is not a member of the organization'}"></i> entity="buildEntityForPermission(name, permission, 'user')">
</span>
</td> </td>
<td class="user-permissions"> <td class="user-permissions">
<div class="btn-group btn-group-sm"> <div class="btn-group btn-group-sm">

4
static/partials/team-view.html
View file

@ -14,11 +14,11 @@
<table class="permissions"> <table class="permissions">
<tr ng-repeat="(name, member) in members"> <tr ng-repeat="(name, member) in members">
<td class="user entity"> <td class="user entity">
<span class="entity-reference" name="member.username" isrobot="member.is_robot"></span> <span class="entity-reference" entity="member" namespace="organization.name"></span>
</td> </td>
<td> <td>
<span class="delete-ui" tabindex="0" title="Remove User" ng-show="canEditMembers"> <span class="delete-ui" tabindex="0" title="Remove User" ng-show="canEditMembers">
<span class="delete-ui-button" ng-click="removeMember(member.username)"><button class="btn btn-danger">Remove</button></span> <span class="delete-ui-button" ng-click="removeMember(member.name)"><button class="btn btn-danger">Remove</button></span>
<i class="fa fa-times"></i> <i class="fa fa-times"></i>
</span> </span>
</td> </td>