Make sure all aborts have message information
This commit is contained in:
Joseph Schorr
parent
1100e72d9e
commit
a120f6c64a
3 changed files with 9 additions and 7 deletions
11
auth/auth.py
11
auth/auth.py
|
|
@ -1,7 +1,7 @@
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
from functools import wraps
|
from functools import wraps
|
||||||
from flask import request, _request_ctx_stack, abort, session
|
from flask import request, _request_ctx_stack, abort as flask_abort, session
|
||||||
from flask.ext.principal import identity_changed, Identity
|
from flask.ext.principal import identity_changed, Identity
|
||||||
from base64 import b64decode
|
from base64 import b64decode
|
||||||
|
|
||||||
|
|
@ -10,6 +10,7 @@ from app import app
|
||||||
from permissions import QuayDeferredPermissionUser
|
from permissions import QuayDeferredPermissionUser
|
||||||
|
|
||||||
from util.names import parse_namespace_repository
|
from util.names import parse_namespace_repository
|
||||||
|
from util.http import abort
|
||||||
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
@ -89,13 +90,13 @@ def process_token(auth):
|
||||||
|
|
||||||
if len(token_details) != 1:
|
if len(token_details) != 1:
|
||||||
logger.warning('Invalid token format: %s' % auth)
|
logger.warning('Invalid token format: %s' % auth)
|
||||||
abort(401)
|
abort(401, message="Invalid token format: %(auth)", issue='invalid-auth-token', auth=auth)
|
||||||
|
|
||||||
token_vals = {val[0]: val[1] for val in
|
token_vals = {val[0]: val[1] for val in
|
||||||
(detail.split('=') for detail in token_details)}
|
(detail.split('=') for detail in token_details)}
|
||||||
if 'signature' not in token_vals:
|
if 'signature' not in token_vals:
|
||||||
logger.warning('Token does not contain signature: %s' % auth)
|
logger.warning('Token does not contain signature: %s' % auth)
|
||||||
abort(401)
|
abort(401, message="Token does not contain a valid signature: %(auth)", issue='invalid-auth-token', auth=auth)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
token_data = model.load_token_data(token_vals['signature'])
|
token_data = model.load_token_data(token_vals['signature'])
|
||||||
|
|
@ -103,7 +104,7 @@ def process_token(auth):
|
||||||
except model.InvalidTokenException:
|
except model.InvalidTokenException:
|
||||||
logger.warning('Token could not be validated: %s' %
|
logger.warning('Token could not be validated: %s' %
|
||||||
token_vals['signature'])
|
token_vals['signature'])
|
||||||
abort(401)
|
abort(401, message="Token could not be validated: %(auth)", issue='invalid-auth-token', auth=auth)
|
||||||
|
|
||||||
logger.debug('Successfully validated token: %s' % token_data.code)
|
logger.debug('Successfully validated token: %s' % token_data.code)
|
||||||
ctx = _request_ctx_stack.top
|
ctx = _request_ctx_stack.top
|
||||||
|
|
@ -134,7 +135,7 @@ def extract_namespace_repo_from_session(f):
|
||||||
if 'namespace' not in session or 'repository' not in session:
|
if 'namespace' not in session or 'repository' not in session:
|
||||||
logger.error('Unable to load namespace or repository from session: %s' %
|
logger.error('Unable to load namespace or repository from session: %s' %
|
||||||
session)
|
session)
|
||||||
abort(400)
|
abort(400, message="Missing namespace in request")
|
||||||
|
|
||||||
return f(session['namespace'], session['repository'], *args, **kwargs)
|
return f(session['namespace'], session['repository'], *args, **kwargs)
|
||||||
return wrapper
|
return wrapper
|
||||||
|
|
|
||||||
|
|
@ -259,7 +259,7 @@ def get_image_json(namespace, repository, image_id, headers):
|
||||||
data = store.get_content(store.image_json_path(namespace, repository,
|
data = store.get_content(store.image_json_path(namespace, repository,
|
||||||
image_id, uuid))
|
image_id, uuid))
|
||||||
except IOError:
|
except IOError:
|
||||||
flask_abort(404)
|
abort(404, message='Image data not found')
|
||||||
|
|
||||||
try:
|
try:
|
||||||
size = store.get_size(store.image_layer_path(namespace, repository,
|
size = store.get_size(store.image_layer_path(namespace, repository,
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,6 @@ import logging
|
||||||
|
|
||||||
from app import mixpanel
|
from app import mixpanel
|
||||||
from flask import request, abort as flask_abort, jsonify
|
from flask import request, abort as flask_abort, jsonify
|
||||||
from auth.auth import get_authenticated_user, get_validated_token
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
@ -16,6 +15,8 @@ DEFAULT_MESSAGE[409] = 'Conflict'
|
||||||
DEFAULT_MESSAGE[501] = 'Not Implemented'
|
DEFAULT_MESSAGE[501] = 'Not Implemented'
|
||||||
|
|
||||||
def abort(status_code, message=None, issue=None, **kwargs):
|
def abort(status_code, message=None, issue=None, **kwargs):
|
||||||
|
from auth.auth import get_authenticated_user, get_validated_token
|
||||||
|
|
||||||
message = (str(message) % kwargs if message else
|
message = (str(message) % kwargs if message else
|
||||||
DEFAULT_MESSAGE.get(status_code, ''))
|
DEFAULT_MESSAGE.get(status_code, ''))
|
||||||
|
|
||||||
|
|
|
||||||
Reference in a new issue