Add a check to ensure repository names are valid according to an extended set of rules.

Fixes #534
2015-09-24 11:42:56 -04:00 · 2015-09-24 11:42:56 -04:00 · a283c8d8ec
commit a283c8d8ec
parent ee836da1e3
5 changed files with 36 additions and 3 deletions
--- a/endpoints/v1/index.py
+++ b/endpoints/v1/index.py
@ -9,7 +9,7 @@ from data import model
 from app import app, authentication, userevents, storage
 from auth.auth import process_auth, generate_signed_token
 from auth.auth_context import get_authenticated_user, get_validated_token, get_validated_oauth_token
-from util.names import parse_repository_name
+from util.names import parse_repository_name, REPOSITORY_NAME_REGEX
 from auth.permissions import (ModifyRepositoryPermission, UserAdminPermission,
                              ReadRepositoryPermission, CreateRepositoryPermission,
                              repository_read_grant, repository_write_grant)
@ -173,6 +173,10 @@ def update_user(username):
@generate_headers(scope=GrantType.WRITE_REPOSITORY, add_grant_for_status=201)
@anon_allowed
 def create_repository(namespace, repository):
+  # Verify that the repository name is valid.
+  if not REPOSITORY_NAME_REGEX.match(repository):
+    abort(400, message='Invalid repository name. Repository names cannot contain slashes.')
+
  logger.debug('Looking up repository %s/%s', namespace, repository)
  repo = model.repository.get_repository(namespace, repository)