endpoints.v1: only work on docker repositories
This commit is contained in:
Jimmy Zelinskie
parent
f086eea754
commit
a2bac7dabd
5 changed files with 73 additions and 2 deletions
|
|
@ -10,7 +10,7 @@ from util.morecollections import AttrDict
|
|||
|
||||
|
||||
class Repository(namedtuple('Repository', ['id', 'name', 'namespace_name', 'description',
|
||||
'is_public'])):
|
||||
'is_public', 'kind'])):
|
||||
"""
|
||||
Repository represents a namespaced collection of tags.
|
||||
"""
|
||||
|
|
@ -396,7 +396,8 @@ def _repository_for_repo(repo):
|
|||
name=repo.name,
|
||||
namespace_name=repo.namespace_user.username,
|
||||
description=repo.description,
|
||||
is_public=model.repository.is_repository_public(repo)
|
||||
is_public=model.repository.is_repository_public(repo),
|
||||
kind=model.repository.get_repo_kind_name(repo),
|
||||
)
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -18,6 +18,11 @@ from util.itertoolrecipes import take
|
|||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
def get_repo_kind_name(repo):
|
||||
return Repository.kind.get_name(repo.kind)
|
||||
|
||||
|
||||
def get_repository_count():
|
||||
return Repository.select().count()
|
||||
|
||||
|
|
|
|||
|
|
@ -182,6 +182,10 @@ def create_repository(namespace_name, repo_name):
|
|||
message='You do not have permission to modify repository %(namespace)s/%(repository)s',
|
||||
issue='no-repo-write-permission',
|
||||
namespace=namespace_name, repository=repo_name)
|
||||
elif repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, namespace=namespace_name)
|
||||
|
||||
else:
|
||||
create_perm = CreateRepositoryPermission(namespace_name)
|
||||
if not create_perm.can():
|
||||
|
|
@ -223,6 +227,9 @@ def update_images(namespace_name, repo_name):
|
|||
if not repo:
|
||||
# Make sure the repo actually exists.
|
||||
abort(404, message='Unknown repository', issue='unknown-repo')
|
||||
elif repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, namespace=namespace_name)
|
||||
|
||||
# Generate a job for each notification that has been added to this repo
|
||||
logger.debug('Adding notifications for repository')
|
||||
|
|
@ -255,6 +262,9 @@ def get_repository_images(namespace_name, repo_name):
|
|||
repo = model.get_repository(namespace_name, repo_name)
|
||||
if not repo:
|
||||
abort(404, message='Unknown repository', issue='unknown-repo')
|
||||
elif repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, namespace=namespace_name)
|
||||
|
||||
logger.debug('Building repository image response')
|
||||
resp = make_response(json.dumps([]), 200)
|
||||
|
|
|
|||
|
|
@ -83,6 +83,11 @@ def head_image_layer(namespace, repository, image_id, headers):
|
|||
|
||||
logger.debug('Checking repo permissions')
|
||||
if permission.can() or model.repository_is_public(namespace, repository):
|
||||
repo = model.get_repository(namespace, repository)
|
||||
if repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, image_id=image_id)
|
||||
|
||||
logger.debug('Looking up placement locations')
|
||||
locations, _ = model.placement_locations_and_path_docker_v1(namespace, repository, image_id)
|
||||
if locations is None:
|
||||
|
|
@ -116,6 +121,11 @@ def get_image_layer(namespace, repository, image_id, headers):
|
|||
|
||||
logger.debug('Checking repo permissions')
|
||||
if permission.can() or model.repository_is_public(namespace, repository):
|
||||
repo = model.get_repository(namespace, repository)
|
||||
if repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, image_id=image_id)
|
||||
|
||||
logger.debug('Looking up placement locations and path')
|
||||
locations, path = model.placement_locations_and_path_docker_v1(namespace, repository, image_id)
|
||||
if not locations or not path:
|
||||
|
|
@ -151,6 +161,11 @@ def put_image_layer(namespace, repository, image_id):
|
|||
if not permission.can():
|
||||
abort(403)
|
||||
|
||||
repo = model.get_repository(namespace, repository)
|
||||
if repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, image_id=image_id)
|
||||
|
||||
logger.debug('Retrieving image')
|
||||
if model.storage_exists(namespace, repository, image_id):
|
||||
exact_abort(409, 'Image already exists')
|
||||
|
|
@ -255,6 +270,11 @@ def put_image_checksum(namespace, repository, image_id):
|
|||
if not permission.can():
|
||||
abort(403)
|
||||
|
||||
repo = model.get_repository(namespace, repository)
|
||||
if repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, image_id=image_id)
|
||||
|
||||
# Docker Version < 0.10 (tarsum+sha):
|
||||
old_checksum = request.headers.get('X-Docker-Checksum')
|
||||
|
||||
|
|
@ -324,6 +344,11 @@ def get_image_json(namespace, repository, image_id, headers):
|
|||
if not permission.can() and not model.repository_is_public(namespace, repository):
|
||||
abort(403)
|
||||
|
||||
repo = model.get_repository(namespace, repository)
|
||||
if repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, image_id=image_id)
|
||||
|
||||
logger.debug('Looking up repo image')
|
||||
v1_metadata = model.docker_v1_metadata(namespace, repository, image_id)
|
||||
if v1_metadata is None:
|
||||
|
|
@ -353,6 +378,11 @@ def get_image_ancestry(namespace, repository, image_id, headers):
|
|||
if not permission.can() and not model.repository_is_public(namespace, repository):
|
||||
abort(403)
|
||||
|
||||
repo = model.get_repository(namespace, repository)
|
||||
if repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, image_id=image_id)
|
||||
|
||||
ancestry_docker_ids = model.image_ancestry(namespace, repository, image_id)
|
||||
if ancestry_docker_ids is None:
|
||||
abort(404, 'Image %(image_id)s not found', issue='unknown-image', image_id=image_id)
|
||||
|
|
@ -373,6 +403,11 @@ def put_image_json(namespace, repository, image_id):
|
|||
if not permission.can():
|
||||
abort(403)
|
||||
|
||||
repo = model.get_repository(namespace, repository)
|
||||
if repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, image_id=image_id)
|
||||
|
||||
logger.debug('Parsing image JSON')
|
||||
try:
|
||||
uploaded_metadata = request.data
|
||||
|
|
|
|||
|
|
@ -27,6 +27,11 @@ def get_tags(namespace_name, repo_name):
|
|||
permission = ReadRepositoryPermission(namespace_name, repo_name)
|
||||
|
||||
if permission.can() or model.repository_is_public(namespace_name, repo_name):
|
||||
repo = model.get_repository(namespace_name, repo_name)
|
||||
if repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, namespace=namespace_name)
|
||||
|
||||
tags = model.list_tags(namespace_name, repo_name)
|
||||
tag_map = {tag.name: tag.image.docker_image_id for tag in tags}
|
||||
return jsonify(tag_map)
|
||||
|
|
@ -42,6 +47,11 @@ def get_tag(namespace_name, repo_name, tag):
|
|||
permission = ReadRepositoryPermission(namespace_name, repo_name)
|
||||
|
||||
if permission.can() or model.repository_is_public(namespace_name, repo_name):
|
||||
repo = model.get_repository(namespace_name, repo_name)
|
||||
if repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, namespace=namespace_name)
|
||||
|
||||
image_id = model.find_image_id_by_tag(namespace_name, repo_name, tag)
|
||||
if image_id is None:
|
||||
abort(404)
|
||||
|
|
@ -64,6 +74,11 @@ def put_tag(namespace_name, repo_name, tag):
|
|||
if not TAG_REGEX.match(tag):
|
||||
abort(400, TAG_ERROR)
|
||||
|
||||
repo = model.get_repository(namespace_name, repo_name)
|
||||
if repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, namespace=namespace_name)
|
||||
|
||||
image_id = json.loads(request.data)
|
||||
model.create_or_update_tag(namespace_name, repo_name, image_id, tag)
|
||||
|
||||
|
|
@ -86,6 +101,11 @@ def delete_tag(namespace_name, repo_name, tag):
|
|||
permission = ModifyRepositoryPermission(namespace_name, repo_name)
|
||||
|
||||
if permission.can():
|
||||
repo = model.get_repository(namespace_name, repo_name)
|
||||
if repo.kind != 'image':
|
||||
msg = 'This repository is for a managing resource type other than docker images.'
|
||||
abort(415, message=msg, namespace=namespace_name)
|
||||
|
||||
model.delete_tag(namespace_name, repo_name, tag)
|
||||
track_and_log('delete_tag', model.get_repository(namespace_name, repo_name), tag=tag)
|
||||
return make_response('Deleted', 200)
|
||||
|
|
|
|||
Reference in a new issue