Start of a v2 API.
This commit is contained in:
Jake Moshenko
parent
3bfa2a6509
commit
acbcc2e206
16 changed files with 508 additions and 55 deletions
62
endpoints/v2/__init__.py
Normal file
62
endpoints/v2/__init__.py
Normal file
|
|
@ -0,0 +1,62 @@
|
|||
import logging
|
||||
|
||||
from flask import Blueprint, make_response
|
||||
from functools import wraps
|
||||
|
||||
from endpoints.decorators import anon_protect, anon_allowed
|
||||
from auth.jwt_auth import process_jwt_auth
|
||||
from auth.auth_context import get_grant_user_context
|
||||
from auth.permissions import (ReadRepositoryPermission, ModifyRepositoryPermission,
|
||||
AdministerRepositoryPermission)
|
||||
from data import model
|
||||
from util.http import abort
|
||||
|
||||
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
v2_bp = Blueprint('v2', __name__)
|
||||
|
||||
|
||||
def _require_repo_permission(permission_class, allow_public=False):
|
||||
def wrapper(func):
|
||||
@wraps(func)
|
||||
def wrapped(namespace, repo_name, *args, **kwargs):
|
||||
logger.debug('Checking permission %s for repo: %s/%s', permission_class, namespace, repo_name)
|
||||
permission = permission_class(namespace, repo_name)
|
||||
if (permission.can() or
|
||||
(allow_public and
|
||||
model.repository_is_public(namespace, repo_name))):
|
||||
return func(namespace, repo_name, *args, **kwargs)
|
||||
raise abort(401)
|
||||
return wrapped
|
||||
return wrapper
|
||||
|
||||
|
||||
require_repo_read = _require_repo_permission(ReadRepositoryPermission, True)
|
||||
require_repo_write = _require_repo_permission(ModifyRepositoryPermission)
|
||||
require_repo_admin = _require_repo_permission(AdministerRepositoryPermission)
|
||||
|
||||
|
||||
def get_input_stream(flask_request):
|
||||
if flask_request.headers.get('transfer-encoding') == 'chunked':
|
||||
return flask_request.environ['wsgi.input']
|
||||
return flask_request.stream
|
||||
|
||||
|
||||
@v2_bp.route('/')
|
||||
@process_jwt_auth
|
||||
@anon_allowed
|
||||
def v2_support_enabled():
|
||||
response = make_response('true', 200)
|
||||
|
||||
if get_grant_user_context() is None:
|
||||
response = make_response('true', 401)
|
||||
response.headers['WWW-Authenticate'] = 'Bearer realm="192.168.59.3:5000/v2/auth",service="quay"'
|
||||
|
||||
response.headers['Docker-Distribution-API-Version'] = 'registry/2.0'
|
||||
return response
|
||||
|
||||
|
||||
from endpoints.v2 import v2auth
|
||||
from endpoints.v2 import manifest
|
||||
from endpoints.v2 import blobs
|
||||
Reference in a new issue