vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge branch 'bobthe' into tutorial

Browse source
This commit is contained in:
Joseph Schorr 2014-02-06 13:37:41 -05:00
commit b7afc83204
75 changed files with 1395 additions and 1143 deletions
Download patch file Download diff file Expand all files Collapse all files

213
endpoints/api.py
View file

@ -31,12 +31,14 @@ from datetime import datetime, timedelta
store = app.config['STORAGE']
user_files = app.config['USERFILES']
build_logs = app.config['BUILDLOGS']
logger = logging.getLogger(__name__)
route_data = None
api = Blueprint('api', __name__)
@api.before_request
def csrf_protect():
if request.method != "GET" and request.method != "HEAD":
@ -45,7 +47,19 @@ def csrf_protect():
# TODO: add if not token here, once we are sure all sessions have a token.
if token != found_token:
abort(403)
msg = 'CSRF Failure. Session token was %s and request token was %s'
logger.error(msg, token, found_token)
if not token:
logger.warning('No CSRF token in session.')
def request_error(exception=None, **kwargs):
data = kwargs.copy()
if exception:
data['message'] = exception.message
return make_response(jsonify(data), 400)
def get_route_data():
@ -132,7 +146,7 @@ def discovery():
@api.route('/')
@internal_api_call
def welcome():
return make_response('welcome', 200)
return jsonify({'version': '0.5'})
@api.route('/plans/')
@ -222,20 +236,14 @@ def convert_user_to_organization():
# Ensure that the new admin user is the not user being converted.
admin_username = convert_data['adminUser']
if admin_username == user.username:
error_resp = jsonify({
'reason': 'invaliduser'
})
error_resp.status_code = 400
return error_resp
return request_error(reason='invaliduser',
message='The admin user is not valid')
# Ensure that the sign in credentials work.
admin_password = convert_data['adminPassword']
if not model.verify_user(admin_username, admin_password):
error_resp = jsonify({
'reason': 'invaliduser'
})
error_resp.status_code = 400
return error_resp
return request_error(reason='invaliduser',
message='The admin user credentials are not valid')
# Subscribe the organization to the new plan.
plan = convert_data['plan']
@ -271,22 +279,15 @@ def change_user_details():
new_email = user_data['email']
if model.find_user_by_email(new_email):
# Email already used.
error_resp = jsonify({
'message': 'E-mail address already used'
})
error_resp.status_code = 400
return error_resp
return request_error(message='E-mail address already used')
logger.debug('Sending email to change email address for user: %s', user.username)
logger.debug('Sending email to change email address for user: %s',
user.username)
code = model.create_confirm_email_code(user, new_email=new_email)
send_change_email(user.username, user_data['email'], code.code)
except model.InvalidPasswordException, ex:
error_resp = jsonify({
'message': ex.message,
})
error_resp.status_code = 400
return error_resp
return request_error(exception=ex)
return jsonify(user_view(user))
@ -298,11 +299,7 @@ def create_new_user():
existing_user = model.get_user(user_data['username'])
if existing_user:
error_resp = jsonify({
'message': 'The username already exists'
})
error_resp.status_code = 400
return error_resp
return request_error(message='The username already exists')
try:
new_user = model.create_user(user_data['username'], user_data['password'],
@ -311,11 +308,7 @@ def create_new_user():
send_confirmation_email(new_user.username, new_user.email, code.code)
return make_response('Created', 201)
except model.DataModelException as ex:
error_resp = jsonify({
'message': ex.message,
})
error_resp.status_code = 400
return error_resp
return request_error(exception=ex)
@api.route('/signin', methods=['POST'])
@ -336,7 +329,7 @@ def conduct_signin(username_or_email, password):
verified = model.verify_user(username_or_email, password)
if verified:
if common_login(verified):
return make_response('Success', 200)
return jsonify({'success': True})
else:
needs_email_verification = True
@ -357,7 +350,7 @@ def conduct_signin(username_or_email, password):
def logout():
logout_user()
identity_changed.send(app, identity=AnonymousIdentity())
return make_response('Success', 200)
return jsonify({'success': True})
@api.route("/recovery", methods=['POST'])
@ -459,22 +452,15 @@ def create_organization():
pass
if existing:
error_resp = jsonify({
'message': 'A user or organization with this name already exists'
})
error_resp.status_code = 400
return error_resp
msg = 'A user or organization with this name already exists'
return request_error(message=msg)
try:
model.create_organization(org_data['name'], org_data['email'],
current_user.db_user())
return make_response('Created', 201)
except model.DataModelException as ex:
error_resp = jsonify({
'message': ex.message,
})
error_resp.status_code = 400
return error_resp
return request_error(exception=ex)
def org_view(o, teams):
@ -529,12 +515,7 @@ def change_organization_details(orgname):
if 'email' in org_data and org_data['email'] != org.email:
new_email = org_data['email']
if model.find_user_by_email(new_email):
# Email already used.
error_resp = jsonify({
'message': 'E-mail address already used'
})
error_resp.status_code = 400
return error_resp
return request_error(message='E-mail address already used')
logger.debug('Changing email address for organization: %s', org.username)
model.update_email(org, new_email)
@ -568,7 +549,7 @@ def prototype_view(proto, org_members):
'id': proto.uuid,
}
@api.route('/api/organization/<orgname>/prototypes', methods=['GET'])
@api.route('/organization/<orgname>/prototypes', methods=['GET'])
@api_login_required
def get_organization_prototype_permissions(orgname):
permission = AdministerOrganizationPermission(orgname)
@ -606,7 +587,7 @@ def log_prototype_action(action_kind, orgname, prototype, **kwargs):
log_action(action_kind, orgname, log_params)
@api.route('/api/organization/<orgname>/prototypes', methods=['POST'])
@api.route('/organization/<orgname>/prototypes', methods=['POST'])
@api_login_required
def create_organization_prototype_permission(orgname):
permission = AdministerOrganizationPermission(orgname)
@ -619,7 +600,8 @@ def create_organization_prototype_permission(orgname):
details = request.get_json()
activating_username = None
if 'activating_user' in details and details['activating_user'] and 'name' in details['activating_user']:
if ('activating_user' in details and details['activating_user'] and
'name' in details['activating_user']):
activating_username = details['activating_user']['name']
delegate = details['delegate']
@ -637,10 +619,10 @@ def create_organization_prototype_permission(orgname):
if delegate_teamname else None)
if activating_username and not activating_user:
abort(404)
return request_error(message='Unknown activating user')
if not delegate_user and not delegate_team:
abort(400)
return request_error(message='Missing delagate user or team')
role_name = details['role']
@ -653,7 +635,7 @@ def create_organization_prototype_permission(orgname):
abort(403)
@api.route('/api/organization/<orgname>/prototypes/<prototypeid>',
@api.route('/organization/<orgname>/prototypes/<prototypeid>',
methods=['DELETE'])
@api_login_required
def delete_organization_prototype_permission(orgname, prototypeid):
@ -675,7 +657,7 @@ def delete_organization_prototype_permission(orgname, prototypeid):
abort(403)
@api.route('/api/organization/<orgname>/prototypes/<prototypeid>',
@api.route('/organization/<orgname>/prototypes/<prototypeid>',
methods=['PUT'])
@api_login_required
def update_organization_prototype_permission(orgname, prototypeid):
@ -898,7 +880,7 @@ def update_organization_team_member(orgname, teamname, membername):
# Find the user.
user = model.get_user(membername)
if not user:
abort(400)
return request_error(message='Unknown user')
# Add the user to the team.
model.add_user_to_team(user, team)
@ -939,7 +921,7 @@ def create_repo():
existing = model.get_repository(namespace_name, repository_name)
if existing:
return make_response('Repository already exists', 400)
return request_error(message='Repository already exists')
visibility = req['visibility']
@ -1012,7 +994,7 @@ def list_repos():
if page:
try:
page = int(page)
except:
except Exception:
page = None
username = None
@ -1160,35 +1142,65 @@ def get_repo(namespace, repository):
abort(403) # Permission denied
def build_status_view(build_obj):
status = build_logs.get_status(build_obj.uuid)
return {
'id': build_obj.uuid,
'phase': build_obj.phase,
'status': status,
}
@api.route('/repository/<path:repository>/build/', methods=['GET'])
@parse_repository_name
def get_repo_builds(namespace, repository):
permission = ReadRepositoryPermission(namespace, repository)
is_public = model.repository_is_public(namespace, repository)
if permission.can() or is_public:
def build_view(build_obj):
# TODO(jake): Filter these logs if the current user can only *read* the repo.
if build_obj.status_url:
# Delegate the status to the build node
node_status = requests.get(build_obj.status_url).json()
node_status['id'] = build_obj.id
return node_status
# If there was no status url, do the best we can
# The format of this block should mirror that of the buildserver.
return {
'id': build_obj.id,
'total_commands': None,
'current_command': None,
'push_completion': 0.0,
'status': build_obj.phase,
'message': None,
'image_completion': {},
}
builds = model.list_repository_builds(namespace, repository)
return jsonify({
'builds': [build_view(build) for build in builds]
'builds': [build_status_view(build) for build in builds]
})
abort(403) # Permission denied
@api.route('/repository/<path:repository>/build/<build_uuid>/status',
methods=['GET'])
@parse_repository_name
def get_repo_build_status(namespace, repository, build_uuid):
permission = ReadRepositoryPermission(namespace, repository)
is_public = model.repository_is_public(namespace, repository)
if permission.can() or is_public:
build = model.get_repository_build(namespace, repository, build_uuid)
return jsonify(build_status_view(build))
abort(403) # Permission denied
@api.route('/repository/<path:repository>/build/<build_uuid>/logs',
methods=['GET'])
@parse_repository_name
def get_repo_build_logs(namespace, repository, build_uuid):
permission = ModifyRepositoryPermission(namespace, repository)
if permission.can():
build = model.get_repository_build(namespace, repository, build_uuid)
start = int(request.args.get('start', -1000))
end = int(request.args.get('end', -1))
count, logs = build_logs.get_log_entries(build.uuid, start, end)
if start < 0:
start = max(0, count + start)
if end < 0:
end = count + end
return jsonify({
'start': start,
'end': end,
'total': count,
'logs': [log for log in logs],
})
abort(403) # Permission denied
@ -1210,15 +1222,21 @@ def request_repo_build(namespace, repository):
tag = '%s/%s/%s' % (host, repo.namespace, repo.name)
build_request = model.create_repository_build(repo, token, dockerfile_id,
tag)
dockerfile_build_queue.put(json.dumps({'build_id': build_request.id}))
dockerfile_build_queue.put(json.dumps({
'build_uuid': build_request.uuid,
'namespace': namespace,
'repository': repository,
}))
log_action('build_dockerfile', namespace,
{'repo': repository, 'namespace': namespace,
'fileid': dockerfile_id}, repo=repo)
resp = jsonify({
'started': True
})
resp = jsonify(build_status_view(build_request))
repo_string = '%s/%s' % (namespace, repository)
resp.headers['Location'] = url_for('api.get_repo_build_status',
repository=repo_string,
build_uuid=build_request.uuid)
resp.status_code = 201
return resp
@ -1242,7 +1260,8 @@ def create_webhook(namespace, repository):
webhook = model.create_webhook(repo, request.get_json())
resp = jsonify(webhook_view(webhook))
repo_string = '%s/%s' % (namespace, repository)
resp.headers['Location'] = url_for('get_webhook', repository=repo_string,
resp.headers['Location'] = url_for('api.get_webhook',
repository=repo_string,
public_id=webhook.public_id)
log_action('add_repo_webhook', namespace,
{'repo': repository, 'webhook_id': webhook.public_id},
@ -1379,7 +1398,7 @@ def get_image_changes(namespace, repository, image_id):
abort(403)
@api.route('/api/repository/<path:repository>/tag/<tag>',
@api.route('/repository/<path:repository>/tag/<tag>',
methods=['DELETE'])
@parse_repository_name
def delete_full_tag(namespace, repository, tag):
@ -1543,11 +1562,7 @@ def change_user_permissions(namespace, repository, username):
# This repository is not part of an organization
pass
except model.DataModelException as ex:
error_resp = jsonify({
'message': ex.message,
})
error_resp.status_code = 400
return error_resp
return request_error(exception=ex)
log_action('change_repo_permission', namespace,
{'username': username, 'repo': repository,
@ -1600,11 +1615,7 @@ def delete_user_permissions(namespace, repository, username):
try:
model.delete_user_permission(username, namespace, repository)
except model.DataModelException as ex:
error_resp = jsonify({
'message': ex.message,
})
error_resp.status_code = 400
return error_resp
return request_error(exception=ex)
log_action('delete_repo_permission', namespace,
{'username': username, 'repo': repository},
@ -1860,7 +1871,7 @@ def subscribe(user, plan, token, require_business_plan):
plan_found['price'] == 0):
logger.warning('Business attempting to subscribe to personal plan: %s',
user.username)
abort(400)
return request_error(message='No matching plan found')
private_repos = model.get_private_repo_count(user.username)
@ -2090,7 +2101,7 @@ def delete_user_robot(robot_shortname):
parent = current_user.db_user()
model.delete_robot(format_robot_username(parent.username, robot_shortname))
log_action('delete_robot', parent.username, {'robot': robot_shortname})
return make_response('No Content', 204)
return make_response('Deleted', 204)
@api.route('/organization/<orgname>/robots/<robot_shortname>',
@ -2102,7 +2113,7 @@ def delete_org_robot(orgname, robot_shortname):
if permission.can():
model.delete_robot(format_robot_username(orgname, robot_shortname))
log_action('delete_robot', orgname, {'robot': robot_shortname})
return make_response('No Content', 204)
return make_response('Deleted', 204)
abort(403)

2
endpoints/common.py
View file

@ -2,7 +2,7 @@ import logging
import os
import base64
from flask import request, abort, session
from flask import request, abort, session, make_response
from flask.ext.login import login_user, UserMixin
from flask.ext.principal import identity_changed

39
endpoints/index.py
View file

@ -2,12 +2,12 @@ import json
import logging
import urlparse
from flask import request, make_response, jsonify, abort, session, Blueprint
from flask import request, make_response, jsonify, session, Blueprint
from functools import wraps
from data import model
from data.queue import webhook_queue
from app import app, mixpanel
from app import mixpanel
from auth.auth import (process_auth, get_authenticated_user,
get_validated_token)
from util.names import parse_repository_name
@ -16,6 +16,9 @@ from auth.permissions import (ModifyRepositoryPermission, UserPermission,
ReadRepositoryPermission,
CreateRepositoryPermission)
from util.http import abort
logger = logging.getLogger(__name__)
index = Blueprint('index', __name__)
@ -64,14 +67,14 @@ def create_user():
model.load_token_data(password)
return make_response('Verified', 201)
except model.InvalidTokenException:
return make_response('Invalid access token.', 400)
abort(400, 'Invalid access token.', issue='invalid-access-token')
elif '+' in username:
try:
model.verify_robot(username, password)
return make_response('Verified', 201)
except model.InvalidRobotException:
return make_response('Invalid robot account or password.', 400)
abort(400, 'Invalid robot account or password.', issue='robot-login-failure')
existing_user = model.get_user(username)
if existing_user:
@ -79,7 +82,8 @@ def create_user():
if verified:
return make_response('Verified', 201)
else:
return make_response('Invalid password.', 400)
abort(400, 'Invalid password.', issue='login-failure')
else:
# New user case
new_user = model.create_user(username, password, user_data['email'])
@ -131,23 +135,30 @@ def update_user(username):
@generate_headers(role='write')
def create_repository(namespace, repository):
image_descriptions = json.loads(request.data)
repo = model.get_repository(namespace, repository)
if not repo and get_authenticated_user() is None:
logger.debug('Attempt to create new repository without user auth.')
abort(401)
abort(401,
message='Cannot create a repository as a guest. Please login via "docker login" first.',
issue='no-login')
elif repo:
permission = ModifyRepositoryPermission(namespace, repository)
if not permission.can():
abort(403)
abort(403,
message='You do not have permission to modify repository %(namespace)s/%(repository)s',
issue='no-repo-write-permission',
namespace=namespace, repository=repository)
else:
permission = CreateRepositoryPermission(namespace)
if not permission.can():
logger.info('Attempt to create a new repo with insufficient perms.')
abort(403)
abort(403,
message='You do not have permission to create repositories in namespace "%(namespace)s"',
issue='no-create-permission',
namespace=namespace)
logger.debug('Creaing repository with owner: %s' %
get_authenticated_user().username)
@ -200,7 +211,7 @@ def update_images(namespace, repository):
repo = model.get_repository(namespace, repository)
if not repo:
# Make sure the repo actually exists.
abort(404)
abort(404, message='Unknown repository', issue='unknown-repo')
image_with_checksums = json.loads(request.data)
@ -248,7 +259,7 @@ def get_repository_images(namespace, repository):
# We can't rely on permissions to tell us if a repo exists anymore
repo = model.get_repository(namespace, repository)
if not repo:
abort(404)
abort(404, message='Unknown repository', issue='unknown-repo')
all_images = []
for image in model.get_repository_images(namespace, repository):
@ -296,18 +307,18 @@ def get_repository_images(namespace, repository):
@parse_repository_name
@generate_headers(role='write')
def delete_repository_images(namespace, repository):
return make_response('Not Implemented', 501)
abort(501, 'Not Implemented', issue='not-implemented')
@index.route('/repositories/<path:repository>/auth', methods=['PUT'])
@parse_repository_name
def put_repository_auth(namespace, repository):
return make_response('Not Implemented', 501)
abort(501, 'Not Implemented', issue='not-implemented')
@index.route('/search', methods=['GET'])
def get_search():
return make_response('Not Implemented', 501)
abort(501, 'Not Implemented', issue='not-implemented')
@index.route('/_ping')

95
endpoints/registry.py
View file

@ -1,8 +1,8 @@
import logging
import json
from flask import (make_response, request, session, Response, abort,
redirect, Blueprint)
from flask import (make_response, request, session, Response, redirect,
Blueprint, abort as flask_abort)
from functools import wraps
from datetime import datetime
from time import time
@ -12,6 +12,7 @@ from data.queue import image_diff_queue
from app import app
from auth.auth import process_auth, extract_namespace_repo_from_session
from util import checksums, changes
from util.http import abort
from auth.permissions import (ReadRepositoryPermission,
ModifyRepositoryPermission)
from data import model
@ -45,8 +46,9 @@ def require_completion(f):
def wrapper(namespace, repository, *args, **kwargs):
if store.exists(store.image_mark_path(namespace, repository,
kwargs['image_id'])):
logger.warning('Image is already being uploaded: %s', kwargs['image_id'])
abort(400) # 'Image is being uploaded, retry later')
abort(400, 'Image %(image_id)s is being uploaded, retry later',
issue='upload-in-progress', image_id=kwargs['image_id'])
return f(namespace, repository, *args, **kwargs)
return wrapper
@ -90,9 +92,8 @@ def get_image_layer(namespace, repository, image_id, headers):
try:
return Response(store.stream_read(path), headers=headers)
except IOError:
logger.warning('Image not found: %s', image_id)
abort(404) # 'Image not found', 404)
abort(404, 'Image %(image_id)s not found', issue='unknown-image', image_id=image_id)
abort(403)
@ -108,16 +109,20 @@ def put_image_layer(namespace, repository, image_id):
json_data = store.get_content(store.image_json_path(namespace, repository,
image_id))
except IOError:
abort(404) # 'Image not found', 404)
abort(404, 'Image %(image_id)s not found', issue='unknown-image', image_id=image_id)
layer_path = store.image_layer_path(namespace, repository, image_id)
mark_path = store.image_mark_path(namespace, repository, image_id)
if store.exists(layer_path) and not store.exists(mark_path):
abort(409) # 'Image already exists', 409)
abort(409, 'Image already exists', issue='image-exists', image_id=image_id)
input_stream = request.stream
if request.headers.get('transfer-encoding') == 'chunked':
# Careful, might work only with WSGI servers supporting chunked
# encoding (Gunicorn)
input_stream = request.environ['wsgi.input']
# compute checksums
csums = []
sr = SocketReader(input_stream)
@ -127,6 +132,7 @@ def put_image_layer(namespace, repository, image_id):
sr.add_handler(sum_hndlr)
store.stream_write(layer_path, sr)
csums.append('sha256:{0}'.format(h.hexdigest()))
try:
image_size = tmp.tell()
@ -139,6 +145,7 @@ def put_image_layer(namespace, repository, image_id):
except (IOError, checksums.TarError) as e:
logger.debug('put_image_layer: Error when computing tarsum '
'{0}'.format(e))
try:
checksum = store.get_content(store.image_checksum_path(namespace,
repository,
@ -148,10 +155,13 @@ def put_image_layer(namespace, repository, image_id):
# Not removing the mark though, image is not downloadable yet.
session['checksum'] = csums
return make_response('true', 200)
# We check if the checksums provided matches one the one we computed
if checksum not in csums:
logger.warning('put_image_layer: Wrong checksum')
abort(400) # 'Checksum mismatch, ignoring the layer')
abort(400, 'Checksum mismatch; ignoring the layer for image %(image_id)s',
issue='checksum-mismatch', image_id=image_id)
# Checksum is ok, we remove the marker
store.remove(mark_path)
@ -177,24 +187,31 @@ def put_image_checksum(namespace, repository, image_id):
checksum = request.headers.get('X-Docker-Checksum')
if not checksum:
logger.warning('Missing Image\'s checksum: %s', image_id)
abort(400) # 'Missing Image\'s checksum')
abort(400, "Missing checksum for image %(image_id)s", issue='missing-checksum', image_id=image_id)
if not session.get('checksum'):
logger.warning('Checksum not found in Cookie for image: %s', image_id)
abort(400) # 'Checksum not found in Cookie')
abort(400, 'Checksum not found in Cookie for image %(imaage_id)s',
issue='missing-checksum-cookie', image_id=image_id)
if not store.exists(store.image_json_path(namespace, repository, image_id)):
abort(404) # 'Image not found', 404)
abort(404, 'Image not found: %(image_id)s', issue='unknown-image', image_id=image_id)
mark_path = store.image_mark_path(namespace, repository, image_id)
if not store.exists(mark_path):
abort(409) # 'Cannot set this image checksum', 409)
abort(409, 'Cannot set checksum for image %(image_id)s',
issue='image-write-error', image_id=image_id)
err = store_checksum(namespace, repository, image_id, checksum)
if err:
abort(err)
abort(400, err)
if checksum not in session.get('checksum', []):
logger.debug('session checksums: %s' % session.get('checksum', []))
logger.debug('client supplied checksum: %s' % checksum)
logger.debug('put_image_layer: Wrong checksum')
abort(400) # 'Checksum mismatch')
abort(400, 'Checksum mismatch for image: %(image_id)s',
issue='checksum-mismatch', image_id=image_id)
# Checksum is ok, we remove the marker
store.remove(mark_path)
@ -225,16 +242,19 @@ def get_image_json(namespace, repository, image_id, headers):
data = store.get_content(store.image_json_path(namespace, repository,
image_id))
except IOError:
abort(404) # 'Image not found', 404)
flask_abort(404)
try:
size = store.get_size(store.image_layer_path(namespace, repository,
image_id))
headers['X-Docker-Size'] = str(size)
except OSError:
pass
checksum_path = store.image_checksum_path(namespace, repository, image_id)
if store.exists(checksum_path):
headers['X-Docker-Checksum'] = store.get_content(checksum_path)
response = make_response(data, 200)
response.headers.extend(headers)
return response
@ -255,7 +275,8 @@ def get_image_ancestry(namespace, repository, image_id, headers):
data = store.get_content(store.image_ancestry_path(namespace, repository,
image_id))
except IOError:
abort(404) # 'Image not found', 404)
abort(404, 'Image %(image_id)s not found', issue='unknown-image', image_id=image_id)
response = make_response(json.dumps(json.loads(data)), 200)
response.headers.extend(headers)
return response
@ -280,6 +301,7 @@ def store_checksum(namespace, repository, image_id, checksum):
checksum_parts = checksum.split(':')
if len(checksum_parts) != 2:
return 'Invalid checksum format'
# We store the checksum
checksum_path = store.image_checksum_path(namespace, repository, image_id)
store.put_content(checksum_path, checksum)
@ -298,36 +320,39 @@ def put_image_json(namespace, repository, image_id):
except json.JSONDecodeError:
pass
if not data or not isinstance(data, dict):
logger.warning('Invalid JSON for image: %s json: %s', image_id,
request.data)
abort(400) # 'Invalid JSON')
abort(400, 'Invalid JSON for image: %(image_id)s\nJSON: %(json)s',
issue='invalid-request', image_id=image_id, json=request.data)
if 'id' not in data:
logger.warning('Missing key `id\' in JSON for image: %s', image_id)
abort(400) # 'Missing key `id\' in JSON')
abort(400, 'Missing key `id` in JSON for image: %(image_id)s',
issue='invalid-request', image_id=image_id)
# Read the checksum
checksum = request.headers.get('X-Docker-Checksum')
if checksum:
# Storing the checksum is optional at this stage
err = store_checksum(namespace, repository, image_id, checksum)
if err:
abort(err)
abort(400, err, issue='write-error')
else:
# We cleanup any old checksum in case it's a retry after a fail
store.remove(store.image_checksum_path(namespace, repository, image_id))
if image_id != data['id']:
logger.warning('JSON data contains invalid id for image: %s', image_id)
abort(400) # 'JSON data contains invalid id')
abort(400, 'JSON data contains invalid id for image: %(image_id)s',
issue='invalid-request', image_id=image_id)
parent_id = data.get('parent')
if parent_id and not store.exists(store.image_json_path(namespace,
repository,
data['parent'])):
logger.warning('Image depends on a non existing parent image: %s',
image_id)
abort(400) # 'Image depends on a non existing parent')
if (parent_id and not
store.exists(store.image_json_path(namespace, repository, parent_id))):
abort(400, 'Image %(image_id)s depends on non existing parent image %(parent_id)s',
issue='invalid-request', image_id=image_id, parent_id=parent_id)
json_path = store.image_json_path(namespace, repository, image_id)
mark_path = store.image_mark_path(namespace, repository, image_id)
if store.exists(json_path) and not store.exists(mark_path):
abort(409) # 'Image already exists', 409)
abort(409, 'Image already exists', issue='image-exists', image_id=image_id)
# If we reach that point, it means that this is a new image or a retry
# on a failed push
# save the metadata

9
endpoints/web.py
View file

@ -248,7 +248,7 @@ def github_oauth_callback():
return render_page_template('githuberror.html', error_message=ex.message)
if common_login(to_login):
return redirect(url_for('index'))
return redirect(url_for('web.index'))
return render_page_template('githuberror.html')
@ -261,7 +261,7 @@ def github_oauth_attach():
github_id = user_data['id']
user_obj = current_user.db_user()
model.attach_federated_login(user_obj, 'github', github_id)
return redirect(url_for('user'))
return redirect(url_for('web.user'))
@web.route('/confirm', methods=['GET'])
@ -277,7 +277,8 @@ def confirm_email():
common_login(user)
return redirect(url_for('user', tab='email') if new_email else url_for('index'))
return redirect(url_for('web.user', tab='email')
if new_email else url_for('web.index'))
@web.route('/recovery', methods=['GET'])
@ -287,6 +288,6 @@ def confirm_recovery():
if user:
common_login(user)
return redirect(url_for('user'))
return redirect(url_for('web.user'))
else:
abort(403)