vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Port over tokens.

Browse source
This commit is contained in:
jakedt 2014-03-14 13:24:01 -04:00
parent 3d4ece31f3
commit cd276773ff
4 changed files with 147 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
endpoints/api/__init__.py
View file

@ -173,13 +173,14 @@ def log_action(kind, user_or_orgname, metadata={}, repo=None):
import endpoints.api.legacy import endpoints.api.legacy
import endpoints.api.repository
import endpoints.api.discovery
import endpoints.api.user
import endpoints.api.search
import endpoints.api.build import endpoints.api.build
import endpoints.api.webhook import endpoints.api.discovery
import endpoints.api.trigger
import endpoints.api.image import endpoints.api.image
import endpoints.api.tag
import endpoints.api.permission import endpoints.api.permission
import endpoints.api.repository
import endpoints.api.repotoken
import endpoints.api.search
import endpoints.api.tag
import endpoints.api.trigger
import endpoints.api.user
import endpoints.api.webhook

5
endpoints/api/legacy.py
View file

@ -1967,6 +1967,7 @@ def token_view(token_obj):
} }
# Ported
@api_bp.route('/repository/<path:repository>/tokens/', methods=['GET']) @api_bp.route('/repository/<path:repository>/tokens/', methods=['GET'])
@api_login_required @api_login_required
@parse_repository_name @parse_repository_name
@ -1982,6 +1983,7 @@ def list_repo_tokens(namespace, repository):
abort(403) # Permission denied abort(403) # Permission denied
# Ported
@api_bp.route('/repository/<path:repository>/tokens/<code>', methods=['GET']) @api_bp.route('/repository/<path:repository>/tokens/<code>', methods=['GET'])
@api_login_required @api_login_required
@parse_repository_name @parse_repository_name
@ -1998,6 +2000,7 @@ def get_tokens(namespace, repository, code):
abort(403) # Permission denied abort(403) # Permission denied
# Ported
@api_bp.route('/repository/<path:repository>/tokens/', methods=['POST']) @api_bp.route('/repository/<path:repository>/tokens/', methods=['POST'])
@api_login_required @api_login_required
@parse_repository_name @parse_repository_name
@ -2020,6 +2023,7 @@ def create_token(namespace, repository):
abort(403) # Permission denied abort(403) # Permission denied
# Ported
@api_bp.route('/repository/<path:repository>/tokens/<code>', methods=['PUT']) @api_bp.route('/repository/<path:repository>/tokens/<code>', methods=['PUT'])
@api_login_required @api_login_required
@parse_repository_name @parse_repository_name
@ -2045,6 +2049,7 @@ def change_token(namespace, repository, code):
abort(403) # Permission denied abort(403) # Permission denied
# Ported
@api_bp.route('/repository/<path:repository>/tokens/<code>', @api_bp.route('/repository/<path:repository>/tokens/<code>',
methods=['DELETE']) methods=['DELETE'])
@api_login_required @api_login_required

6
endpoints/api/permission.py
View file

@ -92,7 +92,7 @@ class RepositoryUserPermission(RepositoryParamResource):
'properties': { 'properties': {
'role': { 'role': {
'type': 'string', 'type': 'string',
'description': 'Visibility which the repository will start with', 'description': 'Role to use for the user',
'enum': [ 'enum': [
'read', 'read',
'write', 'write',
@ -176,12 +176,12 @@ class RepositoryTeamPermission(RepositoryParamResource):
'TeamPermission': { 'TeamPermission': {
'id': 'TeamPermission', 'id': 'TeamPermission',
'type': 'object', 'type': 'object',
'description': 'Description of a user permission.', 'description': 'Description of a team permission.',
'required': True, 'required': True,
'properties': { 'properties': {
'role': { 'role': {
'type': 'string', 'type': 'string',
'description': 'Visibility which the repository will start with', 'description': 'Role to use for the team',
'enum': [ 'enum': [
'read', 'read',
'write', 'write',

131
endpoints/api/repotoken.py Normal file
View file

@ -0,0 +1,131 @@
import logging
from flask import request
from flask.ext.restful import abort
from endpoints.api import (resource, nickname, require_repo_admin, RepositoryParamResource,
log_action, validate_json_request)
from data import model
logger = logging.getLogger(__name__)
def token_view(token_obj):
return {
'friendlyName': token_obj.friendly_name,
'code': token_obj.code,
'role': token_obj.role.name,
}
@resource('/v1/repository/<path:repository>/tokens/')
class RepositoryTokenList(RepositoryParamResource):
""" Resource for creating and listing repository tokens. """
schemas = {
'NewToken': {
'id': 'NewToken',
'type': 'object',
'description': 'Description of a new token.',
'required': True,
'properties': {
'friendlyName': {
'type': 'string',
'description': 'Friendly name to help identify the token.',
'required': True,
},
},
},
}
@require_repo_admin
@nickname('listRepoTokens')
def get(self, namespace, repository):
""" List the tokens for the specified repository. """
tokens = model.get_repository_delegate_tokens(namespace, repository)
return {
'tokens': {token.code: token_view(token) for token in tokens}
}
@require_repo_admin
@nickname('createToken')
@validate_json_request('NewToken')
def post(self, namespace, repository):
""" Create a new repository token. """
token_params = request.get_json()
token = model.create_delegate_token(namespace, repository,
token_params['friendlyName'])
log_action('add_repo_accesstoken', namespace,
{'repo': repository, 'token': token_params['friendlyName']},
repo = model.get_repository(namespace, repository))
return token_view(token), 201
@resource('/v1/repository/<path:repository>/tokens/<code>')
class RepositoryToken(RepositoryParamResource):
""" Resource for managing individual tokens. """
schemas = {
'TokenPermission': {
'id': 'TokenPermission',
'type': 'object',
'description': 'Description of a token permission.',
'required': True,
'properties': {
'role': {
'type': 'string',
'description': 'Role to use for the token',
'enum': [
'read',
'write',
'admin',
],
'required': True,
},
},
},
}
@require_repo_admin
@nickname('getTokens')
def get(self, namespace, repository, code):
""" Fetch the specified token information. """
try:
perm = model.get_repo_delegate_token(namespace, repository, code)
except model.InvalidTokenException:
abort(404)
return token_view(perm)
@require_repo_admin
@nickname('changeToken')
@validate_json_request('TokenPermission')
def put(self, namespace, repository, code):
new_permission = request.get_json()
logger.debug('Setting permission to: %s for code %s' %
(new_permission['role'], code))
token = model.set_repo_delegate_token_role(namespace, repository, code,
new_permission['role'])
log_action('change_repo_permission', namespace,
{'repo': repository, 'token': token.friendly_name, 'code': code,
'role': new_permission['role']},
repo = model.get_repository(namespace, repository))
return token_view(token)
@require_repo_admin
@nickname('deleteToken')
def delete(self, namespace, repository, code):
token = model.delete_delegate_token(namespace, repository, code)
log_action('delete_repo_accesstoken', namespace,
{'repo': repository, 'token': token.friendly_name,
'code': code},
repo = model.get_repository(namespace, repository))
return 'Deleted', 204