vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Make query params only read from query params, not JSON as well

Browse source
This commit is contained in:
Joseph Schorr 2014-10-03 15:05:34 -04:00
parent ec42303750
commit e0993b26af
4 changed files with 13 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
endpoints/api/__init__.py
View file

@ -27,8 +27,8 @@ api_bp = Blueprint('api', __name__)
api = Api() api = Api()
api.init_app(api_bp) api.init_app(api_bp)
api.decorators = [csrf_protect, api.decorators = [csrf_protect,
process_oauth, crossdomain(origin='*', headers=['Authorization', 'Content-Type']),
crossdomain(origin='*', headers=['Authorization', 'Content-Type'])] process_oauth]
class ApiException(Exception): class ApiException(Exception):
@ -90,6 +90,7 @@ def handle_api_error(error):
if error.error_type is not None: if error.error_type is not None:
response.headers['WWW-Authenticate'] = ('Bearer error="%s" error_description="%s"' % response.headers['WWW-Authenticate'] = ('Bearer error="%s" error_description="%s"' %
(error.error_type, error.error_description)) (error.error_type, error.error_description))
return response return response
@ -191,6 +192,7 @@ def query_param(name, help_str, type=reqparse.text_type, default=None,
'default': default, 'default': default,
'choices': choices, 'choices': choices,
'required': required, 'required': required,
'location': ('args')
}) })
return func return func
return add_param return add_param

11
endpoints/api/user.py
View file

@ -120,6 +120,10 @@ class User(ApiResource):
'type': 'string', 'type': 'string',
'description': 'The user\'s email address', 'description': 'The user\'s email address',
}, },
'invite_code': {
'type': 'string',
'description': 'The optional invite code'
}
} }
}, },
'UpdateUser': { 'UpdateUser': {
@ -197,15 +201,12 @@ class User(ApiResource):
@show_if(features.USER_CREATION) @show_if(features.USER_CREATION)
@nickname('createNewUser') @nickname('createNewUser')
@parse_args
@query_param('inviteCode', 'Invitation code given for creating the user.', type=str,
default='')
@internal_only @internal_only
@validate_json_request('NewUser') @validate_json_request('NewUser')
def post(self, args): def post(self):
""" Create a new user. """ """ Create a new user. """
user_data = request.get_json() user_data = request.get_json()
invite_code = args['inviteCode'] invite_code = user_data.get('invite_code', '')
existing_user = model.get_user(user_data['username']) existing_user = model.get_user(user_data['username'])
if existing_user: if existing_user:

2
static/js/app.js
View file

@ -2813,7 +2813,7 @@ quayApp.directive('signupForm', function () {
$scope.registering = true; $scope.registering = true;
if ($scope.inviteCode) { if ($scope.inviteCode) {
$scope.newUser['inviteCode'] = $scope.inviteCode; $scope.newUser['invite_code'] = $scope.inviteCode;
} }
ApiService.createNewUser($scope.newUser).then(function(resp) { ApiService.createNewUser($scope.newUser).then(function(resp) {

4
test/test_api_usage.py
View file

@ -173,7 +173,7 @@ class ApiTestCase(unittest.TestCase):
if memberData['name'] == membername: if memberData['name'] == membername:
return return
self.fail(membername + ' not found in team: ' + json.dumps(data)) self.fail(membername + ' not found in team: ' + py_json.dumps(data))
def login(self, username, password='password'): def login(self, username, password='password'):
return self.postJsonResponse(Signin, data=dict(username=username, password=password)) return self.postJsonResponse(Signin, data=dict(username=username, password=password))
@ -405,7 +405,7 @@ class TestCreateNewUser(ApiTestCase):
invite = model.add_or_invite_to_team(inviter, team, None, 'foo@example.com') invite = model.add_or_invite_to_team(inviter, team, None, 'foo@example.com')
details = { details = {
'inviteCode': invite.invite_token 'invite_code': invite.invite_token
} }
details.update(NEW_USER_DETAILS); details.update(NEW_USER_DETAILS);