Fix Docker Auth and our V2 registry paths to support library (i.e. namespace-less) repositories.
This support is placed behind a feature flag.
This commit is contained in:
parent
06b0f756bd
commit
e4ffaff869
37 changed files with 270 additions and 148 deletions
|
@ -9,12 +9,13 @@ from data import model
|
|||
from app import app, authentication, userevents, storage
|
||||
from auth.auth import process_auth, generate_signed_token
|
||||
from auth.auth_context import get_authenticated_user, get_validated_token, get_validated_oauth_token
|
||||
from util.names import parse_repository_name, REPOSITORY_NAME_REGEX
|
||||
from util.names import REPOSITORY_NAME_REGEX
|
||||
from auth.permissions import (ModifyRepositoryPermission, UserAdminPermission,
|
||||
ReadRepositoryPermission, CreateRepositoryPermission,
|
||||
repository_read_grant, repository_write_grant)
|
||||
|
||||
from util.http import abort
|
||||
from endpoints.common import parse_repository_name
|
||||
from endpoints.v1 import v1_bp
|
||||
from endpoints.trackhelper import track_and_log
|
||||
from endpoints.notificationhelper import spawn_notification
|
||||
|
@ -167,7 +168,7 @@ def update_user(username):
|
|||
abort(403)
|
||||
|
||||
|
||||
@v1_bp.route('/repositories/<path:repository>', methods=['PUT'])
|
||||
@v1_bp.route('/repositories/<repopath:repository>', methods=['PUT'])
|
||||
@process_auth
|
||||
@parse_repository_name
|
||||
@generate_headers(scope=GrantType.WRITE_REPOSITORY, add_grant_for_status=201)
|
||||
|
@ -221,7 +222,7 @@ def create_repository(namespace, repository):
|
|||
return make_response('Created', 201)
|
||||
|
||||
|
||||
@v1_bp.route('/repositories/<path:repository>/images', methods=['PUT'])
|
||||
@v1_bp.route('/repositories/<repopath:repository>/images', methods=['PUT'])
|
||||
@process_auth
|
||||
@parse_repository_name
|
||||
@generate_headers(scope=GrantType.WRITE_REPOSITORY)
|
||||
|
@ -251,7 +252,7 @@ def update_images(namespace, repository):
|
|||
abort(403)
|
||||
|
||||
|
||||
@v1_bp.route('/repositories/<path:repository>/images', methods=['GET'])
|
||||
@v1_bp.route('/repositories/<repopath:repository>/images', methods=['GET'])
|
||||
@process_auth
|
||||
@parse_repository_name
|
||||
@generate_headers(scope=GrantType.READ_REPOSITORY)
|
||||
|
@ -277,7 +278,7 @@ def get_repository_images(namespace, repository):
|
|||
abort(403)
|
||||
|
||||
|
||||
@v1_bp.route('/repositories/<path:repository>/images', methods=['DELETE'])
|
||||
@v1_bp.route('/repositories/<repopath:repository>/images', methods=['DELETE'])
|
||||
@process_auth
|
||||
@parse_repository_name
|
||||
@generate_headers(scope=GrantType.WRITE_REPOSITORY)
|
||||
|
@ -286,7 +287,7 @@ def delete_repository_images(namespace, repository):
|
|||
abort(501, 'Not Implemented', issue='not-implemented')
|
||||
|
||||
|
||||
@v1_bp.route('/repositories/<path:repository>/auth', methods=['PUT'])
|
||||
@v1_bp.route('/repositories/<repopath:repository>/auth', methods=['PUT'])
|
||||
@parse_repository_name
|
||||
@anon_allowed
|
||||
def put_repository_auth(namespace, repository):
|
||||
|
|
|
@ -5,11 +5,12 @@ import json
|
|||
from flask import abort, request, jsonify, make_response, session
|
||||
|
||||
from app import app
|
||||
from util.names import TAG_ERROR, TAG_REGEX, parse_repository_name
|
||||
from util.names import TAG_ERROR, TAG_REGEX
|
||||
from auth.auth import process_auth
|
||||
from auth.permissions import (ReadRepositoryPermission,
|
||||
ModifyRepositoryPermission)
|
||||
from data import model
|
||||
from endpoints.common import parse_repository_name
|
||||
from endpoints.decorators import anon_protect
|
||||
from endpoints.v1 import v1_bp
|
||||
from endpoints.trackhelper import track_and_log
|
||||
|
@ -18,7 +19,7 @@ from endpoints.trackhelper import track_and_log
|
|||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
@v1_bp.route('/repositories/<path:repository>/tags', methods=['GET'])
|
||||
@v1_bp.route('/repositories/<repopath:repository>/tags', methods=['GET'])
|
||||
@process_auth
|
||||
@anon_protect
|
||||
@parse_repository_name
|
||||
|
@ -33,7 +34,7 @@ def get_tags(namespace, repository):
|
|||
abort(403)
|
||||
|
||||
|
||||
@v1_bp.route('/repositories/<path:repository>/tags/<tag>', methods=['GET'])
|
||||
@v1_bp.route('/repositories/<repopath:repository>/tags/<tag>', methods=['GET'])
|
||||
@process_auth
|
||||
@anon_protect
|
||||
@parse_repository_name
|
||||
|
@ -53,7 +54,7 @@ def get_tag(namespace, repository, tag):
|
|||
abort(403)
|
||||
|
||||
|
||||
@v1_bp.route('/repositories/<path:repository>/tags/<tag>', methods=['PUT'])
|
||||
@v1_bp.route('/repositories/<repopath:repository>/tags/<tag>', methods=['PUT'])
|
||||
@process_auth
|
||||
@anon_protect
|
||||
@parse_repository_name
|
||||
|
@ -78,7 +79,7 @@ def put_tag(namespace, repository, tag):
|
|||
abort(403)
|
||||
|
||||
|
||||
@v1_bp.route('/repositories/<path:repository>/tags/<tag>', methods=['DELETE'])
|
||||
@v1_bp.route('/repositories/<repopath:repository>/tags/<tag>', methods=['DELETE'])
|
||||
@process_auth
|
||||
@anon_protect
|
||||
@parse_repository_name
|
||||
|
|
Reference in a new issue