Add the ability to login with a robot, use the wrench icon for robots all over the place.

This commit is contained in:
yackob03 2013-11-20 19:43:19 -05:00
parent b407c1d9fb
commit e69591c7d6
8 changed files with 46 additions and 15 deletions

View file

@ -48,6 +48,20 @@ def process_basic_auth(auth):
except model.DataModelException: except model.DataModelException:
logger.debug('Invalid token: %s' % credentials[1]) logger.debug('Invalid token: %s' % credentials[1])
elif '+' in credentials[0]:
logger.debug('Trying robot auth with credentials %s' % str(credentials))
# Use as robot auth
try:
robot = model.verify_robot(credentials[0], credentials[1])
logger.debug('Successfully validated robot: %s' % credentials[0])
ctx = _request_ctx_stack.top
ctx.authenticated_user = robot
identity_changed.send(app, identity=Identity(robot.username, 'username'))
return
except model.InvalidRobotException:
logger.debug('Invalid robot or password for robot: %s' % credentials[0])
else: else:
authenticated = model.verify_user(credentials[0], credentials[1]) authenticated = model.verify_user(credentials[0], credentials[1])

View file

@ -627,7 +627,7 @@ def get_all_repo_teams(namespace_name, repository_name):
def get_all_repo_users(namespace_name, repository_name): def get_all_repo_users(namespace_name, repository_name):
select = RepositoryPermission.select(User.username, Role.name, select = RepositoryPermission.select(User.username, User.robot, Role.name,
RepositoryPermission) RepositoryPermission)
with_user = select.join(User) with_user = select.join(User)
with_role = with_user.switch(RepositoryPermission).join(Role) with_role = with_user.switch(RepositoryPermission).join(Role)

View file

@ -292,7 +292,8 @@ def get_matching_entities(prefix):
def user_view(user): def user_view(user):
user_json = { user_json = {
'name': user.username, 'name': user.username,
'kind': 'robot' if user.is_robot else 'user', 'kind': 'user',
'is_robot': user.is_robot,
} }
if user.is_org_member is not None: if user.is_org_member is not None:
@ -455,7 +456,8 @@ def get_organization_private_allowed(orgname):
def member_view(member): def member_view(member):
return { return {
'username': member.username 'username': member.username,
'is_robot': member.robot,
} }
@ -917,6 +919,11 @@ def role_view(repo_perm_obj):
} }
def wrap_role_view_user(role_json, user):
role_json['is_robot'] = user.robot
return role_json
def wrap_role_view_org(role_json, org_member): def wrap_role_view_org(role_json, org_member):
role_json['is_org_member'] = org_member role_json['is_org_member'] = org_member
return role_json return role_json
@ -1033,7 +1040,7 @@ def list_repo_user_permissions(namespace, repository):
model.get_organization(namespace) # Will raise an error if not org model.get_organization(namespace) # Will raise an error if not org
org_members = model.get_organization_member_set(namespace) org_members = model.get_organization_member_set(namespace)
def wrapped_role_view(repo_perm): def wrapped_role_view(repo_perm):
unwrapped = role_view(repo_perm) unwrapped = wrap_role_view_user(role_view(repo_perm), repo_perm.user)
return wrap_role_view_org(unwrapped, return wrap_role_view_org(unwrapped,
repo_perm.user.username in org_members) repo_perm.user.username in org_members)
@ -1062,7 +1069,7 @@ def get_user_permissions(namespace, repository, username):
permission = AdministerRepositoryPermission(namespace, repository) permission = AdministerRepositoryPermission(namespace, repository)
if permission.can(): if permission.can():
perm = model.get_user_reponame_permission(username, namespace, repository) perm = model.get_user_reponame_permission(username, namespace, repository)
perm_view = role_view(perm) perm_view = wrap_role_view_user(role_view(perm), perm.user)
try: try:
model.get_organization(namespace) model.get_organization(namespace)
@ -1107,7 +1114,7 @@ def change_user_permissions(namespace, repository, username):
perm = model.set_user_repo_permission(username, namespace, repository, perm = model.set_user_repo_permission(username, namespace, repository,
new_permission['role']) new_permission['role'])
perm_view = role_view(perm) perm_view = wrap_role_view_user(role_view(perm), perm.user)
try: try:
model.get_organization(namespace) model.get_organization(namespace)

View file

@ -62,6 +62,13 @@ def create_user():
except model.InvalidTokenException: except model.InvalidTokenException:
abort(401) abort(401)
elif '+' in username:
try:
model.verify_robot(username, password)
return make_response('Verified', 201)
except model.InvalidRobotException:
abort(401)
existing_user = model.get_user(username) existing_user = model.get_user(username)
if existing_user: if existing_user:
verified = model.verify_user(username, password) verified = model.verify_user(username, password)

View file

@ -643,8 +643,10 @@ quayApp.directive('entitySearch', function () {
}, },
template: function (datum) { template: function (datum) {
template = '<div class="entity-mini-listing">'; template = '<div class="entity-mini-listing">';
if (datum.entity.kind == 'user') { if (datum.entity.kind == 'user' && !datum.entity.is_robot) {
template += '<i class="fa fa-user fa-lg"></i>'; template += '<i class="fa fa-user fa-lg"></i>';
} else if (datum.entity.kind == 'user' && datum.entity.is_robot) {
template += '<i class="fa fa-wrench fa-lg"></i>';
} else if (datum.entity.kind == 'team') { } else if (datum.entity.kind == 'team') {
template += '<i class="fa fa-group fa-lg"></i>'; template += '<i class="fa fa-group fa-lg"></i>';
} }

View file

@ -527,7 +527,7 @@ function RepoAdminCtrl($scope, Restangular, $routeParams, $rootScope) {
// Need the $scope.apply for both the permission stuff to change and for // Need the $scope.apply for both the permission stuff to change and for
// the XHR call to be made. // the XHR call to be made.
$scope.$apply(function() { $scope.$apply(function() {
$scope.addRole(entity.name, 'read', entity.kind, entity.is_org_member) $scope.addRole(entity.name, 'read', entity.kind);
}); });
}; };
@ -545,15 +545,14 @@ function RepoAdminCtrl($scope, Restangular, $routeParams, $rootScope) {
}); });
}; };
$scope.addRole = function(entityName, role, kind, is_org_member) { $scope.addRole = function(entityName, role, kind) {
var permission = { var permission = {
'role': role, 'role': role,
'is_org_member': is_org_member
}; };
var permissionPost = Restangular.one(getRestUrl('repository', namespace, name, 'permissions', kind, entityName)); var permissionPost = Restangular.one(getRestUrl('repository', namespace, name, 'permissions', kind, entityName));
permissionPost.customPOST(permission).then(function() { permissionPost.customPOST(permission).then(function(result) {
$scope.permissions[kind][entityName] = permission; $scope.permissions[kind][entityName] = result;
}, function(result) { }, function(result) {
$('#cannotchangeModal').modal({}); $('#cannotchangeModal').modal({});
}); });

View file

@ -72,7 +72,8 @@
<!-- User Permissions --> <!-- User Permissions -->
<tr ng-repeat="(name, permission) in permissions['user']"> <tr ng-repeat="(name, permission) in permissions['user']">
<td class="{{ 'user entity ' + (permission.is_org_member ? '' : 'outside') }}"> <td class="{{ 'user entity ' + (permission.is_org_member ? '' : 'outside') }}">
<i class="fa fa-user"></i> <i class="fa fa-user" ng-show="!permission.is_robot"></i>
<i class="fa fa-wrench" ng-show="permission.is_robot"></i>
<span>{{name}}</span> <span>{{name}}</span>
<i class="fa fa-exclamation-triangle" ng-show="permission.is_org_member === false" data-trigger="hover" bs-popover="{'content': 'This user is not a member of the organization'}"></i> <i class="fa fa-exclamation-triangle" ng-show="permission.is_org_member === false" data-trigger="hover" bs-popover="{'content': 'This user is not a member of the organization'}"></i>
</td> </td>

View file

@ -20,7 +20,8 @@
<table class="permissions"> <table class="permissions">
<tr ng-repeat="(name, member) in members"> <tr ng-repeat="(name, member) in members">
<td class="user entity"> <td class="user entity">
<i class="fa fa-user"></i> <i class="fa fa-user" ng-show="!member.is_robot"></i>
<i class="fa fa-wrench" ng-show="member.is_robot"></i>
<span>{{ member.username }}</span> <span>{{ member.username }}</span>
</td> </td>
<td> <td>