Add scope ordinality and translations. Process oauth tokens and limit scopes accordingly.

2014-03-12 16:31:37 -04:00 · 2014-03-12 16:31:37 -04:00 · e74eb3ee87
commit e74eb3ee87
parent 25ceb90fc6
8 changed files with 137 additions and 31 deletions
--- a/endpoints/api/init.py
+++ b/endpoints/api/init.py
@ -20,7 +20,7 @@ from auth import scopes
 logger = logging.getLogger(__name__)
 api_bp = Blueprint('api', __name__)
 api = Api(api_bp)
-api.decorators = [crossdomain(origin='*')]
+api.decorators = [crossdomain(origin='*', headers=['Authorization'])]


 def resource(*urls, **kwargs):
@ -97,7 +97,12 @@ def parse_repository_name(func):
  return wrapper


-class RepositoryParamResource(Resource):
+class ApiResource(Resource):
+  def options(self):
+    return None, 200
+
+
+class RepositoryParamResource(ApiResource):
  method_decorators = [parse_repository_name]


--- a/endpoints/api/discovery.py
+++ b/endpoints/api/discovery.py
@ -1,9 +1,9 @@
 import re
 import logging

-from flask.ext.restful import Resource, reqparse
+from flask.ext.restful import reqparse

-from endpoints.api import resource, method_metadata, nickname, truthy_bool
+from endpoints.api import ApiResource, resource, method_metadata, nickname, truthy_bool
 from app import app
 from auth import scopes

@ -131,7 +131,7 @@ def swagger_route_data():
  return swagger_data

@resource('/v1/discovery')
-class DiscoveryResource(Resource):
+class DiscoveryResource(ApiResource):
  """Ability to inspect the API for usage information and documentation."""
  @nickname('discovery')
  def get(self):
--- a/endpoints/api/repository.py
+++ b/endpoints/api/repository.py
@ -1,22 +1,24 @@
 import logging
 import json

-from flask.ext.restful import Resource, reqparse, abort
+from flask import current_app
+from flask.ext.restful import reqparse, abort
 from flask.ext.login import current_user

 from data import model
 from endpoints.api import (truthy_bool, format_date, nickname, log_action, validate_json_request,
                           require_repo_read, RepositoryParamResource, resource, query_param,
-                           parse_args)
+                           parse_args, ApiResource)
 from auth.permissions import (ReadRepositoryPermission, ModifyRepositoryPermission,
                              AdministerRepositoryPermission)
+from auth.auth import process_auth


 logger = logging.getLogger(__name__)


@resource('/v1/repository')
-class RepositoryList(Resource):
+class RepositoryList(ApiResource):
  """Operations for creating and listing repositories."""
  schemas = {
    'NewRepo': {
@ -146,6 +148,7 @@ def image_view(image):
@resource('/v1/repository/<path:repository>')
 class Repository(RepositoryParamResource):
  """Operations for managing a specific repository."""
+  @process_auth
  @require_repo_read
  @nickname('getRepo')
  def get(self, namespace, repository):