Commit graph

184 commits

Author SHA1 Message Date
Joseph Schorr
1e7e012b92 Add a requirement for the current password to change the user's password or email address 2014-09-03 15:41:25 -04:00
Jake Moshenko
2dcdd7ba5b Add exponential backoff of login attempts. 2014-09-02 15:27:05 -04:00
Joseph Schorr
3b72b26836 Merge branch 'master' into comewithmeifyouwanttowork 2014-08-28 20:50:13 -04:00
Joseph Schorr
ae92098b23 Add invite by email (WIP) 2014-08-28 20:49:11 -04:00
Joseph Schorr
7ca853adee Rename the method so it doesn't shadow the model method. 2014-08-28 18:53:04 -04:00
Joseph Schorr
6f1a4030b6 Add response schema validation (only when in TESTING mode) and add one schema. More will be added in a followup CL 2014-08-27 20:57:46 -04:00
Joseph Schorr
d76d4704a0 Add pagination to the notifications API and make the UI only show a maximum of 5 notifications (beyond that, it shows "5+"). 2014-08-26 15:19:39 -04:00
Joseph Schorr
a129aac94b Add ability to regenerate robot account credentials 2014-08-25 17:19:23 -04:00
Joseph Schorr
99d75bede7 Handle error cases better for external services 2014-08-25 15:30:29 -04:00
Joseph Schorr
d2880807b2 - Further fixes for license stuff
- Small fixes to ensure Quay works for Postgres
2014-08-21 19:21:20 -04:00
Joseph Schorr
4fd249589d Add scopes to many org admin methods and remove the internal_only on ones we can now expose 2014-08-19 19:21:41 -04:00
Joseph Schorr
53fb7f4136 Add documentation for all path parameters 2014-08-19 19:05:28 -04:00
Joseph Schorr
02d3b70013 Make sure to search teams as well when determining the robots which have access to a private repo 2014-08-18 19:19:01 -04:00
Joseph Schorr
43b6695f9c Get team invite confirmation working and fully tested 2014-08-18 17:24:00 -04:00
Joseph Schorr
7d7cca39cc New team view interface 2014-08-15 20:51:31 -04:00
Joseph Schorr
56d7a3524d Work in progress: Require invite acceptance to join an org 2014-08-15 17:47:43 -04:00
Joseph Schorr
e7daca5d95 Add better messaging and UI around repos and images that are currently being pushed 2014-08-13 17:54:15 -04:00
Joseph Schorr
11176215e1 Commit new DB changes and make sure the metadata is always present in some form 2014-08-11 18:35:26 -04:00
Joseph Schorr
389c88a7c4 Update federated login to store metadata and have the UI pull the information from the metadata 2014-08-11 18:25:01 -04:00
Joseph Schorr
e0bb94e439 Add path param description support 2014-08-06 17:47:32 -04:00
Jake Moshenko
02e47ed572 Begin the work to allow robots and teams to be managed via API. 2014-08-05 20:53:00 -04:00
Joseph Schorr
49801bc2c4 - Add web hook queue code back in. We'll remove it and turn it off after this CL goes to prod
- Make notification lookup always be by repo and its UUID, rather than the internal DB ID
- Add the init script for the notification worker
2014-07-31 13:30:54 -04:00
Joseph Schorr
7de1dd7dc0 Merge branch 'master' into redalert 2014-07-28 18:35:39 -04:00
Joseph Schorr
32b2ecdfa6 Add ability to dismiss notifications 2014-07-28 18:23:46 -04:00
Joseph Schorr
34fc279092 Add e-mail authorization to the repository notification flow. Also validates the creation of the other notification methods. 2014-07-28 14:58:12 -04:00
Jake Moshenko
268c28649a The previous order of removing triggers and their push keys violated a DB constraint. 2014-07-25 13:46:22 -04:00
Joseph Schorr
54ee94754e - Add support for orgs in the entity search and the notification system
- Fix the titles/names of the different notification types
- Fix the styling of the options buttons on the notifications
2014-07-22 13:39:41 -04:00
Joseph Schorr
591cd020b8 Merge branch 'master' into redalert 2014-07-18 15:58:56 -04:00
Jake Moshenko
70a35ab421 Some uninitialized build triggers may not yet have a write token. 2014-07-18 15:05:39 -04:00
Jake Moshenko
8a2c88488a Filter tokens with an associated build trigger from the list API. Delete associated tokens when deleting a trigger. 2014-07-18 14:56:26 -04:00
Jake Moshenko
3d852aa9d3 tiny style fixes 2014-07-18 14:55:55 -04:00
Joseph Schorr
8d7493cb86 Convert over to notifications system. Note this is incomplete 2014-07-17 22:51:58 -04:00
Joseph Schorr
a45054bf2e Change tag_view to avoid a DB lookup and only return the tag's image ID. We map the ID in the frontend based on the image data returned 2014-07-17 15:16:22 -04:00
Joseph Schorr
de8e898ad0 Add UI for managing repo notifications 2014-07-17 13:32:39 -04:00
Joseph Schorr
a84fe0681a Start on data model changes and API changes for the new repository notification system 2014-07-16 16:30:47 -04:00
Joseph Schorr
b0c4f5b2f5 - Fix tests to not hit remote Redis endpoint
- Fix convert organization to allow admin email address, in addition to username
- Add test for the above
2014-07-08 18:19:13 -04:00
Jake Moshenko
684c26bc1a Populate image storage objects with locations everywhere. 2014-06-27 20:04:26 -04:00
Joseph Schorr
ee0d483efd Fix "Run Build Again" to send the tags to which we should push. 2014-06-26 19:55:16 -04:00
Joseph Schorr
76165b5d2b Add API and UI support for displaying image locations 2014-06-24 18:48:42 -04:00
Jake Moshenko
bf98575feb Add the basics of geographic data distribution and get the tests to work. 2014-06-17 16:03:43 -04:00
Jake Moshenko
78c5aec5b9 Switch the checksums to use the registry computed value, remove all assumptions of namespaced paths for legacy storage, fix an upload race condition in the registry code. 2014-06-11 15:37:45 -04:00
Jake Moshenko
8e6328a5f0 Merge branch 'driversed' of ssh://bitbucket.org/yackob03/quay into driversed 2014-05-29 11:24:44 -04:00
Jake Moshenko
0683f2657e Rename the email util to not conflict with a builtin library. 2014-05-28 18:22:48 -04:00
Joseph Schorr
69be86be97 Add extra seat check in the user API call and turn off user->org conversion when authentication is LDAP 2014-05-28 15:53:53 -04:00
Joseph Schorr
205362bc7b Add UI for handling the case when an enterprise has reached its maximum seat count 2014-05-28 15:22:36 -04:00
Jake Moshenko
decefbf168 Switch the seat count for the superuser API to the real value from the license. 2014-05-28 13:54:02 -04:00
Joseph Schorr
a9a8105fbc Add credit card expiration date to the billing info screen 2014-05-22 16:52:51 -04:00
Jake Moshenko
11c6c5fa52 Merge remote-tracking branch 'origin/master' into ldapper
Conflicts:
	app.py
2014-05-13 16:55:02 -04:00
Jake Moshenko
bcb993a914 Set up the build logs to use our fake build logs on test and local. 2014-05-09 18:45:11 -04:00
Jake Moshenko
027ada1f5c First stab at LDAP integration. 2014-05-09 17:39:43 -04:00
Joseph Schorr
8f66c39ff5 Use the customer information, not an existing subscription, to determine whether the button should say "Start Free Trial" or "Subscribe" 2014-04-23 01:17:34 -04:00
Joseph Schorr
a5c2fc7185 Add a display alert that shows when the trial period ends (if applicable). Also change the name of the Subscribe buttons to "Start Trial" when no existing subscription is found 2014-04-23 01:10:31 -04:00
jakedt
3f42d15335 Merge remote-tracking branch 'origin/master' into tagyourit
Conflicts:
	static/css/quay.css
	static/js/graphing.js
	static/partials/view-repo.html
	test/data/test.db
2014-04-15 15:58:30 -04:00
jakedt
0827e0fbac Merge remote-tracking branch 'origin/master' into ncc1701
Conflicts:
	endpoints/web.py
	static/directives/signup-form.html
	static/js/app.js
	static/js/controllers.js
	static/partials/landing.html
	static/partials/view-repo.html
	test/data/test.db
2014-04-14 19:37:22 -04:00
jakedt
61a6db236f Finish the implementation of local userfiles. Strip charsets from mimetypes in the build worker. Add canonical name ordering to the build queue. Port all queues to the canonical naming version. 2014-04-11 18:34:47 -04:00
jakedt
14fba3ae7c Rename SERVER_NAME to SERVER_HOSTNAME to fix the subdomain routing problems. 2014-04-11 11:17:45 -04:00
jakedt
73f23f155c Merge branch 'ncc1701' of ssh://bitbucket.org/yackob03/quay into ncc1701 2014-04-10 15:20:26 -04:00
jakedt
d39f3cc5d4 Fix the tests and implement a fake stripe. 2014-04-10 15:20:16 -04:00
Joseph Schorr
0e320c964f - Add support for super users
- Add a super user API
- Add a super user interface
2014-04-10 00:26:55 -04:00
Joseph Schorr
19a20a6c94 Turn off all references and API calls to billing if the feature is disabled 2014-04-06 00:36:19 -04:00
Joseph Schorr
4f4112b18d Add show_if and hide_if methods for routes and APIs, as well as proper comparison of feature values 2014-04-03 19:32:09 -04:00
jakedt
e87ffa20cf First attempt at making config loadable through string config overrides in an env variable. 2014-04-03 17:31:46 -04:00
Joseph Schorr
7c466dab7d - Add an analyze method on triggers that, when given trigger config, will attempt to analyze the trigger's Dockerfile and determine what pull credentials, if any, are needed and available
- Move the build trigger setup UI into its own directive (makes things cleaner)
- Fix a bug in the entitySearch directive around setting the current entity
- Change the build trigger setup UI to use the new analyze method and flow better
2014-04-02 23:33:58 -04:00
Joseph Schorr
9a79d1562a Change to store the pull robot on the repository build and only add the credentials to the queue item. This prevents the credentials from being exposed to the end user. Also fixes the restart build option 2014-04-01 21:49:06 -04:00
jakedt
d768b60a3c Merge remote-tracking branch 'origin/master' into tagyourit
Conflicts:
	test/data/test.db
2014-04-01 19:09:41 -04:00
jakedt
d67a1cddc2 Merge remote-tracking branch 'origin/master' into pullinprivate
Conflicts:
	workers/dockerfilebuild.py
2014-03-31 18:10:34 -04:00
Joseph Schorr
6fd2440294 Handle empty GitHub repositories and do not 500 if the repository cannot be read 2014-03-28 15:32:56 -04:00
Joseph Schorr
abfc38f10a Really fix the build status 2014-03-28 14:42:29 -04:00
Joseph Schorr
795de4235d Change "cannot connect to redid" to be a raised exception 2014-03-28 14:20:06 -04:00
Joseph Schorr
2006917e03 Add support for pull credentials on builds and build triggers 2014-03-27 18:33:13 -04:00
jakedt
302bfb27ae Merge remote-tracking branch 'origin/master' into tagyourit
Conflicts:
	endpoints/api.py
	static/js/app.js
	static/partials/view-repo.html
	test/data/test.db
	test/specs.py
	test/test_api_usage.py
2014-03-26 19:42:29 -04:00
jakedt
4a4ea52041 Use the URL scheme and use the host in the other discovery url. 2014-03-26 16:37:28 -04:00
jakedt
bb05daf090 Fix the discovery doc to point to the stack specific auth endpoint. 2014-03-26 16:28:35 -04:00
jakedt
8fefe239b5 Fix public repository permissions checking. 2014-03-26 15:56:51 -04:00
jakedt
4e80f95012 Format_date has to support missing dates. 2014-03-25 18:01:50 -04:00
jakedt
8538455cef Fix the user API to throw the nicer 401 that the FE can handle. 2014-03-25 17:58:19 -04:00
jakedt
41cfadac23 Protect the search and repository list endpoints appropriately. Add more differentiating data to some need types. Remove the notification about password change from the user admin page. Select the dependent models for the visible repo list. 2014-03-25 17:26:45 -04:00
jakedt
5f98bf8dab Merge remote-tracking branch 'origin/master' into swaggerlikeus
Conflicts:
	endpoints/api.py
2014-03-25 15:50:03 -04:00
jakedt
f39793b3ac Check CSRF after processing the oauth token. 2014-03-25 15:37:58 -04:00
jakedt
f060fd6ae0 Fix and unify CSRF support across web and API endpoints. 2014-03-25 14:32:26 -04:00
jakedt
0097daebc2 Formatting changes. 2014-03-25 14:32:02 -04:00
Joseph Schorr
c82d1ffe98 Add ability for users to see their authorized applications and revoke the access 2014-03-24 20:57:02 -04:00
jakedt
283ce5e1c3 Make the new app management APIs internal and fix the schemas to work with swagger. 2014-03-24 18:16:46 -04:00
Joseph Schorr
f7c27f250b Add full application management API, UI and test cases 2014-03-20 15:46:13 -04:00
jakedt
3b7b12085d User scope objects everywhere. Switch scope objects to namedtuples. Pass the user when validating whether the user has authorized such scopes in the past. Make sure we calculate the scope string using all user scopes form all previously granted tokens. 2014-03-19 18:09:09 -04:00
jakedt
c93c62600d Merge remote-tracking branch 'origin/master' into swaggerlikeus
Conflicts:
	data/database.py
	endpoints/api.py
	endpoints/common.py
	templates/base.html
	test/data/test.db
	test/specs.py
2014-03-19 15:39:44 -04:00
jakedt
f2d0a2f479 Split out organization repo roles and org management roles. 2014-03-19 14:36:56 -04:00
jakedt
6fc369bed2 Change non logged in 403s to 401s. 2014-03-19 13:57:36 -04:00
jakedt
7bd4b9a71c Merge branch 'swaggerlikeus' of ssh://bitbucket.org/yackob03/quay into swaggerlikeus
Conflicts:
	endpoints/api/trigger.py
2014-03-19 12:13:07 -04:00
jakedt
6267275d6f Mark a whole slew of APIs as internal only. 2014-03-19 12:09:07 -04:00
Joseph Schorr
807fa68fe4 Fix the remainder of the API usage tests. Note that this still fails when the blueprint is registered again, so each subset of tests has to be run on its own 2014-03-18 20:32:37 -04:00
jakedt
64071b9e8e Add a user info scope and thread it through the code. Protect the org modification API. 2014-03-18 19:21:27 -04:00
Joseph Schorr
b0dcb5d7e3 Merge branch 'swaggerlikeus' of https://bitbucket.org/yackob03/quay into swaggerlikeus 2014-03-18 16:46:28 -04:00
Joseph Schorr
9ae4506a0d Add OAuth usage information the API logs, have it be displayed in the logs UI and start on the code to display application information when clicked. Note that this does not (yet) do anything with the information returned as we need to wait for the mainline merge of Angular 1.2.9 (which is in master) before I can continue on the display 2014-03-18 16:45:18 -04:00
jakedt
6f39e158d6 Eliminate all of the exceptions when running the tests. 2014-03-18 15:58:37 -04:00
jakedt
e1b704bdac We must check repository permissions before parsing args. 2014-03-18 14:45:14 -04:00
jakedt
7d163833bd Some small fixes in the API. 2014-03-18 14:22:14 -04:00
jakedt
3b3d71bfd7 Feed error messages through a cors wrapper so that people on other domains can see what's happening. 2014-03-17 16:57:35 -04:00
jakedt
4673f40dd2 Fix the org robot create response. 2014-03-17 15:26:16 -04:00
jakedt
bb2767ff16 Fix url_for for api endpoints. 2014-03-17 15:23:49 -04:00