Commit graph

44 commits

Author SHA1 Message Date
Joseph Schorr
987177fd7e Have require_fresh_login not apply if there is no password set for the user 2014-09-04 19:47:12 -04:00
Jake Moshenko
1a230f635a Use datetime.min instead of a fixed span for the last login default time. 2014-09-04 19:15:06 -04:00
Joseph Schorr
e783df31e0 Add the concept of require_fresh_login to both the backend and frontend. Sensitive methods will now be marked with the annotation, which requires that the user has performed a login within 10 minutes or they are asked to do so in the UI before running the operation again. 2014-09-04 14:24:20 -04:00
Jake Moshenko
2dcdd7ba5b Add exponential backoff of login attempts. 2014-09-02 15:27:05 -04:00
Joseph Schorr
e0bb94e439 Add path param description support 2014-08-06 17:47:32 -04:00
Joseph Schorr
34fc279092 Add e-mail authorization to the repository notification flow. Also validates the creation of the other notification methods. 2014-07-28 14:58:12 -04:00
Joseph Schorr
8d7493cb86 Convert over to notifications system. Note this is incomplete 2014-07-17 22:51:58 -04:00
Joseph Schorr
a84fe0681a Start on data model changes and API changes for the new repository notification system 2014-07-16 16:30:47 -04:00
Joseph Schorr
205362bc7b Add UI for handling the case when an enterprise has reached its maximum seat count 2014-05-28 15:22:36 -04:00
Joseph Schorr
0e320c964f - Add support for super users
- Add a super user API
- Add a super user interface
2014-04-10 00:26:55 -04:00
Joseph Schorr
19a20a6c94 Turn off all references and API calls to billing if the feature is disabled 2014-04-06 00:36:19 -04:00
Joseph Schorr
4f4112b18d Add show_if and hide_if methods for routes and APIs, as well as proper comparison of feature values 2014-04-03 19:32:09 -04:00
jakedt
4e80f95012 Format_date has to support missing dates. 2014-03-25 18:01:50 -04:00
jakedt
f39793b3ac Check CSRF after processing the oauth token. 2014-03-25 15:37:58 -04:00
jakedt
f060fd6ae0 Fix and unify CSRF support across web and API endpoints. 2014-03-25 14:32:26 -04:00
jakedt
3b7b12085d User scope objects everywhere. Switch scope objects to namedtuples. Pass the user when validating whether the user has authorized such scopes in the past. Make sure we calculate the scope string using all user scopes form all previously granted tokens. 2014-03-19 18:09:09 -04:00
jakedt
6fc369bed2 Change non logged in 403s to 401s. 2014-03-19 13:57:36 -04:00
jakedt
64071b9e8e Add a user info scope and thread it through the code. Protect the org modification API. 2014-03-18 19:21:27 -04:00
Joseph Schorr
b0dcb5d7e3 Merge branch 'swaggerlikeus' of https://bitbucket.org/yackob03/quay into swaggerlikeus 2014-03-18 16:46:28 -04:00
Joseph Schorr
9ae4506a0d Add OAuth usage information the API logs, have it be displayed in the logs UI and start on the code to display application information when clicked. Note that this does not (yet) do anything with the information returned as we need to wait for the mainline merge of Angular 1.2.9 (which is in master) before I can continue on the display 2014-03-18 16:45:18 -04:00
jakedt
6f39e158d6 Eliminate all of the exceptions when running the tests. 2014-03-18 15:58:37 -04:00
jakedt
7d163833bd Some small fixes in the API. 2014-03-18 14:22:14 -04:00
jakedt
3b3d71bfd7 Feed error messages through a cors wrapper so that people on other domains can see what's happening. 2014-03-17 16:57:35 -04:00
jakedt
bb2767ff16 Fix url_for for api endpoints. 2014-03-17 15:23:49 -04:00
jakedt
3542a520f5 Fix bugs, mostly related to date formatting. 2014-03-17 13:10:12 -04:00
jakedt
60015f0ae0 Add internal API filtering. 2014-03-14 18:07:03 -04:00
jakedt
83bc965556 Link the org api calls to their related user resources. 2014-03-14 17:35:52 -04:00
jakedt
4d551a079b Re-organize the imports for the api endpoints. 2014-03-14 16:11:31 -04:00
jakedt
1bbe2283dc Port logs and robots. 2014-03-14 16:02:13 -04:00
jakedt
3c268de025 Port over the billing apis. 2014-03-14 15:35:20 -04:00
jakedt
a667714d3d Port permission prototypes and org members. 2014-03-14 14:51:18 -04:00
jakedt
e4e4f8c553 Migrate teams and orgs. 2014-03-14 14:20:51 -04:00
jakedt
cd276773ff Port over tokens. 2014-03-14 13:24:01 -04:00
jakedt
3d4ece31f3 Port over images, permissions, and tags. 2014-03-14 13:06:58 -04:00
jakedt
21d0ec2012 Port triggers to new API. 2014-03-14 12:11:48 -04:00
jakedt
e475e9809d Port over webhooks, search, and builds. 2014-03-13 16:31:37 -04:00
jakedt
85eb585a85 Port most of the user related apis. 2014-03-13 15:19:49 -04:00
jakedt
0e3fe8f3b1 Port a few more repository methods to the new API interface. 2014-03-12 20:33:57 -04:00
jakedt
e74eb3ee87 Add scope ordinality and translations. Process oauth tokens and limit scopes accordingly. 2014-03-12 16:31:37 -04:00
jakedt
25ceb90fc6 Add some sort of oauth. 2014-03-12 12:37:06 -04:00
jakedt
220649e579 Use doc strings for resource and method docs. Tweak some docs. Switch to 100 length lines. 2014-03-11 15:20:03 -04:00
jakedt
978d68f0e0 Holy black magic batman, move the query parameters to decorators and expose them through discovery. 2014-03-11 12:57:33 -04:00
jakedt
b3e0dfae48 More fully replicate the swagger API. 2014-03-10 23:54:55 -04:00
jakedt
de1a44f853 First attempt at using flask-restful and swagger api documentation. 2014-03-10 18:30:41 -04:00