Commit graph

134 commits

Author SHA1 Message Date
Jake Moshenko
3efaa255e8 Accidental refactor, split out legacy.py into separate sumodules and update all call sites. 2015-07-17 11:56:15 -04:00
Jake Moshenko
6e6b3c675f Merge pull request #28 from coreos-inc/swagger2
Switch to Swagger v2
2015-06-29 12:18:10 -04:00
Joseph Schorr
dc5af7496c Allow superusers to disable user accounts 2015-06-29 18:40:52 +03:00
Joseph Schorr
c0e995c1d4 Merge branch 'master' into nolurk 2015-06-02 13:55:16 -04:00
Joseph Schorr
fdd43e2490 Change API calls that expect non-robots to explicitly filter
Before this change, we'd filter in the UI but calls to the API could allow robots accounts where we only expect real users
2015-05-26 17:47:33 -04:00
Joseph Schorr
855f3a3e4d Have the verifyUser endpoint use the same confirm_existing_user method
This will prevent us from encountering the same problem as the generated encrypted password issue when using LDAP
2015-05-22 16:26:26 -04:00
Joseph Schorr
b0d763b5ff Fix encrypted password generator to use the LDAP username, not the Quay username.
Currently, we use the Quay username via `verify_user` when we go to create the encrypted password. This is only correct if Quay has not generated its own different username for the LDAP user, and fails if it has. We therefore add a new method `confirm_existing_user`, which looks up the federated login for the LDAP user and then runs the auth flow using that username.
2015-05-20 16:37:09 -04:00
Joseph Schorr
54992c23b7 Add a feature flag for disabling unauthenticated access to the registry in its entirety. 2015-05-19 17:52:44 -04:00
Joseph Schorr
0bc1c29dff Switch the Python side to Swagger v2 2015-05-14 16:47:38 -04:00
Joseph Schorr
60036927c9 Really disallow usage of the same account for an org as the one being converted. Before, you could do so via email. 2015-04-29 20:30:37 -04:00
Joseph Schorr
f67eeee8c8 Start conversion of the user admin/view 2015-04-02 16:34:41 -04:00
Joseph Schorr
5cd500257d Merge branch 'master' into orgview 2015-04-01 13:56:49 -04:00
Joseph Schorr
1f5e6df678 - Fix tests
- Add new endpoints for retrieving the repo permissions for a robot account
- Have the robots list return the number of repositories for which there are permissions
- Other UI fixes
2015-03-31 18:50:43 -04:00
Joseph Schorr
27a9b84587 Switch avatars to be built out of CSS and only overlayed with the gravatar when a non-default exists 2015-03-30 17:55:04 -04:00
Joseph Schorr
384d6083c4 Make sure to conduct login after the password change now that the session will be invalidated for the user 2015-03-26 20:04:32 -04:00
Joseph Schorr
aaf1b23e98 Address CL concerns and switch to a real encryption system 2015-03-26 15:10:58 -04:00
Joseph Schorr
e4b659f107 Add support for encrypted client tokens via basic auth (for the docker CLI) and a feature flag to disable normal passwords 2015-03-25 18:43:12 -04:00
Jimmy Zelinskie
9dd6e8e639 api/user: remove log_action comments for stars
It is not necessary to log the starring of repositories.
2015-03-02 13:25:58 -05:00
Jimmy Zelinskie
fb0d3d69c2 changes to reflect PR comments (not finished) 2015-02-24 17:50:54 -05:00
Jimmy Zelinskie
35a2414d85 tests: star security tests 2015-02-23 14:23:32 -05:00
Jimmy Zelinskie
3780434279 endpoints.api.user: require useradmin for star ops 2015-02-19 17:03:36 -05:00
Jimmy Zelinskie
917dd6b674 Merge branch 'master' into star 2015-02-18 17:36:58 -05:00
Jake Moshenko
990739b1e5 Add the APIs required to change the time machine policy for users and organizations. 2015-02-12 14:37:11 -05:00
Jake Moshenko
64750e31fc Add the ability to select for update within transactions to fix some write after read hazards. Fix a bug in extend_processing. 2015-01-30 16:32:13 -05:00
Jimmy Zelinskie
8464b54ad9 star status shown in normal repo listings 2014-12-30 15:07:14 -05:00
Jimmy Zelinskie
5a484cfe11 Initial redesigned UI for repo listings w/ stars. 2014-12-11 15:07:41 -05:00
Jimmy Zelinskie
4f5a78ca2c Add missing args param. 2014-12-02 17:32:43 -08:00
Jimmy Zelinskie
aa4903c3cd add docs for star repo api 2014-12-02 17:31:21 -08:00
Jimmy Zelinskie
eb956e5b7d initial work on adding models for starring repos.
I'm sick of using `git stash`.
2014-12-02 17:31:21 -08:00
Joseph Schorr
b3240de1f8 Rename gravatar field after the bees merge. 2014-11-25 19:59:24 -05:00
Joseph Schorr
7bf96c506f Merge branch 'bees' into koh 2014-11-24 19:25:53 -05:00
Joseph Schorr
e9cac407df Add a configurable avatar system and add an internal avatar system for enterprise 2014-11-24 19:25:13 -05:00
Jake Moshenko
2b8c246476 Temporarily put user rename behind a feature flag. Switch queue names back to using the username for namespace while we figure out a real migration strategy. 2014-11-20 15:36:39 -05:00
Joseph Schorr
ccc16fd6f4 Merge branch 'master' into bees 2014-11-17 13:14:27 -05:00
Jake Moshenko
ed8bcff39e Merge remote-tracking branch 'origin/master' into nomenclature
Conflicts:
	test/data/test.db
	workers/dockerfilebuild.py
2014-10-06 10:29:39 -04:00
Joseph Schorr
e0993b26af Make query params only read from query params, not JSON as well 2014-10-03 15:05:34 -04:00
Joseph Schorr
1d8ec59362 Merge branch master into bees 2014-10-02 15:08:32 -04:00
Joseph Schorr
c682899861 Add a feature flag to disable user creation 2014-10-02 14:49:18 -04:00
Jake Moshenko
e8b3d1cc4a Phase 4 of the namespace to user migration: actually remove the column from the db and remove the dependence on serialized namespaces in the workers and queues 2014-10-01 14:23:46 -04:00
Joseph Schorr
f3b03ebc34 Add a feature flag for disabling all emails 2014-09-22 19:11:48 -04:00
Joseph Schorr
b212dbb2ab Merge branch 'master' into better-emails 2014-09-18 13:20:32 -04:00
Jake Moshenko
75d2ef377e Merge remote-tracking branch 'origin/master' into comewithmeifyouwanttowork
Conflicts:
	data/model/legacy.py
2014-09-15 17:52:17 -04:00
Joseph Schorr
913b3e472f Add ability to detach external login services 2014-09-15 12:01:02 -04:00
Joseph Schorr
10faa7de84 Only allow users matching the team invite to accept, if the invite was specified for a user (rather than an email) 2014-09-12 14:29:01 -04:00
Jake Moshenko
c5ca46a14b Merge remote-tracking branch 'origin/master' into comewithmeifyouwanttowork
Conflicts:
	data/model/legacy.py
	static/js/app.js
2014-09-12 11:03:30 -04:00
Joseph Schorr
8d3ce44682 Address comments on code review 2014-09-11 15:45:41 -04:00
Joseph Schorr
3c20402b32 Add a common base email template, translate the emails over to using jinja and add emails when e-mail addresses and passwords are changed. 2014-09-05 19:57:33 -04:00
Joseph Schorr
e028d4ae0a Merge master into branch 2014-09-04 18:08:18 -04:00
Joseph Schorr
1c2de35f28 Code review fixes 2014-09-04 17:54:51 -04:00
Joseph Schorr
e783df31e0 Add the concept of require_fresh_login to both the backend and frontend. Sensitive methods will now be marked with the annotation, which requires that the user has performed a login within 10 minutes or they are asked to do so in the UI before running the operation again. 2014-09-04 14:24:20 -04:00
Joseph Schorr
1e7e012b92 Add a requirement for the current password to change the user's password or email address 2014-09-03 15:41:25 -04:00
Joseph Schorr
6f1a4030b6 Add response schema validation (only when in TESTING mode) and add one schema. More will be added in a followup CL 2014-08-27 20:57:46 -04:00
Joseph Schorr
d76d4704a0 Add pagination to the notifications API and make the UI only show a maximum of 5 notifications (beyond that, it shows "5+"). 2014-08-26 15:19:39 -04:00
Joseph Schorr
53fb7f4136 Add documentation for all path parameters 2014-08-19 19:05:28 -04:00
Joseph Schorr
11176215e1 Commit new DB changes and make sure the metadata is always present in some form 2014-08-11 18:35:26 -04:00
Joseph Schorr
389c88a7c4 Update federated login to store metadata and have the UI pull the information from the metadata 2014-08-11 18:25:01 -04:00
Joseph Schorr
32b2ecdfa6 Add ability to dismiss notifications 2014-07-28 18:23:46 -04:00
Joseph Schorr
b0c4f5b2f5 - Fix tests to not hit remote Redis endpoint
- Fix convert organization to allow admin email address, in addition to username
- Add test for the above
2014-07-08 18:19:13 -04:00
Jake Moshenko
8e6328a5f0 Merge branch 'driversed' of ssh://bitbucket.org/yackob03/quay into driversed 2014-05-29 11:24:44 -04:00
Jake Moshenko
0683f2657e Rename the email util to not conflict with a builtin library. 2014-05-28 18:22:48 -04:00
Joseph Schorr
69be86be97 Add extra seat check in the user API call and turn off user->org conversion when authentication is LDAP 2014-05-28 15:53:53 -04:00
Joseph Schorr
205362bc7b Add UI for handling the case when an enterprise has reached its maximum seat count 2014-05-28 15:22:36 -04:00
Jake Moshenko
027ada1f5c First stab at LDAP integration. 2014-05-09 17:39:43 -04:00
jakedt
73f23f155c Merge branch 'ncc1701' of ssh://bitbucket.org/yackob03/quay into ncc1701 2014-04-10 15:20:26 -04:00
jakedt
d39f3cc5d4 Fix the tests and implement a fake stripe. 2014-04-10 15:20:16 -04:00
Joseph Schorr
0e320c964f - Add support for super users
- Add a super user API
- Add a super user interface
2014-04-10 00:26:55 -04:00
Joseph Schorr
19a20a6c94 Turn off all references and API calls to billing if the feature is disabled 2014-04-06 00:36:19 -04:00
Joseph Schorr
4f4112b18d Add show_if and hide_if methods for routes and APIs, as well as proper comparison of feature values 2014-04-03 19:32:09 -04:00
jakedt
8538455cef Fix the user API to throw the nicer 401 that the FE can handle. 2014-03-25 17:58:19 -04:00
jakedt
41cfadac23 Protect the search and repository list endpoints appropriately. Add more differentiating data to some need types. Remove the notification about password change from the user admin page. Select the dependent models for the visible repo list. 2014-03-25 17:26:45 -04:00
jakedt
0097daebc2 Formatting changes. 2014-03-25 14:32:02 -04:00
Joseph Schorr
c82d1ffe98 Add ability for users to see their authorized applications and revoke the access 2014-03-24 20:57:02 -04:00
jakedt
c93c62600d Merge remote-tracking branch 'origin/master' into swaggerlikeus
Conflicts:
	data/database.py
	endpoints/api.py
	endpoints/common.py
	templates/base.html
	test/data/test.db
	test/specs.py
2014-03-19 15:39:44 -04:00
jakedt
6fc369bed2 Change non logged in 403s to 401s. 2014-03-19 13:57:36 -04:00
jakedt
6267275d6f Mark a whole slew of APIs as internal only. 2014-03-19 12:09:07 -04:00
jakedt
64071b9e8e Add a user info scope and thread it through the code. Protect the org modification API. 2014-03-18 19:21:27 -04:00
jakedt
6f39e158d6 Eliminate all of the exceptions when running the tests. 2014-03-18 15:58:37 -04:00
jakedt
3b3d71bfd7 Feed error messages through a cors wrapper so that people on other domains can see what's happening. 2014-03-17 16:57:35 -04:00
jakedt
5cc2bdbc71 Fix some errors. 2014-03-17 14:52:52 -04:00
jakedt
ddf5f2053c Convert old style jsonschema required params to new style. 2014-03-17 12:25:41 -04:00
jakedt
5bb4008880 Fix cookie auth to work with oauth token auth. Make sure user loading is truly deferred to save DB connections. 2014-03-17 12:01:13 -04:00
jakedt
60015f0ae0 Add internal API filtering. 2014-03-14 18:07:03 -04:00
jakedt
e475e9809d Port over webhooks, search, and builds. 2014-03-13 16:31:37 -04:00
jakedt
85eb585a85 Port most of the user related apis. 2014-03-13 15:19:49 -04:00