Joseph Schorr
20816804e5
Add ability for super users to take ownership of namespaces
...
Fixes #1395
2016-06-13 16:22:52 -04:00
Joseph Schorr
c3701cea7a
Only send heavy log-based stats for repository where required
2016-06-09 14:52:15 -04:00
Jimmy Zelinskie
e5241c6d88
tests: simple test for BuildRequest w/ archive URL
2016-06-02 12:27:49 -04:00
Joseph Schorr
60bbca2185
Fix setup tool when binding to external auth
...
We now query the external auth provider for the external service's identifier before adding the linking row into the database. This fixes the case where the external service resolves a different identifier for the same username.
Fixes #1477
2016-05-23 17:11:36 -04:00
Joseph Schorr
a736407611
Fix user:admin scope handling and add test
2016-05-09 11:16:01 +02:00
Joseph Schorr
2cbdecb043
Implement setup tool support for Clair
...
Fixes #1387
2016-05-04 13:40:50 -04:00
Joseph Schorr
522cf68c5d
Lots of smaller fixes:
...
- Add the rotation_duration to the keys API
- Have the key service UI use the new rotation_duration field
- Fix notification deletion lookup path
- Add proper support for the new notification in the UI
- Only delete expired keys after 7 days (configurable)
- Fix angular digest loop
- Fix unit tests
- Regenerate initdb
2016-04-29 14:05:16 -04:00
Joseph Schorr
23a8a29654
More tests
2016-04-29 14:05:16 -04:00
Joseph Schorr
fb1dca4e94
Add API usage tests
2016-04-29 14:05:16 -04:00
Joseph Schorr
c604dbd0f6
Fix permissions when converting a user to an org
...
Fixes #1366
2016-04-14 17:39:45 -04:00
Evan Cordell
b5db41920f
Address review comments
2016-04-11 16:34:40 -04:00
Evan Cordell
eba75494d9
Use new error format for auth errors (factor exceptions into module)
2016-04-11 16:22:26 -04:00
Evan Cordell
9c08717173
Return application/problem+json format errors and provide error endpoint
...
to dereference error codes.
2016-04-11 14:57:24 -04:00
josephschorr
edb157c5cb
Merge pull request #1294 from coreos-inc/partialperms
...
Change permissions to only load required by default
2016-03-30 16:40:40 -04:00
Joseph Schorr
b5b2df2063
Make test more resilient to changes in IDs
2016-03-30 16:19:15 -04:00
Joseph Schorr
42e934d84f
Make notification lookup faster and fix repo pagination on Postgres
2016-03-30 14:46:31 -04:00
Joseph Schorr
a3aa4592cf
Change permissions to only load required by default
...
Permissions now load just the namespace and/or repository permissions requested, with a fallback to a full permissions load if necessary.
2016-03-28 16:33:32 -04:00
Jake Moshenko
fe2cd240bc
Revert "Remove old search API which is no longer in use"
2016-03-07 10:07:41 -05:00
josephschorr
57430a18b4
Merge pull request #1224 from coreos-inc/removeoldsearch
...
Remove old search API which is no longer in use
2016-03-04 12:05:07 -05:00
Joseph Schorr
f498e92d58
Implement against new Clair paginated notification system
2016-02-25 15:58:42 -05:00
Joseph Schorr
c0374d71c9
Refactor the security worker and API calls and add a bunch of tests
2016-02-25 12:29:41 -05:00
josephschorr
6f9fc7fc08
Merge pull request #1225 from coreos-inc/setuptooltest
...
Add tests for superuser config API calls
2016-02-16 17:01:43 -05:00
Joseph Schorr
ecaa051791
Fix schema for invoice email updating
...
Fixes #1209
2016-02-16 11:52:57 -05:00
Joseph Schorr
03533db5a3
Add tests for superuser config API calls
2016-02-11 11:04:37 +02:00
Joseph Schorr
1887dc879c
Remove old search API which is no longer in use
2016-02-10 15:02:27 +02:00
Joseph Schorr
534ec9cb2b
Add pagination to the repository list API to make it better for public
...
Fixes #1166
2016-02-01 22:42:44 +02:00
Joseph Schorr
e4ffaff869
Fix Docker Auth and our V2 registry paths to support library (i.e. namespace-less) repositories.
...
This support is placed behind a feature flag.
2016-01-22 15:54:06 -05:00
Jake Moshenko
fe2bdeb6cb
Require some data from all models in initdb
2016-01-19 15:30:27 -05:00
Joseph Schorr
94ece129d4
Remove remaining recursive queries on repo delete and add test
2015-12-18 16:04:03 -05:00
Joseph Schorr
762cd56e64
Change derived storage to be based on image
...
Fixes #971
2015-11-24 12:44:07 -05:00
Joseph Schorr
cfa03951e1
Add a SecScanEndpoint class and move all the cert and config handling in there
2015-11-06 15:22:18 -05:00
josephschorr
3e7a95407b
Merge pull request #598 from coreos-inc/limitbadquery
...
Prevent unlimited insane query from running and fix tests
2015-10-05 21:29:35 -04:00
Silas Sewell
c6da322ec1
Merge pull request #597 from coreos-inc/tag-validation
...
Update tag validation
2015-10-05 21:10:55 -04:00
Silas Sewell
dd3d939b31
Update tag validation
...
Fixes #536
2015-10-05 19:32:10 -04:00
Joseph Schorr
dd804816ba
Prevent unlimited insane query from running and fix tests
...
Fixes #591
2015-10-05 17:11:49 -04:00
Joseph Schorr
8ca92d6828
Remove old search API and switch V1 search to use the new search system
2015-10-05 14:36:43 -04:00
Joseph Schorr
a283c8d8ec
Add a check to ensure repository names are valid according to an extended set of rules.
...
Fixes #534
2015-09-24 11:55:08 -04:00
Joseph Schorr
49b575afb6
Start refactoring of the trigger system:
...
- Move each trigger handler into its own file
- Add dictionary helper classes for easier reading and writing of dict-based data
- Extract the web hook payload -> internal representation building for each trigger system
- Add tests for this transformation
- Remove support for Github archived-based building
2015-09-21 16:36:48 -04:00
josephschorr
c801965626
Merge pull request #492 from coreos-inc/nofreelunch
...
UI and API fixes for disallowing private repo count abuse
2015-09-16 17:53:11 -04:00
Joseph Schorr
30379a2dd8
Fix interleaved repo delete with RAC via a transaction
...
The RepositoryActionCount table can have entries added while a repository deletion is in progress. We now perform the repository deletion under a transaction and explicitly test for RAC entries in the deletion unit test (which doesn't test interleaving, but it was missing this check).
Fixes #494
2015-09-16 15:34:32 -04:00
Joseph Schorr
fbfe7fdb54
Make change repo visibility and create repo raise a 402 when applicable
...
We now check the user or org's subscription plan and raise a 402 if the user attempts to create/make a repo private over their limit
2015-09-15 14:33:35 -04:00
Jimmy Zelinskie
d55ab78fbe
fix pagination of tags in API
...
Fixes #461 .
2015-09-09 15:52:21 -04:00
Joseph Schorr
386fcfd50e
Robot accounts allow underscores
...
Fixes #451
2015-09-08 10:10:00 -04:00
Joseph Schorr
51c507d02d
Add back the ability to retrieve information for an org member directly
...
Fixes #427
2015-08-31 16:45:24 -04:00
Joseph Schorr
36a2beab98
Fix test by adding missing param
2015-08-21 15:07:26 -04:00
Jimmy Zelinskie
523dc912f7
Merge pull request #372 from coreos-inc/notifyui
...
Better notifications UI
2015-08-17 17:13:24 -04:00
Joseph Schorr
84276ee945
Better notifications UI
...
Fixes #369
2015-08-17 17:08:58 -04:00
Joseph Schorr
f092c00621
Allow builds to be started with an external archive URL
...
Fixes #114
2015-08-17 17:01:49 -04:00
Joseph Schorr
09bb98f161
Really fix the build trigger schema and add a test for it
2015-08-11 17:17:18 -04:00
Joseph Schorr
60ab3c339f
Fix tests broken by the recent plan change
2015-08-11 14:09:02 -04:00
Joseph Schorr
7ea4c7d17e
Add missing JSON schema for 'refs' and 'branch_name'
...
Fixes #325
2015-08-07 13:01:49 -04:00
Joseph Schorr
d34afde954
Fix logs view and API
...
- We needed to use an engine-agnostic way to extract the days
- Joining with the LogEntryKind table has *horrible* performance in MySQL, so do it ourselves
- Limit to 50 logs per page
2015-08-05 17:47:03 -04:00
Joseph Schorr
11c7994398
Fix 500 on logout
2015-07-28 15:47:04 -04:00
Joseph Schorr
687bab1c05
Support invite codes for verification of email
...
Also changes the system so we don't apply the invite until it is called explicitly from the frontend
Fixes #241
2015-07-22 13:41:27 -04:00
Joseph Schorr
a0c4e72f13
Clean up the repository list API and loads stars with it
...
We load stars with the same list API now so that we get the extra metadata needed in the repo list (popularity and last modified)
2015-07-22 13:05:02 -04:00
Joseph Schorr
7e4b23916a
Small SQL query fix
...
Fixes #248
2015-07-20 14:17:26 -04:00
Jake Moshenko
3efaa255e8
Accidental refactor, split out legacy.py into separate sumodules and update all call sites.
2015-07-17 11:56:15 -04:00
Joseph Schorr
5ae8c11638
Extra list repos test to mimic the conditions of a known issue with one customer
2015-07-16 01:25:19 +03:00
Jimmy Zelinskie
bde781c98b
Merge pull request #205 from coreos-inc/delrobot
...
Fix deletion of robot accounts when attached to builds
2015-07-13 12:19:01 -04:00
Joseph Schorr
3a59c99b08
Add a secondary tab to Teams for managing org members
...
Also adds the ability to completely remove a user from an organization (repo permissions and teams), in a single click
Fixes #212
2015-07-02 17:06:36 +03:00
Joseph Schorr
b91b60e83d
Add encrypted password output in the superuser API
...
When creating a user or changing their password, we now also return an encrypted form of the password, so API callers can pass it along
2015-07-01 19:29:42 +03:00
Joseph Schorr
3ba321934f
Fix deletion of robot accounts when attached to builds
...
Fixes #204
2015-06-30 22:56:44 +03:00
Joseph Schorr
d9ce8fdf52
Fix swagger test
2015-06-29 21:38:21 +03:00
Joseph Schorr
81bb76d3df
Fix spelling mistakes
2015-06-29 21:38:01 +03:00
Joseph Schorr
2b1bbcb579
Add a table view to the repos list page
...
Fixes #104
2015-06-29 21:12:53 +03:00
Joseph Schorr
b8c74bbb17
Remove container usage tab and replace with changlog view
...
Fixes #179
2015-06-29 11:07:46 +03:00
Joseph Schorr
54992c23b7
Add a feature flag for disabling unauthenticated access to the registry in its entirety.
2015-05-19 17:52:44 -04:00
Joseph Schorr
f858caf6cd
Only return the team and repo permissions when listing robots when we absolutely need them.
2015-05-08 16:43:07 -04:00
Joseph Schorr
469f25b64c
Start measuring the number of queries on critical API calls
2015-05-07 22:25:23 -04:00
Joseph Schorr
3627de103c
Minimize the queries used when retrieve builds. Previously, we'd call out to SQL extra times per build.
2015-05-07 21:11:15 -04:00
Joseph Schorr
7b35555776
Make sure to test for unicode usernames, since the collate on the username field is latin1
2015-05-07 18:13:45 -04:00
Joseph Schorr
d07f9f04e9
UI and code improvements to make working with the multiple SCMs easier
2015-05-03 10:38:11 -07:00
Joseph Schorr
b96e35b28c
Merge master into bitbucket
2015-04-30 15:52:08 -04:00
Joseph Schorr
b3675df667
Fix tests
2015-04-30 15:47:40 -04:00
Joseph Schorr
60036927c9
Really disallow usage of the same account for an org as the one being converted. Before, you could do so via email.
2015-04-29 20:30:37 -04:00
Joseph Schorr
5a8093bbea
Fix API tests
2015-04-29 17:30:24 -04:00
Jimmy Zelinskie
c238626c56
tests: update to reflect trigger API changes
2015-04-23 18:16:14 -04:00
Joseph Schorr
d1e2d072ea
Add unit tests and a stronger restriction on the revert API call
2015-04-19 15:43:16 -04:00
Joseph Schorr
396cba64e6
Fix search to return better results by searching for robots and namespaces in different queries.
2015-04-09 12:57:20 -04:00
Joseph Schorr
40a6892a49
Add search tests
2015-04-07 14:05:12 -04:00
Joseph Schorr
1f5e6df678
- Fix tests
...
- Add new endpoints for retrieving the repo permissions for a robot account
- Have the robots list return the number of repositories for which there are permissions
- Other UI fixes
2015-03-31 18:50:43 -04:00
Joseph Schorr
86447c0a99
Merge branch 'master' into pagesnew
2015-03-05 14:22:10 -05:00
Jimmy Zelinskie
fb0d3d69c2
changes to reflect PR comments (not finished)
2015-02-24 17:50:54 -05:00
Joseph Schorr
10e2eabb1c
Fix test
2015-02-23 13:47:21 -05:00
Joseph Schorr
5f605b7cc8
Fix queue handling to remove the dependency from repobuild, and have a cancel method
2015-02-23 13:38:01 -05:00
Jimmy Zelinskie
2914a5da96
tests: add test for star/unstar repo
2015-02-20 15:11:41 -05:00
Joseph Schorr
7c81d90cda
Start recording the commit sha and other metadata about github triggered builds. We'll eventually show this information in the UI
2015-02-18 14:12:59 -05:00
Joseph Schorr
81ce4c771e
Add ability to cancel builds that are in the waiting state
2015-02-13 15:54:01 -05:00
Joseph Schorr
15a69ac872
Change robot deletions to set the performer to null, rather than attempting to delete the rows from the large log entries table
2015-01-14 12:56:06 -05:00
Jimmy Zelinskie
f3259c862b
Merge branch 'koh'
...
Conflicts:
auth/scopes.py
requirements-nover.txt
requirements.txt
static/css/quay.css
static/directives/namespace-selector.html
static/js/app.js
static/partials/manage-application.html
templates/oauthorize.html
2014-12-01 12:30:09 -08:00
Joseph Schorr
e9cac407df
Add a configurable avatar system and add an internal avatar system for enterprise
2014-11-24 19:25:13 -05:00
Jimmy Zelinskie
716d7a737b
Strip whitespace from ALL the things.
2014-11-24 16:07:38 -05:00
Joseph Schorr
9b31b9805a
Fix performance problem with looking up org members and add some tests
2014-11-20 11:33:42 -05:00
Jake Moshenko
aa62395777
Fix a test to use the new calling convention for get_build_trigger.
2014-11-19 15:43:28 -05:00
Joseph Schorr
d73747ce1d
- Fix some other group_by clauses
...
- Fix garbage_collect for an empty list (fixes a test)
- Add a script which runs the full test suite against mysql and postgres (note: QueueTest's are broken for MySQL, but they obviously work in production, so they need to be fixed)
2014-11-13 12:51:37 -05:00
Joseph Schorr
eddcc02ea6
Make repository deletes much faster by adding custom deletion code and have additional tests to verify the deletion code paths
2014-11-10 23:05:20 -05:00
Joseph Schorr
158acd4f41
- Turn on foreign key constraint checking in the tests
...
- Change all ForeignKeyField's that refer to users to use our custom class, and mark those that allow robots
- Change robot delete to only execute the subset of queries necessary to actually delete robots
2014-11-07 12:05:21 -05:00
Joseph Schorr
4eedd54b66
- Make usage language more accurate by stating "repositories"
...
- Have usage counter be based on a 4 weeks TTL
- Add a simple usage counter breakage test
2014-10-30 13:26:02 -04:00
Joseph Schorr
b234019a02
Fix tests
2014-10-14 16:23:01 -04:00
Joseph Schorr
e0993b26af
Make query params only read from query params, not JSON as well
2014-10-03 15:05:34 -04:00
Joseph Schorr
039d53ea6c
- Fix initdb
...
- Add ability to specific custom fields for manual running of build triggers and add a "branch name" selector for running github builds
2014-09-30 16:29:32 -04:00
Joseph Schorr
f6d3238611
Fix API tests for the recent change
2014-09-23 11:33:52 -04:00
Jake Moshenko
79b6a9f4e0
Apparently the version of python in the baseimage requires the encoding comment.
2014-09-23 11:19:31 -04:00
Joseph Schorr
8dd2330ce7
Switch to using straight docker IDs instead of a hashing scheme
2014-09-23 11:01:50 -04:00
Joseph Schorr
9621566d31
Instead of sending DB IDs, send "internal IDs" which are DB IDs hashed. This way, we can still calculate the ancestors without hitting the DB further, but without leaking the size of the images table
2014-09-23 11:01:50 -04:00
Jake Moshenko
74c1662f54
Unicode strings have to be declared as such for python to be happy.
2014-09-22 18:49:52 -04:00
Joseph Schorr
6b05b55225
Add unicode password support
2014-09-18 17:36:26 -04:00
Joseph Schorr
10faa7de84
Only allow users matching the team invite to accept, if the invite was specified for a user (rather than an email)
2014-09-12 14:29:01 -04:00
Jake Moshenko
c5ca46a14b
Merge remote-tracking branch 'origin/master' into comewithmeifyouwanttowork
...
Conflicts:
data/model/legacy.py
static/js/app.js
2014-09-12 11:03:30 -04:00
Joseph Schorr
8d3ce44682
Address comments on code review
2014-09-11 15:45:41 -04:00
Joseph Schorr
7c45aca405
Code review changes
2014-09-08 17:20:01 -04:00
Joseph Schorr
e783df31e0
Add the concept of require_fresh_login to both the backend and frontend. Sensitive methods will now be marked with the annotation, which requires that the user has performed a login within 10 minutes or they are asked to do so in the UI before running the operation again.
2014-09-04 14:24:20 -04:00
Joseph Schorr
1e7e012b92
Add a requirement for the current password to change the user's password or email address
2014-09-03 15:41:25 -04:00
Joseph Schorr
3b72b26836
Merge branch 'master' into comewithmeifyouwanttowork
2014-08-28 20:50:13 -04:00
Joseph Schorr
a129aac94b
Add ability to regenerate robot account credentials
2014-08-25 17:19:23 -04:00
Joseph Schorr
d2880807b2
- Further fixes for license stuff
...
- Small fixes to ensure Quay works for Postgres
2014-08-21 19:21:20 -04:00
Joseph Schorr
43b6695f9c
Get team invite confirmation working and fully tested
2014-08-18 17:24:00 -04:00
Joseph Schorr
32b2ecdfa6
Add ability to dismiss notifications
2014-07-28 18:23:46 -04:00
Joseph Schorr
34fc279092
Add e-mail authorization to the repository notification flow. Also validates the creation of the other notification methods.
2014-07-28 14:58:12 -04:00
Joseph Schorr
56fec63fcd
Add test for API change to entity search
2014-07-22 13:47:35 -04:00
Joseph Schorr
8d7493cb86
Convert over to notifications system. Note this is incomplete
2014-07-17 22:51:58 -04:00
Joseph Schorr
5841c1237e
Add an "insane" test repo
2014-07-15 15:13:58 -04:00
Joseph Schorr
b0c4f5b2f5
- Fix tests to not hit remote Redis endpoint
...
- Fix convert organization to allow admin email address, in addition to username
- Add test for the above
2014-07-08 18:19:13 -04:00
Jake Moshenko
f6726bd0a4
Merge branch 'ldapper'
...
Conflicts:
Dockerfile
app.py
data/database.py
endpoints/index.py
test/data/test.db
2014-05-22 12:13:41 -04:00
Jake Moshenko
c953447ae0
Fix the tests to use a fake build that is not a moving target.
2014-05-20 18:53:00 -04:00
Jake Moshenko
ccc720fd39
Allow diffs to get very large for test cases.
2014-05-20 18:26:29 -04:00
Joseph Schorr
0fd114df84
Add API usage tests for the superuser API
2014-05-12 15:22:58 -04:00
jakedt
3f42d15335
Merge remote-tracking branch 'origin/master' into tagyourit
...
Conflicts:
static/css/quay.css
static/js/graphing.js
static/partials/view-repo.html
test/data/test.db
2014-04-15 15:58:30 -04:00
jakedt
52fdd60779
Merge remote-tracking branch 'origin/detective'
...
Conflicts:
static/partials/repo-admin.html
2014-04-14 16:15:32 -04:00
Joseph Schorr
0e54b0501c
Return the reason a username validation failed and add tests to verify we are sending the reason to client
2014-04-07 20:37:02 -04:00
Joseph Schorr
7c466dab7d
- Add an analyze method on triggers that, when given trigger config, will attempt to analyze the trigger's Dockerfile and determine what pull credentials, if any, are needed and available
...
- Move the build trigger setup UI into its own directive (makes things cleaner)
- Fix a bug in the entitySearch directive around setting the current entity
- Change the build trigger setup UI to use the new analyze method and flow better
2014-04-02 23:33:58 -04:00
Joseph Schorr
9a79d1562a
Change to store the pull robot on the repository build and only add the credentials to the queue item. This prevents the credentials from being exposed to the end user. Also fixes the restart build option
2014-04-01 21:49:06 -04:00
Joseph Schorr
2006917e03
Add support for pull credentials on builds and build triggers
2014-03-27 18:33:13 -04:00
jakedt
302bfb27ae
Merge remote-tracking branch 'origin/master' into tagyourit
...
Conflicts:
endpoints/api.py
static/js/app.js
static/partials/view-repo.html
test/data/test.db
test/specs.py
test/test_api_usage.py
2014-03-26 19:42:29 -04:00
Joseph Schorr
7befc04809
Fix API usage tests to send the proper CSRF token and add a "invalid CSRF token" test
2014-03-25 15:17:02 -04:00
Joseph Schorr
c82d1ffe98
Add ability for users to see their authorized applications and revoke the access
2014-03-24 20:57:02 -04:00
Joseph Schorr
f7c27f250b
Add full application management API, UI and test cases
2014-03-20 15:46:13 -04:00
jakedt
0992c8a47e
Fix some permissions problems still around due to some usage of scopes as strings.
2014-03-19 18:21:58 -04:00
jakedt
c93c62600d
Merge remote-tracking branch 'origin/master' into swaggerlikeus
...
Conflicts:
data/database.py
endpoints/api.py
endpoints/common.py
templates/base.html
test/data/test.db
test/specs.py
2014-03-19 15:39:44 -04:00
jakedt
6fc369bed2
Change non logged in 403s to 401s.
2014-03-19 13:57:36 -04:00
Joseph Schorr
807fa68fe4
Fix the remainder of the API usage tests. Note that this still fails when the blueprint is registered again, so each subset of tests has to be run on its own
2014-03-18 20:32:37 -04:00
jakedt
5e7ffd95ca
Update the api usage test to use the new url_for resources.
2014-03-18 19:34:26 -04:00
Joseph Schorr
c5fa12329c
Update path matching regex to support dots
2014-03-11 14:42:53 -04:00
Joseph Schorr
e4d40e3289
Add test for bad repo names currently breaking quay
2014-03-11 13:38:44 -04:00
Joseph Schorr
dbb234c76c
Better upwell messaging for everyone and show the upsell for organization admins
2014-03-06 18:36:52 -05:00
Joseph Schorr
20ad666308
Add ability to tag images from the UI, including moving existing tags to different images
2014-02-28 00:12:09 -05:00
Joseph Schorr
3f54022344
Add unit tests for all the new API methods
2014-02-26 15:19:07 -05:00
jakedt
c13f7cd9df
Add the resource_key back to the repository build.
2014-02-25 18:22:02 -05:00
jakedt
f4642be11a
Merge remote-tracking branch 'origin/allyourbaseimage'
...
Conflicts:
test/data/test.db
test/test_api_usage.py
2014-02-18 19:15:14 -05:00
Joseph Schorr
bc0d51656a
Add ability to see a build's build pack, including browsing and downloading of the contents if it is a zip
2014-02-17 17:28:20 -05:00