Jake Moshenko
|
03190efde3
|
Phase 2 of migrating repo namespaces to referencing user objects, backfilling the rows without a value for namespace_user, and changing all accesses to go through the namespace_user object. All tests are passing, manual testing still required.
|
2014-09-24 18:01:35 -04:00 |
|
Jake Moshenko
|
8626d1cd70
|
Initial changes to move repositories from using a namespace string to referencing a user object. Also stores the user id in the cookie rather than the username, to allow users to be renamed. This commit must not be used unmodified because the database migration is too aggressive for live migration.
|
2014-09-19 10:17:23 -04:00 |
|
Joseph Schorr
|
e8ad01cb41
|
Lots of small NPE and other exception fixes
|
2014-09-15 11:27:33 -04:00 |
|
Joseph Schorr
|
05a1413153
|
Handle UI for dangerous scopes
|
2014-08-05 21:21:22 -04:00 |
|
Jake Moshenko
|
02e47ed572
|
Begin the work to allow robots and teams to be managed via API.
|
2014-08-05 20:53:00 -04:00 |
|
Jake Moshenko
|
0b6552d6cc
|
Fix the metrics so they are usable for scaling the workers down and up. Switch all datetimes which touch the database from now to utcnow. Fix the worker Dockerfile.
|
2014-05-23 14:16:26 -04:00 |
|
Jake Moshenko
|
2da8b4737e
|
Fix the registry to work with unicode usernames in LDAP.
|
2014-05-13 15:22:31 -04:00 |
|
Jake Moshenko
|
5fdccfe3e6
|
Add an alembic migration for the full initial database with the data. Switch LDAP to using bind and creating a federated login entry. Add LDAP support to the registry and index endpoints. Add a username transliteration and suggestion mechanism. Switch the database and model to require a manual initialization call.
|
2014-05-13 12:17:26 -04:00 |
|
jakedt
|
0fd5da172e
|
Fix the super user default config. Slight style tweaks to the super user permission implementation.
|
2014-04-10 15:51:39 -04:00 |
|
Joseph Schorr
|
0e320c964f
|
- Add support for super users
- Add a super user API
- Add a super user interface
|
2014-04-10 00:26:55 -04:00 |
|
Joseph Schorr
|
4f1ae25128
|
Make sure the TAR import system handles TAR paths with local directory references
|
2014-04-01 13:00:26 -04:00 |
|
jakedt
|
4d2e090bea
|
Fix the problem with login on new triggers.
|
2014-03-26 15:52:24 -04:00 |
|
jakedt
|
250efd76b6
|
Merge remote-tracking branch 'origin/swaggerlikeus'
|
2014-03-25 17:27:00 -04:00 |
|
jakedt
|
41cfadac23
|
Protect the search and repository list endpoints appropriately. Add more differentiating data to some need types. Remove the notification about password change from the user admin page. Select the dependent models for the visible repo list.
|
2014-03-25 17:26:45 -04:00 |
|
Joseph Schorr
|
efb1ab6562
|
Fix typo
|
2014-03-25 16:50:39 -04:00 |
|
jakedt
|
a9c0e016f3
|
Add the ability to use an oauth token to interact with the index and registry.
|
2014-03-20 12:09:25 -04:00 |
|
jakedt
|
0992c8a47e
|
Fix some permissions problems still around due to some usage of scopes as strings.
|
2014-03-19 18:21:58 -04:00 |
|
jakedt
|
3b7b12085d
|
User scope objects everywhere. Switch scope objects to namedtuples. Pass the user when validating whether the user has authorized such scopes in the past. Make sure we calculate the scope string using all user scopes form all previously granted tokens.
|
2014-03-19 18:09:09 -04:00 |
|
jakedt
|
f2d0a2f479
|
Split out organization repo roles and org management roles.
|
2014-03-19 14:36:56 -04:00 |
|
jakedt
|
6fc369bed2
|
Change non logged in 403s to 401s.
|
2014-03-19 13:57:36 -04:00 |
|
jakedt
|
19c7453f99
|
Merge branch 'swaggerlikeus' of ssh://bitbucket.org/yackob03/quay into swaggerlikeus
|
2014-03-18 19:21:53 -04:00 |
|
jakedt
|
64071b9e8e
|
Add a user info scope and thread it through the code. Protect the org modification API.
|
2014-03-18 19:21:27 -04:00 |
|
Joseph Schorr
|
d7a59ef0c2
|
Add checks for invalid scopes in the auth approval process
|
2014-03-18 17:05:27 -04:00 |
|
Joseph Schorr
|
9ae4506a0d
|
Add OAuth usage information the API logs, have it be displayed in the logs UI and start on the code to display application information when clicked. Note that this does not (yet) do anything with the information returned as we need to wait for the mainline merge of Angular 1.2.9 (which is in master) before I can continue on the display
|
2014-03-18 16:45:18 -04:00 |
|
jakedt
|
1ae04658ef
|
Fix the formats for some errors.
|
2014-03-17 14:38:50 -04:00 |
|
jakedt
|
5bb4008880
|
Fix cookie auth to work with oauth token auth. Make sure user loading is truly deferred to save DB connections.
|
2014-03-17 12:01:13 -04:00 |
|
Joseph Schorr
|
d469b41899
|
Add an oauth authorization page
|
2014-03-14 18:57:28 -04:00 |
|
jakedt
|
0e3fe8f3b1
|
Port a few more repository methods to the new API interface.
|
2014-03-12 20:33:57 -04:00 |
|
jakedt
|
e74eb3ee87
|
Add scope ordinality and translations. Process oauth tokens and limit scopes accordingly.
|
2014-03-12 16:31:37 -04:00 |
|
jakedt
|
25ceb90fc6
|
Add some sort of oauth.
|
2014-03-12 12:37:06 -04:00 |
|
Joseph Schorr
|
61ca29de04
|
Move the auth context methods into their own file so that we don't have auth trying to import itself
|
2014-02-25 15:07:24 -05:00 |
|
Joseph Schorr
|
a120f6c64a
|
Make sure all aborts have message information
|
2014-02-25 14:15:12 -05:00 |
|
yackob03
|
8c1142a770
|
We weren't properly handling passwords with a colon in them.
|
2014-02-09 23:59:30 -05:00 |
|
yackob03
|
56722d1ac1
|
Allow a request with invalid basic auth to still be considered anonymous, rather than throwing a 401.
|
2013-12-19 15:18:14 -05:00 |
|
root
|
61618c7eab
|
We can't count on auth tokens being sent anymore, so we set the namespace and repository for the session when the original put on the repo is made.
|
2013-12-09 04:24:29 +00:00 |
|
yackob03
|
e69591c7d6
|
Add the ability to login with a robot, use the wrench icon for robots all over the place.
|
2013-11-20 19:43:19 -05:00 |
|
yackob03
|
d064af2800
|
Fix a bug where org admin was not sufficient for the modify repository permission.
|
2013-11-07 12:52:46 -05:00 |
|
yackob03
|
d14a292896
|
Org admins should be able to view all teams.
|
2013-11-04 16:44:38 -05:00 |
|
yackob03
|
f8d3c95b74
|
Fix a typo in the team need permissions.
|
2013-11-04 16:39:52 -05:00 |
|
yackob03
|
2eb7ff2442
|
Add a bunch of the missing permissions from the API.
|
2013-11-04 16:18:40 -05:00 |
|
yackob03
|
dd77ebd64f
|
Next batch of backend permissions for orgs.
|
2013-11-04 15:42:08 -05:00 |
|
yackob03
|
283f9b81ae
|
First stab at token auth. The UI could use a little bit of polishing.
|
2013-10-16 14:24:10 -04:00 |
|
yackob03
|
959016a6eb
|
Remove unnecessary calls to the database for user and permission metadata.
|
2013-10-15 14:48:49 -04:00 |
|
yackob03
|
891f992bf2
|
Allow for anonymous access tokens for public repositories.
|
2013-10-01 01:18:05 -04:00 |
|
yackob03
|
0652636693
|
Handle the case where there is no auth at all.
|
2013-10-01 00:37:28 -04:00 |
|
yackob03
|
6bcb5cfcaa
|
Flesh out some permissions APIs.
|
2013-09-27 13:24:07 -04:00 |
|
yackob03
|
9278871381
|
Load flask principal permissions even for web and api endpoints.
|
2013-09-26 16:32:09 -04:00 |
|
yackob03
|
23cbcb2979
|
Make images belong to one repository only. Add a description field to the repository. Fix a bug with access tokens. Fix an embarrasing bug with multiple select criteria in peewee. Update the test db.
|
2013-09-26 15:58:11 -04:00 |
|
yackob03
|
44255421df
|
Namespace the storage in the registry to prevent leaking images if one acquires the image id.
|
2013-09-25 20:00:22 -04:00 |
|
yackob03
|
08446ef59e
|
Fix some stuff with logins and permissions, add tags to the mode.
|
2013-09-25 16:46:28 -04:00 |
|