Joseph Schorr
c3710a6a5e
Add ability for specific geographic regions to be blocked from pulling images within a namespace
2018-12-06 17:14:45 -05:00
Joseph Schorr
4f152fd7c7
Make API errors more informative
...
Fixes https://jira.coreos.com/browse/QUAY-999
2018-07-08 11:45:33 +03:00
Joseph Schorr
6ffafe44d3
Merge pull request #3059 from quay/joseph.schorr/QUAY-906/reg-tests
...
Move registry integration tests to py.test
2018-05-22 17:09:11 -04:00
Joseph Schorr
a007332d4c
Temporarily change to storing logs in a new LogEntry2 table
...
This will prevent us from running out of auto-incrementing ID values until such time as we can upgrade to peewee 3 and change the field type to a BigInt
Fixes https://jira.coreos.com/browse/QUAY-943
2018-05-18 20:15:16 -04:00
Joseph Schorr
77adf9dd77
Fix bug which allowed for implicit library namespace access via the V1 registry protocol when the feature flag was off
...
Now we raise a 400 as expected
2018-05-01 13:28:24 +03:00
Joseph Schorr
188ea98441
Add new decorator to prevent reflected text attacks
...
Instead of disabling repo names with periods in them, we simply disallow calls to the API when they are GET requests, whose path ends in a dot, and that do not have a referrer from the frontend.
2018-02-20 11:33:45 -05:00
Joseph Schorr
e220b50543
Refactor auth code to be cleaner and more extensible
...
We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).
2018-02-14 15:35:27 -05:00
Joseph Schorr
5d69fc2aa3
Move param_required into the decorators module
2017-07-20 16:01:38 -04:00
Joseph Schorr
98e2ccf74d
Move parse_repository_name into decorators
2017-07-20 16:01:38 -04:00
Joseph Schorr
0531f6c749
Small cleanups to the decorators file
2017-07-20 16:01:38 -04:00
Joseph Schorr
17f3de811e
Move route_show_if into decorators
...
Also removes unused route_hide_if
2017-07-20 11:07:31 -04:00
Jimmy Zelinskie
3d0e63d8e5
endpoints.appr.decorators: isolate appr decorators
2017-03-22 23:53:03 -04:00
Jimmy Zelinskie
82bcd45727
endpoints: clarify repo access decorators
2017-03-22 23:41:38 -04:00
Joseph Schorr
4a4eee5e05
Make our JWT subjects better and log using the info
...
Fixes #1039
2015-12-14 14:00:33 -05:00
Joseph Schorr
477a3fdcdc
Add a test to verify that all important blueprints have all their methods decorated
...
This ensures that we don't accidentally add a blueprint method without either explicitly blacklisting or whitelisting anonymous access
2015-06-02 15:56:44 -04:00
Joseph Schorr
ecabf086ea
Add missing newline at end of decorators.py
2015-05-26 16:48:59 -04:00
Joseph Schorr
54992c23b7
Add a feature flag for disabling unauthenticated access to the registry in its entirety.
2015-05-19 17:52:44 -04:00