Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								481cebe46b 
								
							 
						 
						
							
							
								
								Fix pytests and enable parallel registry tests  
							
							
							
						 
						
							2016-12-20 15:42:04 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									EvB 
								
							 
						 
						
							
							
							
							
								
							
							
								43aed7c6f4 
								
							 
						 
						
							
							
								
								fix(endpoints/api): return empty 204 resp  
							
							... 
							
							
							
							Return an empty body on API requests with status code 204, which
means "No content". Incorrect 'Deleted' responses were being
returned after successful DELETE operations despite the "No Content"
definition of 204. 
							
						 
						
							2016-12-14 16:22:39 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								fd364ccca3 
								
							 
						 
						
							
							
								
								Remove unneeded exception var  
							
							
							
						 
						
							2016-12-09 14:52:49 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1302fd2fbd 
								
							 
						 
						
							
							
								
								Switch csrf token check to use compare_digest to prevent timing attacks  
							
							... 
							
							
							
							Also adds some additional tests for CSRF tokens 
							
						 
						
							2016-12-08 23:46:31 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								dbdcb802b1 
								
							 
						 
						
							
							
								
								Add end-to-end OAuth login and attach tests  
							
							
							
						 
						
							2016-12-08 18:35:42 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								36324708db 
								
							 
						 
						
							
							
								
								Fix small pylint issues  
							
							
							
						 
						
							2016-12-08 16:21:44 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								ff52fde8a5 
								
							 
						 
						
							
							
								
								Have Quay always use an OAuth-specific CSRF token  
							
							... 
							
							
							
							This change ensures that we always store and then check the contents of the OAuth `state` argument against a session-stored CSRF token.
Fixes https://www.pivotaltracker.com/story/show/135803615  
							
						 
						
							2016-12-08 16:11:57 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								543d86ae10 
								
							 
						 
						
							
							
								
								Merge pull request  #2221  from coreos-inc/fix-error-pages  
							
							... 
							
							
							
							Have all error pages be rendered by Angular 
							
						 
						
							2016-12-07 17:53:14 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								111b7b0788 
								
							 
						 
						
							
							
								
								Merge pull request  #2206  from coreos-inc/ldap-user-search-fix  
							
							... 
							
							
							
							Fix external auth returns for query_user calls 
							
						 
						
							2016-12-07 17:53:04 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								c06bba38de 
								
							 
						 
						
							
							
								
								Have all error pages be rendered by Angular  
							
							... 
							
							
							
							Fixes  #2198 
Fixes https://www.pivotaltracker.com/story/show/135724483  
						
							2016-12-07 17:49:02 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								00eafff747 
								
							 
						 
						
							
							
								
								Merge pull request  #2204  from jzelinskie/429builds  
							
							... 
							
							
							
							add rate limiting to build queues 
							
						 
						
							2016-12-07 15:03:31 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								3203fd6de1 
								
							 
						 
						
							
							
								
								Fix external auth returns for query_user calls  
							
							... 
							
							
							
							Adds the missing field on the query_user calls, updates the external auth tests to ensure it is returned properly, and adds new end-to-end tests which call the external auth engines via the *API*, to ensure this doesn't break again 
							
						 
						
							2016-12-07 14:28:42 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								ebbe58d311 
								
							 
						 
						
							
							
								
								replace prefix w/ canonical name list  
							
							
							
						 
						
							2016-12-07 12:56:56 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								d349e1639a 
								
							 
						 
						
							
							
								
								Fix doc comment on security scan API endpoint  
							
							... 
							
							
							
							Fixes  #2216  
						
							2016-12-07 11:50:22 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								c41de8ded6 
								
							 
						 
						
							
							
								
								build queue rate limiting: address PR comments  
							
							
							
						 
						
							2016-12-06 20:40:54 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								eb69abff8b 
								
							 
						 
						
							
							
								
								build rate limiting: tests  
							
							
							
						 
						
							2016-12-06 16:30:12 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								57770493fa 
								
							 
						 
						
							
							
								
								build rate limiting: use a rate  
							
							
							
						 
						
							2016-12-06 16:30:12 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								7877c6ab94 
								
							 
						 
						
							
							
								
								add rate limiting to build queues  
							
							
							
						 
						
							2016-12-06 16:30:12 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jake Moshenko 
								
							 
						 
						
							
							
							
							
								
							
							
								d656e54d99 
								
							 
						 
						
							
							
								
								Fix unsafe mutable default params.  
							
							
							
						 
						
							2016-12-06 14:00:16 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jake Moshenko 
								
							 
						 
						
							
							
							
							
								
							
							
								21e3001446 
								
							 
						 
						
							
							
								
								Add a bulk insert for queue and notifications.  
							
							... 
							
							
							
							Use it for Clair spawned notifications. 
							
						 
						
							2016-12-06 14:00:16 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								97d150e281 
								
							 
						 
						
							
							
								
								Have QSS only add security scanner notifications once  
							
							
							
						 
						
							2016-12-05 19:08:20 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								cf61c29671 
								
							 
						 
						
							
							
								
								Move SETUP_COMPLETE check up to allow users to add license  
							
							... 
							
							
							
							Somehow this change got lost. 
							
						 
						
							2016-12-05 13:22:14 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Charlton Austin 
								
							 
						 
						
							
							
							
							
								
							
							
								4103a0b75f 
								
							 
						 
						
							
							
								
								Adding in cancel notifications  
							
							
							
						 
						
							2016-11-30 14:38:34 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								b7aac159ae 
								
							 
						 
						
							
							
								
								Merge pull request  #2170  from coreos-inc/password-reset  
							
							... 
							
							
							
							Fix small bugs around account recovery and user settings redirection 
							
						 
						
							2016-11-28 19:51:23 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								dcd8157207 
								
							 
						 
						
							
							
								
								Fix JWT exception in Dex code  
							
							
							
						 
						
							2016-11-28 18:55:51 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								0e24f6b40a 
								
							 
						 
						
							
							
								
								Fix user redirects to go to the correct URL  
							
							... 
							
							
							
							`/user` no longer works and returns a 404; we now need to redirect to the specific user page 
							
						 
						
							2016-11-28 18:55:41 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								402ad25690 
								
							 
						 
						
							
							
								
								Change team invitation acceptance to join all invited teams under the org  
							
							... 
							
							
							
							Fixes  #1989  
						
							2016-11-28 18:39:28 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Evan Cordell 
								
							 
						 
						
							
							
							
							
								
							
							
								9e96e6870f 
								
							 
						 
						
							
							
								
								Add support for * (admin) permission to registry auth v2 endpoint  
							
							
							
						 
						
							2016-11-28 14:02:08 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1529ed2086 
								
							 
						 
						
							
							
								
								Merge pull request  #2154  from coreos-inc/receipt-filename  
							
							... 
							
							
							
							Make receipt filenames include date information 
							
						 
						
							2016-11-23 12:25:53 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								964b1013d9 
								
							 
						 
						
							
							
								
								Make receipt filenames include date information  
							
							... 
							
							
							
							Fixes  #1997  
						
							2016-11-21 15:35:56 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								080802ed2d 
								
							 
						 
						
							
							
								
								Add tracking of pulled tag/digest to logs  
							
							... 
							
							
							
							Fixes  #2148  
						
							2016-11-21 12:29:59 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Charlton Austin 
								
							 
						 
						
							
							
							
							
								
							
							
								2fe74e4057 
								
							 
						 
						
							
							
								
								Adding in UI for cancel anytime.  
							
							
							
						 
						
							2016-11-21 10:58:32 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								ff14601669 
								
							 
						 
						
							
							
								
								Merge pull request  #2139  from coreos-inc/oauth-reauth  
							
							... 
							
							
							
							Fix error displayed for OAuth if an existing token already matches scopes 
							
						 
						
							2016-11-17 16:42:56 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								0e602efbf9 
								
							 
						 
						
							
							
								
								Fix error displayed for OAuth if an existing token already matches scopes  
							
							... 
							
							
							
							Before this change, the OAuth system would automatically redirect to display the code if the scopes requested were a subset of those already granted by the user. However, the missing process auth resulted in `get_authenticated_user` returning None, which broke the OAuth flow.
Fixes  #2131  
							
						 
						
							2016-11-17 16:21:26 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								0b549125d9 
								
							 
						 
						
							
							
								
								Fix 500 on get label endpoint and add a test  
							
							... 
							
							
							
							Fixes  #2133  
						
							2016-11-17 14:55:14 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1a61ef4e04 
								
							 
						 
						
							
							
								
								Report the user's name and company to Marketo  
							
							... 
							
							
							
							Also fixes the API to report the other changes (username and email) as well 
							
						 
						
							2016-11-14 17:34:50 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								aa2704acc7 
								
							 
						 
						
							
							
								
								Add a test for operation name collisions and fix the one additional collision found  
							
							
							
						 
						
							2016-11-10 15:38:27 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								932fa56227 
								
							 
						 
						
							
							
								
								Fix name collision between the two organization delete calls  
							
							... 
							
							
							
							Fixes  #2104 
The collision was causing the frontend to try to call the *superuser* method (in local, where superuser is enabled), but on prod (where it isn't), it was calling the normal method, which takes a different parameter name 
						
							2016-11-10 15:28:20 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								45b1148118 
								
							 
						 
						
							
							
								
								Merge pull request  #2086  from coreos-inc/user-info  
							
							... 
							
							
							
							Add collection of user metadata: name and company 
							
						 
						
							2016-11-09 13:15:07 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								6200a2a49a 
								
							 
						 
						
							
							
								
								Merge pull request  #2088  from coreos-inc/license-about-notification  
							
							... 
							
							
							
							Add a warning bar when the license will become invalid in a week 
							
						 
						
							2016-11-09 11:45:48 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								7e78406112 
								
							 
						 
						
							
							
								
								Add a defined timeout on all HTTP calls in notification methods  
							
							
							
						 
						
							2016-11-08 18:28:06 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								0f2eb61f4a 
								
							 
						 
						
							
							
								
								Add collection of user metadata: name and company  
							
							
							
						 
						
							2016-11-08 16:15:02 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								74c3346562 
								
							 
						 
						
							
							
								
								Add a warning bar when the license will become invalid in a week  
							
							
							
						 
						
							2016-11-08 14:24:55 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								9aac68fbeb 
								
							 
						 
						
							
							
								
								Merge pull request  #2031  from coreos-inc/license-notification  
							
							... 
							
							
							
							Add banner bar message when license has expired or is invalid 
							
						 
						
							2016-11-07 13:52:53 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								d051e58e69 
								
							 
						 
						
							
							
								
								Merge pull request  #2082  from coreos-inc/moar-stats  
							
							... 
							
							
							
							Add new metrics as requested by some customers 
							
						 
						
							2016-11-03 16:25:11 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1e3b354201 
								
							 
						 
						
							
							
								
								Add support for temp usernames and an interstitial to confirm username  
							
							... 
							
							
							
							When a user now logs in for the first time for any external auth (LDAP, JWT, Keystone, Github, Google, Dex), they will be presented with a confirmation screen that affords them the opportunity to change their Quay-assigned username.
Addresses most of the user issues around #74  
							
						 
						
							2016-11-03 15:59:14 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								4b926ae189 
								
							 
						 
						
							
							
								
								Add new metrics as requested by some customers  
							
							... 
							
							
							
							Note that the `status` field on the pull and push metrics will eventually be set to False for failed pulls and pushes in a followup PR 
							
						 
						
							2016-11-03 15:28:40 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								840ea4e768 
								
							 
						 
						
							
							
								
								Merge pull request  #2047  from coreos-inc/external-auth-email-optional  
							
							... 
							
							
							
							Make email addresses optional in external auth if email feature is turned off 
							
						 
						
							2016-10-31 14:16:33 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								0fc132cffb 
								
							 
						 
						
							
							
								
								Make sure Google email addresses are verified  
							
							
							
						 
						
							2016-10-31 13:52:09 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								3a473cad2a 
								
							 
						 
						
							
							
								
								Enable permanent sessions  
							
							... 
							
							
							
							Fixes  #1955  
						
							2016-10-31 13:52:09 -04:00