Joseph Schorr
58e6a17373
Fix namespace links that end in slashes
2017-09-28 15:14:53 -04:00
Joseph Schorr
464bccb5a0
Fix permissions on accessing archived logs
2017-08-18 13:45:36 -04:00
Joseph Schorr
aecec02b6c
Change common_login to take in a user uuid, instead of a user DB object
2017-07-20 16:01:39 -04:00
Joseph Schorr
5d69fc2aa3
Move param_required into the decorators module
2017-07-20 16:01:38 -04:00
Joseph Schorr
98e2ccf74d
Move parse_repository_name into decorators
2017-07-20 16:01:38 -04:00
Joseph Schorr
17f3de811e
Move route_show_if into decorators
...
Also removes unused route_hide_if
2017-07-20 11:07:31 -04:00
Joseph Schorr
b7d6bb12fa
Hide extended health check information behind superuser permission or a session property
...
Also adds an endpoint that (when specified with the proper secret), sets the session property
2017-07-19 16:17:02 +03:00
Antoine Legrand
cdb3722c17
Use $QUAYPATH and $QUAYDIR in conf and init files
2017-07-05 16:23:54 +02:00
Evan Cordell
b6d423a50d
Merge pull request #2687 from ecordell/enable-builds-trust
...
Re-enable builds and tag modification when signing is enabled
2017-06-13 11:20:04 -04:00
Joseph Schorr
a949a44cb2
Remove expensive call in build badge
...
We don't need to list all the tags to determine if any exist, and showing the repo is ready when it is empty is probably correct behavior anyway
2017-06-12 14:53:54 -04:00
Evan Cordell
2e30c47045
Re-enable builds and tag modification when signing is enabled
2017-06-07 10:01:37 -04:00
Joseph Schorr
e9ffe0e27b
Implement new search UI
...
We now have both autocomplete-based searching for quick results, as well as a full search page for a full listing of results
2017-04-28 13:57:28 -04:00
EvB
5e995fae20
refactor(archivedlogs): move archivelog handler to endpoints
2017-04-26 11:41:55 -04:00
josephschorr
e79555ef95
Merge pull request #2547 from coreos-inc/disable-for-trust
...
Disable certain APIs and build triggers when trust is enabled
2017-04-17 13:05:16 -04:00
Joseph Schorr
6f722e4585
Disable certain APIs and build triggers when trust is enabled
...
Since trust will break if Quay makes changes, disable all Quay tag-change APIs and build APIs+webhooks when trust is enabled on a repository. Once we get Quay signing things itself, we can revisit this.
2017-04-17 13:04:51 -04:00
Jake Moshenko
22f5934f34
Add error logging to Marketo calls
2017-04-17 10:19:52 -04:00
Jimmy Zelinskie
93d1439e04
endpoints.web: fix unknown identifier
2017-04-13 13:54:20 -04:00
Jake Moshenko
a8ec7865a7
Merge pull request #2511 from jakedt/fixwarnings
...
Fixwarnings
2017-04-06 16:12:19 -04:00
Jake Moshenko
a0817bfd59
Refresh dependencies and fix tests.
2017-04-06 13:15:48 -04:00
Joseph Schorr
45e1319067
Properly redirect to app repository URLs
2017-04-05 14:29:46 -04:00
Joseph Schorr
f9e6110f73
Add basic user interface for application repos
...
Adds support for creating app repos, viewing app repos and seeing the list of app repos in the Quay UI.
2017-04-05 11:30:09 -04:00
Joseph Schorr
147b812edb
Remove out dated Enterprise landing page
...
We now just redirect to the QE plans page
Fixes https://www.pivotaltracker.com/story/show/142166263
2017-03-30 15:25:56 -04:00
Joseph Schorr
651666b60b
Refactor our auth handling code to be cleaner
...
Breaks out the validation code from the auth context modification calls, makes decorators easier to define and adds testing for each individual piece. Will be the basis of better error messaging in the following change.
2017-03-23 15:42:45 -04:00
Joseph Schorr
1bd4422da9
Move auth decorators into a decorators module
...
The non-decorators will be broken out in the followup change
2017-03-23 15:42:45 -04:00
Joseph Schorr
178373293d
Disable web endpoints for app repos
2017-03-22 15:51:19 -04:00
Joseph Schorr
8e863b8cf5
Implement new create and manager trigger UI
...
Implements the new trigger setup user interface, which is now a linear workflow found on its own page, rather than a tiny modal dialog
Fixes #1187
2017-02-28 16:51:42 -05:00
Joseph Schorr
ff52fde8a5
Have Quay always use an OAuth-specific CSRF token
...
This change ensures that we always store and then check the contents of the OAuth `state` argument against a session-stored CSRF token.
Fixes https://www.pivotaltracker.com/story/show/135803615
2016-12-08 16:11:57 -05:00
Joseph Schorr
c06bba38de
Have all error pages be rendered by Angular
...
Fixes #2198
Fixes https://www.pivotaltracker.com/story/show/135724483
2016-12-07 17:49:02 -05:00
Joseph Schorr
0e24f6b40a
Fix user redirects to go to the correct URL
...
`/user` no longer works and returns a 404; we now need to redirect to the specific user page
2016-11-28 18:55:41 -05:00
Joseph Schorr
964b1013d9
Make receipt filenames include date information
...
Fixes #1997
2016-11-21 15:35:56 -05:00
Charlton Austin
2fe74e4057
Adding in UI for cancel anytime.
2016-11-21 10:58:32 -05:00
Joseph Schorr
0e602efbf9
Fix error displayed for OAuth if an existing token already matches scopes
...
Before this change, the OAuth system would automatically redirect to display the code if the scopes requested were a subset of those already granted by the user. However, the missing process auth resulted in `get_authenticated_user` returning None, which broke the OAuth flow.
Fixes #2131
2016-11-17 16:21:26 -05:00
Joseph Schorr
0f2eb61f4a
Add collection of user metadata: name and company
2016-11-08 16:15:02 -05:00
Joseph Schorr
1e3b354201
Add support for temp usernames and an interstitial to confirm username
...
When a user now logs in for the first time for any external auth (LDAP, JWT, Keystone, Github, Google, Dex), they will be presented with a confirmation screen that affords them the opportunity to change their Quay-assigned username.
Addresses most of the user issues around #74
2016-11-03 15:59:14 -04:00
Joseph Schorr
3a473cad2a
Enable permanent sessions
...
Fixes #1955
2016-10-31 13:52:09 -04:00
Jake Moshenko
f04b018805
Write our users to Marketo as leads.
2016-10-14 16:29:11 -04:00
Jimmy Zelinskie
31b77cf232
rename auth.auth to auth.process
...
This fixes some ambiguity around imports.
2016-09-29 15:24:57 -04:00
Jimmy Zelinskie
fc7301be0d
*: fix legacy imports
...
This change reorganizes imports and renames the legacy flask extensions.
2016-09-28 20:17:14 -04:00
Joseph Schorr
4d5c65e6d4
Better 404 (and 403) pages
...
Fixes #1819
2016-09-21 13:54:21 -04:00
Joseph Schorr
193040a473
Fix tag links
...
Fixes #1741
2016-08-17 15:06:10 -04:00
Joseph Schorr
7fddc61b8f
Add instance key ID to the health check endpoint
...
Fixes #1429
2016-07-05 14:14:22 -04:00
Jake Moshenko
a1cf12e460
Add a sitemap.txt for popular public repos
...
and reference it from the robots.txt
2016-06-17 14:34:20 -04:00
Jake Moshenko
746728ba24
Remove escaped_fragment snapshot rendering.
2016-06-14 12:53:10 -04:00
Joseph Schorr
8177c39aff
Move privacy and TOS to Angular
...
Fixes #1529
2016-06-09 13:45:37 -04:00
Joseph Schorr
8887f09ba8
Use the instance service key for registry JWT signing
2016-06-07 11:58:10 -04:00
josephschorr
a85c3ebff7
Merge pull request #1457 from coreos-inc/xauth
...
Add support for direct granting of OAuth tokens and add tests
2016-06-01 12:07:12 -04:00
Joseph Schorr
7933aecf25
Add support for direct granting of OAuth tokens and add tests
...
This allows a client (when authorized in a whitelist) to send direct credentials via a Basic auth header and therefore bypass the OAuth approval UI for that user.
2016-05-23 17:17:06 -04:00
Joseph Schorr
f670c4c7a9
Change Signer to use the config provider and fix tests
...
Fixes the broken ACI tests
2016-05-23 17:10:03 -04:00
Joseph Schorr
73fa593d02
Various small fixes in prep for QE release
2016-05-04 15:20:27 -04:00
josephschorr
f0af2ca9c3
Merge pull request #1407 from coreos-inc/enterpriselanding
...
Add Enterprise Landing page
2016-05-03 13:52:22 -04:00