vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
8239 commits 2 branches 62 tags 205 MiB
Commit graph

807 commits

Author SHA1 Message Date
Brad Ison
62971b7f20
Merge pull request #2999 from bison/user-location 
Add user location metadata filed
 2018-02-20 16:48:37 -05:00
Joseph Schorr
188ea98441 Add new decorator to prevent reflected text attacks 
Instead of disabling repo names with periods in them, we simply disallow calls to the API when they are GET requests, whose path ends in a dot, and that do not have a referrer from the frontend.
 2018-02-20 11:33:45 -05:00
josephschorr
ac328da383
Merge pull request #3006 from coreos-inc/joseph.schorr/QUAY-827/noop-team-name 
Add messaging when trying to create a team that already exists
 2018-02-15 16:41:51 -05:00
Joseph Schorr
72ca758c88 Add messaging when trying to create a team that already exists 
Fixes https://jira.coreos.com/browse/QUAY-827
 2018-02-15 16:03:09 -05:00
Joseph Schorr
e220b50543 Refactor auth code to be cleaner and more extensible 
We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).
 2018-02-14 15:35:27 -05:00
Brad Ison
5965929187 Include location in user analytics 2018-02-06 16:06:17 -05:00
Brad Ison
3de6b4a646 Add location metadata field for users 2018-02-06 16:06:17 -05:00
josephschorr
6514bf229f
Merge pull request #2973 from coreos-inc/joseph.schorr/QS-116/cloudfront-storage 
Add support for configuring cloudfront storage
 2018-02-02 10:14:28 -05:00
Joseph Schorr
b0f656731c Add support for configuring CloudFront storage engine 
Fixes https://jira.coreos.com/browse/QS-116
 2018-01-31 11:22:14 -05:00
Joseph Schorr
208dc38d25 Allow expired app specific tokens to be deleted 2018-01-23 11:40:51 -05:00
Joseph Schorr
c887aa543b Change superuser API errors to be more descriptive 
Fixes https://jira.coreos.com/browse/QS-103
 2018-01-05 17:09:26 -05:00
josephschorr
13b738c43c
Merge pull request #2954 from coreos-inc/joseph.schorr/QS-102/user-api-filter 
Add ability to filter users list to enabled users
 2018-01-05 15:40:50 -05:00
josephschorr
5286fd63b0
Merge pull request #2953 from coreos-inc/joseph.schorr/QS-101/discovery-anon 
Allow anonymous access to the discovery endpoint
 2018-01-05 15:40:39 -05:00
josephschorr
d8fde005d8
Merge pull request #2961 from coreos-inc/joseph.schorr/QS-107/create-repo-opt 
Small optimizations around create repository code
 2018-01-05 15:40:30 -05:00
Joseph Schorr
888b564a9b Add a banner to the Quay UI when an app specific token is about to expire 2018-01-04 15:27:42 -05:00
Joseph Schorr
2214a2c7ad Disable fresh login check in auth engines that won't support it 2018-01-04 15:27:41 -05:00
Joseph Schorr
524d77f527 Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password 2018-01-04 15:27:41 -05:00
Joseph Schorr
1e1bec0afe Remove extra update call on create repo 2018-01-04 13:42:05 -05:00
Joseph Schorr
8e473b9779 Add filter for disabled users to superuser user list API 
Fixes https://jira.coreos.com/browse/QS-102
 2017-12-22 16:45:49 -05:00
Joseph Schorr
1d3a93efcb Linter fixes for superuser API file 2017-12-22 16:18:58 -05:00
Joseph Schorr
6b42e3e4ca Allow anonymous access to the discovery endpoint 
Fixes https://jira.coreos.com/browse/QS-101
 2017-12-22 16:13:23 -05:00
josephschorr
6db2ecc19f
Merge pull request #2928 from coreos-inc/joseph.schorr/QS-74/fix-restart 
Have Quay lookup the sbin/my_init PID to kill
 2017-12-07 13:25:16 -05:00
Joseph Schorr
1d1c6f0606 Invalidate all session tokens when a user signs out 
Fixes https://jira.coreos.com/browse/QS-85
 2017-12-07 13:03:11 -05:00
Joseph Schorr
a204dc20fb Require CAPTCHA for password recovery 
https://jira.coreos.com/browse/QS-79
 2017-12-06 14:25:34 -05:00
Joseph Schorr
927d469db0 In password recovery, don't reveal whether an e-mail address is valid (unless it is an org's e-mail address) 2017-12-06 14:07:38 -05:00
Joseph Schorr
4db1615d94 Fix bugs in updateuser 
1) Also check for matching organization names
2) Ensure that errors don't leave the throbber
 2017-12-01 14:58:29 -05:00
Joseph Schorr
874a7b0c41 Have Quay lookup the sbin/my_init PID to kill 
We changed the entry point in Quay to be a shell script that calls `my_init`, which means the init no longer has PID 1. We therefore need to look up the correct PID to kill it.

Fixes https://jira.coreos.com/browse/QS-74
 2017-12-01 14:04:43 -05:00
Joseph Schorr
2ced523313 Add Explore tab and query-less searching 
Allows for exploration of all visible repositories, in paginated form.

This change also fixes the layout of the header on different viewport sizes to be consistently a single line in height.

Fixes https://jira.coreos.com/browse/QS-63
 2017-11-28 16:50:23 +02:00
Joseph Schorr
9b2fb46e34 Move recaptcha check after the username check 
Ensures that if someone chooses an existing username, they don't need to re-recaptcha

Fixes https://jira.coreos.com/browse/QS-65
 2017-11-27 16:59:42 +02:00
Joseph Schorr
1b6ecb6c1c Fix bug in listing owned tags 
We were indexing into a map using the docker_image_id, but the ancestors use the *image id*. Also cleans up the code and adds some tests.

Fixes https://jira.prod.coreos.systems/browse/QS-55
 2017-11-09 16:21:40 -05:00
Joseph Schorr
2ce4e49711 Build job does not have a request context when calling get_file_url 
We therefore need to specify some sort of IP or get_file_url will attempt to get it from context
 2017-10-06 12:57:02 -04:00
josephschorr
3bef21253d Merge pull request #2695 from coreos-inc/oidc-internal-auth 
OIDC internal auth support
 2017-10-02 16:51:17 -04:00
Joseph Schorr
82ff85b125 Add ability for users to change their name and company information 2017-09-26 16:58:04 -04:00
Joseph Schorr
804d3c46c3 Add feature flag to allow users to be created only if invited to join a team 
Allows for open user creation, but only if extended an invitation by someone who already has access
 2017-09-14 16:28:39 -04:00
Joseph Schorr
c6aad5fef0 Add option to disable partial autocompletion of users 2017-09-12 15:55:37 -04:00
Joseph Schorr
adc70d2fe2 Add alias for callback path 2017-09-12 12:26:42 -04:00
Evan Cordell
1d246784dd Include invalid oidc token in the error message for debugging 2017-09-12 12:26:42 -04:00
Joseph Schorr
e724125459 Add support for using OIDC tokens via the Docker CLI 2017-09-12 12:23:22 -04:00
Joseph Schorr
e0820c6be5 Remove encoding of credentials in build trigger web hook 
This now breaks BitBucket
 2017-09-07 11:27:02 -04:00
Joseph Schorr
2fdc1be94b Remove duplicate orgs when using public namespaces 
Fixes https://coreosdev.atlassian.net/browse/QUAY-770
 2017-08-24 14:13:26 -04:00
josephschorr
46e1bd9c75 Merge pull request #2850 from coreos-inc/jpmc-features 
Features for JPMC
 2017-08-16 14:29:00 -04:00
Joseph Schorr
854155fe82 Fix missing to_dict and import in robots model 
Also adds a test to catch this issue
 2017-08-09 20:33:14 -04:00
Joseph Schorr
2184721d28 Fix recursion error in images API 
We only need parents for the root set of images
 2017-08-09 13:27:54 -04:00
Evan Cordell
cac0457540 fix misnamed key in permissions api 2017-08-09 08:37:59 -04:00
Joseph Schorr
650dbe5f5b Add config to enable "public" namespaces 
These are namespaces that will be displayed in the repo list view, regardless of whether the user is a member.
 2017-08-07 15:59:06 -04:00
Joseph Schorr
dff4207a89 Add feature flag to enable viewing builds and build logs for public repos 2017-08-07 15:24:36 -04:00
Charlton Austin
0359ac8753 Merge pull request #2848 from charltonaustin/fix_bug_robot_stuffs 
fix(endpoints/api/robot.py): fix misnamed attribute
 2017-08-01 15:05:43 -04:00
Charlton Austin
36e58e3bd0 fix(endpoints/api/robot.py): fix missnamed attribute 
Issue:NA

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
 2017-08-01 14:43:20 -04:00
Charlton Austin
524af4331d Merge pull request #2847 from charltonaustin/fix_bug_superuser_panel 
fix(superuser_models_pre_oci): have None for approver
 2017-08-01 13:37:50 -04:00
josephschorr
83e9dfac7a Merge pull request #2817 from coreos-inc/joseph.schorr/QUAY-688/dex-fixes 
Dex Fixes
 2017-08-01 13:26:50 -04:00