Commit graph

870 commits

Author SHA1 Message Date
Joseph Schorr
6d365418b7 Limit the size of then payload for creating robot accounts 2018-03-22 13:54:56 -04:00
josephschorr
6c43b7ff0d
Merge pull request #3024 from coreos-inc/manageable-robots
Manageable robots epic
2018-03-21 18:50:17 -04:00
Joseph Schorr
2ea13e86a0 Add last_accessed information to User and expose for robot accounts
Fixes https://jira.coreos.com/browse/QUAY-848
2018-03-21 15:28:34 -04:00
Joseph Schorr
3586955669 Remove license code in Quay
No longer needed under Red Hat rules \o/

Fixes https://jira.coreos.com/browse/QUAY-883
2018-03-20 17:03:35 -04:00
Brad Ison
e8429f9194
Add organization collaborators API endpoint
Adds an API endpoint, `/v1/organization/<orgname>/collaborators`, that
lists an organization's "outside collaborators", i.e. users that have
direct permissions on one or more repositories belonging to the
organization, but who aren't members of any teams in the organization.
2018-03-14 16:11:53 -04:00
Joseph Schorr
254cdfe43a Add support for metadata on robot accounts
Fixes https://jira.coreos.com/browse/QUAY-847
Fixes https://jira.coreos.com/browse/QUAY-816
2018-03-12 20:32:05 -04:00
Joseph Schorr
a693771345 Add creation date information to robots API and UI
Fixes https://jira.coreos.com/browse/QUAY-846
2018-03-09 13:55:19 -05:00
Joseph Schorr
da45bedcdb Remove 404 when an entity is not a member of a team, but is a robot under the org.
Fixes #1200
2018-03-02 16:07:03 -05:00
Joseph Schorr
93d79e777e Automatically disable build triggers with successive failures or internal errors
We allow users to reenable them manually once disabled
2018-03-01 16:49:51 -05:00
Joseph Schorr
c35eec0615 Add ability for triggers to be disabled
Will be used in the followup commit to automatically disable broken triggers
2018-03-01 16:49:28 -05:00
Joseph Schorr
4be3594ec8 Remove internal_only from superuser APIs for users and orgs 2018-03-01 15:14:39 -05:00
Joseph Schorr
8bc55a5676 Make namespace deletion asynchronous
Instead of deleting a namespace synchronously as before, we now mark the namespace for deletion, disable it, and rename it. A worker then comes along and deletes the namespace in the background. This results in a *significantly* better user experience, as the namespace deletion operation now "completes" in under a second, where before it could take 10s of minutes at the worse.

Fixes https://jira.coreos.com/browse/QUAY-838
2018-02-27 13:12:51 -05:00
Joseph Schorr
bcd9b680fa Add X-Requested-With header to allowed CORS headers
Will fix the API explorer
2018-02-21 14:21:27 -05:00
Brad Ison
62971b7f20
Merge pull request #2999 from bison/user-location
Add user location metadata filed
2018-02-20 16:48:37 -05:00
Joseph Schorr
188ea98441 Add new decorator to prevent reflected text attacks
Instead of disabling repo names with periods in them, we simply disallow calls to the API when they are GET requests, whose path ends in a dot, and that do not have a referrer from the frontend.
2018-02-20 11:33:45 -05:00
josephschorr
ac328da383
Merge pull request #3006 from coreos-inc/joseph.schorr/QUAY-827/noop-team-name
Add messaging when trying to create a team that already exists
2018-02-15 16:41:51 -05:00
Joseph Schorr
72ca758c88 Add messaging when trying to create a team that already exists
Fixes https://jira.coreos.com/browse/QUAY-827
2018-02-15 16:03:09 -05:00
Joseph Schorr
e220b50543 Refactor auth code to be cleaner and more extensible
We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).
2018-02-14 15:35:27 -05:00
Brad Ison
5965929187 Include location in user analytics 2018-02-06 16:06:17 -05:00
Brad Ison
3de6b4a646 Add location metadata field for users 2018-02-06 16:06:17 -05:00
josephschorr
6514bf229f
Merge pull request #2973 from coreos-inc/joseph.schorr/QS-116/cloudfront-storage
Add support for configuring cloudfront storage
2018-02-02 10:14:28 -05:00
Joseph Schorr
b0f656731c Add support for configuring CloudFront storage engine
Fixes https://jira.coreos.com/browse/QS-116
2018-01-31 11:22:14 -05:00
Joseph Schorr
208dc38d25 Allow expired app specific tokens to be deleted 2018-01-23 11:40:51 -05:00
Joseph Schorr
c887aa543b Change superuser API errors to be more descriptive
Fixes https://jira.coreos.com/browse/QS-103
2018-01-05 17:09:26 -05:00
josephschorr
13b738c43c
Merge pull request #2954 from coreos-inc/joseph.schorr/QS-102/user-api-filter
Add ability to filter users list to enabled users
2018-01-05 15:40:50 -05:00
josephschorr
5286fd63b0
Merge pull request #2953 from coreos-inc/joseph.schorr/QS-101/discovery-anon
Allow anonymous access to the discovery endpoint
2018-01-05 15:40:39 -05:00
josephschorr
d8fde005d8
Merge pull request #2961 from coreos-inc/joseph.schorr/QS-107/create-repo-opt
Small optimizations around create repository code
2018-01-05 15:40:30 -05:00
Joseph Schorr
888b564a9b Add a banner to the Quay UI when an app specific token is about to expire 2018-01-04 15:27:42 -05:00
Joseph Schorr
2214a2c7ad Disable fresh login check in auth engines that won't support it 2018-01-04 15:27:41 -05:00
Joseph Schorr
524d77f527 Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password 2018-01-04 15:27:41 -05:00
Joseph Schorr
1e1bec0afe Remove extra update call on create repo 2018-01-04 13:42:05 -05:00
Joseph Schorr
8e473b9779 Add filter for disabled users to superuser user list API
Fixes https://jira.coreos.com/browse/QS-102
2017-12-22 16:45:49 -05:00
Joseph Schorr
1d3a93efcb Linter fixes for superuser API file 2017-12-22 16:18:58 -05:00
Joseph Schorr
6b42e3e4ca Allow anonymous access to the discovery endpoint
Fixes https://jira.coreos.com/browse/QS-101
2017-12-22 16:13:23 -05:00
josephschorr
6db2ecc19f
Merge pull request #2928 from coreos-inc/joseph.schorr/QS-74/fix-restart
Have Quay lookup the sbin/my_init PID to kill
2017-12-07 13:25:16 -05:00
Joseph Schorr
1d1c6f0606 Invalidate all session tokens when a user signs out
Fixes https://jira.coreos.com/browse/QS-85
2017-12-07 13:03:11 -05:00
Joseph Schorr
a204dc20fb Require CAPTCHA for password recovery
https://jira.coreos.com/browse/QS-79
2017-12-06 14:25:34 -05:00
Joseph Schorr
927d469db0 In password recovery, don't reveal whether an e-mail address is valid (unless it is an org's e-mail address) 2017-12-06 14:07:38 -05:00
Joseph Schorr
4db1615d94 Fix bugs in updateuser
1) Also check for matching organization names
2) Ensure that errors don't leave the throbber
2017-12-01 14:58:29 -05:00
Joseph Schorr
874a7b0c41 Have Quay lookup the sbin/my_init PID to kill
We changed the entry point in Quay to be a shell script that calls `my_init`, which means the init no longer has PID 1. We therefore need to look up the correct PID to kill it.

Fixes https://jira.coreos.com/browse/QS-74
2017-12-01 14:04:43 -05:00
Joseph Schorr
2ced523313 Add Explore tab and query-less searching
Allows for exploration of all visible repositories, in paginated form.

This change also fixes the layout of the header on different viewport sizes to be consistently a single line in height.

Fixes https://jira.coreos.com/browse/QS-63
2017-11-28 16:50:23 +02:00
Joseph Schorr
9b2fb46e34 Move recaptcha check after the username check
Ensures that if someone chooses an existing username, they don't need to re-recaptcha

Fixes https://jira.coreos.com/browse/QS-65
2017-11-27 16:59:42 +02:00
Joseph Schorr
1b6ecb6c1c Fix bug in listing owned tags
We were indexing into a map using the docker_image_id, but the ancestors use the *image id*. Also cleans up the code and adds some tests.

Fixes https://jira.prod.coreos.systems/browse/QS-55
2017-11-09 16:21:40 -05:00
Joseph Schorr
2ce4e49711 Build job does not have a request context when calling get_file_url
We therefore need to specify some sort of IP or get_file_url will attempt to get it from context
2017-10-06 12:57:02 -04:00
josephschorr
3bef21253d Merge pull request #2695 from coreos-inc/oidc-internal-auth
OIDC internal auth support
2017-10-02 16:51:17 -04:00
Joseph Schorr
82ff85b125 Add ability for users to change their name and company information 2017-09-26 16:58:04 -04:00
Joseph Schorr
804d3c46c3 Add feature flag to allow users to be created only if invited to join a team
Allows for open user creation, but only if extended an invitation by someone who already has access
2017-09-14 16:28:39 -04:00
Joseph Schorr
c6aad5fef0 Add option to disable partial autocompletion of users 2017-09-12 15:55:37 -04:00
Joseph Schorr
adc70d2fe2 Add alias for callback path 2017-09-12 12:26:42 -04:00
Evan Cordell
1d246784dd Include invalid oidc token in the error message for debugging 2017-09-12 12:26:42 -04:00
Joseph Schorr
e724125459 Add support for using OIDC tokens via the Docker CLI 2017-09-12 12:23:22 -04:00
Joseph Schorr
e0820c6be5 Remove encoding of credentials in build trigger web hook
This now breaks BitBucket
2017-09-07 11:27:02 -04:00
Joseph Schorr
2fdc1be94b Remove duplicate orgs when using public namespaces
Fixes https://coreosdev.atlassian.net/browse/QUAY-770
2017-08-24 14:13:26 -04:00
josephschorr
46e1bd9c75 Merge pull request #2850 from coreos-inc/jpmc-features
Features for JPMC
2017-08-16 14:29:00 -04:00
Joseph Schorr
854155fe82 Fix missing to_dict and import in robots model
Also adds a test to catch this issue
2017-08-09 20:33:14 -04:00
Joseph Schorr
2184721d28 Fix recursion error in images API
We only need parents for the root set of images
2017-08-09 13:27:54 -04:00
Evan Cordell
cac0457540 fix misnamed key in permissions api 2017-08-09 08:37:59 -04:00
Joseph Schorr
650dbe5f5b Add config to enable "public" namespaces
These are namespaces that will be displayed in the repo list view, regardless of whether the user is a member.
2017-08-07 15:59:06 -04:00
Joseph Schorr
dff4207a89 Add feature flag to enable viewing builds and build logs for public repos 2017-08-07 15:24:36 -04:00
Charlton Austin
0359ac8753 Merge pull request #2848 from charltonaustin/fix_bug_robot_stuffs
fix(endpoints/api/robot.py): fix misnamed attribute
2017-08-01 15:05:43 -04:00
Charlton Austin
36e58e3bd0 fix(endpoints/api/robot.py): fix missnamed attribute
Issue:NA

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-08-01 14:43:20 -04:00
Charlton Austin
524af4331d Merge pull request #2847 from charltonaustin/fix_bug_superuser_panel
fix(superuser_models_pre_oci): have None for approver
2017-08-01 13:37:50 -04:00
josephschorr
83e9dfac7a Merge pull request #2817 from coreos-inc/joseph.schorr/QUAY-688/dex-fixes
Dex Fixes
2017-08-01 13:26:50 -04:00
Charlton Austin
f05e684b31 fix(superuser_models_pre_oci): have None for approver
### Description of Changes

this fixes a null pointer exception

Issue: https://coreosdev.atlassian.net/browse/QUAY-fix_bug_superuser_panel

## Reviewer Checklist

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-08-01 13:09:41 -04:00
Charlton Austin
044036ff4d Merge pull request #2843 from charltonaustin/create_data_interface_for_subsystem_api/superuser.py_750
Create data interface for subsystem api/superuser.py 750
2017-08-01 12:03:19 -04:00
Evan Cordell
e407bc1441 Merge pull request #2806 from ecordell/QUAY-643/api-permission-v22
Add data interface for api-permissions for v2-2
2017-08-01 11:56:40 -04:00
Evan Cordell
66dc093639 Convert RepositoryUserTransitivePermission security tests to pytest 2017-08-01 11:34:31 -04:00
Charlton Austin
6c29ec873a refactor(endpoints/api/superuser*): refactored code behind db model
this moves all the db model code behind an interface in prep for v2-2

Issue: https://coreosdev.atlassian.net/browse/QUAY-750

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-08-01 11:27:55 -04:00
Evan Cordell
37ebfd9ab5 Merge pull request #2808 from ecordell/QUAY-647/api-globalmessages-v22
Add data interface for globalmessages API
2017-08-01 10:59:35 -04:00
Charlton Austin
3688b6a8df style(endpoints/api/suconfig_models_interface.py): formatted file
### Description of Changes

Issue: https://coreosdev.atlassian.net/browse/QUAY-750

## Reviewer Checklist

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-08-01 09:39:17 -04:00
Charlton Austin
d55397e851 Merge pull request #2820 from charltonaustin/create_data_interface_for_subsystem_api/robot.py_630
refactor(endpoints/api/robot*): adding in database interface
2017-08-01 09:37:09 -04:00
Evan Cordell
4734cc90b4 Merge pull request #2809 from ecordell/QUAY-649/api-manifest-v22
Add a data interface for manifest labels API
2017-08-01 09:34:10 -04:00
josephschorr
0ae767d506 Merge pull request #2811 from coreos-inc/joseph.schorr/QUAY-631/repotoken-data-interface
Change repotoken to use a data interface
2017-07-31 18:02:12 -04:00
josephschorr
004fb88726 Merge pull request #2815 from coreos-inc/joseph.schorr/QUAY-650/image-api-data-interface
Change Image API to use a data interface
2017-07-31 18:01:55 -04:00
Joseph Schorr
9676d7d8c7 Make downstream issues show their error in the UI 2017-07-31 17:07:22 -04:00
Evan Cordell
6528c1f3bc Adds docstrings for permission api data interface 2017-07-31 15:46:13 -04:00
Evan Cordell
a68ec6966e Add data interface for api-permissions for v2-2 2017-07-31 15:46:13 -04:00
Evan Cordell
c92b566427 Add doc comments to data interface for manifest labels 2017-07-31 15:45:52 -04:00
Evan Cordell
af27a1b6dc Add a data interface for manifest labels API 2017-07-31 15:45:52 -04:00
Evan Cordell
0d239e08c2 Add docstrings to globalmessages data interface 2017-07-31 15:44:54 -04:00
Evan Cordell
4ca6c37e54 Add data interface for globalmessages API 2017-07-31 15:44:54 -04:00
Joseph Schorr
8ab600707c Change repotoken to use a data interface 2017-07-28 15:51:49 -04:00
Charlton Austin
39196b6b97 fix(repository_models_pre_oci): fixed how we called a field
Issue: NA

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-28 14:14:20 -04:00
Charlton Austin
78f77017e8 Merge pull request #2829 from charltonaustin/fix_bug_with_v2_2
fix(error with repository): removed a field that is not being used
2017-07-27 10:40:43 -04:00
Charlton Austin
11b1dca994 fix(error with repository): removed a field that is not being used
this causes an exception when getting releases

Issue: https://coreosdev.atlassian.net/browse/QUAY-753

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-27 10:20:55 -04:00
Joseph Schorr
f0b932559d Reporting the expiration got lost in a rebase
This ensure the tag expiration shows up in the UI
2017-07-26 11:29:21 -04:00
Charlton Austin
7d5e4dd6d3 refactor(endpoints/api/robot*): adding in database interface
this creates a layer of abstraction so we can move to v2-2 easier

Issue: https://coreosdev.atlassian.net/browse/QUAY-630

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-26 10:21:09 -04:00
Joseph Schorr
48c79003c6 yap 2017-07-25 17:18:06 -04:00
Joseph Schorr
e7d6e60d97 Update for merge and make additional interface improvements 2017-07-25 17:00:08 -04:00
Joseph Schorr
e7fec9dd20 Change get_sample_data API to not require the custom notification tuple 2017-07-25 17:00:07 -04:00
Joseph Schorr
e7dbc4ee91 Move notification helper code into the root module 2017-07-25 17:00:07 -04:00
Joseph Schorr
ce56031846 Move notifications into its own package 2017-07-25 17:00:06 -04:00
Charlton Austin
be206a8b88 Merge pull request #2814 from charltonaustin/create_data_interface_for_subsystem_api/repository_633
refactor(endpoints/api/repository*): added in pre_oci_model abstraction
2017-07-25 13:59:52 -04:00
Evan Cordell
ac4ab92f03 Merge pull request #2802 from ecordell/QUAY-644/endpoints-api-init-v22
add pre-oci models for endpoints/api/__init__.py
2017-07-25 13:57:21 -04:00
Joseph Schorr
72a9652d0f Change suconfig to use a data model interface 2017-07-24 16:30:44 -04:00
josephschorr
074b4e4981 Merge pull request #2810 from coreos-inc/joseph.schorr/QUAY-747/common-data-interface
Convert endpoints/common into using a data interface
2017-07-24 15:59:13 -04:00
Charlton Austin
8f1200b00d style(data, endpoints, test): ran yapf against changed files
### Description of Changes

Issue: https://coreosdev.atlassian.net/browse/QUAY-633

## Reviewer Checklist

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-24 11:05:15 -04:00
Charlton Austin
9e1106f164 refactor(endpoints/api/repository*): added in pre_oci_model abstraction
this is a part of getting ready for oci stuff

[TESTING->using new PR stack]

Issue: https://coreosdev.atlassian.net/browse/QUAY-633

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-24 11:03:03 -04:00
Joseph Schorr
95850b6148 Switch image API to use a data interface 2017-07-21 14:38:31 -04:00
Joseph Schorr
9b22afd8fd wip 2017-07-21 13:09:21 -04:00