Commit graph

812 commits

Author SHA1 Message Date
jakedt
bb05daf090 Fix the discovery doc to point to the stack specific auth endpoint. 2014-03-26 16:28:35 -04:00
jakedt
8fefe239b5 Fix public repository permissions checking. 2014-03-26 15:56:51 -04:00
jakedt
4e80f95012 Format_date has to support missing dates. 2014-03-25 18:01:50 -04:00
jakedt
8538455cef Fix the user API to throw the nicer 401 that the FE can handle. 2014-03-25 17:58:19 -04:00
jakedt
41cfadac23 Protect the search and repository list endpoints appropriately. Add more differentiating data to some need types. Remove the notification about password change from the user admin page. Select the dependent models for the visible repo list. 2014-03-25 17:26:45 -04:00
jakedt
5f98bf8dab Merge remote-tracking branch 'origin/master' into swaggerlikeus
Conflicts:
	endpoints/api.py
2014-03-25 15:50:03 -04:00
jakedt
f39793b3ac Check CSRF after processing the oauth token. 2014-03-25 15:37:58 -04:00
jakedt
f060fd6ae0 Fix and unify CSRF support across web and API endpoints. 2014-03-25 14:32:26 -04:00
jakedt
0097daebc2 Formatting changes. 2014-03-25 14:32:02 -04:00
Joseph Schorr
c82d1ffe98 Add ability for users to see their authorized applications and revoke the access 2014-03-24 20:57:02 -04:00
jakedt
283ce5e1c3 Make the new app management APIs internal and fix the schemas to work with swagger. 2014-03-24 18:16:46 -04:00
Joseph Schorr
f7c27f250b Add full application management API, UI and test cases 2014-03-20 15:46:13 -04:00
jakedt
3b7b12085d User scope objects everywhere. Switch scope objects to namedtuples. Pass the user when validating whether the user has authorized such scopes in the past. Make sure we calculate the scope string using all user scopes form all previously granted tokens. 2014-03-19 18:09:09 -04:00
jakedt
c93c62600d Merge remote-tracking branch 'origin/master' into swaggerlikeus
Conflicts:
	data/database.py
	endpoints/api.py
	endpoints/common.py
	templates/base.html
	test/data/test.db
	test/specs.py
2014-03-19 15:39:44 -04:00
jakedt
f2d0a2f479 Split out organization repo roles and org management roles. 2014-03-19 14:36:56 -04:00
jakedt
6fc369bed2 Change non logged in 403s to 401s. 2014-03-19 13:57:36 -04:00
jakedt
7bd4b9a71c Merge branch 'swaggerlikeus' of ssh://bitbucket.org/yackob03/quay into swaggerlikeus
Conflicts:
	endpoints/api/trigger.py
2014-03-19 12:13:07 -04:00
jakedt
6267275d6f Mark a whole slew of APIs as internal only. 2014-03-19 12:09:07 -04:00
Joseph Schorr
807fa68fe4 Fix the remainder of the API usage tests. Note that this still fails when the blueprint is registered again, so each subset of tests has to be run on its own 2014-03-18 20:32:37 -04:00
jakedt
64071b9e8e Add a user info scope and thread it through the code. Protect the org modification API. 2014-03-18 19:21:27 -04:00
Joseph Schorr
b0dcb5d7e3 Merge branch 'swaggerlikeus' of https://bitbucket.org/yackob03/quay into swaggerlikeus 2014-03-18 16:46:28 -04:00
Joseph Schorr
9ae4506a0d Add OAuth usage information the API logs, have it be displayed in the logs UI and start on the code to display application information when clicked. Note that this does not (yet) do anything with the information returned as we need to wait for the mainline merge of Angular 1.2.9 (which is in master) before I can continue on the display 2014-03-18 16:45:18 -04:00
jakedt
6f39e158d6 Eliminate all of the exceptions when running the tests. 2014-03-18 15:58:37 -04:00
jakedt
e1b704bdac We must check repository permissions before parsing args. 2014-03-18 14:45:14 -04:00
jakedt
7d163833bd Some small fixes in the API. 2014-03-18 14:22:14 -04:00
jakedt
3b3d71bfd7 Feed error messages through a cors wrapper so that people on other domains can see what's happening. 2014-03-17 16:57:35 -04:00
jakedt
4673f40dd2 Fix the org robot create response. 2014-03-17 15:26:16 -04:00
jakedt
bb2767ff16 Fix url_for for api endpoints. 2014-03-17 15:23:49 -04:00
jakedt
535947a06d Change the image changes to return a python block. 2014-03-17 15:10:08 -04:00
jakedt
5cc2bdbc71 Fix some errors. 2014-03-17 14:52:52 -04:00
jakedt
3542a520f5 Fix bugs, mostly related to date formatting. 2014-03-17 13:10:12 -04:00
jakedt
ddf5f2053c Convert old style jsonschema required params to new style. 2014-03-17 12:25:41 -04:00
jakedt
5bb4008880 Fix cookie auth to work with oauth token auth. Make sure user loading is truly deferred to save DB connections. 2014-03-17 12:01:13 -04:00
Joseph Schorr
e759066ae0 Change ApiService to use the new swagger-backed discovery and the new /v1/ API endpoints. Also changes all other /api/ calls (the few that are still manually invoked) 2014-03-14 23:40:41 -04:00
Joseph Schorr
767ab1085a Merge branch 'swaggerlikeus' of https://bitbucket.org/yackob03/quay into swaggerlikeus 2014-03-14 18:57:35 -04:00
Joseph Schorr
d469b41899 Add an oauth authorization page 2014-03-14 18:57:28 -04:00
jakedt
67353de179 Convert a current_user to get_authenticated_user in the repository api. 2014-03-14 18:41:14 -04:00
jakedt
092e236694 Write a flask-restful version of cache-control. Remove the comments to add back in post methods. 2014-03-14 18:39:31 -04:00
jakedt
60015f0ae0 Add internal API filtering. 2014-03-14 18:07:03 -04:00
jakedt
5ca594b641 Change related to quayUserRelated. 2014-03-14 17:42:19 -04:00
jakedt
76e9b9681f Re-order classes to dependencies are in place. 2014-03-14 17:37:57 -04:00
jakedt
83bc965556 Link the org api calls to their related user resources. 2014-03-14 17:35:52 -04:00
jakedt
4d551a079b Re-organize the imports for the api endpoints. 2014-03-14 16:11:31 -04:00
jakedt
dfdc3faa57 Port the remaining APIs and fix some locations. 2014-03-14 16:09:16 -04:00
jakedt
1bbe2283dc Port logs and robots. 2014-03-14 16:02:13 -04:00
jakedt
3c268de025 Port over the billing apis. 2014-03-14 15:35:20 -04:00
jakedt
a667714d3d Port permission prototypes and org members. 2014-03-14 14:51:18 -04:00
jakedt
e4e4f8c553 Migrate teams and orgs. 2014-03-14 14:20:51 -04:00
jakedt
ab60a10a93 Add some missing documentation. 2014-03-14 13:27:56 -04:00
jakedt
ae6bfb072d Fix some documentation. 2014-03-14 13:24:55 -04:00