""" List and manage repository vulnerabilities and other security information. """

import logging
import features

from app import tuf_metadata_api
from endpoints.api import (require_repo_read, path_param,
                           RepositoryParamResource, resource, nickname, show_if, 
                           disallow_for_app_repositories)

logger = logging.getLogger(__name__)


def _default_signed_tags_for_repository(namespace, repository):
  """ Fetches the tags in the targets/releases delegation, which is the one the docker client will trust. """
  tag_data, _ = tuf_metadata_api.get_default_tags(namespace, repository)
  if not tag_data:
    return {'tags': None}

  return {
    'tags': tag_data.keys()
  }


@show_if(features.SIGNING)
@resource('/v1/repository/<apirepopath:repository>/signatures')
@path_param('repository', 'The full path of the repository. e.g. namespace/name')
class RepositorySignatures(RepositoryParamResource):
  """ Operations for managing the signatures in a repository image. """

  @require_repo_read
  @nickname('getRepoSignatures')
  @disallow_for_app_repositories
  def get(self, namespace, repository):
    """ Fetches the list of signed tags for the repository""" 
    return _default_signed_tags_for_repository(namespace, repository)