""" Manage repository access tokens (DEPRECATED). """ import logging from flask import request from endpoints.api import (resource, nickname, require_repo_admin, RepositoryParamResource, log_action, validate_json_request, path_param) from endpoints.api.repotoken_models_pre_oci import pre_oci_model as model from endpoints.exception import NotFound logger = logging.getLogger(__name__) @resource('/v1/repository//tokens/') @path_param('repository', 'The full path of the repository. e.g. namespace/name') class RepositoryTokenList(RepositoryParamResource): """ Resource for creating and listing repository tokens. """ schemas = { 'NewToken': { 'type': 'object', 'description': 'Description of a new token.', 'required':[ 'friendlyName', ], 'properties': { 'friendlyName': { 'type': 'string', 'description': 'Friendly name to help identify the token', }, }, }, } @require_repo_admin @nickname('listRepoTokens') def get(self, namespace_name, repo_name): """ List the tokens for the specified repository. """ tokens = model.get_repository_tokens(namespace_name, repo_name) return { 'tokens': {token.code: token.to_dict() for token in tokens} } @require_repo_admin @nickname('createToken') @validate_json_request('NewToken') def post(self, namespace_name, repo_name): """ Create a new repository token. """ token_params = request.get_json() token = model.create_repository_token(namespace_name, repo_name, token_params['friendlyName']) log_action('add_repo_accesstoken', namespace_name, {'repo': repo_name, 'token': token_params['friendlyName']}, repo_name=repo_name) return token.to_dict(), 201 @resource('/v1/repository//tokens/') @path_param('repository', 'The full path of the repository. e.g. namespace/name') @path_param('code', 'The token code') class RepositoryToken(RepositoryParamResource): """ Resource for managing individual tokens. """ schemas = { 'TokenPermission': { 'type': 'object', 'description': 'Description of a token permission', 'required': [ 'role', ], 'properties': { 'role': { 'type': 'string', 'description': 'Role to use for the token', 'enum': [ 'read', 'write', 'admin', ], }, }, }, } @require_repo_admin @nickname('getTokens') def get(self, namespace_name, repo_name, code): """ Fetch the specified repository token information. """ token = model.get_repository_token(namespace_name, repo_name, code) if token is None: raise NotFound() return token.to_dict() @require_repo_admin @nickname('changeToken') @validate_json_request('TokenPermission') def put(self, namespace_name, repo_name, code): """ Update the permissions for the specified repository token. """ new_permission = request.get_json() logger.debug('Setting permission to: %s for code %s', new_permission['role'], code) token = model.set_repository_token_role(namespace_name, repo_name, code, new_permission['role']) log_action('change_repo_permission', namespace_name, {'repo': repo_name, 'token': token.friendly_name, 'code': code, 'role': new_permission['role']}, repo_name=repo_name) return token.to_dict() @require_repo_admin @nickname('deleteToken') def delete(self, namespace_name, repo_name, code): """ Delete the repository token. """ token = model.delete_repository_token(namespace_name, repo_name, code) log_action('delete_repo_accesstoken', namespace_name, {'repo': repo_name, 'token': token.friendly_name, 'code': code}, repo_name=repo_name) return '', 204