[copr] devel: Add a api_login field (0da3d25)
by Pierre-YvesChibon
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : devel
>---------------------------------------------------------------
commit 0da3d25cf605280de9794ed6f2a5bd2a499a9863
Author: Pierre-Yves Chibon <pingou(a)pingoured.fr>
Date: Sun Mar 10 10:09:36 2013 +0100
Add a api_login field
Discussing with Seth it appears that the desired behavior would be
to have a different login username when using the API vs the website.
This commit implements a api_login which is only valid to use the API
and won't be on the website.
>---------------------------------------------------------------
copr_cli/README.rst | 2 +-
.../versions/2a75f0a06d90_add_a_api_login_fiel.py | 25 ++++++++++++++++++++
coprs_frontend/coprs/models.py | 1 +
coprs_frontend/coprs/templates/api.html | 1 +
coprs_frontend/coprs/views/api_ns/api_general.py | 4 +++
coprs_frontend/coprs/views/misc.py | 6 +++-
6 files changed, 36 insertions(+), 3 deletions(-)
diff --git a/copr_cli/README.rst b/copr_cli/README.rst
index 962076b..e46f5ff 100644
--- a/copr_cli/README.rst
+++ b/copr_cli/README.rst
@@ -40,7 +40,7 @@ Usage:
::
[copr-cli]
- username = <insert here your username>
+ username = <insert here your API login>
token = <insert here your API token>
diff --git a/coprs_frontend/alembic/versions/2a75f0a06d90_add_a_api_login_fiel.py b/coprs_frontend/alembic/versions/2a75f0a06d90_add_a_api_login_fiel.py
new file mode 100644
index 0000000..bf1bb8f
--- /dev/null
+++ b/coprs_frontend/alembic/versions/2a75f0a06d90_add_a_api_login_fiel.py
@@ -0,0 +1,25 @@
+"""Add a api_login field to user
+
+Revision ID: 2a75f0a06d90
+Revises: 544873aa3ba1
+Create Date: 2013-03-10 10:01:16.820499
+
+"""
+
+# revision identifiers, used by Alembic.
+revision = '2a75f0a06d90'
+down_revision = '544873aa3ba1'
+
+from alembic import op
+import sqlalchemy as sa
+
+
+def upgrade():
+ """ Add the colum 'api_login' to the table user. """
+ op.add_column('user', sa.Column('api_login', sa.String(40),
+ nullable=False, server_default='default_token'))
+
+
+def downgrade():
+ """ Drop the column 'api_login' from the table user. """
+ op.drop_column('user', 'api_login')
diff --git a/coprs_frontend/coprs/models.py b/coprs_frontend/coprs/models.py
index 8c20f86..957b80e 100644
--- a/coprs_frontend/coprs/models.py
+++ b/coprs_frontend/coprs/models.py
@@ -60,6 +60,7 @@ class User(db.Model, Serializer):
mail = db.Column(db.String(150), nullable = False)
proven = db.Column(db.Boolean, default = False)
admin = db.Column(db.Boolean, default = False)
+ api_login = db.Column(db.String(40), nullable = False, default = 'abc')
api_token = db.Column(db.String(40), nullable = False, default = 'abc')
api_token_expiration = db.Column(db.Date, nullable = False, default = datetime.date(2000, 1, 1))
diff --git a/coprs_frontend/coprs/templates/api.html b/coprs_frontend/coprs/templates/api.html
index 85e46b8..0ea30b2 100644
--- a/coprs_frontend/coprs/templates/api.html
+++ b/coprs_frontend/coprs/templates/api.html
@@ -20,6 +20,7 @@
{% if g.user %}
<p>Your information:</p>
<pre style="font-size:120%">
+ API login : {{ g.user.api_login }}
API token : {{ g.user.api_token }}
Expiration date : {{ g.user.api_token_expiration }}
</pre>
diff --git a/coprs_frontend/coprs/views/api_ns/api_general.py b/coprs_frontend/coprs/views/api_ns/api_general.py
index 45471c5..6d90033 100644
--- a/coprs_frontend/coprs/views/api_ns/api_general.py
+++ b/coprs_frontend/coprs/views/api_ns/api_general.py
@@ -31,6 +31,10 @@ def api_new_token():
""" Method use to generate a new API token for the current user.
"""
user = flask.g.user
+ copr64 = base64.b64encode('copr') + '##'
+ api_login = helpers.generate_api_token(
+ flask.current_app.config['API_TOKEN_LENGTH'] - len(copr64))
+ user.api_login = api_login
user.api_token = helpers.generate_api_token(
flask.current_app.config['API_TOKEN_LENGTH'])
user.api_token_expiration = datetime.date.today() \
diff --git a/coprs_frontend/coprs/views/misc.py b/coprs_frontend/coprs/views/misc.py
index ebb0d86..1c5a47c 100644
--- a/coprs_frontend/coprs/views/misc.py
+++ b/coprs_frontend/coprs/views/misc.py
@@ -57,7 +57,10 @@ def create_or_login(resp):
if not user: # create if not created already
expiration_date_token = datetime.date.today() \
+ datetime.timedelta(days=30)
+ copr64 = base64.b64encode('copr') + '##'
user = models.User(openid_name = resp.identity_url, mail = resp.email,
+ api_login = copr64 + helpers.generate_api_token(
+ app.config['API_TOKEN_LENGTH'] - len(copr64)),
api_token = helpers.generate_api_token(app.config['API_TOKEN_LENGTH']),
api_token_expiration = expiration_date_token)
db.session.add(user)
@@ -89,8 +92,7 @@ def api_login_required(f):
token_auth = False
if token and username:
user = models.User.query.filter(
- models.User.openid_name == models.User.openidize_name(username)
- ).first()
+ models.User.api_login == username).first()
if user \
and user.api_token == token \
and user.api_token_expiration >= datetime.date.today():
11 years, 1 month
[copr] master: Use whooshee_search instead of separate searches for list of ids (5f171be)
by bkabrda@fedoraproject.org
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit 5f171be02c06941390bceba9ecbac4bc90307a16
Author: Bohuslav Kabrda <bkabrda(a)redhat.com>
Date: Mon Mar 4 14:16:07 2013 +0100
Use whooshee_search instead of separate searches for list of ids
>---------------------------------------------------------------
coprs_frontend/coprs/logic/coprs_logic.py | 7 +------
1 files changed, 1 insertions(+), 6 deletions(-)
diff --git a/coprs_frontend/coprs/logic/coprs_logic.py b/coprs_frontend/coprs/logic/coprs_logic.py
index ac0219a..9418090 100644
--- a/coprs_frontend/coprs/logic/coprs_logic.py
+++ b/coprs_frontend/coprs/logic/coprs_logic.py
@@ -56,12 +56,7 @@ class CoprsLogic(object):
@classmethod
def get_multiple_fulltext(cls, user, search_string):
- try:
- ids = whoosheers.CoprUserWhoosheer.search(search_string, values_of='copr_id')
- except ValueError as e:
- # too short search_string
- ids = []
- query = models.Copr.query.filter(models.Copr.id.in_(ids))
+ query = models.Copr.query.join(models.User).whooshee_search(search_string)
return query
@classmethod
11 years, 1 month
[copr] master: Remove leftover variable (b5249b3)
by bkabrda@fedoraproject.org
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit b5249b3628cbecb7095b9568fbe289dbcca0fa08
Author: Bohuslav Kabrda <bkabrda(a)redhat.com>
Date: Wed Mar 20 15:55:42 2013 +0100
Remove leftover variable
>---------------------------------------------------------------
coprs_frontend/coprs/whoosheers.py | 1 -
1 files changed, 0 insertions(+), 1 deletions(-)
diff --git a/coprs_frontend/coprs/whoosheers.py b/coprs_frontend/coprs/whoosheers.py
index d5da048..45b5ab6 100644
--- a/coprs_frontend/coprs/whoosheers.py
+++ b/coprs_frontend/coprs/whoosheers.py
@@ -25,7 +25,6 @@ class CoprUserWhoosheer(AbstractWhoosheer):
instructions = whoosh.fields.TEXT())
models = [models.Copr, models.User]
- index = None
@classmethod
def update_user(cls, writer, user):
11 years, 1 month
[copr] master: Only create build with those mock chroots that are active (4fe9501)
by bkabrda@fedoraproject.org
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit 4fe9501fe2e52b8e2eeb9f0933edc0ea3dc60e6c
Author: Bohuslav Kabrda <bkabrda(a)redhat.com>
Date: Wed Mar 20 16:18:27 2013 +0100
Only create build with those mock chroots that are active
>---------------------------------------------------------------
coprs_frontend/coprs/logic/builds_logic.py | 6 +++---
.../tests/test_logic/test_builds_logic.py | 10 ++++++++++
2 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/coprs_frontend/coprs/logic/builds_logic.py b/coprs_frontend/coprs/logic/builds_logic.py
index 2ee9a07..1ef7252 100644
--- a/coprs_frontend/coprs/logic/builds_logic.py
+++ b/coprs_frontend/coprs/logic/builds_logic.py
@@ -61,9 +61,9 @@ class BuildsLogic(object):
pkgs=pkgs,
copr=copr,
repos=copr.repos,
- chroots=' '.join(map(
- lambda x: x.chroot_name, copr.mock_chroots)
- ),
+ chroots=' '.join(map(lambda x: x.chroot_name,
+ filter(lambda b: b.is_active, #only add active chroots
+ copr.mock_chroots))),
user=user,
submitted_on=int(time.time()))
# no need to check for authorization here
diff --git a/coprs_frontend/tests/test_logic/test_builds_logic.py b/coprs_frontend/tests/test_logic/test_builds_logic.py
new file mode 100644
index 0000000..007f649
--- /dev/null
+++ b/coprs_frontend/tests/test_logic/test_builds_logic.py
@@ -0,0 +1,10 @@
+from coprs.logic.builds_logic import BuildsLogic
+from tests.coprs_test_case import CoprsTestCase
+
+class TestBuildsLogic(CoprsTestCase):
+ def test_add_only_adds_active_chroots(self, f_users, f_coprs, f_builds, f_mock_chroots, f_db):
+ self.mc2.is_active = False
+ self.db.session.commit()
+ b = BuildsLogic.add(self.u2, 'blah blah', self.c2)
+ self.db.session.commit()
+ assert b.chroots == self.mc3.chroot_name
11 years, 1 month
[PATCH 1/4] Add a api_login field
by Pierre-Yves Chibon
Discussing with Seth it appears that the desired behavior would be
to have a different login username when using the API vs the website.
This commit implements a api_login which is only valid to use the API
and won't be on the website.
---
copr_cli/README.rst | 2 +-
.../versions/2a75f0a06d90_add_a_api_login_fiel.py | 25 ++++++++++++++++++++
coprs_frontend/coprs/models.py | 1 +
coprs_frontend/coprs/templates/api.html | 1 +
coprs_frontend/coprs/views/api_ns/api_general.py | 4 +++
coprs_frontend/coprs/views/misc.py | 6 +++-
6 files changed, 36 insertions(+), 3 deletions(-)
create mode 100644 coprs_frontend/alembic/versions/2a75f0a06d90_add_a_api_login_fiel.py
diff --git a/copr_cli/README.rst b/copr_cli/README.rst
index 962076b..e46f5ff 100644
--- a/copr_cli/README.rst
+++ b/copr_cli/README.rst
@@ -40,7 +40,7 @@ Usage:
::
[copr-cli]
- username = <insert here your username>
+ username = <insert here your API login>
token = <insert here your API token>
diff --git a/coprs_frontend/alembic/versions/2a75f0a06d90_add_a_api_login_fiel.py b/coprs_frontend/alembic/versions/2a75f0a06d90_add_a_api_login_fiel.py
new file mode 100644
index 0000000..bf1bb8f
--- /dev/null
+++ b/coprs_frontend/alembic/versions/2a75f0a06d90_add_a_api_login_fiel.py
@@ -0,0 +1,25 @@
+"""Add a api_login field to user
+
+Revision ID: 2a75f0a06d90
+Revises: 544873aa3ba1
+Create Date: 2013-03-10 10:01:16.820499
+
+"""
+
+# revision identifiers, used by Alembic.
+revision = '2a75f0a06d90'
+down_revision = '544873aa3ba1'
+
+from alembic import op
+import sqlalchemy as sa
+
+
+def upgrade():
+ """ Add the colum 'api_login' to the table user. """
+ op.add_column('user', sa.Column('api_login', sa.String(40),
+ nullable=False, server_default='default_token'))
+
+
+def downgrade():
+ """ Drop the column 'api_login' from the table user. """
+ op.drop_column('user', 'api_login')
diff --git a/coprs_frontend/coprs/models.py b/coprs_frontend/coprs/models.py
index 8c20f86..957b80e 100644
--- a/coprs_frontend/coprs/models.py
+++ b/coprs_frontend/coprs/models.py
@@ -60,6 +60,7 @@ class User(db.Model, Serializer):
mail = db.Column(db.String(150), nullable = False)
proven = db.Column(db.Boolean, default = False)
admin = db.Column(db.Boolean, default = False)
+ api_login = db.Column(db.String(40), nullable = False, default = 'abc')
api_token = db.Column(db.String(40), nullable = False, default = 'abc')
api_token_expiration = db.Column(db.Date, nullable = False, default = datetime.date(2000, 1, 1))
diff --git a/coprs_frontend/coprs/templates/api.html b/coprs_frontend/coprs/templates/api.html
index 0de97b2..cb77a23 100644
--- a/coprs_frontend/coprs/templates/api.html
+++ b/coprs_frontend/coprs/templates/api.html
@@ -20,6 +20,7 @@
{% if g.user %}
<p>Your information:</p>
<pre style="font-size:120%">
+ API login : {{ g.user.api_login }}
API token : {{ g.user.api_token }}
Expiration date : {{ g.user.api_token_expiration }}
</pre>
diff --git a/coprs_frontend/coprs/views/api_ns/api_general.py b/coprs_frontend/coprs/views/api_ns/api_general.py
index 081aceb..d69013b 100644
--- a/coprs_frontend/coprs/views/api_ns/api_general.py
+++ b/coprs_frontend/coprs/views/api_ns/api_general.py
@@ -30,6 +30,10 @@ def api_new_token():
""" Method use to generate a new API token for the current user.
"""
user = flask.g.user
+ copr64 = base64.b64encode('copr') + '##'
+ api_login = helpers.generate_api_token(
+ flask.current_app.config['API_TOKEN_LENGTH'] - len(copr64))
+ user.api_login = api_login
user.api_token = helpers.generate_api_token(
flask.current_app.config['API_TOKEN_LENGTH'])
user.api_token_expiration = datetime.date.today() \
diff --git a/coprs_frontend/coprs/views/misc.py b/coprs_frontend/coprs/views/misc.py
index 383b832..12072e7 100644
--- a/coprs_frontend/coprs/views/misc.py
+++ b/coprs_frontend/coprs/views/misc.py
@@ -57,7 +57,10 @@ def create_or_login(resp):
if not user: # create if not created already
expiration_date_token = datetime.date.today() \
+ datetime.timedelta(days=30)
+ copr64 = base64.b64encode('copr') + '##'
user = models.User(openid_name = resp.identity_url, mail = resp.email,
+ api_login = copr64 + helpers.generate_api_token(
+ app.config['API_TOKEN_LENGTH'] - len(copr64)),
api_token = helpers.generate_api_token(app.config['API_TOKEN_LENGTH']),
api_token_expiration = expiration_date_token)
db.session.add(user)
@@ -90,8 +93,7 @@ def login_required(f):
token_auth = False
if token and username:
user = models.User.query.filter(
- models.User.openid_name == models.User.openidize_name(username)
- ).first()
+ models.User.api_login == username).first()
if user \
and user.api_token == token \
and user.api_token_expiration >= datetime.date.today():
--
1.7.1
11 years, 1 month
[copr] master: Update API documentation (f036919)
by Pierre-YvesChibon
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit f0369194464638e05b1e03591b407151275fdc2c
Author: Pierre-Yves Chibon <pingou(a)pingoured.fr>
Date: Sun Mar 10 10:21:21 2013 +0100
Update API documentation
>---------------------------------------------------------------
coprs_frontend/coprs/templates/api.html | 10 ++++------
1 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/coprs_frontend/coprs/templates/api.html b/coprs_frontend/coprs/templates/api.html
index 0de97b2..85e46b8 100644
--- a/coprs_frontend/coprs/templates/api.html
+++ b/coprs_frontend/coprs/templates/api.html
@@ -42,9 +42,9 @@
copr of.</td>
</tr>
</table>
- <p>URL will therefore look like:</p>
+ <p>URL is:</p>
<pre style="font-size:120%">
- /list/<username>/
+ /api/owned/<username>/
</pre>
<h4>Add a new copr</h4>
@@ -67,11 +67,9 @@
</tr>
</table>
- <p>URL will therefore look like:</p>
+ <p>URL is:</p>
<pre style="font-size:120%">
- /add/<name>/<chroots>/
- /add/<name>/<chroots>/<repos>/
- /add/<name>/<chroots>/<repos>/<initial_pkgs>/
+ /api/copr/new/
</pre>
11 years, 1 month
[copr] master: Test on the variable not a string (fcba438)
by Pierre-YvesChibon
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit fcba438128efc6a2cd7fd00af8ea3aff0945d286
Author: Pierre-Yves Chibon <pingou(a)pingoured.fr>
Date: Sun Mar 10 10:22:57 2013 +0100
Test on the variable not a string
>---------------------------------------------------------------
coprs_frontend/coprs/views/api_ns/api_general.py | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/coprs_frontend/coprs/views/api_ns/api_general.py b/coprs_frontend/coprs/views/api_ns/api_general.py
index f3a7a8f..45471c5 100644
--- a/coprs_frontend/coprs/views/api_ns/api_general.py
+++ b/coprs_frontend/coprs/views/api_ns/api_general.py
@@ -110,7 +110,7 @@ def api_coprs_by_owner(username=None):
"""
username = flask.request.args.get('username', None) or username
httpcode = 200
- if 'username':
+ if username:
query = coprs_logic.CoprsLogic.get_multiple(flask.g.user,
user_relation='owned', username=username)
repos = query.all()
11 years, 1 month
[copr] master: Separate API login from UI login (8ccfe18)
by Pierre-YvesChibon
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit 8ccfe186f6d8bf2fa46335e1a485feec41068ad1
Author: Pierre-Yves Chibon <pingou(a)pingoured.fr>
Date: Sun Mar 10 10:20:12 2013 +0100
Separate API login from UI login
The idea here is to prevent someone from login in via the API mechanism
and performs action which are outside of the API.
>---------------------------------------------------------------
coprs_frontend/coprs/views/api_ns/api_general.py | 7 ++++---
coprs_frontend/coprs/views/misc.py | 17 ++++++++++++++---
2 files changed, 18 insertions(+), 6 deletions(-)
diff --git a/coprs_frontend/coprs/views/api_ns/api_general.py b/coprs_frontend/coprs/views/api_ns/api_general.py
index 081aceb..f3a7a8f 100644
--- a/coprs_frontend/coprs/views/api_ns/api_general.py
+++ b/coprs_frontend/coprs/views/api_ns/api_general.py
@@ -1,6 +1,7 @@
import datetime
import time
+import base64
import flask
from coprs import db
@@ -8,7 +9,7 @@ from coprs import exceptions
from coprs import forms
from coprs import helpers
-from coprs.views.misc import login_required
+from coprs.views.misc import login_required, api_login_required
from coprs.views.api_ns import api_ns
@@ -40,7 +41,7 @@ def api_new_token():
@api_ns.route('/copr/new/', methods=['POST'])
-@login_required
+@api_login_required
def api_new_copr():
""" Receive information from the user on how to create its new copr,
check their validity and create the corresponding copr.
@@ -130,7 +131,7 @@ def api_coprs_by_owner(username=None):
@api_ns.route('/coprs/detail/<username>/<coprname>/new_build/',
methods=["POST"])
-@login_required
+@api_login_required
def copr_new_build(username, coprname):
form = forms.BuildForm(csrf_enabled=False)
copr = coprs_logic.CoprsLogic.get(flask.g.user, username,
diff --git a/coprs_frontend/coprs/views/misc.py b/coprs_frontend/coprs/views/misc.py
index 383b832..ebb0d86 100644
--- a/coprs_frontend/coprs/views/misc.py
+++ b/coprs_frontend/coprs/views/misc.py
@@ -76,8 +76,7 @@ def logout():
flask.flash(u'You were signed out')
return flask.redirect(oid.get_next_url())
-
-def login_required(f):
+def api_login_required(f):
@functools.wraps(f)
def decorated_function(*args, **kwargs):
token = None
@@ -97,7 +96,19 @@ def login_required(f):
and user.api_token_expiration >= datetime.date.today():
token_auth = True
flask.g.user = user
- if not token_auth and flask.g.user is None:
+ if not token_auth:
+ output = {'output': 'notok', 'error': 'Login invalid/expired'}
+ jsonout = flask.jsonify(output)
+ jsonout.status_code = 500
+ return jsonout
+ return f(*args, **kwargs)
+ return decorated_function
+
+
+def login_required(f):
+ @functools.wraps(f)
+ def decorated_function(*args, **kwargs):
+ if flask.g.user is None:
return flask.redirect(flask.url_for('misc.login',
next = flask.request.url))
return f(*args, **kwargs)
11 years, 1 month
[copr] master: Move the API token length in the config file and adjust db accordingly (ce9e2e6)
by Pierre-YvesChibon
Repository : http://git.fedorahosted.org/cgit/copr.git
On branch : master
>---------------------------------------------------------------
commit ce9e2e623f122ffcb1dd1f81cdc8553daa8c48e5
Author: Pierre-Yves Chibon <pingou(a)pingoured.fr>
Date: Tue Jan 8 20:08:30 2013 +0100
Move the API token length in the config file and adjust db accordingly
Up to now the API token length was hard-coded in the code to 30 chars
long. With this commit this limit is now set in the configuration
file of the application.
In order for this to make sense, we need to bump the size of the field
in the database to 255 (should be more than enough).
NOTE: the alembic upgrade won't work on sqlite which consider pretty
much only two types of field: numeric or text. So it has no problem
storing a 100 chars long string in a varchar(40).
>---------------------------------------------------------------
coprs_frontend/coprs/views/misc.py | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/coprs_frontend/coprs/views/misc.py b/coprs_frontend/coprs/views/misc.py
index d7eb73e..383b832 100644
--- a/coprs_frontend/coprs/views/misc.py
+++ b/coprs_frontend/coprs/views/misc.py
@@ -113,3 +113,4 @@ def backend_authenticated(f):
return 'You have to provide the correct password', 401
return f(*args, **kwargs)
return decorated_function
+
11 years, 1 month