##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

repos: only allow api repo creation in existing groups...
Mads Kiilerich -
r7225:083fbf53 stable
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -750,10 +750,12 b' OUTPUT::'
750 750 create_repo
751 751 -----------
752 752
753 Create a repository. If the repository name contains "/", all needed repository
754 groups will be created. For example "foo/bar/baz" will create repository groups
755 "foo", "bar" (with "foo" as parent), and create "baz" repository with
756 "bar" as group.
753 Create a repository. If the repository name contains "/", the repository will be
754 created in the repository group indicated by that path. Any such repository
755 groups need to exist before calling this method, or the call will fail.
756 For example "foo/bar/baz" will create a repository "baz" inside the repository
757 group "bar" which itself is in a repository group "foo", but both "foo" and
758 "bar" already need to exist before calling this method.
757 759 This command can only be executed using the api_key of a user with admin rights,
758 760 or that of a regular user with create repository permission.
759 761 Regular users cannot specify owner parameter.
Show file before | Show file after | Hide comments
@@ -1401,9 +1401,9 b' class ApiController(JSONRPCController):'
1401 1401 enable_downloads=Optional(False),
1402 1402 copy_permissions=Optional(False)):
1403 1403 """
1404 Creates a repository. If repository name contains "/", all needed repository
1405 groups will be created. For example "foo/bar/baz" will create groups
1406 "foo", "bar" (with "foo" as parent), and create "baz" repository with
1404 Creates a repository. The repository name contains the full path, but the
1405 parent repository group must exist. For example "foo/bar/baz" require the groups
1406 "foo" and "bar" (with "foo" as parent), and create "baz" repository with
1407 1407 "bar" as group. This command can be executed only using api_key
1408 1408 belonging to user with admin rights or regular user that have create
1409 1409 repository permission. Regular users cannot specify owner parameter
@@ -1485,11 +1485,15 b' class ApiController(JSONRPCController):'
1485 1485 copy_permissions = Optional.extract(copy_permissions)
1486 1486
1487 1487 try:
1488 repo_name_cleaned = repo_name.split('/')[-1]
1489 # create structure of groups and return the last group
1490 repo_group = map_groups(repo_name)
1488 repo_name_parts = repo_name.split('/')
1489 repo_group = None
1490 if len(repo_name_parts) > 1:
1491 group_name = '/'.join(repo_name_parts[:-1])
1492 repo_group = RepoGroup.get_by_group_name(group_name)
1493 if repo_group is None:
1494 raise JSONRPCError("repo group `%s` not found" % group_name)
1491 1495 data = dict(
1492 repo_name=repo_name_cleaned,
1496 repo_name=repo_name_parts[-1],
1493 1497 repo_name_full=repo_name,
1494 1498 repo_type=repo_type,
1495 1499 repo_description=description,
@@ -1673,14 +1677,18 b' class ApiController(JSONRPCController):'
1673 1677 owner = get_user_or_error(owner)
1674 1678
1675 1679 try:
1676 # create structure of groups and return the last group
1677 group = map_groups(fork_name)
1678 fork_base_name = fork_name.rsplit('/', 1)[-1]
1680 fork_name_parts = fork_name.split('/')
1681 repo_group = None
1682 if len(fork_name_parts) > 1:
1683 group_name = '/'.join(fork_name_parts[:-1])
1684 repo_group = RepoGroup.get_by_group_name(group_name)
1685 if repo_group is None:
1686 raise JSONRPCError("repo group `%s` not found" % group_name)
1679 1687
1680 1688 form_data = dict(
1681 repo_name=fork_base_name,
1689 repo_name=fork_name_parts[-1],
1682 1690 repo_name_full=fork_name,
1683 repo_group=group,
1691 repo_group=repo_group,
1684 1692 repo_type=repo.repo_type,
1685 1693 description=Optional.extract(description),
1686 1694 private=Optional.extract(private),
Show file before | Show file after | Hide comments
@@ -1018,6 +1018,20 b' class _BaseTestApi(object):'
1018 1018 repo_group_name = 'my_gr'
1019 1019 repo_name = '%s/api-repo' % repo_group_name
1020 1020
1021 # repo creation can no longer also create repo group
1022 id_, params = _build_data(self.apikey, 'create_repo',
1023 repo_name=repo_name,
1024 owner=TEST_USER_ADMIN_LOGIN,
1025 repo_type=self.REPO_TYPE,)
1026 response = api_call(self, params)
1027 expected = u'repo group `%s` not found' % repo_group_name
1028 self._compare_error(id_, expected, given=response.body)
1029 assert RepoModel().get_by_repo_name(repo_name) is None
1030
1031 # create group before creating repo
1032 rg = fixture.create_repo_group(repo_group_name)
1033 Session().commit()
1034
1021 1035 id_, params = _build_data(self.apikey, 'create_repo',
1022 1036 repo_name=repo_name,
1023 1037 owner=TEST_USER_ADMIN_LOGIN,
@@ -1144,7 +1158,7 b' class _BaseTestApi(object):'
1144 1158 self._compare_error(id_, expected, given=response.body)
1145 1159
1146 1160 def test_api_create_repo_dot_dot(self):
1147 # FIXME: it should only be possible to create repositories in existing repo groups - and '..' can't be used
1161 # it is only possible to create repositories in existing repo groups - and '..' can't be used
1148 1162 group_name = '%s/..' % TEST_REPO_GROUP
1149 1163 repo_name = '%s/%s' % (group_name, 'could-be-outside')
1150 1164 id_, params = _build_data(self.apikey, 'create_repo',
@@ -1152,12 +1166,8 b' class _BaseTestApi(object):'
1152 1166 owner=TEST_USER_ADMIN_LOGIN,
1153 1167 repo_type=self.REPO_TYPE,)
1154 1168 response = api_call(self, params)
1155 expected = {
1156 u'msg': u"Created new repository `%s`" % repo_name,
1157 u'success': True,
1158 u'task': None,
1159 }
1160 self._compare_ok(id_, expected, given=response.body)
1169 expected = u'repo group `%s` not found' % group_name
1170 self._compare_error(id_, expected, given=response.body)
1161 1171 fixture.destroy_repo(repo_name)
1162 1172
1163 1173 @mock.patch.object(RepoModel, 'create', crash)
General Comments 0
You need to be logged in to leave comments. Login now