From 642cbafa09f03bc2b46ec853cb5411b964c978dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sybren=20A=2E=20St=C3=BCvel?= Date: Wed, 13 Jul 2016 16:52:48 +0200 Subject: [PATCH] Added urler service, which can fetch the URL of any project. --- pillar/application/modules/service.py | 18 +++++++++++--- pillar/application/utils/mongo.py | 6 +++-- pillar/manage.py | 35 ++++++++++++++++++--------- 3 files changed, 42 insertions(+), 17 deletions(-) diff --git a/pillar/application/modules/service.py b/pillar/application/modules/service.py index cfe8a992..11ff96fb 100644 --- a/pillar/application/modules/service.py +++ b/pillar/application/modules/service.py @@ -3,12 +3,11 @@ import logging import blinker -from bson import ObjectId from flask import Blueprint, current_app, g, request from werkzeug import exceptions as wz_exceptions -from application.utils import authorization, authentication -from application.modules import local_auth, users +from application.utils import authorization, authentication, str2id, mongo, jsonify +from application.modules import local_auth blueprint = Blueprint('service', __name__) log = logging.getLogger(__name__) @@ -117,6 +116,19 @@ def do_badger(action, user_email, role): return '', 204 +@blueprint.route('/urler/', methods=['GET']) +@authorization.require_login(require_roles={u'service', u'urler'}, require_all=True) +def urler(project_id): + """Returns the URL of any project.""" + + project_id = str2id(project_id) + project = mongo.find_one_or_404('projects', project_id, + projection={'url': 1}) + return jsonify({ + '_id': project_id, + 'url': project['url']}) + + def manage_user_group_membership(db_user, role, action): """Some roles have associated groups; this function maintains group & role membership. diff --git a/pillar/application/utils/mongo.py b/pillar/application/utils/mongo.py index cfeb1046..cc752632 100644 --- a/pillar/application/utils/mongo.py +++ b/pillar/application/utils/mongo.py @@ -5,7 +5,8 @@ from flask import current_app from werkzeug.exceptions import NotFound -def find_one_or_404(collection_name, object_id): +def find_one_or_404(collection_name, object_id, + projection=None): """Returns the found object from the collection, or raises a NotFound exception. :param collection_name: name of the collection, such as 'users' or 'files' @@ -19,7 +20,8 @@ def find_one_or_404(collection_name, object_id): """ collection = current_app.data.driver.db[collection_name] - found = collection.find_one(ObjectId(object_id)) + found = collection.find_one(ObjectId(object_id), + projection=projection) if found is None: raise NotFound() diff --git a/pillar/manage.py b/pillar/manage.py index 25ab1e0f..a4d5a170 100755 --- a/pillar/manage.py +++ b/pillar/manage.py @@ -845,6 +845,23 @@ def update_texture_nodes_maps(): nodes_collection.update({'_id': node['_id']}, node) +def _create_service_account(email, service_roles, service_definition): + from application.modules import service + from application.utils import dumps + + account, token = service.create_service_account( + email, + service_roles, + service_definition + ) + + print('Account created:') + print(dumps(account, indent=4, sort_keys=True)) + print() + print('Access token: %s' % token['token']) + print(' expires on: %s' % token['expire_time']) + + @manager.command def create_badger_account(email, badges): """ @@ -855,20 +872,14 @@ def create_badger_account(email, badges): this account can assign and revoke. """ - from application.modules import service - from application.utils import dumps + _create_service_account(email, [u'badger'], {'badger': badges.strip().split()}) - account, token = service.create_service_account( - email, - [u'badger'], - {'badger': badges.strip().split()} - ) - print('Account created:') - print(dumps(account, indent=4, sort_keys=True)) - print() - print('Access token: %s' % token['token']) - print(' expires on: %s' % token['expire_time']) +@manager.command +def create_urler_account(email): + """Creates a new service account that can fetch all project URLs.""" + + _create_service_account(email, [u'urler'], {}) @manager.command