def post(self, request):
serializer = AppRegisterSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
signature = serializer.validated_data['signature'].strip()
certificate = serializer.validated_data['certificate'].strip()
container = Container()
validator = container.resolve(CertificateValidator)
app_id = validator.get_cn(certificate)
created = True
try:
app = App.objects.get(id=app_id)
created = False
except App.DoesNotExist:
app = App.objects.create(id=app_id, owner=request.user)
app.set_current_language('en')
app.description = app_id
app.name = app_id
app.summary = app_id
if app.owner != request.user:
raise PermissionDenied('Only the app owner is allowed to update'
'the certificate')
chain = read_file_contents(settings.NEXTCLOUD_CERTIFICATE_LOCATION)
crl = read_file_contents(settings.NEXTCLOUD_CRL_LOCATION)
if settings.VALIDATE_CERTIFICATES:
validator.validate_certificate(certificate, chain, crl)
validator.validate_signature(certificate, signature,
app_id.encode())
app.owner = request.user
app.certificate = certificate
app.save()
if created:
if settings.DISCOURSE_TOKEN:
self._create_discourse_category(app_id)
return Response(status=201)
else:
return Response(status=204)
def post(self, request):
serializer = AppRegisterSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
signature = serializer.validated_data['signature'].strip()
certificate = serializer.validated_data['certificate'].strip()
container = Container()
# validate certificate and signature
chain = read_file_contents(settings.NEXTCLOUD_CERTIFICATE_LOCATION)
crl = read_file_contents(settings.NEXTCLOUD_CRL_LOCATION)
validator = container.resolve(CertificateValidator)
app_id = validator.get_cn(certificate)
if settings.VALIDATE_CERTIFICATES:
validator.validate_certificate(certificate, chain, crl)
validator.validate_signature(certificate, signature,
app_id.encode())
try:
app = App.objects.get(id=app_id)
if app.ownership_transfer_enabled:
app.owner = request.user
app.ownership_transfer_enabled = False
elif app.owner != request.user:
msg = 'Only the app owner is allowed to update the certificate'
raise PermissionDenied(msg)
app.certificate = certificate
app.save()
return Response(status=204)
except App.DoesNotExist:
app = App.objects.create(id=app_id,
owner=request.user,
certificate=certificate)
app.set_current_language('en')
app.description = app_id
app.name = app_id
app.summary = app_id
app.save()
if settings.DISCOURSE_TOKEN:
self._create_discourse_category(app_id)
return Response(status=201)
def post(self, request):
serializer = AppReleaseDownloadSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
with (transaction.atomic()):
url = serializer.validated_data['download']
signature = serializer.validated_data['signature']
is_nightly = serializer.validated_data['nightly']
# download the latest release and create or update the models
container = Container()
provider = container.resolve(AppReleaseProvider)
try:
info, data = provider.get_release_info(url, is_nightly)
except HTTPError as e:
raise ValidationError(e)
# populate metadata from request
info['app']['release']['signature'] = signature
info['app']['release']['download'] = url
app_id = info['app']['id']
version = info['app']['release']['version']
status, app = self._check_permission(request, app_id, version,
is_nightly)
# verify certs and signature
validator = container.resolve(CertificateValidator)
chain = read_file_contents(settings.NEXTCLOUD_CERTIFICATE_LOCATION)
crl = read_file_contents(settings.NEXTCLOUD_CRL_LOCATION)
if settings.VALIDATE_CERTIFICATES:
validator.validate_certificate(app.certificate, chain, crl)
validator.validate_signature(app.certificate, signature, data)
validator.validate_app_id(app.certificate, app_id)
importer = container.resolve(AppImporter)
importer.import_data('app', info['app'], None)
return Response(status=status)
def post(self, request):
serializer = AppReleaseDownloadSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
with(transaction.atomic()):
url = serializer.validated_data['download']
signature = serializer.validated_data['signature']
is_nightly = serializer.validated_data['nightly']
# download the latest release and create or update the models
container = Container()
provider = container.resolve(AppReleaseProvider)
try:
info, data = provider.get_release_info(url, is_nightly)
except HTTPError as e:
raise ValidationError(e)
# populate metadata from request
info['app']['release']['signature'] = signature
info['app']['release']['download'] = url
app_id = info['app']['id']
version = info['app']['release']['version']
status, app = self._check_permission(request, app_id, version,
is_nightly)
# verify certs and signature
validator = container.resolve(CertificateValidator)
chain = read_file_contents(settings.NEXTCLOUD_CERTIFICATE_LOCATION)
crl = read_file_contents(settings.NEXTCLOUD_CRL_LOCATION)
if settings.VALIDATE_CERTIFICATES:
validator.validate_certificate(app.certificate, chain, crl)
validator.validate_signature(app.certificate, signature, data)
validator.validate_app_id(app.certificate, app_id)
importer = container.resolve(AppImporter)
importer.import_data('app', info['app'], None)
return Response(status=status)
def _get_test_xml(self, target):
path = self.get_path(target)
return read_file_contents(path)
def _get_contents(self, target):
path = self.get_path(target)
return read_file_contents(path)