def new_collection(request):
'''new_container_collection will display a form to generate a new collection
'''
if request.user.has_create_permission():
if request.method == "POST":
name = request.POST.get('name')
if name is not None:
# No special characters allowed
name = format_collection_name(name)
collection = Collection(name=name, secret=str(uuid.uuid4()))
collection.save()
collection.owners.add(request.user)
collection.save()
messages.info(request, 'Collection %s created.' % name)
return redirect('collection_details', cid=collection.id)
# Just new collection form, not a post
else:
return render(request, "collections/new_collection.html")
# If user makes it down here, does not have permission
messages.info(request, "You don't have permission to perform this action.")
return redirect("collections")
def collection_auth_check(request):
''' check permissions and
return a collection id (cid) if a collection exists and the user
has permission to upload. If not, a permission denied is returned.
'''
auth = request.META.get('HTTP_AUTHORIZATION', None)
# Load the body, which is json with variables
body_unicode = request.body.decode('utf-8')
body = json.loads(body_unicode)
# Get variables
tag = body.get('tag', 'latest')
name = body.get('name')
collection_name = format_collection_name(body.get('collection'))
print(tag, name, collection_name, auth, body)
# Authentication always required for push
if auth is None:
raise PermissionDenied(detail="Authentication Required")
owner = get_request_user(auth)
timestamp = generate_timestamp()
payload = "push|%s|%s|%s|%s|" % (collection_name, timestamp, name, tag)
# Validate Payload
print(payload)
if not validate_request(auth, payload, "push", timestamp):
raise PermissionDenied(detail="Unauthorized")
try:
collection = Collection.objects.get(name=collection_name)
except Collection.DoesNotExist:
collection = None
# Validate User Permissions, either for creating collection or adding
# Here we have permission if:
# 1- user collections are enabled with USER_COLLECTIONS
# 2- the user is a superuser or staff
# 3- the user is owner of a collection
if not has_permission(auth, collection, pull_permission=False):
raise PermissionDenied(detail="Unauthorized")
# If the user cannot create a new collection
if not owner.has_create_permission():
raise PermissionDenied(detail="Unauthorized")
# If we get here user has create permission, does collection exist?
if collection is None:
collection = Collection.objects.create(name=collection_name,
secret=str(uuid.uuid4()))
collection.save()
collection.owners.add(owner)
collection.save()
# Return json response with collection id
return JsonResponse({'cid': collection.id})
