hub.sr.ht/hubsrht/projects.py

from flask import abort
from hubsrht.types import Project, User, Visibility
from srht.oauth import current_user
from enum import Enum

class ProjectAccess(Enum):
    read = "read"
    write = "write"

def get_project(owner, project_name, access, user=current_user):
    if owner.startswith("~"):
        owner = owner[1:]
    else:
        abort(404)
    project = (Project.query
            .join(User, Project.owner_id == User.id)
            .filter(User.username == owner)
            .filter(Project.name == project_name)
        ).one_or_none()
    if not project:
        abort(404)
    if user != None and user.id == project.owner_id:
        return project.owner, project
    if access == ProjectAccess.write:
        abort(401)
    # TODO: ACLs
    if project.visibility in (Visibility.PUBLIC, Visibility.UNLISTED):
        return project.owner, project
    elif project.visibility == Visibility.PRIVATE:
        abort(401)
    assert False
Initial commit 2020-03-24 15:26:15 +01:00			`from flask import abort`
projects.py: fix visibility import 2020-04-29 16:07:47 +02:00			`from hubsrht.types import Project, User, Visibility`
Initial commit 2020-03-24 15:26:15 +01:00			`from srht.oauth import current_user`
			`from enum import Enum`

			`class ProjectAccess(Enum):`
			`read = "read"`
			`write = "write"`

			`def get_project(owner, project_name, access, user=current_user):`
			`if owner.startswith("~"):`
			`owner = owner[1:]`
hubsrht: Expect valid canonical name in URLs 2022-09-06 14:42:22 +02:00			`else:`
			`abort(404)`
Initial commit 2020-03-24 15:26:15 +01:00			`project = (Project.query`
			`.join(User, Project.owner_id == User.id)`
			`.filter(User.username == owner)`
hubsrht: Match projects case-sensitively 2022-07-01 15:57:08 +02:00			`.filter(Project.name == project_name)`
Make project names match [A-Za-z0-9._-]+ Project names in URLs are now case-insensitive -- This might break existing projects. Also prohibits use of '.git' and '.hg' as project names. 2021-08-08 18:03:52 +02:00			`).one_or_none()`
Initial commit 2020-03-24 15:26:15 +01:00			`if not project:`
			`abort(404)`
			`if user != None and user.id == project.owner_id:`
			`return project.owner, project`
			`if access == ProjectAccess.write:`
			`abort(401)`
			`# TODO: ACLs`
Uppercase the Visibility enum keys There is currently a mismatch, causing for example project creation via the web interface to fail, because the validation code is using the enum keys, which are lowercase, but everything else uses uppercase. Simply use uppercase everywhere, like already the case in other services. 2022-06-30 23:05:56 +02:00			`if project.visibility in (Visibility.PUBLIC, Visibility.UNLISTED):`
Initial commit 2020-03-24 15:26:15 +01:00			`return project.owner, project`
Uppercase the Visibility enum keys There is currently a mismatch, causing for example project creation via the web interface to fail, because the validation code is using the enum keys, which are lowercase, but everything else uses uppercase. Simply use uppercase everywhere, like already the case in other services. 2022-06-30 23:05:56 +02:00			`elif project.visibility == Visibility.PRIVATE:`
Initial commit 2020-03-24 15:26:15 +01:00			`abort(401)`
			`assert False`