Browse code
Merge remote-tracking branch 'origin/165-push_permission_check-fix'
Solomon Hykes authored on 2013/03/29 07:45:00Showing 1 changed files
| ... | ... |
@@ -334,13 +334,28 @@ func (graph *Graph) pushTag(remote, revision, tag string, authConfig *auth.AuthC |
| 334 | 334 |
func (graph *Graph) LookupRemoteRepository(remote string, authConfig *auth.AuthConfig) bool {
|
| 335 | 335 |
rt := &http.Transport{Proxy: http.ProxyFromEnvironment}
|
| 336 | 336 |
|
| 337 |
- req, err := http.NewRequest("GET", REGISTRY_ENDPOINT+"/users/"+remote, nil)
|
|
| 337 |
+ var repositoryTarget string |
|
| 338 |
+ // If we are asking for 'root' repository, lookup on the Library's registry |
|
| 339 |
+ if strings.Index(remote, "/") == -1 {
|
|
| 340 |
+ repositoryTarget = REGISTRY_ENDPOINT + "/library/" + remote + "/lookup" |
|
| 341 |
+ } else {
|
|
| 342 |
+ repositoryTarget = REGISTRY_ENDPOINT + "/users/" + remote + "/lookup" |
|
| 343 |
+ } |
|
| 344 |
+ Debugf("Checking for permissions on: %s", repositoryTarget)
|
|
| 345 |
+ req, err := http.NewRequest("PUT", repositoryTarget, strings.NewReader("\"\""))
|
|
| 338 | 346 |
if err != nil {
|
| 347 |
+ Debugf("%s\n", err)
|
|
| 339 | 348 |
return false |
| 340 | 349 |
} |
| 341 | 350 |
req.SetBasicAuth(authConfig.Username, authConfig.Password) |
| 351 |
+ req.Header.Add("Content-type", "application/json")
|
|
| 342 | 352 |
res, err := rt.RoundTrip(req) |
| 343 |
- if err != nil || res.StatusCode != 200 {
|
|
| 353 |
+ if err != nil || res.StatusCode != 404 {
|
|
| 354 |
+ errBody, err := ioutil.ReadAll(res.Body) |
|
| 355 |
+ if err != nil {
|
|
| 356 |
+ errBody = []byte(err.Error()) |
|
| 357 |
+ } |
|
| 358 |
+ Debugf("Lookup status code: %d (body: %s)", res.StatusCode, errBody)
|
|
| 344 | 359 |
return false |
| 345 | 360 |
} |
| 346 | 361 |
return true |
| ... | ... |
@@ -370,11 +385,10 @@ func (graph *Graph) pushPrimitive(stdout io.Writer, remote, tag, imgId string, a |
| 370 | 370 |
// Push a repository to the registry. |
| 371 | 371 |
// Remote has the format '<user>/<repo> |
| 372 | 372 |
func (graph *Graph) PushRepository(stdout io.Writer, remote string, localRepo Repository, authConfig *auth.AuthConfig) error {
|
| 373 |
- // Check if the remote repository exists |
|
| 374 |
- // FIXME: @lopter How to handle this? |
|
| 375 |
- // if !graph.LookupRemoteRepository(remote, authConfig) {
|
|
| 376 |
- // return fmt.Errorf("The remote repository %s does not exist\n", remote)
|
|
| 377 |
- // } |
|
| 373 |
+ // Check if the remote repository exists/if we have the permission |
|
| 374 |
+ if !graph.LookupRemoteRepository(remote, authConfig) {
|
|
| 375 |
+ return fmt.Errorf("Permission denied on repository %s\n", remote)
|
|
| 376 |
+ } |
|
| 378 | 377 |
|
| 379 | 378 |
fmt.Fprintf(stdout, "Pushing repository %s (%d tags)\n", remote, len(localRepo)) |
| 380 | 379 |
// For each image within the repo, push them |