ref(hooks): remove push hook model as the builder stopped using it (#985)

helgi · web-flow · commit f7a3e0294385 · 2016-08-17T19:03:28.000-07:00
ref deis/builder#407
diff --git a/rootfs/api/migrations/0013_auto_20160816_2122.py b/rootfs/api/migrations/0013_auto_20160816_2122.py
@@ -0,0 +1,30 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.9.8 on 2016-08-16 21:22
+from __future__ import unicode_literals
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0012_auto_20160816_1934'),
+    ]
+
+    operations = [
+        migrations.AlterUniqueTogether(
+            name='push',
+            unique_together=set([]),
+        ),
+        migrations.RemoveField(
+            model_name='push',
+            name='app',
+        ),
+        migrations.RemoveField(
+            model_name='push',
+            name='owner',
+        ),
+        migrations.DeleteModel(
+            name='Push',
+        ),
+    ]
diff --git a/rootfs/api/models/__init__.py b/rootfs/api/models/__init__.py
@@ -114,7 +114,6 @@ class Meta:
 
 
 from .app import App, validate_id_is_docker_compatible, validate_reserved_names, validate_app_structure  # noqa
-from .push import Push  # noqa
 from .key import Key, validate_base64  # noqa
 from .certificate import Certificate, validate_certificate  # noqa
 from .domain import Domain  # noqa
diff --git a/rootfs/api/models/push.py b/rootfs/api/models/push.py
diff --git a/rootfs/api/serializers.py b/rootfs/api/serializers.py
@@ -457,19 +457,6 @@ class Meta:
         read_only_fields = ['common_name', 'fingerprint', 'san', 'domains', 'subject', 'issuer']
 
 
-class PushSerializer(serializers.ModelSerializer):
-    """Serialize a :class:`~api.models.Push` model."""
-
-    app = serializers.SlugRelatedField(slug_field='id', queryset=models.App.objects.all())
-    owner = serializers.ReadOnlyField(source='owner.username')
-
-    class Meta:
-        """Metadata options for a :class:`PushSerializer`."""
-        model = models.Push
-        fields = ['owner', 'app', 'sha', 'fingerprint', 'receive_user', 'receive_repo',
-                  'ssh_connection', 'ssh_original_command', 'created', 'updated']
-
-
 class PodSerializer(serializers.BaseSerializer):
     name = serializers.CharField()
     state = serializers.CharField()
diff --git a/rootfs/api/tests/test_hooks.py b/rootfs/api/tests/test_hooks.py
@@ -122,65 +122,6 @@ def test_key_hook(self, mock_requests):
         response = self.client.get(url, HTTP_X_DEIS_BUILDER_AUTH=settings.BUILDER_KEY)
         self.assertEqual(response.status_code, 404)
 
-    def test_push_hook(self, mock_requests):
-        """Test creating a Push via the API"""
-        app_id = self.create_app()
-
-        # prepare a push body
-        body = {
-            'sha': 'df1e628f2244b73f9cdf944f880a2b3470a122f4',
-            'fingerprint': '88:25:ed:67:56:91:3d:c6:1b:7f:42:c6:9b:41:24:80',
-            'receive_user': 'autotest',
-            'receive_repo': '{app_id}'.format(**locals()),
-            'ssh_connection': '10.0.1.10 50337 172.17.0.143 22',
-            'ssh_original_command': "git-receive-pack '{app_id}.git'".format(**locals()),
-        }
-        # post a request without the auth header
-        url = "/v2/hooks/push".format(**locals())
-        response = self.client.post(url, body)
-        self.assertEqual(response.status_code, 403)
-        # now try with the builder key in the special auth header
-        response = self.client.post(url, body,
-                                    HTTP_X_DEIS_BUILDER_AUTH=settings.BUILDER_KEY)
-        self.assertEqual(response.status_code, 201, response.data)
-        for k in ('owner', 'app', 'sha', 'fingerprint', 'receive_repo', 'receive_user',
-                  'ssh_connection', 'ssh_original_command'):
-            self.assertIn(k, response.data)
-
-    def test_push_abuse(self, mock_requests):
-        """Test a user pushing to an unauthorized application"""
-        # create a legit app as "autotest"
-        app_id = self.create_app()
-
-        # register an evil user
-        username, password = 'eviluser', 'password'
-        first_name, last_name = 'Evil', 'User'
-        email = 'evil@deis.io'
-        submit = {
-            'username': username,
-            'password': password,
-            'first_name': first_name,
-            'last_name': last_name,
-            'email': email,
-        }
-        url = '/v2/auth/register'
-        response = self.client.post(url, submit)
-        self.assertEqual(response.status_code, 201, response.data)
-        # prepare a push body that simulates a git push
-        body = {
-            'sha': 'df1e628f2244b73f9cdf944f880a2b3470a122f4',
-            'fingerprint': '88:25:ed:67:56:91:3d:c6:1b:7f:42:c6:9b:41:24:99',
-            'receive_user': 'eviluser',
-            'receive_repo': '{app_id}'.format(**locals()),
-            'ssh_connection': '10.0.1.10 50337 172.17.0.143 22',
-            'ssh_original_command': "git-receive-pack '{app_id}.git'".format(**locals()),
-        }
-        # try to push as "eviluser"
-        url = "/v2/hooks/push".format(**locals())
-        response = self.client.post(url, body,
-                                    HTTP_X_DEIS_BUILDER_AUTH=settings.BUILDER_KEY)
-        self.assertEqual(response.status_code, 403)
-
     def test_build_hook(self, mock_requests):
         """Test creating a Build via an API Hook"""
         app_id = self.create_app()
diff --git a/rootfs/api/urls.py b/rootfs/api/urls.py
@@ -82,8 +82,6 @@
         views.KeyHookViewSet.as_view({'get': 'app'})),
     url(r'^hooks/key/(?P<fingerprint>.+)/?',
         views.KeyHookViewSet.as_view({'get': 'public_key'})),
-    url(r'^hooks/push/?',
-        views.PushHookViewSet.as_view({'post': 'create'})),
     url(r'^hooks/build/?',
         views.BuildHookViewSet.as_view({'post': 'create'})),
     url(r'^hooks/config/?',
diff --git a/rootfs/api/views.py b/rootfs/api/views.py
@@ -454,22 +454,6 @@ def users(self, request, *args, **kwargs):
         return Response(data, status=status.HTTP_200_OK)
 
 
-class PushHookViewSet(BaseHookViewSet):
-    """API hook to create new :class:`~api.models.Push`"""
-    model = models.Push
-    serializer_class = serializers.PushSerializer
-
-    def create(self, request, *args, **kwargs):
-        app = get_object_or_404(models.App, id=request.data['receive_repo'])
-        request.user = get_object_or_404(User, username=request.data['receive_user'])
-        # check the user is authorized for this app
-        if not permissions.is_app_user(request, app):
-            raise PermissionDenied()
-        request.data['app'] = app
-        request.data['owner'] = request.user
-        return super(PushHookViewSet, self).create(request, *args, **kwargs)
-
-
 class BuildHookViewSet(BaseHookViewSet):
     """API hook to create new :class:`~api.models.Build`"""
     model = models.Build
