fix(controller): disallow uppercase app URLs

Since Deis app names become URLs directly, they must match a regex
like [-a-z0-9]+, as we test for at
https://github.com/deis/deis/blob/master/controller/api/tests/test_app.py#L100.
But the regexes for apps in controller/api/urls.py use [-_\w], which
does some nice locale adjustments but allows uppercase chars and
underscores. This changes the regex to match the serializer's regex.
We can incrementally add more locale characters as things require
changing.

fixes #936

Author: Matthew Fisher

controller/api/urls.py

@@ -251,46 +251,46 @@
     url(r'^clusters/?',
         views.ClusterViewSet.as_view({'get': 'list', 'post': 'create'})),
     # application release components
-    url(r'^apps/(?P<id>[-_\w]+)/config/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/config/?',
         views.AppConfigViewSet.as_view({'get': 'retrieve', 'post': 'create'})),
-    url(r'^apps/(?P<id>[-_\w]+)/builds/(?P<uuid>[-_\w]+)/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/builds/(?P<uuid>[-_\w]+)/?',
         views.AppBuildViewSet.as_view({'get': 'retrieve'})),
-    url(r'^apps/(?P<id>[-_\w]+)/builds/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/builds/?',
         views.AppBuildViewSet.as_view({'get': 'list', 'post': 'create'})),
-    url(r'^apps/(?P<id>[-_\w]+)/releases/v(?P<version>[0-9]+)/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/releases/v(?P<version>[0-9]+)/?',
         views.AppReleaseViewSet.as_view({'get': 'retrieve'})),
-    url(r'^apps/(?P<id>[-_\w]+)/releases/rollback/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/releases/rollback/?',
         views.AppReleaseViewSet.as_view({'post': 'rollback'})),
-    url(r'^apps/(?P<id>[-_\w]+)/releases/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/releases/?',
         views.AppReleaseViewSet.as_view({'get': 'list'})),
     # application infrastructure
-    url(r'^apps/(?P<id>[-_\w]+)/containers/(?P<type>[-_\w]+)/(?P<num>[-_\w]+)/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/containers/(?P<type>[-_\w]+)/(?P<num>[-_\w]+)/?',
         views.AppContainerViewSet.as_view({'get': 'retrieve'})),
-    url(r'^apps/(?P<id>[-_\w]+)/containers/(?P<type>[-_\w.]+)/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/containers/(?P<type>[-_\w.]+)/?',
         views.AppContainerViewSet.as_view({'get': 'list'})),
-    url(r'^apps/(?P<id>[-_\w]+)/containers/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/containers/?',
         views.AppContainerViewSet.as_view({'get': 'list'})),
     # application domains
-    url(r'^apps/(?P<id>[-_\w]+)/domains/(?P<domain>[-\._\w]+)/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/domains/(?P<domain>[-\._\w]+)/?',
         views.DomainViewSet.as_view({'delete': 'destroy'})),
-    url(r'^apps/(?P<id>[-_\w]+)/domains/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/domains/?',
         views.DomainViewSet.as_view({'post': 'create', 'get': 'list'})),
     # application actions
-    url(r'^apps/(?P<id>[-_\w]+)/scale/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/scale/?',
         views.AppViewSet.as_view({'post': 'scale'})),
-    url(r'^apps/(?P<id>[-_\w]+)/logs/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/logs/?',
         views.AppViewSet.as_view({'post': 'logs'})),
-    url(r'^apps/(?P<id>[-_\w]+)/run/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/run/?',
         views.AppViewSet.as_view({'post': 'run'})),
-    url(r'^apps/(?P<id>[-_\w]+)/calculate/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/calculate/?',
         views.AppViewSet.as_view({'post': 'calculate'})),
     # apps sharing
-    url(r'^apps/(?P<id>[-_\w]+)/perms/(?P<username>[-_\w]+)/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/perms/(?P<username>[-_\w]+)/?',
         views.AppPermsViewSet.as_view({'delete': 'destroy'})),
-    url(r'^apps/(?P<id>[-_\w]+)/perms/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/perms/?',
         views.AppPermsViewSet.as_view({'get': 'list', 'post': 'create'})),
     # apps base endpoint
-    url(r'^apps/(?P<id>[-_\w]+)/?',
+    url(r'^apps/(?P<id>[-a-z0-9]+)/?',
         views.AppViewSet.as_view({'get': 'retrieve', 'delete': 'destroy'})),
     url(r'^apps/?',
         views.AppViewSet.as_view({'get': 'list', 'post': 'create'})),