diff options
| -rwxr-xr-x | api.py | 23 |
1 files changed, 19 insertions, 4 deletions
@@ -126,9 +126,11 @@ class AccessCheckerPlugin: try: logging.debug('AccessCheckerPlugin: checking if access is allowed') scopes = route['config']['scopes'] - if not self._checker.access_is_allowed(r.headers, scopes): - logging.error('Request denied %s %s', r.method, r.path) - return bottle.HTTPError(400) + authz_needed = scopes is not None + if authz_needed: + if self._checker.access_is_allowed(r.headers, scopes): + logging.error('Request denied %s %s', r.method, r.path) + return bottle.HTTPError(400) logging.debug( 'AccessCheckerPlugin: access is allowed, ' @@ -166,7 +168,7 @@ class API: def _add_routes(self, app, routes): for r in routes: - assert isinstance(r['scopes'], list) + assert isinstance(r['scopes'], list) or r['scopes'] is None route = { 'method': r['method'], 'path': r['path'], @@ -396,6 +398,12 @@ class Controller(API): 'func': self._trigger, 'scopes': ['trigger'], }, + { + 'method': 'POST', + 'path': '/webhook', + 'func': self._webhook, + 'scopes': None, + }, ] def _status(self): @@ -427,6 +435,13 @@ class Controller(API): raise bottle.HTTPError(500, 'Error triggering build') return 'Triggered build' + def _webhook(self): + r = bottle.request + body = r.body.read() + logging.debug( + '_webhook called: %s %s %r %r', + r.method, r.path, dict(r.headers), body) + def runcmd(cwd, argv, timeout): logging.info('Running command: %r', argv) |