Commits

Richard Jones  committed 0591a1f

there is no way this is going to work

  • Participants
  • Parent commits 05efa08

Comments (0)

Files changed (2)

File oauth_test.py

     print 'secret: %s' % str(token.secret)
     pause()
 
-def example_access():
+def example_test(access_token):
     # test config
     CONSUMER_KEY = 'sekrit'
     CONSUMER_SECRET = '123'
     RESOURCE_URL = 'https://testpypi.python.org/oauth/test'
-
-    ACCESS_KEY = 'AJLks8p4zezH2ud9R7OQy98eRLXf8zut'
-    ACCESS_SECRET = 'vSXBEWk5kn6wvVGivILPyBmtRitDvJq0cVcmBDk57eX2XCENvp2da3ou7v09TxrL'
-    access_token = oauth.OAuthToken(ACCESS_KEY, ACCESS_SECRET)
-
     # access some protected resources
     print '* Access protected resources ...'
     client = SimpleOAuthClient(CONSUMER_KEY, CONSUMER_SECRET, access_token)
     params = client.access_resource(RESOURCE_URL, {'param_one': 'test'})
     print 'non-oauth parameters: %s' % params
 
+def example_release(access_token, **params):
+    # test config
+    CONSUMER_KEY = 'sekrit'
+    CONSUMER_SECRET = '123'
+    RESOURCE_URL = 'https://testpypi.python.org/oauth/add_release'
+    # access some protected resources
+    print '* Access protected resources ...'
+    client = SimpleOAuthClient(CONSUMER_KEY, CONSUMER_SECRET, access_token)
+    params = client.access_resource(RESOURCE_URL, params)
+    print 'non-oauth parameters: %s' % params
+
 
 if __name__ == '__main__':
-    # for testing you will want to run example_init() and work through that
+    # For testing you will want to run example_init() and work through that
     # until you get an access token. Then replace ACCESS_KEY and ACCESS_SECRET
-    # in example_access() with the key and secret you were assigned.
+    # with the key and secret you were assigned.
     #example_init()
-    example_access()
+    ACCESS_KEY = 'AJLks8p4zezH2ud9R7OQy98eRLXf8zut'
+    ACCESS_SECRET = 'vSXBEWk5kn6wvVGivILPyBmtRitDvJq0cVcmBDk57eX2XCENvp2da3ou7v09TxrL'
+    access_token = oauth.OAuthToken(ACCESS_KEY, ACCESS_SECRET)
+    example_access(access_token)
+    example_release(access_token, name='spam', version='2.0')
 
         # return a display of the package
         self.display(ok_message=message)
 
-    def form_metadata(self):
+    def form_metadata(self, submitted_data=None):
         ''' Extract metadata from the form.
         '''
+        if submitted_data is None:
+            submitted_data = self.form
         data = {}
-        for k in self.form.keys():
+        for k in submitted_data:
             if k.startswith(':'): continue
             v = self.form[k]
             if k == '_pypi_hidden':
             self.oauth_access_token()
         elif path == '/authorise':
             self.oauth_authorise()
+        elif path == '/add_release':
+            self.oauth_add_release()
+        elif path == '/upload':
+            self.oauth_upload()
+        elif path == '/docupload':
+            self.oauth_docupload()
         elif path == '/test':
             self.oauth_test_access()
         else:
         message = 'Access allowed for %s (ps. I got params=%r)'%(user, params)
         self.write_plain(message)
 
+    def oauth_add_release(self):
+        '''Add a new release.
+
+        Returns "OK" if all is well otherwise .. who knows (TODO this needs to
+        be clarified and cleaned up).
+        '''
+        consumer, token, params, user = self._parse_request()
+
+        # pull the package information out of the form submission
+        data = self.form_metadata(params)
+
+        # validate the data
+        self.validate_metadata(data)
+
+        name = data['name']
+        version = data['version']
+
+        # make sure the user has permission to do stuff
+        has_package = self.store.has_package(name)
+        if has_package and not (
+                self.store.has_role('Owner', name) or
+                self.store.has_role('Admin', name) or
+                self.store.has_role('Maintainer', name)):
+            raise Forbidden, \
+                "You are not allowed to store '%s' package information"%name
+
+        if not has_package:
+            names = self.store.find_package(name)
+            if names:
+                raise Forbidden, "Package name conflicts with existing package '%s'" % names[0]
+
+        # make sure the _pypi_hidden flag is set
+        if not data.has_key('_pypi_hidden'):
+            data['_pypi_hidden'] = False
+
+        # save off the data
+        message = self.store.store_package(name, version, data)
+        self.store.changed()
+
+        return 'OK'
+
+    def oauth_upload(self):
+        '''Upload a file for a package release.
+        '''
+        consumer, token, params, user = self._parse_request()
+        message = 'Access allowed for %s (ps. I got params=%r)'%(user, params)
+        self.write_plain(message)
+
+    def oauth_docupload(self):
+        '''Upload a documentation bundle.
+        '''
+        consumer, token, params, user = self._parse_request()
+        message = 'Access allowed for %s (ps. I got params=%r)'%(user, params)
+        self.write_plain(message)
+