# HG changeset patch # User Peter Sanchez # Date 1417311910 28800 # Sat Nov 29 17:45:10 2014 -0800 # Node ID 5066b739c603430ceb9fc29b6172231bd2bb1dc3 # Parent c2c3d57ca7c395fa1e70bed449ed2a75fbe61293 Adding access_key support for request authentication. diff --git a/trello_broker/models.py b/trello_broker/models.py --- a/trello_broker/models.py +++ b/trello_broker/models.py @@ -145,6 +145,15 @@ max_length=100, help_text=_('Slug ID given by BitBucket for this repository.'), ) + access_key = models.CharField( + max_length=100, + blank=True, + help_text=_( + 'Secret key used to "authenticate" the request. If saved ' + 'here the key must be appended to the BitBucket hook URL like ' + 'so: http://yourserver.com/broker/?access_key=' + ), + ) trello_board = models.ForeignKey( 'trello_broker.TrelloBoard', limit_choices_to={'status': STATUS_ACTIVE}, @@ -154,6 +163,7 @@ class Meta: verbose_name = 'BitBucket Repository' verbose_name_plural = 'BitBucket Repositories' + unique_together = ('slug', 'access_key') @property def fix_rule(self): diff --git a/trello_broker/views.py b/trello_broker/views.py --- a/trello_broker/views.py +++ b/trello_broker/views.py @@ -4,7 +4,7 @@ from django.views.decorators.csrf import csrf_exempt from django.utils.decorators import method_decorator from django.http import HttpResponse, HttpResponseBadRequest, Http404 -from .models import BitBucketRepo +from .models import Q, BitBucketRepo from .utils import process_commits from . import settings @@ -35,7 +35,10 @@ except (ValueError, KeyError): return HttpResponseBadRequest() - repo = get_object_or_404(BitBucketRepo, slug=repo_slug) + query = Q(slug=repo_slug) + if 'access_key' in request.REQUEST: + query += Q(access_key=request.REQUEST['access_key']) + repo = get_object_or_404(BitBucketRepo, query) trello_distribute(repo, json_data) return HttpResponse('OK')