From eabc8e87fb89e490474aafc854ea3e00f54f0efa Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: May 16 2017 12:18:36 +0000
Subject: Add get_authorized_api_project


Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>

---

diff --git a/pagure/api/__init__.py b/pagure/api/__init__.py
index cd83a24..f94ef66 100644
--- a/pagure/api/__init__.py
+++ b/pagure/api/__init__.py
@@ -87,6 +87,16 @@ class APIERROR(enum.Enum):
     ENOGROUP = 'Group not found'
 
 
+def get_authorized_api_project(SESSION, repo, user=None, namespace=None,
+                               with_lock=False):
+    ''' Helper function to get an authorized_project with optional lock. '''
+    repo = pagure.get_authorized_project(
+        SESSION, repo, user=user, namespace=namespace, with_lock=with_lock)
+    flask.g.repo_locked = with_lock
+    flask.g.repo = repo
+    return repo
+
+
 def check_api_acls(acls, optional=False):
     ''' Checks if the user provided an API token with its request and if
     this token allows the user to access the endpoint desired.
@@ -347,7 +357,7 @@ def api_project_tags(repo, username=None):
     if pattern is not None and not pattern.endswith('*'):
         pattern += '*'
 
-    project_obj = pagure.get_authorized_project(SESSION, repo, username)
+    project_obj = get_authorized_api_project(SESSION, repo, username)
     if not project_obj:
         output = {'output': 'notok', 'error': 'Project not found'}
         jsonout = flask.jsonify(output)
diff --git a/pagure/api/ci/jenkins.py b/pagure/api/ci/jenkins.py
index 1309bf6..88f4210 100644
--- a/pagure/api/ci/jenkins.py
+++ b/pagure/api/ci/jenkins.py
@@ -45,7 +45,9 @@ def jenkins_ci_notification(
     """
 
     project = pagure.lib._get_project(
-        SESSION, repo, user=username, namespace=namespace)
+        SESSION, repo, user=username, namespace=namespace, with_lock=True)
+    flask.g.repo_locked = True
+    flask.g.repo = project
     if not project:
         raise pagure.exceptions.APIError(404, error_code=APIERROR.ENOPROJECT)
 
diff --git a/pagure/api/fork.py b/pagure/api/fork.py
index 1a2efd0..7457fcb 100644
--- a/pagure/api/fork.py
+++ b/pagure/api/fork.py
@@ -16,7 +16,8 @@ import pagure
 import pagure.exceptions
 import pagure.lib
 from pagure import APP, SESSION, is_repo_committer
-from pagure.api import API, api_method, api_login_required, APIERROR
+from pagure.api import (API, api_method, api_login_required, APIERROR,
+                        get_authorized_api_project)
 
 
 @API.route('/<repo>/pull-requests')
@@ -123,7 +124,7 @@ def api_pull_request_views(repo, username=None, namespace=None):
 
     """
 
-    repo = pagure.get_authorized_project(
+    repo = get_authorized_api_project(
         SESSION, repo, user=username, namespace=namespace)
 
     if repo is None:
@@ -249,7 +250,7 @@ def api_pull_request_view(repo, requestid, username=None, namespace=None):
 
     """
 
-    repo = pagure.get_authorized_project(
+    repo = get_authorized_api_project(
         SESSION, repo, user=username, namespace=namespace)
 
     if repo is None:
@@ -308,7 +309,7 @@ def api_pull_request_merge(repo, requestid, username=None, namespace=None):
     """  # noqa
     output = {}
 
-    repo = pagure.get_authorized_project(
+    repo = get_authorized_api_project(
         SESSION, repo, user=username, namespace=namespace)
 
     if repo is None:
@@ -395,7 +396,7 @@ def api_pull_request_close(repo, requestid, username=None, namespace=None):
     """  # noqa
     output = {}
 
-    repo = pagure.get_authorized_project(
+    repo = get_authorized_api_project(
         SESSION, repo, user=username, namespace=namespace)
 
     if repo is None:
@@ -498,7 +499,7 @@ def api_pull_request_add_comment(
         }
 
     """  # noqa
-    repo = pagure.get_authorized_project(
+    repo = get_authorized_api_project(
         SESSION, repo, user=username, namespace=namespace)
 
     output = {}
@@ -642,7 +643,7 @@ def api_pull_request_add_flag(repo, requestid, username=None, namespace=None):
         }
 
     """  # noqa
-    repo = pagure.get_authorized_project(
+    repo = get_authorized_api_project(
         SESSION, repo, user=username, namespace=namespace)
 
     output = {}
diff --git a/pagure/api/issue.py b/pagure/api/issue.py
index 5598e23..923525c 100644
--- a/pagure/api/issue.py
+++ b/pagure/api/issue.py
@@ -22,7 +22,8 @@ from pagure import (
     urlpattern, is_repo_user
 )
 from pagure.api import (
-    API, api_method, api_login_required, api_login_optional, APIERROR
+    API, api_method, api_login_required, api_login_optional, APIERROR,
+    get_authorized_api_project
 )
 
 
@@ -35,8 +36,8 @@ def _get_repo(repo_name, username=None, namespace=None):
         is disabled
     :return: repository name
     """
-    repo = pagure.get_authorized_project(
-        SESSION, repo_name, user=username, namespace=namespace)
+    repo = get_authorized_api_project(
+        SESSION, repo_name, user=username, namespace=namespace, with_lock=True)
 
     if repo is None:
         raise pagure.exceptions.APIError(
diff --git a/pagure/api/project.py b/pagure/api/project.py
index 1839828..c8e7fd5 100644
--- a/pagure/api/project.py
+++ b/pagure/api/project.py
@@ -17,7 +17,8 @@ import pagure.exceptions
 import pagure.lib
 import pagure.lib.git
 from pagure import SESSION, APP, authenticated
-from pagure.api import API, api_method, APIERROR, api_login_required
+from pagure.api import (API, api_method, APIERROR, api_login_required,
+                        get_authorized_api_project)
 
 
 @API.route('/<repo>/git/tags')
@@ -52,7 +53,7 @@ def api_git_tags(repo, username=None, namespace=None):
         }
 
     """
-    repo = pagure.get_authorized_project(
+    repo = get_authorized_api_project(
         SESSION, repo, user=username, namespace=namespace)
     if repo is None:
         raise pagure.exceptions.APIError(404, error_code=APIERROR.ENOPROJECT)
@@ -102,7 +103,7 @@ def api_project_watchers(repo, username=None, namespace=None):
             }
         }
     '''
-    repo = pagure.get_authorized_project(
+    repo = get_authorized_api_project(
         SESSION, repo, user=username, namespace=namespace)
     if repo is None:
         raise pagure.exceptions.APIError(404, error_code=APIERROR.ENOPROJECT)
@@ -175,7 +176,7 @@ def api_git_branches(repo, username=None, namespace=None):
         }
 
     '''
-    repo = pagure.get_authorized_project(
+    repo = get_authorized_api_project(
         SESSION, repo, user=username, namespace=namespace)
     if repo is None:
         raise pagure.exceptions.APIError(404, error_code=APIERROR.ENOPROJECT)
@@ -387,7 +388,7 @@ def api_project(repo, username=None, namespace=None):
         }
 
     """
-    repo = pagure.get_authorized_project(
+    repo = get_authorized_api_project(
         SESSION, repo, user=username, namespace=namespace)
 
     if repo is None:
@@ -576,7 +577,7 @@ def api_fork_project():
         username = form.username.data or None
         namespace = form.namespace.data.strip() or None
 
-        repo = pagure.get_authorized_project(
+        repo = get_authorized_api_project(
             SESSION, repo, user=username, namespace=namespace)
         if repo is None:
             raise pagure.exceptions.APIError(