From 02dfdaf1975adda70d583f7abd18161f47e9a696 Mon Sep 17 00:00:00 2001
From: Aaron Lehmann <aaron.lehmann@docker.com>
Date: Mon, 20 Jul 2015 15:25:23 -0700
Subject: [PATCH] Use correct regular expression for repository names in HTTP
 handlers

Import github.com/docker/distribution/registry/api/v2 to share the
regexps that the registry API uses.

Remove ErrUnauthorized in errors package, since it conflicts with one
defined in v2.

Fixes #92

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
---
 client/client_test.go | 13 +++++++------
 errors/errors.go      | 11 +++--------
 server/server.go      | 11 ++++++-----
 utils/http.go         |  3 ++-
 4 files changed, 18 insertions(+), 20 deletions(-)

diff --git a/client/client_test.go b/client/client_test.go
index 5bb4f031ff..4e81d3f780 100644
--- a/client/client_test.go
+++ b/client/client_test.go
@@ -11,6 +11,7 @@ import (
 	"strings"
 	"testing"
 
+	"github.com/docker/distribution/registry/api/v2"
 	"github.com/docker/notary/client/changelist"
 	"github.com/docker/notary/cryptoservice"
 	"github.com/docker/notary/server/handlers"
@@ -468,12 +469,12 @@ func testPublish(t *testing.T, rootType data.KeyAlgorithm) {
 		cryptoservice.NewCryptoService("", trustmanager.NewKeyMemoryStore(passphraseRetriever)))
 
 	r := mux.NewRouter()
-	r.Methods("POST").Path("/v2/{imageName:.*}/_trust/tuf/").Handler(hand(handlers.AtomicUpdateHandler, "push", "pull"))
-	r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/{tufRole:(root|targets|snapshot)}.json").Handler(hand(handlers.GetHandler, "pull"))
-	r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/timestamp.json").Handler(hand(handlers.GetTimestampHandler, "pull"))
-	r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/timestamp.key").Handler(hand(handlers.GetTimestampKeyHandler, "push", "pull"))
-	//r.Methods("POST").Path("/v2/{imageName:.*}/_trust/tuf/{tufRole:(root|targets|timestamp|snapshot)}.json").Handler(hand(handlers.UpdateHandler, "push", "pull"))
-	r.Methods("DELETE").Path("/v2/{imageName:.*}/_trust/tuf/").Handler(hand(handlers.DeleteHandler, "push", "pull"))
+	r.Methods("POST").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/").Handler(hand(handlers.AtomicUpdateHandler, "push", "pull"))
+	r.Methods("GET").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/{tufRole:(root|targets|snapshot)}.json").Handler(hand(handlers.GetHandler, "pull"))
+	r.Methods("GET").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/timestamp.json").Handler(hand(handlers.GetTimestampHandler, "pull"))
+	r.Methods("GET").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/timestamp.key").Handler(hand(handlers.GetTimestampKeyHandler, "push", "pull"))
+	//r.Methods("POST").Path("/v2/{imageName:" + server.RepositoryNameRegexp + "}/_trust/tuf/{tufRole:(root|targets|timestamp|snapshot)}.json").Handler(hand(handlers.UpdateHandler, "push", "pull"))
+	r.Methods("DELETE").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/").Handler(hand(handlers.DeleteHandler, "push", "pull"))
 
 	ts := httptest.NewServer(r)
 
diff --git a/errors/errors.go b/errors/errors.go
index 1902e369fe..e43bea400a 100644
--- a/errors/errors.go
+++ b/errors/errors.go
@@ -6,7 +6,9 @@ import (
 	"github.com/docker/distribution/registry/api/errcode"
 )
 
-const errGroup = "notary.v1"
+// The notary API is on version 1, but URLs start with /v2/ to be consistent
+// with the registry API
+const errGroup = "notary.api.v1"
 
 var (
 	// ErrNoStorage lint comment
@@ -72,13 +74,6 @@ var (
 		Description:    "No signing service has been configured for the server and it has been asked to perform an operation that requires either signing, or key generation.",
 		HTTPStatusCode: http.StatusInternalServerError,
 	})
-	// ErrUnauthorized lint comment
-	ErrUnauthorized = errcode.Register(errGroup, errcode.ErrorDescriptor{
-		Value:          "UNAUTHORIZED",
-		Message:        "You are not authorized for this request.",
-		Description:    "The user was not authorized for the request.",
-		HTTPStatusCode: http.StatusUnauthorized,
-	})
 	// ErrUnknown is the generic internal server error
 	ErrUnknown = errcode.ErrorCodeUnknown
 )
diff --git a/server/server.go b/server/server.go
index c4cb9bebfa..7eb7d885fb 100644
--- a/server/server.go
+++ b/server/server.go
@@ -8,6 +8,7 @@ import (
 	"net/http"
 
 	"github.com/Sirupsen/logrus"
+	"github.com/docker/distribution/registry/api/v2"
 	"github.com/docker/distribution/registry/auth"
 	"github.com/endophage/gotuf/data"
 	"github.com/endophage/gotuf/signed"
@@ -85,11 +86,11 @@ func Run(ctx context.Context, addr, tlsCertFile, tlsKeyFile string, trust signed
 
 	r := mux.NewRouter()
 	r.Methods("GET").Path("/v2/").Handler(hand(handlers.MainHandler))
-	r.Methods("POST").Path("/v2/{imageName:.*}/_trust/tuf/").Handler(hand(handlers.AtomicUpdateHandler, "push", "pull"))
-	r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/{tufRole:(root|targets|snapshot)}.json").Handler(hand(handlers.GetHandler, "pull"))
-	r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/timestamp.json").Handler(hand(handlers.GetTimestampHandler, "pull"))
-	r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/timestamp.key").Handler(hand(handlers.GetTimestampKeyHandler, "push", "pull"))
-	r.Methods("DELETE").Path("/v2/{imageName:.*}/_trust/tuf/").Handler(hand(handlers.DeleteHandler, "push", "pull"))
+	r.Methods("POST").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/").Handler(hand(handlers.AtomicUpdateHandler, "push", "pull"))
+	r.Methods("GET").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/{tufRole:(root|targets|snapshot)}.json").Handler(hand(handlers.GetHandler, "pull"))
+	r.Methods("GET").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/timestamp.json").Handler(hand(handlers.GetTimestampHandler, "pull"))
+	r.Methods("GET").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/timestamp.key").Handler(hand(handlers.GetTimestampKeyHandler, "push", "pull"))
+	r.Methods("DELETE").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/").Handler(hand(handlers.DeleteHandler, "push", "pull"))
 
 	svr := http.Server{
 		Addr:    addr,
diff --git a/utils/http.go b/utils/http.go
index e5b86d1755..155e59cc08 100644
--- a/utils/http.go
+++ b/utils/http.go
@@ -5,6 +5,7 @@ import (
 
 	"github.com/Sirupsen/logrus"
 	"github.com/docker/distribution/registry/api/errcode"
+	"github.com/docker/distribution/registry/api/v2"
 	"github.com/docker/distribution/registry/auth"
 	"github.com/endophage/gotuf/signed"
 	"github.com/gorilla/mux"
@@ -60,7 +61,7 @@ func (root *rootHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 				w.WriteHeader(http.StatusUnauthorized)
 				return
 			}
-			http.Error(w, err.Error(), http.StatusUnauthorized)
+			errcode.ServeJSON(w, v2.ErrorCodeUnauthorized)
 			return
 		}
 	}