2020-01-22 06:00:39 +01:00
|
|
|
// Copyright Project Harbor Authors
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
package middlewares
|
|
|
|
|
|
|
|
import (
|
2020-03-19 07:28:16 +01:00
|
|
|
"github.com/goharbor/harbor/src/server/middleware/csrf"
|
|
|
|
"github.com/goharbor/harbor/src/server/middleware/log"
|
|
|
|
"github.com/goharbor/harbor/src/server/middleware/requestid"
|
2020-01-22 06:00:39 +01:00
|
|
|
"net/http"
|
2020-02-11 15:29:55 +01:00
|
|
|
"path"
|
2020-01-22 06:00:39 +01:00
|
|
|
"regexp"
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
"github.com/astaxie/beego"
|
|
|
|
"github.com/docker/distribution/reference"
|
|
|
|
"github.com/goharbor/harbor/src/server/middleware"
|
2020-03-17 12:29:59 +01:00
|
|
|
"github.com/goharbor/harbor/src/server/middleware/notification"
|
2020-01-22 06:00:39 +01:00
|
|
|
"github.com/goharbor/harbor/src/server/middleware/orm"
|
2020-03-17 12:29:59 +01:00
|
|
|
"github.com/goharbor/harbor/src/server/middleware/readonly"
|
2020-03-19 07:28:16 +01:00
|
|
|
"github.com/goharbor/harbor/src/server/middleware/security"
|
|
|
|
"github.com/goharbor/harbor/src/server/middleware/session"
|
2020-01-22 06:00:39 +01:00
|
|
|
"github.com/goharbor/harbor/src/server/middleware/transaction"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
2020-02-24 20:41:16 +01:00
|
|
|
match = regexp.MustCompile
|
|
|
|
numericRegexp = match(`[0-9]+`)
|
|
|
|
|
|
|
|
blobURLRe = match("^/v2/(" + reference.NameRegexp.String() + ")/blobs/" + reference.DigestRegexp.String())
|
2020-01-22 06:00:39 +01:00
|
|
|
|
|
|
|
// fetchBlobAPISkipper skip transaction middleware for fetch blob API
|
|
|
|
// because transaction use the ResponseBuffer for the response which will degrade the performance for fetch blob
|
|
|
|
fetchBlobAPISkipper = middleware.MethodAndPathSkipper(http.MethodGet, blobURLRe)
|
2020-02-24 20:41:16 +01:00
|
|
|
|
|
|
|
// readonlySkippers skip the post request when harbor sets to readonly.
|
|
|
|
readonlySkippers = []middleware.Skipper{
|
2020-03-05 17:34:23 +01:00
|
|
|
middleware.MethodAndPathSkipper(http.MethodPut, match("^/api/v2.0/configurations")),
|
|
|
|
middleware.MethodAndPathSkipper(http.MethodPut, match("^/api/internal/configurations")),
|
2020-02-24 20:41:16 +01:00
|
|
|
middleware.MethodAndPathSkipper(http.MethodPost, match("^/c/login")),
|
|
|
|
middleware.MethodAndPathSkipper(http.MethodPost, match("^/c/userExists")),
|
|
|
|
middleware.MethodAndPathSkipper(http.MethodPost, match("^/c/oidc/onboard")),
|
|
|
|
middleware.MethodAndPathSkipper(http.MethodPost, match("^/service/notifications/jobs/adminjob/"+numericRegexp.String())),
|
|
|
|
middleware.MethodAndPathSkipper(http.MethodPost, match("^/service/notifications/jobs/replication/"+numericRegexp.String())),
|
|
|
|
middleware.MethodAndPathSkipper(http.MethodPost, match("^/service/notifications/jobs/replication/task/"+numericRegexp.String())),
|
|
|
|
middleware.MethodAndPathSkipper(http.MethodPost, match("^/service/notifications/jobs/webhook/"+numericRegexp.String())),
|
|
|
|
middleware.MethodAndPathSkipper(http.MethodPost, match("^/service/notifications/jobs/retention/task/"+numericRegexp.String())),
|
|
|
|
middleware.MethodAndPathSkipper(http.MethodPost, match("^/service/notifications/jobs/schedules/"+numericRegexp.String())),
|
|
|
|
middleware.MethodAndPathSkipper(http.MethodPost, match("^/service/notifications/jobs/webhook/"+numericRegexp.String())),
|
|
|
|
}
|
2020-01-22 06:00:39 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
// legacyAPISkipper skip middleware for legacy APIs
|
|
|
|
func legacyAPISkipper(r *http.Request) bool {
|
2020-02-11 15:29:55 +01:00
|
|
|
path := path.Clean(r.URL.EscapedPath())
|
2020-01-22 06:00:39 +01:00
|
|
|
for _, prefix := range []string{"/v2/", "/api/v2.0/"} {
|
2020-02-11 15:29:55 +01:00
|
|
|
if strings.HasPrefix(path, prefix) {
|
2020-01-22 06:00:39 +01:00
|
|
|
return false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
|
|
|
// MiddleWares returns global middlewares
|
|
|
|
func MiddleWares() []beego.MiddleWare {
|
|
|
|
return []beego.MiddleWare{
|
|
|
|
requestid.Middleware(),
|
2020-03-17 12:29:59 +01:00
|
|
|
log.Middleware(),
|
2020-03-19 07:28:16 +01:00
|
|
|
session.Middleware(),
|
|
|
|
csrf.Middleware(),
|
|
|
|
security.Middleware(),
|
2020-02-24 20:41:16 +01:00
|
|
|
readonly.Middleware(readonlySkippers...),
|
2020-01-22 06:00:39 +01:00
|
|
|
orm.Middleware(legacyAPISkipper),
|
2020-03-14 15:34:36 +01:00
|
|
|
// notification must ahead of transaction ensure the DB transaction execution complete
|
|
|
|
notification.Middleware(),
|
2020-01-22 06:00:39 +01:00
|
|
|
transaction.Middleware(legacyAPISkipper, fetchBlobAPISkipper),
|
|
|
|
}
|
|
|
|
}
|