harbor/api/project.go

411 lines
12 KiB
Go
Raw Normal View History

2016-02-01 12:59:10 +01:00
/*
Copyright (c) 2016 VMware, Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
2016-02-26 11:54:14 +01:00
2016-02-01 12:59:10 +01:00
package api
import (
"fmt"
"net/http"
"regexp"
2016-02-01 12:59:10 +01:00
"github.com/vmware/harbor/dao"
"github.com/vmware/harbor/models"
2016-03-28 02:50:09 +02:00
"github.com/vmware/harbor/utils/log"
2016-02-01 12:59:10 +01:00
"strconv"
"time"
)
2016-02-26 11:35:55 +01:00
// ProjectAPI handles request to /api/projects/{} /api/projects/{}/logs
2016-02-01 12:59:10 +01:00
type ProjectAPI struct {
BaseAPI
2016-08-23 09:56:30 +02:00
userID int
projectID int64
projectName string
2016-02-01 12:59:10 +01:00
}
type projectReq struct {
ProjectName string `json:"project_name"`
Public int `json:"public"`
2016-02-01 12:59:10 +01:00
}
const projectNameMaxLen int = 30
const projectNameMinLen int = 4
const dupProjectPattern = `Duplicate entry '\w+' for key 'name'`
2016-02-17 07:29:05 +01:00
2016-02-26 11:35:55 +01:00
// Prepare validates the URL and the user
2016-02-01 12:59:10 +01:00
func (p *ProjectAPI) Prepare() {
idStr := p.Ctx.Input.Param(":id")
if len(idStr) > 0 {
2016-02-01 12:59:10 +01:00
var err error
p.projectID, err = strconv.ParseInt(idStr, 10, 64)
2016-02-01 12:59:10 +01:00
if err != nil {
2016-03-28 02:50:09 +02:00
log.Errorf("Error parsing project id: %s, error: %v", idStr, err)
p.CustomAbort(http.StatusBadRequest, "invalid project id")
2016-02-01 12:59:10 +01:00
}
2016-08-23 09:56:30 +02:00
project, err := dao.GetProjectByID(p.projectID)
2016-02-01 12:59:10 +01:00
if err != nil {
2016-08-23 09:56:30 +02:00
log.Errorf("failed to get project %d: %v", p.projectID, err)
p.CustomAbort(http.StatusInternalServerError, "Internal error.")
2016-02-01 12:59:10 +01:00
}
2016-08-23 09:56:30 +02:00
if project == nil {
p.CustomAbort(http.StatusNotFound, fmt.Sprintf("project does not exist, id: %v", p.projectID))
2016-02-01 12:59:10 +01:00
}
2016-08-23 09:56:30 +02:00
p.projectName = project.Name
2016-02-01 12:59:10 +01:00
}
}
2016-02-26 11:35:55 +01:00
// Post ...
2016-02-01 12:59:10 +01:00
func (p *ProjectAPI) Post() {
p.userID = p.ValidateUser()
2016-02-01 12:59:10 +01:00
var req projectReq
p.DecodeJSONReq(&req)
public := req.Public
2016-02-17 07:29:05 +01:00
err := validateProjectReq(req)
if err != nil {
2016-03-28 02:50:09 +02:00
log.Errorf("Invalid project request, error: %v", err)
2016-06-14 11:33:37 +02:00
p.RenderError(http.StatusBadRequest, fmt.Sprintf("invalid request: %v", err))
2016-02-17 07:29:05 +01:00
return
}
2016-02-01 12:59:10 +01:00
projectName := req.ProjectName
exist, err := dao.ProjectExists(projectName)
if err != nil {
2016-03-28 02:50:09 +02:00
log.Errorf("Error happened checking project existence in db, error: %v, project name: %s", err, projectName)
2016-02-01 12:59:10 +01:00
}
if exist {
p.RenderError(http.StatusConflict, "")
2016-02-01 12:59:10 +01:00
return
}
2016-02-26 03:15:01 +01:00
project := models.Project{OwnerID: p.userID, Name: projectName, CreationTime: time.Now(), Public: public}
projectID, err := dao.AddProject(project)
2016-02-17 07:29:05 +01:00
if err != nil {
2016-03-28 02:50:09 +02:00
log.Errorf("Failed to add project, error: %v", err)
dup, _ := regexp.MatchString(dupProjectPattern, err.Error())
if dup {
p.RenderError(http.StatusConflict, "")
} else {
p.RenderError(http.StatusInternalServerError, "Failed to add project")
}
return
2016-02-17 07:29:05 +01:00
}
p.Redirect(http.StatusCreated, strconv.FormatInt(projectID, 10))
2016-02-01 12:59:10 +01:00
}
2016-02-26 11:35:55 +01:00
// Head ...
2016-02-01 12:59:10 +01:00
func (p *ProjectAPI) Head() {
projectName := p.GetString("project_name")
2016-05-20 05:32:12 +02:00
if len(projectName) == 0 {
p.CustomAbort(http.StatusBadRequest, "project_name is needed")
}
project, err := dao.GetProjectByName(projectName)
2016-02-01 12:59:10 +01:00
if err != nil {
log.Errorf("error occurred in GetProjectByName: %v", err)
p.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
2016-02-01 12:59:10 +01:00
}
// only public project can be Headed by user without login
if project != nil && project.Public == 1 {
2016-02-01 12:59:10 +01:00
return
}
userID := p.ValidateUser()
if project == nil {
p.CustomAbort(http.StatusNotFound, http.StatusText(http.StatusNotFound))
}
if !checkProjectPermission(userID, project.ProjectID) {
p.CustomAbort(http.StatusForbidden, http.StatusText(http.StatusForbidden))
}
2016-02-01 12:59:10 +01:00
}
2016-02-26 11:35:55 +01:00
// Get ...
2016-02-01 12:59:10 +01:00
func (p *ProjectAPI) Get() {
2016-05-26 07:59:03 +02:00
project, err := dao.GetProjectByID(p.projectID)
if err != nil {
log.Errorf("failed to get project %d: %v", p.projectID, err)
p.CustomAbort(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
}
if project.Public == 0 {
userID := p.ValidateUser()
if !checkProjectPermission(userID, p.projectID) {
p.CustomAbort(http.StatusUnauthorized, http.StatusText(http.StatusUnauthorized))
}
}
p.Data["json"] = project
p.ServeJSON()
}
2016-08-23 09:56:30 +02:00
// Delete ...
func (p *ProjectAPI) Delete() {
if p.projectID == 0 {
p.CustomAbort(http.StatusBadRequest, "project ID is required")
}
userID := p.ValidateUser()
if !hasProjectAdminRole(userID, p.projectID) {
p.CustomAbort(http.StatusForbidden, "")
}
contains, err := projectContainsRepo(p.projectName)
if err != nil {
log.Errorf("failed to check whether project %s contains any repository: %v", p.projectName, err)
p.CustomAbort(http.StatusInternalServerError, "")
}
if contains {
p.CustomAbort(http.StatusPreconditionFailed, "project contains repositores, can not be deleted")
}
contains, err = projectContainsPolicy(p.projectID)
if err != nil {
log.Errorf("failed to check whether project %s contains any policy: %v", p.projectName, err)
p.CustomAbort(http.StatusInternalServerError, "")
}
if contains {
p.CustomAbort(http.StatusPreconditionFailed, "project contains policies, can not be deleted")
}
if err = dao.DeleteProject(p.projectID); err != nil {
log.Errorf("failed to delete project %d: %v", p.projectID, err)
p.CustomAbort(http.StatusInternalServerError, "")
}
go func() {
if err := dao.AddAccessLog(models.AccessLog{
UserID: userID,
ProjectID: p.projectID,
RepoName: p.projectName,
Operation: "delete",
}); err != nil {
log.Errorf("failed to add access log: %v", err)
}
}()
}
func projectContainsRepo(name string) (bool, error) {
repositories, err := getReposByProject(name)
if err != nil {
return false, err
}
return len(repositories) > 0, nil
}
func projectContainsPolicy(id int64) (bool, error) {
policies, err := dao.GetRepPolicyByProject(id)
if err != nil {
return false, err
}
return len(policies) > 0, nil
}
2016-05-26 07:59:03 +02:00
// List ...
func (p *ProjectAPI) List() {
var total int64
2016-05-17 11:03:40 +02:00
var public int
var err error
page, pageSize := p.getPaginationParams()
var projectList []models.Project
projectName := p.GetString("project_name")
isPublic := p.GetString("is_public")
if len(isPublic) > 0 {
2016-05-17 11:03:40 +02:00
public, err = strconv.Atoi(isPublic)
if err != nil {
log.Errorf("Error parsing public property: %v, error: %v", isPublic, err)
p.CustomAbort(http.StatusBadRequest, "invalid project Id")
}
}
isAdmin := false
2016-05-17 11:03:40 +02:00
if public == 1 {
total, err = dao.GetTotalOfProjects(projectName, 1)
if err != nil {
log.Errorf("failed to get total of projects: %v", err)
p.CustomAbort(http.StatusInternalServerError, "")
}
projectList, err = dao.GetProjects(projectName, 1, pageSize, pageSize*(page-1))
if err != nil {
log.Errorf("failed to get projects: %v", err)
p.CustomAbort(http.StatusInternalServerError, "")
}
} else {
//if the request is not for public projects, user must login or provide credential
p.userID = p.ValidateUser()
isAdmin, err = dao.IsAdminRole(p.userID)
2016-05-17 11:03:40 +02:00
if err != nil {
log.Errorf("Error occured in check admin, error: %v", err)
2016-05-17 11:03:40 +02:00
p.CustomAbort(http.StatusInternalServerError, "Internal error.")
}
if isAdmin {
total, err = dao.GetTotalOfProjects(projectName)
if err != nil {
log.Errorf("failed to get total of projects: %v", err)
p.CustomAbort(http.StatusInternalServerError, "")
}
projectList, err = dao.GetProjects(projectName, pageSize, pageSize*(page-1))
if err != nil {
log.Errorf("failed to get projects: %v", err)
p.CustomAbort(http.StatusInternalServerError, "")
}
2016-05-17 11:03:40 +02:00
} else {
total, err = dao.GetTotalOfUserRelevantProjects(p.userID, projectName)
if err != nil {
log.Errorf("failed to get total of projects: %v", err)
p.CustomAbort(http.StatusInternalServerError, "")
}
projectList, err = dao.GetUserRelevantProjects(p.userID, projectName, pageSize, pageSize*(page-1))
if err != nil {
log.Errorf("failed to get projects: %v", err)
p.CustomAbort(http.StatusInternalServerError, "")
}
2016-05-17 11:03:40 +02:00
}
}
2016-02-01 12:59:10 +01:00
for i := 0; i < len(projectList); i++ {
if public != 1 {
if isAdmin {
projectList[i].Role = models.PROJECTADMIN
}
if projectList[i].Role == models.PROJECTADMIN {
projectList[i].Togglable = true
}
2016-02-01 12:59:10 +01:00
}
repos, err := dao.GetRepositoryByProjectName(projectList[i].Name)
if err != nil {
log.Errorf("failed to get repositories of project %s: %v", projectList[i].Name, err)
p.CustomAbort(http.StatusInternalServerError, "")
}
projectList[i].RepoCount = len(repos)
2016-02-01 12:59:10 +01:00
}
p.setPaginationHeader(total, page, pageSize)
2016-02-01 12:59:10 +01:00
p.Data["json"] = projectList
p.ServeJSON()
}
2016-06-02 13:15:23 +02:00
// ToggleProjectPublic ...
2016-05-25 08:21:01 +02:00
func (p *ProjectAPI) ToggleProjectPublic() {
p.userID = p.ValidateUser()
2016-02-01 12:59:10 +01:00
var req projectReq
projectID, err := strconv.ParseInt(p.Ctx.Input.Param(":id"), 10, 64)
2016-02-01 12:59:10 +01:00
if err != nil {
2016-03-28 02:50:09 +02:00
log.Errorf("Error parsing project id: %d, error: %v", projectID, err)
p.RenderError(http.StatusBadRequest, "invalid project id")
2016-02-01 12:59:10 +01:00
return
}
p.DecodeJSONReq(&req)
public := req.Public
if !isProjectAdmin(p.userID, projectID) {
2016-03-28 02:50:09 +02:00
log.Warningf("Current user, id: %d does not have project admin role for project, id: %d", p.userID, projectID)
p.RenderError(http.StatusForbidden, "")
2016-02-01 12:59:10 +01:00
return
}
err = dao.ToggleProjectPublicity(p.projectID, public)
2016-02-01 12:59:10 +01:00
if err != nil {
2016-03-28 02:50:09 +02:00
log.Errorf("Error while updating project, project id: %d, error: %v", projectID, err)
p.RenderError(http.StatusInternalServerError, "Failed to update project")
2016-02-01 12:59:10 +01:00
}
}
2016-02-26 11:35:55 +01:00
// FilterAccessLog handles GET to /api/projects/{}/logs
2016-02-01 12:59:10 +01:00
func (p *ProjectAPI) FilterAccessLog() {
p.userID = p.ValidateUser()
2016-02-01 12:59:10 +01:00
var query models.AccessLog
p.DecodeJSONReq(&query)
2016-02-01 12:59:10 +01:00
2016-09-14 09:25:16 +02:00
if !checkProjectPermission(p.userID, p.projectID) {
log.Warningf("Current user, user id: %d does not have permission to read accesslog of project, id: %d", p.userID, p.projectID)
p.RenderError(http.StatusForbidden, "")
return
}
query.ProjectID = p.projectID
query.BeginTime = time.Unix(query.BeginTimestamp, 0)
query.EndTime = time.Unix(query.EndTimestamp, 0)
2016-02-01 12:59:10 +01:00
page, pageSize := p.getPaginationParams()
total, err := dao.GetTotalOfAccessLogs(query)
if err != nil {
log.Errorf("failed to get total of access log: %v", err)
p.CustomAbort(http.StatusInternalServerError, "")
}
logs, err := dao.GetAccessLogs(query, pageSize, pageSize*(page-1))
2016-02-01 12:59:10 +01:00
if err != nil {
log.Errorf("failed to get access log: %v", err)
p.CustomAbort(http.StatusInternalServerError, "")
2016-02-01 12:59:10 +01:00
}
p.setPaginationHeader(total, page, pageSize)
p.Data["json"] = logs
2016-04-21 18:28:59 +02:00
2016-02-01 12:59:10 +01:00
p.ServeJSON()
}
func isProjectAdmin(userID int, pid int64) bool {
isSysAdmin, err := dao.IsAdminRole(userID)
if err != nil {
log.Errorf("Error occurred in IsAdminRole, returning false, error: %v", err)
return false
}
if isSysAdmin {
return true
}
2016-03-29 06:09:27 +02:00
rolelist, err := dao.GetUserProjectRoles(userID, pid)
2016-02-01 12:59:10 +01:00
if err != nil {
2016-03-28 02:50:09 +02:00
log.Errorf("Error occurred in GetUserProjectRoles, returning false, error: %v", err)
2016-02-01 12:59:10 +01:00
return false
}
2016-03-29 06:09:27 +02:00
hasProjectAdminRole := false
for _, role := range rolelist {
if role.RoleID == models.PROJECTADMIN {
hasProjectAdminRole = true
break
}
}
return hasProjectAdminRole
2016-02-01 12:59:10 +01:00
}
2016-02-17 07:29:05 +01:00
func validateProjectReq(req projectReq) error {
pn := req.ProjectName
if isIllegalLength(req.ProjectName, projectNameMinLen, projectNameMaxLen) {
return fmt.Errorf("Project name is illegal in length. (greater than 4 or less than 30)")
2016-05-25 08:21:01 +02:00
}
validProjectName := regexp.MustCompile(`^[a-z0-9](?:-*[a-z0-9])*(?:[._][a-z0-9](?:-*[a-z0-9])*)*$`)
legal := validProjectName.MatchString(pn)
if !legal {
return fmt.Errorf("Project name is not in lower case or contains illegal characters!")
2016-05-31 11:38:51 +02:00
}
2016-02-17 07:29:05 +01:00
return nil
}