2016-02-01 12:59:10 +01:00
|
|
|
/*
|
|
|
|
Copyright (c) 2016 VMware, Inc. All Rights Reserved.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
limitations under the License.
|
|
|
|
*/
|
2016-02-26 11:54:14 +01:00
|
|
|
|
2016-02-01 12:59:10 +01:00
|
|
|
package api
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
|
|
|
"net/http"
|
|
|
|
|
2016-03-07 15:27:47 +01:00
|
|
|
"github.com/vmware/harbor/auth"
|
2016-02-01 12:59:10 +01:00
|
|
|
"github.com/vmware/harbor/dao"
|
|
|
|
"github.com/vmware/harbor/models"
|
2016-03-28 02:50:09 +02:00
|
|
|
"github.com/vmware/harbor/utils/log"
|
2016-02-01 12:59:10 +01:00
|
|
|
)
|
|
|
|
|
2016-02-26 11:35:55 +01:00
|
|
|
// BaseAPI wraps common methods for controllers to host API
|
2016-02-01 12:59:10 +01:00
|
|
|
type BaseAPI struct {
|
|
|
|
beego.Controller
|
|
|
|
}
|
|
|
|
|
2016-02-26 11:35:55 +01:00
|
|
|
// Render returns nil as it won't render template
|
2016-02-01 12:59:10 +01:00
|
|
|
func (b *BaseAPI) Render() error {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2016-02-26 11:35:55 +01:00
|
|
|
// RenderError provides shortcut to render http error
|
2016-02-01 12:59:10 +01:00
|
|
|
func (b *BaseAPI) RenderError(code int, text string) {
|
|
|
|
http.Error(b.Ctx.ResponseWriter, text, code)
|
|
|
|
}
|
|
|
|
|
2016-02-26 11:35:55 +01:00
|
|
|
// DecodeJSONReq decodes a json request
|
2016-02-25 06:40:08 +01:00
|
|
|
func (b *BaseAPI) DecodeJSONReq(v interface{}) {
|
2016-02-01 12:59:10 +01:00
|
|
|
err := json.Unmarshal(b.Ctx.Input.CopyBody(1<<32), v)
|
|
|
|
if err != nil {
|
2016-03-25 07:55:53 +01:00
|
|
|
log.Errorf("Error while decoding the json request, error: %v", err)
|
2016-02-24 07:31:52 +01:00
|
|
|
b.CustomAbort(http.StatusBadRequest, "Invalid json request")
|
2016-02-01 12:59:10 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-02-26 11:35:55 +01:00
|
|
|
// ValidateUser checks if the request triggered by a valid user
|
2016-02-01 12:59:10 +01:00
|
|
|
func (b *BaseAPI) ValidateUser() int {
|
|
|
|
|
2016-03-08 04:53:13 +01:00
|
|
|
username, password, ok := b.Ctx.Request.BasicAuth()
|
|
|
|
if ok {
|
2016-03-25 07:55:53 +01:00
|
|
|
log.Infof("Requst with Basic Authentication header, username: %s", username)
|
2016-03-07 15:27:47 +01:00
|
|
|
user, err := auth.Login(models.AuthModel{username, password})
|
|
|
|
if err != nil {
|
2016-03-25 07:55:53 +01:00
|
|
|
log.Errorf("Error while trying to login, username: %s, error: %v", username, err)
|
2016-03-07 15:27:47 +01:00
|
|
|
user = nil
|
|
|
|
}
|
|
|
|
if user != nil {
|
|
|
|
return user.UserID
|
|
|
|
}
|
|
|
|
}
|
2016-02-25 06:40:08 +01:00
|
|
|
sessionUserID := b.GetSession("userId")
|
|
|
|
if sessionUserID == nil {
|
2016-03-25 07:55:53 +01:00
|
|
|
log.Warning("No user id in session, canceling request")
|
2016-02-24 07:31:52 +01:00
|
|
|
b.CustomAbort(http.StatusUnauthorized, "")
|
2016-02-01 12:59:10 +01:00
|
|
|
}
|
2016-02-25 06:40:08 +01:00
|
|
|
userID := sessionUserID.(int)
|
2016-02-26 03:15:01 +01:00
|
|
|
u, err := dao.GetUser(models.User{UserID: userID})
|
2016-02-01 12:59:10 +01:00
|
|
|
if err != nil {
|
2016-03-25 07:55:53 +01:00
|
|
|
log.Errorf("Error occurred in GetUser, error: %v", err)
|
2016-02-24 07:31:52 +01:00
|
|
|
b.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
2016-02-01 12:59:10 +01:00
|
|
|
}
|
|
|
|
if u == nil {
|
2016-03-25 10:22:07 +01:00
|
|
|
log.Warningf("User was deleted already, user id: %d, canceling request.", userID)
|
2016-02-24 07:31:52 +01:00
|
|
|
b.CustomAbort(http.StatusUnauthorized, "")
|
2016-02-01 12:59:10 +01:00
|
|
|
}
|
2016-02-25 06:40:08 +01:00
|
|
|
return userID
|
2016-02-01 12:59:10 +01:00
|
|
|
}
|