mirror of
https://github.com/goharbor/harbor.git
synced 2024-06-30 08:45:08 +02:00
Merge remote-tracking branch 'upstream/master'
This commit is contained in:
Wenkai Yin
commit
19671e929a
14
api/base.go
14
api/base.go
|
|
@ -17,8 +17,10 @@ package api
|
|||
|
||||
import (
|
||||
"encoding/json"
|
||||
"log"
|
||||
"net/http"
|
||||
|
||||
"github.com/vmware/harbor/auth"
|
||||
"github.com/vmware/harbor/dao"
|
||||
"github.com/vmware/harbor/models"
|
||||
|
||||
|
|
@ -52,6 +54,18 @@ func (b *BaseAPI) DecodeJSONReq(v interface{}) {
|
|||
// ValidateUser checks if the request triggered by a valid user
|
||||
func (b *BaseAPI) ValidateUser() int {
|
||||
|
||||
username, password, ok := b.Ctx.Request.BasicAuth()
|
||||
if ok {
|
||||
log.Printf("Requst with Basic Authentication header, username: %s", username)
|
||||
user, err := auth.Login(models.AuthModel{username, password})
|
||||
if err != nil {
|
||||
log.Printf("Error while trying to login, username: %s, error: %v", username, err)
|
||||
user = nil
|
||||
}
|
||||
if user != nil {
|
||||
return user.UserID
|
||||
}
|
||||
}
|
||||
sessionUserID := b.GetSession("userId")
|
||||
if sessionUserID == nil {
|
||||
beego.Warning("No user id in session, canceling request")
|
||||
|
|
|
|||
|
|
@ -64,21 +64,31 @@ func (idc *ItemDetailController) Get() {
|
|||
|
||||
if sessionUserID != nil {
|
||||
|
||||
idc.Data["Username"] = idc.GetSession("username")
|
||||
idc.Data["UserId"] = sessionUserID.(int)
|
||||
userID := sessionUserID.(int)
|
||||
|
||||
roleList, err := dao.GetUserProjectRoles(models.User{UserID: sessionUserID.(int)}, projectID)
|
||||
idc.Data["Username"] = idc.GetSession("username")
|
||||
idc.Data["UserId"] = userID
|
||||
|
||||
roleList, err := dao.GetUserProjectRoles(models.User{UserID: userID}, projectID)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in GetUserProjectRoles:", err)
|
||||
idc.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
|
||||
if project.Public == 0 && len(roleList) == 0 {
|
||||
isAdmin, err := dao.IsAdminRole(userID)
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in IsAdminRole:", err)
|
||||
idc.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
}
|
||||
|
||||
if !isAdmin && (project.Public == 0 && len(roleList) == 0) {
|
||||
idc.Redirect("/registry/project", http.StatusFound)
|
||||
return
|
||||
}
|
||||
|
||||
if len(roleList) > 0 {
|
||||
if isAdmin {
|
||||
idc.Data["RoleId"] = models.SYSADMIN
|
||||
} else if len(roleList) > 0 {
|
||||
idc.Data["RoleId"] = roleList[0].RoleID
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ func (c *CommonController) Login() {
|
|||
user, err := auth.Login(models.AuthModel{principal, password})
|
||||
if err != nil {
|
||||
beego.Error("Error occurred in UserLogin:", err)
|
||||
c.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||
c.CustomAbort(http.StatusUnauthorized, "")
|
||||
}
|
||||
|
||||
if user == nil {
|
||||
|
|
|
|||
|
|
@ -22,7 +22,6 @@ import (
|
|||
"github.com/vmware/harbor/auth"
|
||||
"github.com/vmware/harbor/models"
|
||||
svc_utils "github.com/vmware/harbor/service/utils"
|
||||
"github.com/vmware/harbor/utils"
|
||||
|
||||
"github.com/astaxie/beego"
|
||||
"github.com/docker/distribution/registry/auth/token"
|
||||
|
|
@ -39,13 +38,9 @@ type TokenHandler struct {
|
|||
func (a *TokenHandler) Get() {
|
||||
|
||||
request := a.Ctx.Request
|
||||
|
||||
log.Println("request url: " + request.URL.String())
|
||||
authorization := request.Header["Authorization"]
|
||||
log.Println("authorization:", authorization)
|
||||
username, password := utils.ParseBasicAuth(authorization)
|
||||
username, password, _ := request.BasicAuth()
|
||||
authenticated := authenticate(username, password)
|
||||
|
||||
service := a.GetString("service")
|
||||
scope := a.GetString("scope")
|
||||
|
||||
|
|
|
|||
|
|
@ -152,7 +152,7 @@ jQuery(function(){
|
|||
url: "/api/projects/" + $("#projectId").val() + "/members/current",
|
||||
type: "get",
|
||||
success: function(data, status, xhr){
|
||||
if(xhr && xhr.status == 200 && data.roles.length > 0){
|
||||
if(xhr && xhr.status == 200 && data.roles != null && data.roles.length > 0){
|
||||
hasAuthorization = true;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,12 +16,9 @@
|
|||
package utils
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"strings"
|
||||
|
||||
"github.com/vmware/harbor/models"
|
||||
|
||||
"github.com/astaxie/beego"
|
||||
)
|
||||
|
||||
// Repository holds information about repository
|
||||
|
|
@ -29,18 +26,6 @@ type Repository struct {
|
|||
Name string
|
||||
}
|
||||
|
||||
// ParseBasicAuth parses the basic authorization
|
||||
func ParseBasicAuth(authorization []string) (username, password string) {
|
||||
if authorization == nil || len(authorization) == 0 {
|
||||
beego.Debug("Authorization header is not set.")
|
||||
return "", ""
|
||||
}
|
||||
auth := strings.SplitN(authorization[0], " ", 2)
|
||||
payload, _ := base64.StdEncoding.DecodeString(auth[1])
|
||||
pair := strings.SplitN(string(payload), ":", 2)
|
||||
return pair[0], pair[1]
|
||||
}
|
||||
|
||||
// GetProject parses the repository and return the name of project.
|
||||
func (r *Repository) GetProject() string {
|
||||
if !strings.ContainsRune(r.Name, '/') {
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user