mirror of
https://github.com/goharbor/harbor.git
synced 2024-09-30 22:37:43 +02:00
Merge remote-tracking branch 'upstream/master'
This commit is contained in:
commit
19671e929a
14
api/base.go
14
api/base.go
@ -17,8 +17,10 @@ package api
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/vmware/harbor/auth"
|
||||||
"github.com/vmware/harbor/dao"
|
"github.com/vmware/harbor/dao"
|
||||||
"github.com/vmware/harbor/models"
|
"github.com/vmware/harbor/models"
|
||||||
|
|
||||||
@ -52,6 +54,18 @@ func (b *BaseAPI) DecodeJSONReq(v interface{}) {
|
|||||||
// ValidateUser checks if the request triggered by a valid user
|
// ValidateUser checks if the request triggered by a valid user
|
||||||
func (b *BaseAPI) ValidateUser() int {
|
func (b *BaseAPI) ValidateUser() int {
|
||||||
|
|
||||||
|
username, password, ok := b.Ctx.Request.BasicAuth()
|
||||||
|
if ok {
|
||||||
|
log.Printf("Requst with Basic Authentication header, username: %s", username)
|
||||||
|
user, err := auth.Login(models.AuthModel{username, password})
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Error while trying to login, username: %s, error: %v", username, err)
|
||||||
|
user = nil
|
||||||
|
}
|
||||||
|
if user != nil {
|
||||||
|
return user.UserID
|
||||||
|
}
|
||||||
|
}
|
||||||
sessionUserID := b.GetSession("userId")
|
sessionUserID := b.GetSession("userId")
|
||||||
if sessionUserID == nil {
|
if sessionUserID == nil {
|
||||||
beego.Warning("No user id in session, canceling request")
|
beego.Warning("No user id in session, canceling request")
|
||||||
|
@ -64,21 +64,31 @@ func (idc *ItemDetailController) Get() {
|
|||||||
|
|
||||||
if sessionUserID != nil {
|
if sessionUserID != nil {
|
||||||
|
|
||||||
idc.Data["Username"] = idc.GetSession("username")
|
userID := sessionUserID.(int)
|
||||||
idc.Data["UserId"] = sessionUserID.(int)
|
|
||||||
|
|
||||||
roleList, err := dao.GetUserProjectRoles(models.User{UserID: sessionUserID.(int)}, projectID)
|
idc.Data["Username"] = idc.GetSession("username")
|
||||||
|
idc.Data["UserId"] = userID
|
||||||
|
|
||||||
|
roleList, err := dao.GetUserProjectRoles(models.User{UserID: userID}, projectID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
beego.Error("Error occurred in GetUserProjectRoles:", err)
|
beego.Error("Error occurred in GetUserProjectRoles:", err)
|
||||||
idc.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
idc.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||||
}
|
}
|
||||||
|
|
||||||
if project.Public == 0 && len(roleList) == 0 {
|
isAdmin, err := dao.IsAdminRole(userID)
|
||||||
|
if err != nil {
|
||||||
|
beego.Error("Error occurred in IsAdminRole:", err)
|
||||||
|
idc.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
||||||
|
}
|
||||||
|
|
||||||
|
if !isAdmin && (project.Public == 0 && len(roleList) == 0) {
|
||||||
idc.Redirect("/registry/project", http.StatusFound)
|
idc.Redirect("/registry/project", http.StatusFound)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(roleList) > 0 {
|
if isAdmin {
|
||||||
|
idc.Data["RoleId"] = models.SYSADMIN
|
||||||
|
} else if len(roleList) > 0 {
|
||||||
idc.Data["RoleId"] = roleList[0].RoleID
|
idc.Data["RoleId"] = roleList[0].RoleID
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -53,7 +53,7 @@ func (c *CommonController) Login() {
|
|||||||
user, err := auth.Login(models.AuthModel{principal, password})
|
user, err := auth.Login(models.AuthModel{principal, password})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
beego.Error("Error occurred in UserLogin:", err)
|
beego.Error("Error occurred in UserLogin:", err)
|
||||||
c.CustomAbort(http.StatusInternalServerError, "Internal error.")
|
c.CustomAbort(http.StatusUnauthorized, "")
|
||||||
}
|
}
|
||||||
|
|
||||||
if user == nil {
|
if user == nil {
|
||||||
|
@ -22,7 +22,6 @@ import (
|
|||||||
"github.com/vmware/harbor/auth"
|
"github.com/vmware/harbor/auth"
|
||||||
"github.com/vmware/harbor/models"
|
"github.com/vmware/harbor/models"
|
||||||
svc_utils "github.com/vmware/harbor/service/utils"
|
svc_utils "github.com/vmware/harbor/service/utils"
|
||||||
"github.com/vmware/harbor/utils"
|
|
||||||
|
|
||||||
"github.com/astaxie/beego"
|
"github.com/astaxie/beego"
|
||||||
"github.com/docker/distribution/registry/auth/token"
|
"github.com/docker/distribution/registry/auth/token"
|
||||||
@ -39,13 +38,9 @@ type TokenHandler struct {
|
|||||||
func (a *TokenHandler) Get() {
|
func (a *TokenHandler) Get() {
|
||||||
|
|
||||||
request := a.Ctx.Request
|
request := a.Ctx.Request
|
||||||
|
|
||||||
log.Println("request url: " + request.URL.String())
|
log.Println("request url: " + request.URL.String())
|
||||||
authorization := request.Header["Authorization"]
|
username, password, _ := request.BasicAuth()
|
||||||
log.Println("authorization:", authorization)
|
|
||||||
username, password := utils.ParseBasicAuth(authorization)
|
|
||||||
authenticated := authenticate(username, password)
|
authenticated := authenticate(username, password)
|
||||||
|
|
||||||
service := a.GetString("service")
|
service := a.GetString("service")
|
||||||
scope := a.GetString("scope")
|
scope := a.GetString("scope")
|
||||||
|
|
||||||
|
@ -152,7 +152,7 @@ jQuery(function(){
|
|||||||
url: "/api/projects/" + $("#projectId").val() + "/members/current",
|
url: "/api/projects/" + $("#projectId").val() + "/members/current",
|
||||||
type: "get",
|
type: "get",
|
||||||
success: function(data, status, xhr){
|
success: function(data, status, xhr){
|
||||||
if(xhr && xhr.status == 200 && data.roles.length > 0){
|
if(xhr && xhr.status == 200 && data.roles != null && data.roles.length > 0){
|
||||||
hasAuthorization = true;
|
hasAuthorization = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -16,12 +16,9 @@
|
|||||||
package utils
|
package utils
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/base64"
|
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/vmware/harbor/models"
|
"github.com/vmware/harbor/models"
|
||||||
|
|
||||||
"github.com/astaxie/beego"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// Repository holds information about repository
|
// Repository holds information about repository
|
||||||
@ -29,18 +26,6 @@ type Repository struct {
|
|||||||
Name string
|
Name string
|
||||||
}
|
}
|
||||||
|
|
||||||
// ParseBasicAuth parses the basic authorization
|
|
||||||
func ParseBasicAuth(authorization []string) (username, password string) {
|
|
||||||
if authorization == nil || len(authorization) == 0 {
|
|
||||||
beego.Debug("Authorization header is not set.")
|
|
||||||
return "", ""
|
|
||||||
}
|
|
||||||
auth := strings.SplitN(authorization[0], " ", 2)
|
|
||||||
payload, _ := base64.StdEncoding.DecodeString(auth[1])
|
|
||||||
pair := strings.SplitN(string(payload), ":", 2)
|
|
||||||
return pair[0], pair[1]
|
|
||||||
}
|
|
||||||
|
|
||||||
// GetProject parses the repository and return the name of project.
|
// GetProject parses the repository and return the name of project.
|
||||||
func (r *Repository) GetProject() string {
|
func (r *Repository) GetProject() string {
|
||||||
if !strings.ContainsRune(r.Name, '/') {
|
if !strings.ContainsRune(r.Name, '/') {
|
||||||
|
Loading…
Reference in New Issue
Block a user