mirror of
https://github.com/goharbor/harbor.git
synced 2025-01-04 06:57:50 +01:00
Add robot permission of helm-chart pull/push
add robot permission of helm-chart pull/push Signed-off-by: Yogi_Wang <yawang@vmware.com>
This commit is contained in:
parent
fbec3ee76f
commit
247d58232a
@ -60,13 +60,13 @@
|
|||||||
</clr-tooltip-content>
|
</clr-tooltip-content>
|
||||||
</clr-tooltip></label>
|
</clr-tooltip></label>
|
||||||
<input type="password" name="cli_password" disabled [ngModel]="'account.oidc_user_meta.secret'" size="33">
|
<input type="password" name="cli_password" disabled [ngModel]="'account.oidc_user_meta.secret'" size="33">
|
||||||
<button (click)="generateCli(account.user_id)" class="btn btn-outline btn-sm btn-padding-less" *ngIf="showGenerateCli">
|
<button (click)="generateCli(account.user_id)" id="generate-cli-btn" class="btn btn-outline btn-sm btn-padding-less" *ngIf="showGenerateCli">
|
||||||
{{'PROFILE.ADMIN_CIL_SECRET_BUTTON' | translate}}
|
{{'PROFILE.ADMIN_CIL_SECRET_BUTTON' | translate}}
|
||||||
</button>
|
</button>
|
||||||
<div class="rename-tool reset-cli">
|
<div class="rename-tool reset-cli">
|
||||||
<hbr-copy-input #copyInput (onCopySuccess)="onSuccess($event)" (onCopyError)="onError($event)" iconMode="true" [defaultValue]="account.oidc_user_meta.secret"></hbr-copy-input>
|
<hbr-copy-input #copyInput (onCopySuccess)="onSuccess($event)" (onCopyError)="onError($event)" iconMode="true" [defaultValue]="account.oidc_user_meta.secret"></hbr-copy-input>
|
||||||
</div>
|
</div>
|
||||||
<div (click)="showGenerateCliFn()" *ngIf="!showGenerateCli" class="hidden-generate-cli">···</div>
|
<div (click)="showGenerateCliFn()" *ngIf="!showGenerateCli" id="hidden-generate-cli" class="hidden-generate-cli">···</div>
|
||||||
</div>
|
</div>
|
||||||
</section>
|
</section>
|
||||||
</form>
|
</form>
|
||||||
|
@ -38,23 +38,50 @@
|
|||||||
[(ngModel)]="robot.description"
|
[(ngModel)]="robot.description"
|
||||||
name="robot_desc" id="robot_desc">
|
name="robot_desc" id="robot_desc">
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group clr-form-control rule-width">
|
<div class="form-group">
|
||||||
|
<label class="col-md-3">
|
||||||
|
{{'ROBOT_ACCOUNT.PERMISSIONS' | translate}}
|
||||||
|
</label>
|
||||||
|
<label class="clr-col-md-8 no-margin padding-left-0">
|
||||||
<clr-checkbox-wrapper>
|
<clr-checkbox-wrapper>
|
||||||
<input type="checkbox" clrCheckbox [checked]="true"
|
<input type="checkbox" clrCheckbox [checked]="true"
|
||||||
[(ngModel)]="robot.access.isPull" name="isPull"
|
[(ngModel)]="robot.access.isPullImage" name="isPullImage"
|
||||||
id="permission-pull" class="clr-checkbox">
|
id="permission-pull" class="clr-checkbox">
|
||||||
<label for="permission-pull" class="clr-control-label">
|
<label for="permission-pull" class="clr-control-label">
|
||||||
{{'ROBOT_ACCOUNT.PULL_PERMISSION' | translate}}
|
{{'ROBOT_ACCOUNT.PULL_PERMISSION' | translate}}
|
||||||
</label>
|
</label>
|
||||||
</clr-checkbox-wrapper>
|
</clr-checkbox-wrapper>
|
||||||
|
</label>
|
||||||
|
<label class="clr-col-md-8 no-margin padding-left-0">
|
||||||
<clr-checkbox-wrapper>
|
<clr-checkbox-wrapper>
|
||||||
<input type="checkbox" clrCheckbox [checked]="true"
|
<input type="checkbox" clrCheckbox [checked]="true"
|
||||||
[(ngModel)]="robot.access.isPush" name="isPush"
|
[(ngModel)]="robot.access.isPushOrPullImage" name="isPushOrPullImage"
|
||||||
id="permission-push" class="clr-checkbox">
|
id="permission-push" class="clr-checkbox">
|
||||||
<label for="permission-push" class="clr-control-label">
|
<label for="permission-push" class="clr-control-label">
|
||||||
{{'ROBOT_ACCOUNT.PULL_PUSH_PERMISSION' | translate}}
|
{{'ROBOT_ACCOUNT.PULL_PUSH_PERMISSION' | translate}}
|
||||||
</label>
|
</label>
|
||||||
</clr-checkbox-wrapper>
|
</clr-checkbox-wrapper>
|
||||||
|
</label>
|
||||||
|
<label class="clr-col-md-8 no-margin padding-left-0">
|
||||||
|
<clr-checkbox-wrapper>
|
||||||
|
<input type="checkbox" clrCheckbox [checked]="true"
|
||||||
|
[(ngModel)]="robot.access.isPushChart" name="isPushChart"
|
||||||
|
id="permission-push-chart" class="clr-checkbox">
|
||||||
|
<label for="permission-push-chart" class="clr-control-label">
|
||||||
|
{{'ROBOT_ACCOUNT.PUSH_CHART_PERMISSION' | translate}}
|
||||||
|
</label>
|
||||||
|
</clr-checkbox-wrapper>
|
||||||
|
</label>
|
||||||
|
<label class="clr-col-md-8 no-margin padding-left-0">
|
||||||
|
<clr-checkbox-wrapper>
|
||||||
|
<input type="checkbox" clrCheckbox [checked]="true"
|
||||||
|
[(ngModel)]="robot.access.isPullChart" name="isPullChart"
|
||||||
|
id="permission-pull-chart" class="clr-checkbox">
|
||||||
|
<label for="permission-pull-chart" class="clr-control-label">
|
||||||
|
{{'ROBOT_ACCOUNT.PULL_CHART_PERMISSION' | translate}}
|
||||||
|
</label>
|
||||||
|
</clr-checkbox-wrapper>
|
||||||
|
</label>
|
||||||
</div>
|
</div>
|
||||||
</section>
|
</section>
|
||||||
</form>
|
</form>
|
||||||
|
@ -29,3 +29,9 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
.padding-left-0 {
|
||||||
|
padding-left: 0;
|
||||||
|
}
|
||||||
|
.no-margin {
|
||||||
|
margin: 0;
|
||||||
|
}
|
||||||
|
@ -31,8 +31,6 @@ export class AddRobotComponent implements OnInit, OnDestroy {
|
|||||||
isSubmitOnGoing = false;
|
isSubmitOnGoing = false;
|
||||||
closable: boolean = false;
|
closable: boolean = false;
|
||||||
staticBackdrop: boolean = true;
|
staticBackdrop: boolean = true;
|
||||||
isPull: boolean;
|
|
||||||
isPush: boolean;
|
|
||||||
createSuccess: string;
|
createSuccess: string;
|
||||||
isRobotNameValid: boolean = true;
|
isRobotNameValid: boolean = true;
|
||||||
checkOnGoing: boolean = false;
|
checkOnGoing: boolean = false;
|
||||||
@ -122,11 +120,8 @@ export class AddRobotComponent implements OnInit, OnDestroy {
|
|||||||
this.robotService
|
this.robotService
|
||||||
.addRobotAccount(
|
.addRobotAccount(
|
||||||
this.projectId,
|
this.projectId,
|
||||||
this.robot.name,
|
this.robot,
|
||||||
this.robot.description,
|
this.projectName
|
||||||
this.projectName,
|
|
||||||
this.robot.access.isPull,
|
|
||||||
this.robot.access.isPush
|
|
||||||
)
|
)
|
||||||
.subscribe(
|
.subscribe(
|
||||||
response => {
|
response => {
|
||||||
@ -162,7 +157,8 @@ export class AddRobotComponent implements OnInit, OnDestroy {
|
|||||||
if (this.robot && this.robot.access) {
|
if (this.robot && this.robot.access) {
|
||||||
return (
|
return (
|
||||||
!this.isValid() ||
|
!this.isValid() ||
|
||||||
(!this.robot.access.isPush && !this.robot.access.isPull)
|
(!this.robot.access.isPushOrPullImage && !this.robot.access.isPullImage
|
||||||
|
&& !this.robot.access.isPullChart && !this.robot.access.isPushChart)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -17,27 +17,38 @@ import { map, catchError } from "rxjs/operators";
|
|||||||
import { Injectable } from "@angular/core";
|
import { Injectable } from "@angular/core";
|
||||||
import { HttpClient } from "@angular/common/http";
|
import { HttpClient } from "@angular/common/http";
|
||||||
import { RobotApiRepository } from "./robot.api.repository";
|
import { RobotApiRepository } from "./robot.api.repository";
|
||||||
|
import { Robot } from "./robot";
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class RobotService {
|
export class RobotService {
|
||||||
constructor(
|
constructor(
|
||||||
private http: HttpClient,
|
private http: HttpClient,
|
||||||
private robotApiRepository: RobotApiRepository
|
private robotApiRepository: RobotApiRepository
|
||||||
) {}
|
) { }
|
||||||
public addRobotAccount(projecId, name, description, projectName, isPull, isPush): Observable<any> {
|
|
||||||
|
/** addRobotAccount
|
||||||
|
* projecId
|
||||||
|
* robot: Robot
|
||||||
|
* projectName
|
||||||
|
*/
|
||||||
|
public addRobotAccount(projecId: number, robot: Robot, projectName: string): Observable<any> {
|
||||||
let access = [];
|
let access = [];
|
||||||
if ( isPull ) {
|
if (robot.access.isPullImage) {
|
||||||
access.push({"resource": "/project/" + projecId + "/repository", "action": "pull"});
|
access.push({ "resource": `/project/${projectName}/repository`, "action": "pull" });
|
||||||
access.push({"resource": "/project/" + projectName + "/repository", "action": "pull"});
|
|
||||||
}
|
}
|
||||||
if ( isPush ) {
|
if (robot.access.isPushOrPullImage) {
|
||||||
access.push({"resource": "/project/" + projecId + "/repository", "action": "push"});
|
access.push({ "resource": `/project/${projectName}/repository`, "action": "push" });
|
||||||
access.push({"resource": "/project/" + projectName + "/repository", "action": "push"});
|
}
|
||||||
|
if (robot.access.isPullChart) {
|
||||||
|
access.push({ "resource": `/project/${projectName}/helm-chart`, "action": "read" });
|
||||||
|
}
|
||||||
|
if (robot.access.isPushChart) {
|
||||||
|
access.push({ "resource": `/project/${projectName}/helm-chart-version`, "action": "create" });
|
||||||
}
|
}
|
||||||
|
|
||||||
let param = {
|
let param = {
|
||||||
name: name,
|
name: robot.name,
|
||||||
description: description,
|
description: robot.description,
|
||||||
access: access
|
access
|
||||||
};
|
};
|
||||||
|
|
||||||
return this.robotApiRepository.postRobot(projecId, param);
|
return this.robotApiRepository.postRobot(projecId, param);
|
||||||
|
@ -6,16 +6,20 @@ export class Robot {
|
|||||||
expires_at: number;
|
expires_at: number;
|
||||||
disabled: boolean;
|
disabled: boolean;
|
||||||
access: {
|
access: {
|
||||||
isPull: boolean;
|
isPullImage: boolean;
|
||||||
isPush: boolean;
|
isPushOrPullImage: boolean;
|
||||||
|
isPushChart: boolean;
|
||||||
|
isPullChart: boolean;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
constructor () {
|
constructor () {
|
||||||
this.access = <any>{};
|
this.access = <any>{};
|
||||||
// this.access[0].action = true;
|
// this.access[0].action = true;
|
||||||
this.access.isPull = true;
|
this.access.isPullImage = true;
|
||||||
this.access.isPush = true;
|
this.access.isPushOrPullImage = true;
|
||||||
|
this.access.isPushChart = false;
|
||||||
|
this.access.isPullChart = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -294,6 +294,7 @@
|
|||||||
},
|
},
|
||||||
"ROBOT_ACCOUNT": {
|
"ROBOT_ACCOUNT": {
|
||||||
"NAME": "Name",
|
"NAME": "Name",
|
||||||
|
"PERMISSIONS": "Permissions",
|
||||||
"TOKEN": "Token",
|
"TOKEN": "Token",
|
||||||
"NEW_ROBOT_ACCOUNT": "NEW ROBOT ACCOUNT",
|
"NEW_ROBOT_ACCOUNT": "NEW ROBOT ACCOUNT",
|
||||||
"ENABLED_STATE": "Enabled state",
|
"ENABLED_STATE": "Enabled state",
|
||||||
@ -309,8 +310,10 @@
|
|||||||
"ENABLE_ACCOUNT": "Enable Account",
|
"ENABLE_ACCOUNT": "Enable Account",
|
||||||
"DELETE": "Delete",
|
"DELETE": "Delete",
|
||||||
"CREAT_ROBOT_ACCOUNT": "Creat Robot Account",
|
"CREAT_ROBOT_ACCOUNT": "Creat Robot Account",
|
||||||
"PULL_PERMISSION": "Permission for Pull",
|
"PULL_PERMISSION": "Image pull",
|
||||||
"PULL_PUSH_PERMISSION": "Permission for Push / Pull",
|
"PULL_PUSH_PERMISSION": "Image pull / push",
|
||||||
|
"PUSH_CHART_PERMISSION": "Helm chart push",
|
||||||
|
"PULL_CHART_PERMISSION": "Helm chart pull",
|
||||||
"FILTER_PLACEHOLDER": "Filter Robot Accounts",
|
"FILTER_PLACEHOLDER": "Filter Robot Accounts",
|
||||||
"ROBOT_NAME": "Cannot contain special characters(~#$%) and maximum length should be 255 characters.",
|
"ROBOT_NAME": "Cannot contain special characters(~#$%) and maximum length should be 255 characters.",
|
||||||
"ACCOUNT_EXISTING": "Robot Account is already exists.",
|
"ACCOUNT_EXISTING": "Robot Account is already exists.",
|
||||||
|
@ -295,6 +295,7 @@
|
|||||||
},
|
},
|
||||||
"ROBOT_ACCOUNT": {
|
"ROBOT_ACCOUNT": {
|
||||||
"NAME": "Name",
|
"NAME": "Name",
|
||||||
|
"PERMISSIONS": "Permissions",
|
||||||
"TOKEN": "Token",
|
"TOKEN": "Token",
|
||||||
"NEW_ROBOT_ACCOUNT": "NEW ROBOT ACCOUNT",
|
"NEW_ROBOT_ACCOUNT": "NEW ROBOT ACCOUNT",
|
||||||
"ENABLED_STATE": "Enabled state",
|
"ENABLED_STATE": "Enabled state",
|
||||||
@ -310,8 +311,10 @@
|
|||||||
"ENABLE_ACCOUNT": "Enable Account",
|
"ENABLE_ACCOUNT": "Enable Account",
|
||||||
"DELETE": "Delete",
|
"DELETE": "Delete",
|
||||||
"CREAT_ROBOT_ACCOUNT": "Creat Robot Account",
|
"CREAT_ROBOT_ACCOUNT": "Creat Robot Account",
|
||||||
"PULL_PERMISSION": "Permission for Pull",
|
"PULL_PERMISSION": "Image pull",
|
||||||
"PULL_PUSH_PERMISSION": "Permission for Push / Pull",
|
"PULL_PUSH_PERMISSION": "Image pull / push",
|
||||||
|
"PUSH_CHART_PERMISSION": "Helm chart push",
|
||||||
|
"PULL_CHART_PERMISSION": "Helm chart pull",
|
||||||
"FILTER_PLACEHOLDER": "Filter Robot Accounts",
|
"FILTER_PLACEHOLDER": "Filter Robot Accounts",
|
||||||
"ROBOT_NAME": "Cannot contain special characters(~#$%) and maximum length should be 255 characters.",
|
"ROBOT_NAME": "Cannot contain special characters(~#$%) and maximum length should be 255 characters.",
|
||||||
"ACCOUNT_EXISTING": "Robot Account is already exists.",
|
"ACCOUNT_EXISTING": "Robot Account is already exists.",
|
||||||
|
@ -286,6 +286,7 @@
|
|||||||
},
|
},
|
||||||
"ROBOT_ACCOUNT": {
|
"ROBOT_ACCOUNT": {
|
||||||
"NAME": "Nom",
|
"NAME": "Nom",
|
||||||
|
"PERMISSIONS": "Permissions",
|
||||||
"TOKEN": "gage ",
|
"TOKEN": "gage ",
|
||||||
"NEW_ROBOT_ACCOUNT": "nouveau robot compte ",
|
"NEW_ROBOT_ACCOUNT": "nouveau robot compte ",
|
||||||
"ENABLED_STATE": "état d 'activation",
|
"ENABLED_STATE": "état d 'activation",
|
||||||
@ -301,8 +302,10 @@
|
|||||||
"ENABLE_ACCOUNT": "permettre à compte ",
|
"ENABLE_ACCOUNT": "permettre à compte ",
|
||||||
"DELETE": "Supprimer",
|
"DELETE": "Supprimer",
|
||||||
"CREAT_ROBOT_ACCOUNT": "créat robot compte ",
|
"CREAT_ROBOT_ACCOUNT": "créat robot compte ",
|
||||||
"PULL_PERMISSION": "Permission for Pull",
|
"PULL_PERMISSION": "Image pull",
|
||||||
"PULL_PUSH_PERMISSION": "Permission for Push / Pull",
|
"PULL_PUSH_PERMISSION": "Image pull / push",
|
||||||
|
"PUSH_CHART_PERMISSION": "Helm chart push",
|
||||||
|
"PULL_CHART_PERMISSION": "Helm chart pull",
|
||||||
"FILTER_PLACEHOLDER": "Filter Robot Accounts",
|
"FILTER_PLACEHOLDER": "Filter Robot Accounts",
|
||||||
"ROBOT_NAME": "ne peut pas contenir de caractères spéciaux(~#$%) et la longueur maximale devrait être de 255 caractères.",
|
"ROBOT_NAME": "ne peut pas contenir de caractères spéciaux(~#$%) et la longueur maximale devrait être de 255 caractères.",
|
||||||
"ACCOUNT_EXISTING": "le robot est existe déjà.",
|
"ACCOUNT_EXISTING": "le robot est existe déjà.",
|
||||||
|
@ -292,6 +292,7 @@
|
|||||||
},
|
},
|
||||||
"ROBOT_ACCOUNT": {
|
"ROBOT_ACCOUNT": {
|
||||||
"NAME": "Nome",
|
"NAME": "Nome",
|
||||||
|
"PERMISSIONS": "Permissions",
|
||||||
"TOKEN": "Token",
|
"TOKEN": "Token",
|
||||||
"NEW_ROBOT_ACCOUNT": "Novo robô conta",
|
"NEW_ROBOT_ACCOUNT": "Novo robô conta",
|
||||||
"ENABLED_STATE": "Enabled state",
|
"ENABLED_STATE": "Enabled state",
|
||||||
@ -307,8 +308,10 @@
|
|||||||
"ENABLE_ACCOUNT": "Ativar conta",
|
"ENABLE_ACCOUNT": "Ativar conta",
|
||||||
"DELETE": "Remover",
|
"DELETE": "Remover",
|
||||||
"CREAT_ROBOT_ACCOUNT": "CRIA robô conta",
|
"CREAT_ROBOT_ACCOUNT": "CRIA robô conta",
|
||||||
"PULL_PERMISSION": "Permission for Pull",
|
"PULL_PERMISSION": "Image pull",
|
||||||
"PULL_PUSH_PERMISSION": "Permission for Push / Pull",
|
"PULL_PUSH_PERMISSION": "Image pull / push",
|
||||||
|
"PUSH_CHART_PERMISSION": "Helm chart push",
|
||||||
|
"PULL_CHART_PERMISSION": "Helm chart pull",
|
||||||
"FILTER_PLACEHOLDER": "Filtro robot accounts",
|
"FILTER_PLACEHOLDER": "Filtro robot accounts",
|
||||||
"ROBOT_NAME": "Não Pode conter caracteres especiais(~#$%) e comprimento máximo deveria ser 255 caracteres.",
|
"ROBOT_NAME": "Não Pode conter caracteres especiais(~#$%) e comprimento máximo deveria ser 255 caracteres.",
|
||||||
"ACCOUNT_EXISTING": "Robô conta já existe.",
|
"ACCOUNT_EXISTING": "Robô conta já existe.",
|
||||||
|
@ -293,6 +293,7 @@
|
|||||||
},
|
},
|
||||||
"ROBOT_ACCOUNT": {
|
"ROBOT_ACCOUNT": {
|
||||||
"NAME": "姓名",
|
"NAME": "姓名",
|
||||||
|
"PERMISSIONS": "权限",
|
||||||
"TOKEN": "令牌",
|
"TOKEN": "令牌",
|
||||||
"NEW_ROBOT_ACCOUNT": "添加机器人账户",
|
"NEW_ROBOT_ACCOUNT": "添加机器人账户",
|
||||||
"ENABLED_STATE": "启用状态",
|
"ENABLED_STATE": "启用状态",
|
||||||
@ -308,8 +309,10 @@
|
|||||||
"ENABLE_ACCOUNT": "启用账户",
|
"ENABLE_ACCOUNT": "启用账户",
|
||||||
"DELETE": "删除",
|
"DELETE": "删除",
|
||||||
"CREAT_ROBOT_ACCOUNT": "创建机器人账户",
|
"CREAT_ROBOT_ACCOUNT": "创建机器人账户",
|
||||||
"PULL_PERMISSION": "Pull 权限",
|
"PULL_PERMISSION": "Pull 镜像",
|
||||||
"PULL_PUSH_PERMISSION": "Push / Pull 权限",
|
"PULL_PUSH_PERMISSION": "Push和Pull 镜像",
|
||||||
|
"PUSH_CHART_PERMISSION": "推送Chart",
|
||||||
|
"PULL_CHART_PERMISSION": "拉取Chart",
|
||||||
"FILTER_PLACEHOLDER": "过滤机器人账户",
|
"FILTER_PLACEHOLDER": "过滤机器人账户",
|
||||||
"ROBOT_NAME": "不能包含特殊字符(~#$%)且长度不能超过255.",
|
"ROBOT_NAME": "不能包含特殊字符(~#$%)且长度不能超过255.",
|
||||||
"ACCOUNT_EXISTING": "机器人账户已经存在.",
|
"ACCOUNT_EXISTING": "机器人账户已经存在.",
|
||||||
|
Loading…
Reference in New Issue
Block a user