mirror of
https://github.com/goharbor/harbor.git
synced 2025-01-01 21:47:57 +01:00
Add robot permission of helm-chart pull/push
add robot permission of helm-chart pull/push Signed-off-by: Yogi_Wang <yawang@vmware.com>
This commit is contained in:
parent
fbec3ee76f
commit
247d58232a
@ -60,13 +60,13 @@
|
||||
</clr-tooltip-content>
|
||||
</clr-tooltip></label>
|
||||
<input type="password" name="cli_password" disabled [ngModel]="'account.oidc_user_meta.secret'" size="33">
|
||||
<button (click)="generateCli(account.user_id)" class="btn btn-outline btn-sm btn-padding-less" *ngIf="showGenerateCli">
|
||||
<button (click)="generateCli(account.user_id)" id="generate-cli-btn" class="btn btn-outline btn-sm btn-padding-less" *ngIf="showGenerateCli">
|
||||
{{'PROFILE.ADMIN_CIL_SECRET_BUTTON' | translate}}
|
||||
</button>
|
||||
<div class="rename-tool reset-cli">
|
||||
<hbr-copy-input #copyInput (onCopySuccess)="onSuccess($event)" (onCopyError)="onError($event)" iconMode="true" [defaultValue]="account.oidc_user_meta.secret"></hbr-copy-input>
|
||||
</div>
|
||||
<div (click)="showGenerateCliFn()" *ngIf="!showGenerateCli" class="hidden-generate-cli">···</div>
|
||||
<div (click)="showGenerateCliFn()" *ngIf="!showGenerateCli" id="hidden-generate-cli" class="hidden-generate-cli">···</div>
|
||||
</div>
|
||||
</section>
|
||||
</form>
|
||||
|
@ -38,23 +38,50 @@
|
||||
[(ngModel)]="robot.description"
|
||||
name="robot_desc" id="robot_desc">
|
||||
</div>
|
||||
<div class="form-group clr-form-control rule-width">
|
||||
<div class="form-group">
|
||||
<label class="col-md-3">
|
||||
{{'ROBOT_ACCOUNT.PERMISSIONS' | translate}}
|
||||
</label>
|
||||
<label class="clr-col-md-8 no-margin padding-left-0">
|
||||
<clr-checkbox-wrapper>
|
||||
<input type="checkbox" clrCheckbox [checked]="true"
|
||||
[(ngModel)]="robot.access.isPull" name="isPull"
|
||||
[(ngModel)]="robot.access.isPullImage" name="isPullImage"
|
||||
id="permission-pull" class="clr-checkbox">
|
||||
<label for="permission-pull" class="clr-control-label">
|
||||
{{'ROBOT_ACCOUNT.PULL_PERMISSION' | translate}}
|
||||
</label>
|
||||
</clr-checkbox-wrapper>
|
||||
</label>
|
||||
<label class="clr-col-md-8 no-margin padding-left-0">
|
||||
<clr-checkbox-wrapper>
|
||||
<input type="checkbox" clrCheckbox [checked]="true"
|
||||
[(ngModel)]="robot.access.isPush" name="isPush"
|
||||
[(ngModel)]="robot.access.isPushOrPullImage" name="isPushOrPullImage"
|
||||
id="permission-push" class="clr-checkbox">
|
||||
<label for="permission-push" class="clr-control-label">
|
||||
{{'ROBOT_ACCOUNT.PULL_PUSH_PERMISSION' | translate}}
|
||||
</label>
|
||||
</clr-checkbox-wrapper>
|
||||
</label>
|
||||
<label class="clr-col-md-8 no-margin padding-left-0">
|
||||
<clr-checkbox-wrapper>
|
||||
<input type="checkbox" clrCheckbox [checked]="true"
|
||||
[(ngModel)]="robot.access.isPushChart" name="isPushChart"
|
||||
id="permission-push-chart" class="clr-checkbox">
|
||||
<label for="permission-push-chart" class="clr-control-label">
|
||||
{{'ROBOT_ACCOUNT.PUSH_CHART_PERMISSION' | translate}}
|
||||
</label>
|
||||
</clr-checkbox-wrapper>
|
||||
</label>
|
||||
<label class="clr-col-md-8 no-margin padding-left-0">
|
||||
<clr-checkbox-wrapper>
|
||||
<input type="checkbox" clrCheckbox [checked]="true"
|
||||
[(ngModel)]="robot.access.isPullChart" name="isPullChart"
|
||||
id="permission-pull-chart" class="clr-checkbox">
|
||||
<label for="permission-pull-chart" class="clr-control-label">
|
||||
{{'ROBOT_ACCOUNT.PULL_CHART_PERMISSION' | translate}}
|
||||
</label>
|
||||
</clr-checkbox-wrapper>
|
||||
</label>
|
||||
</div>
|
||||
</section>
|
||||
</form>
|
||||
|
@ -29,3 +29,9 @@
|
||||
}
|
||||
}
|
||||
}
|
||||
.padding-left-0 {
|
||||
padding-left: 0;
|
||||
}
|
||||
.no-margin {
|
||||
margin: 0;
|
||||
}
|
||||
|
@ -31,8 +31,6 @@ export class AddRobotComponent implements OnInit, OnDestroy {
|
||||
isSubmitOnGoing = false;
|
||||
closable: boolean = false;
|
||||
staticBackdrop: boolean = true;
|
||||
isPull: boolean;
|
||||
isPush: boolean;
|
||||
createSuccess: string;
|
||||
isRobotNameValid: boolean = true;
|
||||
checkOnGoing: boolean = false;
|
||||
@ -122,11 +120,8 @@ export class AddRobotComponent implements OnInit, OnDestroy {
|
||||
this.robotService
|
||||
.addRobotAccount(
|
||||
this.projectId,
|
||||
this.robot.name,
|
||||
this.robot.description,
|
||||
this.projectName,
|
||||
this.robot.access.isPull,
|
||||
this.robot.access.isPush
|
||||
this.robot,
|
||||
this.projectName
|
||||
)
|
||||
.subscribe(
|
||||
response => {
|
||||
@ -162,7 +157,8 @@ export class AddRobotComponent implements OnInit, OnDestroy {
|
||||
if (this.robot && this.robot.access) {
|
||||
return (
|
||||
!this.isValid() ||
|
||||
(!this.robot.access.isPush && !this.robot.access.isPull)
|
||||
(!this.robot.access.isPushOrPullImage && !this.robot.access.isPullImage
|
||||
&& !this.robot.access.isPullChart && !this.robot.access.isPushChart)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
@ -17,27 +17,38 @@ import { map, catchError } from "rxjs/operators";
|
||||
import { Injectable } from "@angular/core";
|
||||
import { HttpClient } from "@angular/common/http";
|
||||
import { RobotApiRepository } from "./robot.api.repository";
|
||||
import { Robot } from "./robot";
|
||||
@Injectable()
|
||||
export class RobotService {
|
||||
constructor(
|
||||
private http: HttpClient,
|
||||
private robotApiRepository: RobotApiRepository
|
||||
) { }
|
||||
public addRobotAccount(projecId, name, description, projectName, isPull, isPush): Observable<any> {
|
||||
|
||||
/** addRobotAccount
|
||||
* projecId
|
||||
* robot: Robot
|
||||
* projectName
|
||||
*/
|
||||
public addRobotAccount(projecId: number, robot: Robot, projectName: string): Observable<any> {
|
||||
let access = [];
|
||||
if ( isPull ) {
|
||||
access.push({"resource": "/project/" + projecId + "/repository", "action": "pull"});
|
||||
access.push({"resource": "/project/" + projectName + "/repository", "action": "pull"});
|
||||
if (robot.access.isPullImage) {
|
||||
access.push({ "resource": `/project/${projectName}/repository`, "action": "pull" });
|
||||
}
|
||||
if ( isPush ) {
|
||||
access.push({"resource": "/project/" + projecId + "/repository", "action": "push"});
|
||||
access.push({"resource": "/project/" + projectName + "/repository", "action": "push"});
|
||||
if (robot.access.isPushOrPullImage) {
|
||||
access.push({ "resource": `/project/${projectName}/repository`, "action": "push" });
|
||||
}
|
||||
if (robot.access.isPullChart) {
|
||||
access.push({ "resource": `/project/${projectName}/helm-chart`, "action": "read" });
|
||||
}
|
||||
if (robot.access.isPushChart) {
|
||||
access.push({ "resource": `/project/${projectName}/helm-chart-version`, "action": "create" });
|
||||
}
|
||||
|
||||
let param = {
|
||||
name: name,
|
||||
description: description,
|
||||
access: access
|
||||
name: robot.name,
|
||||
description: robot.description,
|
||||
access
|
||||
};
|
||||
|
||||
return this.robotApiRepository.postRobot(projecId, param);
|
||||
|
@ -6,16 +6,20 @@ export class Robot {
|
||||
expires_at: number;
|
||||
disabled: boolean;
|
||||
access: {
|
||||
isPull: boolean;
|
||||
isPush: boolean;
|
||||
isPullImage: boolean;
|
||||
isPushOrPullImage: boolean;
|
||||
isPushChart: boolean;
|
||||
isPullChart: boolean;
|
||||
};
|
||||
|
||||
|
||||
constructor () {
|
||||
this.access = <any>{};
|
||||
// this.access[0].action = true;
|
||||
this.access.isPull = true;
|
||||
this.access.isPush = true;
|
||||
this.access.isPullImage = true;
|
||||
this.access.isPushOrPullImage = true;
|
||||
this.access.isPushChart = false;
|
||||
this.access.isPullChart = false;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -294,6 +294,7 @@
|
||||
},
|
||||
"ROBOT_ACCOUNT": {
|
||||
"NAME": "Name",
|
||||
"PERMISSIONS": "Permissions",
|
||||
"TOKEN": "Token",
|
||||
"NEW_ROBOT_ACCOUNT": "NEW ROBOT ACCOUNT",
|
||||
"ENABLED_STATE": "Enabled state",
|
||||
@ -309,8 +310,10 @@
|
||||
"ENABLE_ACCOUNT": "Enable Account",
|
||||
"DELETE": "Delete",
|
||||
"CREAT_ROBOT_ACCOUNT": "Creat Robot Account",
|
||||
"PULL_PERMISSION": "Permission for Pull",
|
||||
"PULL_PUSH_PERMISSION": "Permission for Push / Pull",
|
||||
"PULL_PERMISSION": "Image pull",
|
||||
"PULL_PUSH_PERMISSION": "Image pull / push",
|
||||
"PUSH_CHART_PERMISSION": "Helm chart push",
|
||||
"PULL_CHART_PERMISSION": "Helm chart pull",
|
||||
"FILTER_PLACEHOLDER": "Filter Robot Accounts",
|
||||
"ROBOT_NAME": "Cannot contain special characters(~#$%) and maximum length should be 255 characters.",
|
||||
"ACCOUNT_EXISTING": "Robot Account is already exists.",
|
||||
|
@ -295,6 +295,7 @@
|
||||
},
|
||||
"ROBOT_ACCOUNT": {
|
||||
"NAME": "Name",
|
||||
"PERMISSIONS": "Permissions",
|
||||
"TOKEN": "Token",
|
||||
"NEW_ROBOT_ACCOUNT": "NEW ROBOT ACCOUNT",
|
||||
"ENABLED_STATE": "Enabled state",
|
||||
@ -310,8 +311,10 @@
|
||||
"ENABLE_ACCOUNT": "Enable Account",
|
||||
"DELETE": "Delete",
|
||||
"CREAT_ROBOT_ACCOUNT": "Creat Robot Account",
|
||||
"PULL_PERMISSION": "Permission for Pull",
|
||||
"PULL_PUSH_PERMISSION": "Permission for Push / Pull",
|
||||
"PULL_PERMISSION": "Image pull",
|
||||
"PULL_PUSH_PERMISSION": "Image pull / push",
|
||||
"PUSH_CHART_PERMISSION": "Helm chart push",
|
||||
"PULL_CHART_PERMISSION": "Helm chart pull",
|
||||
"FILTER_PLACEHOLDER": "Filter Robot Accounts",
|
||||
"ROBOT_NAME": "Cannot contain special characters(~#$%) and maximum length should be 255 characters.",
|
||||
"ACCOUNT_EXISTING": "Robot Account is already exists.",
|
||||
|
@ -286,6 +286,7 @@
|
||||
},
|
||||
"ROBOT_ACCOUNT": {
|
||||
"NAME": "Nom",
|
||||
"PERMISSIONS": "Permissions",
|
||||
"TOKEN": "gage ",
|
||||
"NEW_ROBOT_ACCOUNT": "nouveau robot compte ",
|
||||
"ENABLED_STATE": "état d 'activation",
|
||||
@ -301,8 +302,10 @@
|
||||
"ENABLE_ACCOUNT": "permettre à compte ",
|
||||
"DELETE": "Supprimer",
|
||||
"CREAT_ROBOT_ACCOUNT": "créat robot compte ",
|
||||
"PULL_PERMISSION": "Permission for Pull",
|
||||
"PULL_PUSH_PERMISSION": "Permission for Push / Pull",
|
||||
"PULL_PERMISSION": "Image pull",
|
||||
"PULL_PUSH_PERMISSION": "Image pull / push",
|
||||
"PUSH_CHART_PERMISSION": "Helm chart push",
|
||||
"PULL_CHART_PERMISSION": "Helm chart pull",
|
||||
"FILTER_PLACEHOLDER": "Filter Robot Accounts",
|
||||
"ROBOT_NAME": "ne peut pas contenir de caractères spéciaux(~#$%) et la longueur maximale devrait être de 255 caractères.",
|
||||
"ACCOUNT_EXISTING": "le robot est existe déjà.",
|
||||
|
@ -292,6 +292,7 @@
|
||||
},
|
||||
"ROBOT_ACCOUNT": {
|
||||
"NAME": "Nome",
|
||||
"PERMISSIONS": "Permissions",
|
||||
"TOKEN": "Token",
|
||||
"NEW_ROBOT_ACCOUNT": "Novo robô conta",
|
||||
"ENABLED_STATE": "Enabled state",
|
||||
@ -307,8 +308,10 @@
|
||||
"ENABLE_ACCOUNT": "Ativar conta",
|
||||
"DELETE": "Remover",
|
||||
"CREAT_ROBOT_ACCOUNT": "CRIA robô conta",
|
||||
"PULL_PERMISSION": "Permission for Pull",
|
||||
"PULL_PUSH_PERMISSION": "Permission for Push / Pull",
|
||||
"PULL_PERMISSION": "Image pull",
|
||||
"PULL_PUSH_PERMISSION": "Image pull / push",
|
||||
"PUSH_CHART_PERMISSION": "Helm chart push",
|
||||
"PULL_CHART_PERMISSION": "Helm chart pull",
|
||||
"FILTER_PLACEHOLDER": "Filtro robot accounts",
|
||||
"ROBOT_NAME": "Não Pode conter caracteres especiais(~#$%) e comprimento máximo deveria ser 255 caracteres.",
|
||||
"ACCOUNT_EXISTING": "Robô conta já existe.",
|
||||
|
@ -293,6 +293,7 @@
|
||||
},
|
||||
"ROBOT_ACCOUNT": {
|
||||
"NAME": "姓名",
|
||||
"PERMISSIONS": "权限",
|
||||
"TOKEN": "令牌",
|
||||
"NEW_ROBOT_ACCOUNT": "添加机器人账户",
|
||||
"ENABLED_STATE": "启用状态",
|
||||
@ -308,8 +309,10 @@
|
||||
"ENABLE_ACCOUNT": "启用账户",
|
||||
"DELETE": "删除",
|
||||
"CREAT_ROBOT_ACCOUNT": "创建机器人账户",
|
||||
"PULL_PERMISSION": "Pull 权限",
|
||||
"PULL_PUSH_PERMISSION": "Push / Pull 权限",
|
||||
"PULL_PERMISSION": "Pull 镜像",
|
||||
"PULL_PUSH_PERMISSION": "Push和Pull 镜像",
|
||||
"PUSH_CHART_PERMISSION": "推送Chart",
|
||||
"PULL_CHART_PERMISSION": "拉取Chart",
|
||||
"FILTER_PLACEHOLDER": "过滤机器人账户",
|
||||
"ROBOT_NAME": "不能包含特殊字符(~#$%)且长度不能超过255.",
|
||||
"ACCOUNT_EXISTING": "机器人账户已经存在.",
|
||||
|
Loading…
Reference in New Issue
Block a user